X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;f=src%2Fsrc%2Fdmarc.c;h=5bf33032a59f6b45d311077c6182b1466560047c;hb=7a9e0ae14e5544e8377d1f91298d0ec9a482bf12;hp=956c16b4e70bdd0b688164e66d3bef8e25f9aeb9;hpb=b4757e3611c457affce455100c7c7c43784ccfea;p=user%2Fhenk%2Fcode%2Fexim.git diff --git a/src/src/dmarc.c b/src/src/dmarc.c index 956c16b4e..5bf33032a 100644 --- a/src/src/dmarc.c +++ b/src/src/dmarc.c @@ -91,13 +91,13 @@ dmarc_status = US"none"; dmarc_abort = FALSE; dmarc_pass_fail = US"skipped"; dmarc_used_domain = US""; -dmarc_has_been_checked = FALSE; +f.dmarc_has_been_checked = FALSE; header_from_sender = NULL; spf_sender_domain = NULL; spf_human_readable = NULL; /* ACLs have "control=dmarc_disable_verify" */ -if (dmarc_disable_verify == TRUE) +if (f.dmarc_disable_verify == TRUE) return OK; (void) memset(&dmarc_ctx, '\0', sizeof dmarc_ctx); @@ -109,15 +109,15 @@ if (libdm_status != DMARC_PARSE_OKAY) opendmarc_policy_status_to_str(libdm_status)); dmarc_abort = TRUE; } -if (!dmarc_tld_file) +if (!dmarc_tld_file || !*dmarc_tld_file) { DEBUG(D_receive) debug_printf("DMARC: no dmarc_tld_file\n"); dmarc_abort = TRUE; } -else if (opendmarc_tld_read_file(dmarc_tld_file, NULL, NULL, NULL)) +else if (opendmarc_tld_read_file(CS dmarc_tld_file, NULL, NULL, NULL)) { - log_write(0, LOG_MAIN|LOG_PANIC, "DMARC failure to load tld list %s: %d", - dmarc_tld_file, errno); + log_write(0, LOG_MAIN|LOG_PANIC, "DMARC failure to load tld list '%s': %s", + dmarc_tld_file, strerror(errno)); dmarc_abort = TRUE; } if (!sender_host_address) @@ -148,7 +148,7 @@ int dmarc_store_data(header_line *hdr) { /* No debug output because would change every test debug output */ -if (!dmarc_disable_verify) +if (!f.dmarc_disable_verify) from_header = hdr; return OK; } @@ -157,14 +157,13 @@ return OK; static void dmarc_send_forensic_report(u_char **ruf) { -int c; uschar *recipient, *save_sender; BOOL send_status = FALSE; error_block *eblock = NULL; FILE *message_file = NULL; /* Earlier ACL does not have *required* control=dmarc_enable_forensic */ -if (!dmarc_enable_forensic) +if (!f.dmarc_enable_forensic) return; if ( dmarc_policy == DMARC_POLICY_REJECT && action == DMARC_RESULT_REJECT @@ -178,15 +177,12 @@ if ( dmarc_policy == DMARC_POLICY_REJECT && action == DMARC_RESULT_REJECT eblock = add_to_eblock(eblock, US"Sender IP Address", sender_host_address); eblock = add_to_eblock(eblock, US"Received Date", tod_stamp(tod_full)); eblock = add_to_eblock(eblock, US"SPF Alignment", - (sa==DMARC_POLICY_SPF_ALIGNMENT_PASS) ?US"yes":US"no"); + sa == DMARC_POLICY_SPF_ALIGNMENT_PASS ? US"yes" : US"no"); eblock = add_to_eblock(eblock, US"DKIM Alignment", - (da==DMARC_POLICY_DKIM_ALIGNMENT_PASS)?US"yes":US"no"); + da == DMARC_POLICY_DKIM_ALIGNMENT_PASS ? US"yes" : US"no"); eblock = add_to_eblock(eblock, US"DMARC Results", dmarc_status_text); - /* Set a sane default envelope sender */ - dsn_from = dmarc_forensic_sender ? dmarc_forensic_sender : - dsn_from ? dsn_from : - string_sprintf("do-not-reply@%s",primary_hostname); - for (c = 0; ruf[c]; c++) + + for (int c = 0; ruf[c]; c++) { recipient = string_copylc(ruf[c]); if (Ustrncmp(recipient, "mailto:",7)) @@ -195,16 +191,12 @@ if ( dmarc_policy == DMARC_POLICY_REJECT && action == DMARC_RESULT_REJECT recipient += 7; DEBUG(D_receive) debug_printf("DMARC forensic report to %s%s\n", recipient, - (host_checking || running_in_test_harness) ? " (not really)" : ""); - if (host_checking || running_in_test_harness) + (host_checking || f.running_in_test_harness) ? " (not really)" : ""); + if (host_checking || f.running_in_test_harness) continue; - save_sender = sender_address; - sender_address = recipient; - send_status = moan_to_sender(ERRMESS_DMARC_FORENSIC, eblock, - header_list, message_file, FALSE); - sender_address = save_sender; - if (!send_status) + if (!moan_send_message(recipient, ERRMESS_DMARC_FORENSIC, eblock, + header_list, message_file, NULL)) log_write(0, LOG_MAIN|LOG_PANIC, "failure to send DMARC forensic report to %s", recipient); } @@ -226,7 +218,7 @@ BOOL has_dmarc_record = TRUE; u_char **ruf; /* forensic report addressees, if called for */ /* ACLs have "control=dmarc_disable_verify" */ -if (dmarc_disable_verify) +if (f.dmarc_disable_verify) return OK; /* Store the header From: sender domain for this part of DMARC. @@ -247,7 +239,7 @@ else if (!dmarc_abort) uschar * p; uschar saveend; - parse_allow_group = TRUE; + f.parse_allow_group = TRUE; p = parse_find_address_end(from_header->text, FALSE); saveend = *p; *p = '\0'; if ((header_from_sender = parse_extract_address(from_header->text, &errormsg, @@ -487,7 +479,7 @@ if (!dmarc_abort && !sender_host_authenticated) /* shut down libopendmarc */ if (dmarc_pctx) (void) opendmarc_policy_connect_shutdown(dmarc_pctx); -if (!dmarc_disable_verify) +if (!f.dmarc_disable_verify) (void) opendmarc_policy_library_shutdown(&dmarc_ctx); return OK; @@ -558,8 +550,8 @@ history_buffer = string_sprintf( /* Write the contents to the history file */ DEBUG(D_receive) debug_printf("DMARC logging history data for opendmarc reporting%s\n", - (host_checking || running_in_test_harness) ? " (not really)" : ""); -if (host_checking || running_in_test_harness) + (host_checking || f.running_in_test_harness) ? " (not really)" : ""); +if (host_checking || f.running_in_test_harness) { DEBUG(D_receive) debug_printf("DMARC history data for debugging:\n%s", history_buffer); @@ -584,7 +576,7 @@ return DMARC_HIST_OK; uschar * dmarc_exim_expand_query(int what) { -if (dmarc_disable_verify || !dmarc_pctx) +if (f.dmarc_disable_verify || !dmarc_pctx) return dmarc_exim_expand_defaults(what); if (what == DMARC_VERIFY_STATUS) @@ -596,7 +588,7 @@ uschar * dmarc_exim_expand_defaults(int what) { if (what == DMARC_VERIFY_STATUS) - return dmarc_disable_verify ? US"off" : US"none"; + return f.dmarc_disable_verify ? US"off" : US"none"; return US""; } @@ -604,7 +596,7 @@ return US""; gstring * authres_dmarc(gstring * g) { -if (dmarc_has_been_checked) +if (f.dmarc_has_been_checked) { g = string_append(g, 2, US";\n\tdmarc=", dmarc_pass_fail); if (header_from_sender)