/[smeserver]/rpms/qpsmtpd/sme10/qpsmtpd-0.96-fix_dmarc_reject.patch
ViewVC logotype

Contents of /rpms/qpsmtpd/sme10/qpsmtpd-0.96-fix_dmarc_reject.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph

Revision 1.1 - (show annotations) (download)
Fri May 6 09:10:35 2016 UTC (8 years, 5 months ago) by vip-ire
Branch: MAIN
CVS Tags: qpsmtpd-0_96-21_el7_sme, qpsmtpd-0_96-19_el7_sme, qpsmtpd-0_96-23_el7_sme, qpsmtpd-0_96-10_el7_sme, qpsmtpd-0_96-20_el7_sme, qpsmtpd-0_96-12_el7_sme, qpsmtpd-0_96-22_el7_sme, qpsmtpd-0_96-14_el7_sme, qpsmtpd-0_96-11_el7_sme, qpsmtpd-0_96-16_el7_sme, qpsmtpd-0_96-13_el7_sme, qpsmtpd-0_96-15_el7_sme, qpsmtpd-0_96-17_el7_sme, qpsmtpd-0_96-9_el7_sme, qpsmtpd-0_96-8_el7_sme, qpsmtpd-0_96-6_el7_sme, qpsmtpd-0_96-18_el7_sme, HEAD 
* Fri May 6 2016 Daniel Berteaud <daniel@firewall-services.com> 0.96-8.sme
- Support dkim signing with symlinks [SME: 9496]
- Fix DMARC rejects not working [SME: 9202]
- Add DMARC results notes so further plugin can check it [SME: 9202]
- Add possibility to reject solely on SPF result if no DMARC policy is published
  [SME: 9479]
1 diff -Nur -x '*.orig' -x '*.rej' qpsmtpd-0.96/docs/hooks.md mezzanine_patched_qpsmtpd-0.96/docs/hooks.md
2 --- qpsmtpd-0.96/docs/hooks.md 2016-02-16 23:52:02.000000000 +0100
3 +++ mezzanine_patched_qpsmtpd-0.96/docs/hooks.md 2016-05-03 21:56:38.216306190 +0200
4 @@ -343,26 +343,20 @@
5
6 The `data_post_headers` hook is called after the client sends the final .\r\n of
7 a message and before the message is processed by `data_post`. This hook is
8 -primarily used by plugins that insert new headers (ex: Received-SPF) and/or
9 +used by plugins that insert new headers (ex: Received-SPF) and/or
10 modify headers such as appending to Authentication-Results (SPF, DKIM, DMARC).
11
12 When it is desirable to have these header modifications evaluated by filtering
13 software (spamassassin, dspam, etc.) running on `data_post`, this hook should be
14 used instead of `data_post`.
15
16 -Allowed return codes are
17 -
18 -- DENY
19 -
20 - Return a hard failure code
21 +Note that you cannot reject in this hook, use the data_post hook instead
22
23 -- DENYSOFT
24 -
25 - Return a soft failure code
26 +Allowed return codes are
27
28 -- DENY\_DISCONNECT / DENYSOFT\_DISCONNECT
29 +- DECLINED
30
31 - as above but with disconnect
32 + Do nothing
33
34 ## hook\_data\_post
35
36 diff -Nur -x '*.orig' -x '*.rej' qpsmtpd-0.96/plugins/dmarc mezzanine_patched_qpsmtpd-0.96/plugins/dmarc
37 --- qpsmtpd-0.96/plugins/dmarc 2016-02-16 23:52:02.000000000 +0100
38 +++ mezzanine_patched_qpsmtpd-0.96/plugins/dmarc 2016-05-03 21:57:11.943312651 +0200
39 @@ -102,6 +102,7 @@
40 else {
41 $self->{_dmarc} = Mail::DMARC::PurePerl->new();
42 $self->register_hook('data_post_headers', 'check_dmarc');
43 + $self->register_hook('data_post', 'reject_dmarc');
44 };
45 }
46
47 @@ -189,6 +190,13 @@
48 return DECLINED if $self->is_immune;
49
50 $self->adjust_karma(-3);
51 -# at what point do we reject?
52 - return $self->get_reject("failed DMARC policy");
53 + # Add a mark now so the data_post hook can do the real reject
54 + $transaction->notes('reject_dmarc', '1');
55 +}
56 +
57 +sub reject_dmarc {
58 + my ($self, $transaction) = @_;
59 + return $self->get_reject("failed DMARC policy")
60 + if ($transaction->notes('reject_dmarc'));
61 + return DECLINED;
62 }
admin@koozali.org
 ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed