aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAndrew Lewis <nerf@judo.za.org>2015-04-05 01:37:32 +0200
committerAndrew Lewis <nerf@judo.za.org>2015-04-05 14:52:25 +0200
commit2c8849eabfb7f2fe5c0e49ed900a2bddfc4b0e7e (patch)
tree48caf390358a6d897bbddf032a6ee1fac08034a5
parentf5b98e74b84542150f93073d5ee70ffeb737c0ce (diff)
downloadrspamd-2c8849eabfb7f2fe5c0e49ed900a2bddfc4b0e7e.tar.gz
rspamd-2c8849eabfb7f2fe5c0e49ed900a2bddfc4b0e7e.zip
DMARC: Check DKIM alignment
-rw-r--r--src/plugins/dkim_check.c9
-rw-r--r--src/plugins/lua/dmarc.lua27
2 files changed, 18 insertions, 18 deletions
diff --git a/src/plugins/dkim_check.c b/src/plugins/dkim_check.c
index 0b710ce63..b8e709d99 100644
--- a/src/plugins/dkim_check.c
+++ b/src/plugins/dkim_check.c
@@ -305,13 +305,16 @@ dkim_module_check (struct rspamd_task *task,
}
if (res == DKIM_REJECT) {
- rspamd_task_insert_result (task, dkim_module_ctx->symbol_reject, score_deny, NULL);
+ rspamd_task_insert_result (task, dkim_module_ctx->symbol_reject, score_deny,
+ g_list_prepend (NULL, rspamd_mempool_strdup (task->task_pool, ctx->domain)));
}
else if (res == DKIM_TRYAGAIN) {
- rspamd_task_insert_result (task, dkim_module_ctx->symbol_tempfail, 1, NULL);
+ rspamd_task_insert_result (task, dkim_module_ctx->symbol_tempfail, 1,
+ g_list_prepend (NULL, rspamd_mempool_strdup (task->task_pool, ctx->domain)));
}
else if (res == DKIM_CONTINUE) {
- rspamd_task_insert_result (task, dkim_module_ctx->symbol_allow, score_allow, NULL);
+ rspamd_task_insert_result (task, dkim_module_ctx->symbol_allow, score_allow,
+ g_list_prepend (NULL, rspamd_mempool_strdup (task->task_pool, ctx->domain)));
}
}
diff --git a/src/plugins/lua/dmarc.lua b/src/plugins/lua/dmarc.lua
index 906f9f96b..af9b98960 100644
--- a/src/plugins/lua/dmarc.lua
+++ b/src/plugins/lua/dmarc.lua
@@ -117,29 +117,26 @@ local function dmarc_callback(task)
return
end
- if strict_spf then
- -- Handle subdomains
- end
- if strict_dkim then
- -- Handle subdomain
- end
-
-- Check dkim and spf symbols
local spf_ok = false
local dkim_ok = false
if task:get_symbol(symbols['spf_allow_symbol']) then
efrom = task:get_from(1)
- if efrom and efrom[1] and efrom[1]['domain'] and
- from and from[1] and from[1]['domain'] and
- not from[2] then
+ if efrom and efrom[1] and efrom[1]['domain'] then
if efrom[1]['domain'] == from[1]['domain'] then
spf_ok = true
+ elseif not strict_spf then
+ -- XXX: use tld list here and generate top level domain
end
end
end
- if task:get_symbol(symbols['dkim_allow_symbol']) then
- -- XXX: Check DKIM alignment
- dkim_ok = true
+ local das = task:get_symbol(symbols['dkim_allow_symbol'])
+ if das and das[1] and das[1]['options'] and das[1]['options'][0] then
+ if from[1]['domain'] == das[1]['options'][0] then
+ dkim_ok = true
+ elseif not strict_dkim then
+ -- XXX: use tld list here and generate top level domain
+ end
end
local res = 0.5
@@ -151,7 +148,7 @@ local function dmarc_callback(task)
end
elseif strict_policy then
if not pct or pct == 100 or (math.random(100) <= pct) then
- task:insert_result('DMARC_POLICY_DENY', res)
+ task:insert_result('DMARC_POLICY_REJECT', res)
end
else
task:insert_result('DMARC_POLICY_SOFTFAIL', res)
@@ -176,7 +173,7 @@ local function dmarc_callback(task)
-- XXX: handle rua and push data to redis
end
- if from and from[1]['domain'] then
+ if from and from[1]['domain'] and not from[2] then
-- XXX: use tld list here and generate top level domain
local dmarc_domain = '_dmarc.' .. from[1]['domain']
task:get_resolver():resolve_txt(task:get_session(), task:get_mempool(),