diff options
| author | Vsevolod Stakhov <vsevolod@highsecure.ru> | 2016-09-08 16:12:03 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2016-09-08 16:12:03 +0100 |
| commit | 69c92e6b98e3d4555624d81ee71f1a4d0d4639d1 (patch) | |
| tree | e8aadba82d07c86dcded5994d1a0074e2d9e22b5 | |
| parent | bc4cf433bbd60416a3d9e4812b7a48009d680418 (diff) | |
| parent | c77e967ea366ebb92dfe3a6eb40fdda1cb83121b (diff) | |
| download | rspamd-69c92e6b98e3d4555624d81ee71f1a4d0d4639d1.tar.gz rspamd-69c92e6b98e3d4555624d81ee71f1a4d0d4639d1.zip | |
Merge pull request #934 from fatalbanana/dmarc
[Feature] Descriptive options for DMARC failure symbols
| -rw-r--r-- | src/plugins/lua/dmarc.lua | 30 |
1 files changed, 23 insertions, 7 deletions
diff --git a/src/plugins/lua/dmarc.lua b/src/plugins/lua/dmarc.lua index fc85c4766..dec142454 100644 --- a/src/plugins/lua/dmarc.lua +++ b/src/plugins/lua/dmarc.lua @@ -126,6 +126,7 @@ local function dmarc_callback(task) return maybe_force_action('na') end + local reason = {} local strict_spf = false local strict_dkim = false local strict_policy = false @@ -243,32 +244,47 @@ local function dmarc_callback(task) if task:has_symbol(symbols['spf_allow_symbol']) then efrom = task:get_from(1) if efrom and efrom[1] and efrom[1]['domain'] then - if rspamd_util.strequal_caseless(efrom[1]['domain'], from[1]['domain']) then + if strict_spf and rspamd_util.strequal_caseless(efrom[1]['domain'], from[1]['domain']) then spf_ok = true - elseif not strict_spf then + elseif strict_spf then + table.insert(reason, "SPF not aligned (strict)") + end + if not strict_spf then local spf_tld = rspamd_util.get_tld(efrom[1]['domain']) if rspamd_util.strequal_caseless(spf_tld, dmarc_domain) then spf_ok = true + else + table.insert(reason, "SPF not aligned (relaxed)") end end end + else + table.insert(reason, "No SPF") end local das = task:get_symbol(symbols['dkim_allow_symbol']) if das and das[1] and das[1]['options'] then for i,dkim_domain in ipairs(das[1]['options']) do - if rspamd_util.strequal_caseless(from[1]['domain'], dkim_domain) then + if strict_dkim and rspamd_util.strequal_caseless(from[1]['domain'], dkim_domain) then dkim_ok = true - elseif not strict_dkim then + elseif strict_dkim then + table.insert(reason, "DKIM not aligned (strict)") + end + if not strict_dkim then local dkim_tld = rspamd_util.get_tld(dkim_domain) if rspamd_util.strequal_caseless(dkim_tld, dmarc_domain) then dkim_ok = true + else + table.insert(reason, "DKIM not aligned (relaxed)") end end end + else + table.insert(reason, "No DKIM") end local disposition = 'none' if not (spf_ok or dkim_ok) then + local reason_str = table.concat(reason, ", ") res = 1.0 local spf_tmpfail = task:get_symbol(symbols['spf_tempfail_symbol']) local dkim_tmpfail = task:get_symbol(symbols['dkim_tempfail_symbol']) @@ -278,16 +294,16 @@ local function dmarc_callback(task) end if quarantine_policy then if not pct or pct == 100 or (math.random(100) <= pct) then - task:insert_result(dmarc_symbols['quarantine'], res, lookup_domain) + task:insert_result(dmarc_symbols['quarantine'], res, lookup_domain .. ' : ' .. reason_str) disposition = "quarantine" end elseif strict_policy then if not pct or pct == 100 or (math.random(100) <= pct) then - task:insert_result(dmarc_symbols['reject'], res, lookup_domain) + task:insert_result(dmarc_symbols['reject'], res, lookup_domain .. ' : ' .. reason_str) disposition = "reject" end else - task:insert_result(dmarc_symbols['softfail'], res, lookup_domain) + task:insert_result(dmarc_symbols['softfail'], res, lookup_domain .. ' : ' .. reason_str) end else task:insert_result(dmarc_symbols['allow'], res, lookup_domain) |