move Auth-Results header to Original-Auth-Results
this was in a sub, commented out as a TODO to delete them. Instead of deleting, move the Authentication-Results header on incoming messages to the Original-A-R.
This commit is contained in:
parent
b085388cda
commit
a26d46ed87
@ -23,7 +23,7 @@ use Net::DNS;
|
|||||||
|
|
||||||
# this is only good for forkserver
|
# this is only good for forkserver
|
||||||
# can't set these here, cause forkserver resets them
|
# can't set these here, cause forkserver resets them
|
||||||
#$SIG{ALRM} = sub { respond(421, "Game over pal, game over. You got a timeout; I just can't wait that long..."); exit };
|
#$SIG{ALRM} = sub { respond(421, "timeout; I can't wait that long..."); exit };
|
||||||
#$SIG{ALRM} = sub { warn "Connection Timed Out\n"; exit; };
|
#$SIG{ALRM} = sub { warn "Connection Timed Out\n"; exit; };
|
||||||
|
|
||||||
sub new {
|
sub new {
|
||||||
@ -818,17 +818,24 @@ sub authentication_results {
|
|||||||
sub clean_authentication_results {
|
sub clean_authentication_results {
|
||||||
my $self = shift;
|
my $self = shift;
|
||||||
|
|
||||||
# On messages received from the internet, we may want to remove
|
# http://tools.ietf.org/html/draft-kucherawy-original-authres-00.html
|
||||||
# the Authentication-Results headers added by other MTAs, so our downstream
|
|
||||||
# can trust the new A-R header we insert.
|
|
||||||
# We do not want to invalidate DKIM signatures.
|
|
||||||
# TODO: parse the DKIM signature(s) to see if A-R header is signed
|
|
||||||
return if $self->transaction->header->get('DKIM-Signature');
|
|
||||||
|
|
||||||
my @headers = $self->transaction->header->get('Authentication-Results');
|
# On messages received from the internet, move Authentication-Results headers
|
||||||
for ( my $i = 0; $i < scalar @headers; $i++ ) {
|
# to Original-AR, so our downstream can trust the A-R header we insert.
|
||||||
|
|
||||||
|
# TODO: Do not invalidate DKIM signatures.
|
||||||
|
# if $self->transaction->header->get('DKIM-Signature')
|
||||||
|
# Parse the DKIM signature(s)
|
||||||
|
# return if A-R header is signed;
|
||||||
|
# }
|
||||||
|
|
||||||
|
my @ar_headers = $self->transaction->header->get('Authentication-Results');
|
||||||
|
for ( my $i = 0; $i < scalar @ar_headers; $i++ ) {
|
||||||
$self->transaction->header->delete('Authentication-Results', $i);
|
$self->transaction->header->delete('Authentication-Results', $i);
|
||||||
|
$self->transaction->header->add('Original-Authentication-Results', $ar_headers[$i]);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
$self->log(LOGDEBUG, "Authentication-Results moved to Original-Authentication-Results" );
|
||||||
};
|
};
|
||||||
|
|
||||||
sub received_line {
|
sub received_line {
|
||||||
|
Loading…
Reference in New Issue
Block a user