Add early out for messages that aren't signed at all (ignoring domains which

mandate signing by policy for the moment).
Change variables to use actual English words as names (instead of disemvoweled
or truncated variants).
Tweak Copyright notice to be current.

git-svn-id: https://svn.perl.org/qpsmtpd/branches/0.3x@652 958fd67b-6ff1-0310-b445-bb7760255be9
This commit is contained in:
John Peacock 2006-07-11 17:41:48 +00:00
parent 84b7363018
commit f654defacb

View File

@ -2,41 +2,43 @@ sub hook_data_post {
use Mail::DomainKeys::Message;
use Mail::DomainKeys::Policy;
my $self = shift;
my $tran = shift;
my ($self, $transaction) = @_;
# if this isn't signed, just move along
return DECLINED
unless $transaction->header->get('DomainKey-Signature');
my @body;
$transaction->body_resetpos;
$tran->body_resetpos;
$transaction->body_getline; # \r\n seperator is NOT part of the body
$tran->body_getline; # \r\n seperator is NOT part of the body
while (my $line = $tran->body_getline) {
while (my $line = $transaction->body_getline) {
push @body, $line;
}
my $mess = load Mail::DomainKeys::Message(
HeadString => $tran->header->as_string,
my $message = load Mail::DomainKeys::Message(
HeadString => $transaction->header->as_string,
BodyReference => \@body) or
$self->log(LOGWARN, "unable to load message"),
return DECLINED;
# no sender domain means no verification
$mess->senderdomain or
$message->senderdomain or
return DECLINED;
my $status;
# key testing
if ( $mess->testing ) {
if ( $message->testing ) {
# Don't do anything else
$status = "testing";
}
elsif ( $mess->signed ) {
if ( $mess->verify ) {
elsif ( $message->signed ) {
if ( $message->verify ) {
# verified: add good header
$status = $mess->signature->status;
$status = $message->signature->status;
}
else {
# not verified, i.e. forged signature
@ -44,20 +46,20 @@ sub hook_data_post {
}
}
else { # not signed
my $plcy = fetch Mail::DomainKeys::Policy(
my $policy = fetch Mail::DomainKeys::Policy(
Protocol => "dns",
Domain => $mess->senderdomain
Domain => $message->senderdomain
);
if ( $plcy ) {
if ( $plcy->testing ) {
if ( $policy ) {
if ( $policy->testing ) {
# Don't do anything else
$status = "testing";
}
elsif ( $plcy->signall ) {
elsif ( $policy->signall ) {
# if policy requires all mail to be signed
$status = undef;
}
else { # $plcy->signsome
else { # $policy->signsome
# not signed and domain doesn't sign all
$status = "no signature";
}
@ -69,7 +71,7 @@ sub hook_data_post {
if ( defined $status ) {
$tran->header->replace("DomainKey-Status", $status);
$transaction->header->replace("DomainKey-Status", $status);
return DECLINED;
}
else {
@ -100,7 +102,7 @@ unless Mail::DomainKeys::Message->can('header');
domainkeys: validate a DomainKeys signature on an incoming mail
Copyright (C) 2005 John Peacock.
Copyright (C) 2005-2006 John Peacock.
Portions Copyright (C) 2004 Anthony D. Urso. All rights reserved. This
program is free software; you can redistribute it and/or modify it under