Right names are "fail" and "softfail" (bad docs, bad)
Add headers by default instead of issuing DENY git-svn-id: https://svn.perl.org/qpsmtpd/trunk@161 958fd67b-6ff1-0310-b445-bb7760255be9
This commit is contained in:
Matt Sergeant
parent
04f2e4ee73
commit
4548b77eca
@ -8,14 +8,20 @@ SPF - plugin to implement Sender Permitted From
|
|||||||
# in config/plugins
|
# in config/plugins
|
||||||
sender_permitted_from
|
sender_permitted_from
|
||||||
|
|
||||||
|
Or if you wish to issue 5xx on SPF fail:
|
||||||
|
|
||||||
|
sender_permitted_from spf_deny 1
|
||||||
|
|
||||||
=cut
|
=cut
|
||||||
|
|
||||||
use Mail::SPF::Query;
|
use Mail::SPF::Query;
|
||||||
|
|
||||||
sub register {
|
sub register {
|
||||||
my ($self, $qp) = @_;
|
my ($self, $qp, @args) = @_;
|
||||||
|
%{$self->{_args}} = @args;
|
||||||
$self->register_hook("mail", "mail_handler");
|
$self->register_hook("mail", "mail_handler");
|
||||||
$self->register_hook("rcpt", "rcpt_handler");
|
$self->register_hook("rcpt", "rcpt_handler");
|
||||||
|
$self->register_hook("data_post", "data_handler");
|
||||||
}
|
}
|
||||||
|
|
||||||
sub mail_handler {
|
sub mail_handler {
|
||||||
@ -40,22 +46,40 @@ sub rcpt_handler {
|
|||||||
my $query = $transaction->notes('spfquery');
|
my $query = $transaction->notes('spfquery');
|
||||||
my ($result, $comment) = $query->result();
|
my ($result, $comment) = $query->result();
|
||||||
|
|
||||||
if ($result eq "pass") {
|
$self->qp->connection->notes('spf_result', $result);
|
||||||
# domain is not forged
|
$self->qp->connection->notes('spf_comment', $comment);
|
||||||
$self->qp->connection->notes('spf_ok', 1);
|
|
||||||
}
|
if ($result eq "fail" and $self->{_args}{spf_deny}) {
|
||||||
elsif ($result eq "deny") {
|
|
||||||
# domain is forged
|
|
||||||
return (DENY, "SPF forgery ($comment)");
|
return (DENY, "SPF forgery ($comment)");
|
||||||
}
|
}
|
||||||
elsif ($result eq "softdeny") {
|
|
||||||
# domain may be forged
|
|
||||||
$self->qp->connection->notes('spf_ok', 0);
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
# domain has not implemented SPF
|
|
||||||
}
|
|
||||||
|
|
||||||
return (DECLINED);
|
return (DECLINED);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
sub data_handler {
|
||||||
|
my ($self, $transaction) = @_;
|
||||||
|
|
||||||
|
my $spf = $self->qp->connection->notes('spf_result');
|
||||||
|
|
||||||
|
my $host = $self->qp->connection->remote_host;
|
||||||
|
my $ip = $self->qp->connection->remote_ip;
|
||||||
|
my $sender = $transaction->sender;
|
||||||
|
|
||||||
|
my $details = '';
|
||||||
|
if ($spf eq 'fail') {
|
||||||
|
$details = "fail (client $host[$ip] is not a designated mailer for domain of sender $sender)";
|
||||||
|
}
|
||||||
|
elsif ($spf eq 'softfail') {
|
||||||
|
$details = "error (temporary failure while resolving designated mailer status for domain of sender $sender)";
|
||||||
|
}
|
||||||
|
elsif ($spf eq 'pass') {
|
||||||
|
$details = "pass (client $host[$ip] is designated mailer for domain of sender $sender)";
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
$details = "unknown (domain of sender $sender does not designate mailers)";
|
||||||
|
}
|
||||||
|
$transaction->header->add('Received-SPF' => $details);
|
||||||
|
|
||||||
|
return DECLINED;
|
||||||
|
}
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user