SPF: add trans. note spf_pass_host if SPF=pass

This commit is contained in:
Matt Simerson 2013-04-20 16:23:05 -04:00
parent 0a542c51b5
commit ca38ff5d6f

View File

@ -40,6 +40,11 @@ SPF levels above 4 are for crusaders who don't mind rejecting some valid mail wh
http://spf.pobox.com/ http://spf.pobox.com/
http://en.wikipedia.org/wiki/Sender_Policy_Framework http://en.wikipedia.org/wiki/Sender_Policy_Framework
=head1 TODO
Check the scope of the SPF policy. If it's too broad (ie, the whole internet is valid), apply karma penalty
Examples of too broad: +all,
=head1 ACKNOWLDGEMENTS =head1 ACKNOWLDGEMENTS
The reject options are modeled after, and aim to match the functionality of those found in the SPF patch for qmail-smtpd. The reject options are modeled after, and aim to match the functionality of those found in the SPF patch for qmail-smtpd.
@ -47,9 +52,7 @@ The reject options are modeled after, and aim to match the functionality of thos
=head1 AUTHOR =head1 AUTHOR
Matt Simerson - 2012 - increased policy options from 3 to 6 Matt Simerson - 2012 - increased policy options from 3 to 6
Matt Simerson - 2011 - rewrote using Mail::SPF Matt Simerson - 2011 - rewrote using Mail::SPF
Matt Sergeant - 2003 - initial plugin Matt Sergeant - 2003 - initial plugin
=cut =cut
@ -155,6 +158,7 @@ sub mail_handler {
} }
elsif ( $code eq 'pass' ) { elsif ( $code eq 'pass' ) {
$self->adjust_karma( 1 ); $self->adjust_karma( 1 );
$transaction->notes('spf_pass_host', lc $sender->host);
$self->log(LOGINFO, "pass, $code: $why" ); $self->log(LOGINFO, "pass, $code: $why" );
return (DECLINED); return (DECLINED);
} }
@ -224,6 +228,9 @@ sub data_post_handler {
my $result = $transaction->notes('spfquery') or return DECLINED; my $result = $transaction->notes('spfquery') or return DECLINED;
# if we skipped processing in mail_handler, we should skip here too
return (DECLINED) if $self->is_immune();
$self->log(LOGDEBUG, "result was $result->code"); $self->log(LOGDEBUG, "result was $result->code");
if ( ! $transaction->header ) { if ( ! $transaction->header ) {