/[smeserver]/rpms/qpsmtpd/sme10/qpsmtpd-0.96-fix_dmarc_reject.patch
ViewVC logotype

Annotation of /rpms/qpsmtpd/sme10/qpsmtpd-0.96-fix_dmarc_reject.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph

Revision 1.1 - (hide annotations) (download)
Fri May 6 09:10:35 2016 UTC (8 years, 5 months ago) by vip-ire
Branch: MAIN
CVS Tags: qpsmtpd-0_96-21_el7_sme, qpsmtpd-0_96-19_el7_sme, qpsmtpd-0_96-23_el7_sme, qpsmtpd-0_96-10_el7_sme, qpsmtpd-0_96-20_el7_sme, qpsmtpd-0_96-12_el7_sme, qpsmtpd-0_96-22_el7_sme, qpsmtpd-0_96-14_el7_sme, qpsmtpd-0_96-11_el7_sme, qpsmtpd-0_96-16_el7_sme, qpsmtpd-0_96-13_el7_sme, qpsmtpd-0_96-15_el7_sme, qpsmtpd-0_96-17_el7_sme, qpsmtpd-0_96-9_el7_sme, qpsmtpd-0_96-8_el7_sme, qpsmtpd-0_96-6_el7_sme, qpsmtpd-0_96-18_el7_sme, HEAD 
* Fri May 6 2016 Daniel Berteaud <daniel@firewall-services.com> 0.96-8.sme
- Support dkim signing with symlinks [SME: 9496]
- Fix DMARC rejects not working [SME: 9202]
- Add DMARC results notes so further plugin can check it [SME: 9202]
- Add possibility to reject solely on SPF result if no DMARC policy is published
  [SME: 9479]
1 vip-ire 1.1 diff -Nur -x '*.orig' -x '*.rej' qpsmtpd-0.96/docs/hooks.md mezzanine_patched_qpsmtpd-0.96/docs/hooks.md
2     --- qpsmtpd-0.96/docs/hooks.md 2016-02-16 23:52:02.000000000 +0100
3     +++ mezzanine_patched_qpsmtpd-0.96/docs/hooks.md 2016-05-03 21:56:38.216306190 +0200
4     @@ -343,26 +343,20 @@
5    
6     The `data_post_headers` hook is called after the client sends the final .\r\n of
7     a message and before the message is processed by `data_post`. This hook is
8     -primarily used by plugins that insert new headers (ex: Received-SPF) and/or
9     +used by plugins that insert new headers (ex: Received-SPF) and/or
10     modify headers such as appending to Authentication-Results (SPF, DKIM, DMARC).
11    
12     When it is desirable to have these header modifications evaluated by filtering
13     software (spamassassin, dspam, etc.) running on `data_post`, this hook should be
14     used instead of `data_post`.
15    
16     -Allowed return codes are
17     -
18     -- DENY
19     -
20     - Return a hard failure code
21     +Note that you cannot reject in this hook, use the data_post hook instead
22    
23     -- DENYSOFT
24     -
25     - Return a soft failure code
26     +Allowed return codes are
27    
28     -- DENY\_DISCONNECT / DENYSOFT\_DISCONNECT
29     +- DECLINED
30    
31     - as above but with disconnect
32     + Do nothing
33    
34     ## hook\_data\_post
35    
36     diff -Nur -x '*.orig' -x '*.rej' qpsmtpd-0.96/plugins/dmarc mezzanine_patched_qpsmtpd-0.96/plugins/dmarc
37     --- qpsmtpd-0.96/plugins/dmarc 2016-02-16 23:52:02.000000000 +0100
38     +++ mezzanine_patched_qpsmtpd-0.96/plugins/dmarc 2016-05-03 21:57:11.943312651 +0200
39     @@ -102,6 +102,7 @@
40     else {
41     $self->{_dmarc} = Mail::DMARC::PurePerl->new();
42     $self->register_hook('data_post_headers', 'check_dmarc');
43     + $self->register_hook('data_post', 'reject_dmarc');
44     };
45     }
46    
47     @@ -189,6 +190,13 @@
48     return DECLINED if $self->is_immune;
49    
50     $self->adjust_karma(-3);
51     -# at what point do we reject?
52     - return $self->get_reject("failed DMARC policy");
53     + # Add a mark now so the data_post hook can do the real reject
54     + $transaction->notes('reject_dmarc', '1');
55     +}
56     +
57     +sub reject_dmarc {
58     + my ($self, $transaction) = @_;
59     + return $self->get_reject("failed DMARC policy")
60     + if ($transaction->notes('reject_dmarc'));
61     + return DECLINED;
62     }
admin@koozali.org
 ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed