Check DKIM domain when whitelisting by DKIM signature.

author: Vsevolod Stakhov <vsevolod@highsecure.ru> 2015-09-17 15:09:37 +0100
committer: Vsevolod Stakhov <vsevolod@highsecure.ru> 2015-09-17 15:09:37 +0100
commit: bc77897b3ac6f679b7ae88ec7c29c6e1f7df9ed9 (patch)
tree: 9a193118fba40ca70ba846389bf0ba91186527d4 /src/plugins/lua
parent: 98c4b0460a1b67c2792a44e8e6ad6a8eedb1e347 (diff)
download: rspamd-bc77897b3ac6f679b7ae88ec7c29c6e1f7df9ed9.tar.gz
rspamd-bc77897b3ac6f679b7ae88ec7c29c6e1f7df9ed9.zip
1 files changed, 21 insertions, 4 deletions
diff --git a/src/plugins/lua/whitelist.lua b/src/plugins/lua/whitelist.lua
index 0a78a1d43..8f7c7b715 100644
--- a/src/plugins/lua/whitelist.lua
+++ b/src/plugins/lua/whitelist.lua
@@ -71,21 +71,38 @@ local function whitelist_cb(symbol, rule, task)
         if not task:get_symbol(options['spf_allow_symbol']) then
           found = false
           rspamd_logger.debugx(task, "domain %s has been found in whitelist %s" ..
-            "but it doesn't have valid SPF record", domain, symbol)
+            " but it doesn't have valid SPF record", domain, symbol)
         end
       end
       if rule['valid_dkim'] then
-        if not task:get_symbol(options['dkim_allow_symbol']) then
+        local sym = task:get_symbol(options['dkim_allow_symbol'])
+        if not sym then
           found = false
           rspamd_logger.debugx(task, "domain %s has been found in whitelist %s" ..
-              "but it doesn't have valid DKIM", domain, symbol)
+              " but it doesn't have valid DKIM", domain, symbol)
+        else
+          -- Check dkim signatures as they might be for different domains
+          found = false
+          local dkim_opts = sym[1]['options']
+
+          if dkim_opts then
+            for i,d in ipairs(dkim_opts) do
+              if d == domain then
+                found = true
+              end
+            end
+          end
+          if not found then
+            rspamd_logger.debugx(task, "domain %s has been found in whitelist %s" ..
+                " but it doesn't have matching DKIM signature", domain, symbol)
+          end
         end
       end
       if rule['valid_dmarc'] then
         if not task:get_symbol(options['dmarc_allow_symbol']) then
           found = false
           rspamd_logger.debugx(task, "domain %s has been found in whitelist %s" ..
-              "but it doesn't have valid DMARC", domain, symbol)
+              " but it doesn't have valid DMARC", domain, symbol)
         end
       end
     end
author	Vsevolod Stakhov <vsevolod@highsecure.ru>	2015-09-17 15:09:37 +0100
committer	Vsevolod Stakhov <vsevolod@highsecure.ru>	2015-09-17 15:09:37 +0100
commit	bc77897b3ac6f679b7ae88ec7c29c6e1f7df9ed9 (patch)
tree	9a193118fba40ca70ba846389bf0ba91186527d4 /src/plugins/lua
parent	98c4b0460a1b67c2792a44e8e6ad6a8eedb1e347 (diff)
download	rspamd-bc77897b3ac6f679b7ae88ec7c29c6e1f7df9ed9.tar.gz rspamd-bc77897b3ac6f679b7ae88ec7c29c6e1f7df9ed9.zip