move Auth-Results header to Original-Auth-Results

this was in a sub, commented out as a TODO to delete them. Instead of deleting, move the Authentication-Results header on incoming messages to the Original-A-R.
This commit is contained in:
Matt Simerson 2013-12-17 14:13:51 -08:00
parent b085388cda
commit a26d46ed87

View File

@ -23,7 +23,7 @@ use Net::DNS;
# this is only good for forkserver # this is only good for forkserver
# can't set these here, cause forkserver resets them # can't set these here, cause forkserver resets them
#$SIG{ALRM} = sub { respond(421, "Game over pal, game over. You got a timeout; I just can't wait that long..."); exit }; #$SIG{ALRM} = sub { respond(421, "timeout; I can't wait that long..."); exit };
#$SIG{ALRM} = sub { warn "Connection Timed Out\n"; exit; }; #$SIG{ALRM} = sub { warn "Connection Timed Out\n"; exit; };
sub new { sub new {
@ -818,17 +818,24 @@ sub authentication_results {
sub clean_authentication_results { sub clean_authentication_results {
my $self = shift; my $self = shift;
# On messages received from the internet, we may want to remove # http://tools.ietf.org/html/draft-kucherawy-original-authres-00.html
# the Authentication-Results headers added by other MTAs, so our downstream
# can trust the new A-R header we insert.
# We do not want to invalidate DKIM signatures.
# TODO: parse the DKIM signature(s) to see if A-R header is signed
return if $self->transaction->header->get('DKIM-Signature');
my @headers = $self->transaction->header->get('Authentication-Results'); # On messages received from the internet, move Authentication-Results headers
for ( my $i = 0; $i < scalar @headers; $i++ ) { # to Original-AR, so our downstream can trust the A-R header we insert.
# TODO: Do not invalidate DKIM signatures.
# if $self->transaction->header->get('DKIM-Signature')
# Parse the DKIM signature(s)
# return if A-R header is signed;
# }
my @ar_headers = $self->transaction->header->get('Authentication-Results');
for ( my $i = 0; $i < scalar @ar_headers; $i++ ) {
$self->transaction->header->delete('Authentication-Results', $i); $self->transaction->header->delete('Authentication-Results', $i);
$self->transaction->header->add('Original-Authentication-Results', $ar_headers[$i]);
} }
$self->log(LOGDEBUG, "Authentication-Results moved to Original-Authentication-Results" );
}; };
sub received_line { sub received_line {