diff options
| author | Vsevolod Stakhov <vsevolod@highsecure.ru> | 2016-09-23 16:11:27 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2016-09-23 16:11:27 +0100 |
| commit | 7b84e095b24fb2b7d4c0912a09397fdf489c61a7 (patch) | |
| tree | 0299ed47cd348c0863d0715b6b95ccf3ef002dd9 /src/libserver | |
| parent | bf1b4bbe3dac782935c110e7e7673317639093db (diff) | |
| parent | baf74ba8c1f6bff834d93aaee9e6afd6b5c97aef (diff) | |
| download | rspamd-7b84e095b24fb2b7d4c0912a09397fdf489c61a7.tar.gz rspamd-7b84e095b24fb2b7d4c0912a09397fdf489c61a7.zip | |
Merge pull request #975 from fatalbanana/spf
[Feature] Add R_SPF_PERMFAIL symbol
Diffstat (limited to 'src/libserver')
| -rw-r--r-- | src/libserver/spf.c | 68 | ||||
| -rw-r--r-- | src/libserver/spf.h | 4 |
2 files changed, 51 insertions, 21 deletions
diff --git a/src/libserver/spf.c b/src/libserver/spf.c index 95bcc7628..dd7843eae 100644 --- a/src/libserver/spf.c +++ b/src/libserver/spf.c @@ -314,28 +314,33 @@ rspamd_spf_process_reference (struct spf_resolved *target, if (!(cur->flags & RSPAMD_SPF_FLAG_PARSED)) { /* Unresolved redirect */ msg_info_spf ("redirect to %s cannot be resolved", cur->spf_string); - return; + cur->flags |= RSPAMD_SPF_FLAG_TEMPFAIL; + } + else { + g_assert (cur->flags & RSPAMD_SPF_FLAG_REFRENCE); + g_assert (cur->m.idx < rec->resolved->len); + relt = g_ptr_array_index (rec->resolved, cur->m.idx); + msg_debug_spf ("domain %s is redirected to %s", elt->cur_domain, + relt->cur_domain); } - - g_assert (cur->flags & RSPAMD_SPF_FLAG_REFRENCE); - g_assert (cur->m.idx < rec->resolved->len); - relt = g_ptr_array_index (rec->resolved, cur->m.idx); - msg_debug_spf ("domain %s is redirected to %s", elt->cur_domain, - relt->cur_domain); } for (i = 0; i < elt->elts->len; i++) { cur = g_ptr_array_index (elt->elts, i); if (cur->flags & RSPAMD_SPF_FLAG_TEMPFAIL) { - target->failed = TRUE; + target->temp_failed = TRUE; continue; } - else if (!(cur->flags & RSPAMD_SPF_FLAG_PARSED)) { + if (cur->flags & RSPAMD_SPF_FLAG_NA) { + target->na = TRUE; + continue; + } + if (!(cur->flags & RSPAMD_SPF_FLAG_PARSED)) { /* Ignore unparsed addrs */ continue; } - else if (cur->flags & RSPAMD_SPF_FLAG_REFRENCE) { + if (cur->flags & RSPAMD_SPF_FLAG_REFRENCE) { /* Process reference */ if (cur->flags & RSPAMD_SPF_FLAG_REDIRECT) { /* Stop on redirected domain */ @@ -371,15 +376,20 @@ rspamd_spf_record_flatten (struct spf_record *rec) g_assert (rec != NULL); - res = g_slice_alloc0 (sizeof (*res)); - res->elts = g_array_sized_new (FALSE, FALSE, sizeof (struct spf_addr), - rec->resolved->len); - res->domain = g_strdup (rec->sender_domain); - res->ttl = rec->ttl; - REF_INIT_RETAIN (res, rspamd_flatten_record_dtor); + if (rec->resolved) { + res = g_slice_alloc0 (sizeof (*res)); + res->elts = g_array_sized_new (FALSE, FALSE, sizeof (struct spf_addr), + rec->resolved->len); + res->domain = g_strdup (rec->sender_domain); + res->ttl = rec->ttl; + REF_INIT_RETAIN (res, rspamd_flatten_record_dtor); - if (rec->resolved->len > 0) { - rspamd_spf_process_reference (res, NULL, rec, TRUE); + if (rec->resolved->len > 0) { + rspamd_spf_process_reference (res, NULL, rec, TRUE); + } + } + else { + return rec; } return res; @@ -1787,8 +1797,26 @@ spf_dns_callback (struct rdns_reply *reply, gpointer arg) /* Top level resolved element */ rec->ttl = reply->entries->ttl; } - - spf_process_txt_record (rec, resolved, reply); + } + else if ((reply->code == RDNS_RC_NOREC || reply->code == RDNS_RC_NXDOMAIN) + && rec->dns_requests == 0) { + resolved = rspamd_spf_new_addr_list (rec, rec->sender_domain); + struct spf_addr *addr; + addr = g_slice_alloc0 (sizeof (*addr)); + addr->flags = 0; + addr->flags |= RSPAMD_SPF_FLAG_NA; + g_ptr_array_insert(resolved->elts, 0, addr); + } + + if (!spf_process_txt_record (rec, resolved, reply)) { + if (rec->dns_requests == 0) { + resolved = g_ptr_array_index (rec->resolved, 0); + struct spf_addr *addr; + addr = g_slice_alloc0 (sizeof (*addr)); + addr->flags = 0; + addr->flags |= RSPAMD_SPF_FLAG_NA; + g_ptr_array_insert(resolved->elts, 0, addr); + } } rspamd_spf_maybe_return (rec); diff --git a/src/libserver/spf.h b/src/libserver/spf.h index 001d3775a..1e2bcfe45 100644 --- a/src/libserver/spf.h +++ b/src/libserver/spf.h @@ -38,6 +38,7 @@ typedef enum spf_action_e { #define RSPAMD_SPF_FLAG_REFRENCE (1 << 6) #define RSPAMD_SPF_FLAG_REDIRECT (1 << 7) #define RSPAMD_SPF_FLAG_TEMPFAIL (1 << 8) +#define RSPAMD_SPF_FLAG_NA (1 << 9) struct spf_addr { guchar addr6[sizeof (struct in6_addr)]; @@ -58,7 +59,8 @@ struct spf_addr { struct spf_resolved { gchar *domain; guint ttl; - gboolean failed; + gboolean temp_failed; + gboolean na; GArray *elts; /* Flat list of struct spf_addr */ ref_entry_t ref; /* Refcounting */ }; |