byterazor/qpsmtpd
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add early out for messages that aren't signed at all (ignoring domains which

Browse Source 
mandate signing by policy for the moment).
Change variables to use actual English words as names (instead of disemvoweled
or truncated variants).
Tweak Copyright notice to be current.

git-svn-id: https://svn.perl.org/qpsmtpd/branches/0.3x@652 958fd67b-6ff1-0310-b445-bb7760255be9
This commit is contained in:
John Peacock 2006-07-11 17:41:48 +00:00
parent 84b7363018
commit f654defacb
1 changed files with 23 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
plugins/domainkeys
View File

@ -2,41 +2,43 @@ sub hook_data_post {
use Mail::DomainKeys::Message; use Mail::DomainKeys::Message;
use Mail::DomainKeys::Policy; use Mail::DomainKeys::Policy;
my $self = shift; my ($self, $transaction) = @_;
my $tran = shift;
# if this isn't signed, just move along
return DECLINED
unless $transaction->header->get('DomainKey-Signature');
my @body; my @body;
$transaction->body_resetpos;
$tran->body_resetpos; $transaction->body_getline; # \r\n seperator is NOT part of the body
$tran->body_getline; # \r\n seperator is NOT part of the body while (my $line = $transaction->body_getline) {
while (my $line = $tran->body_getline) {
push @body, $line; push @body, $line;
} }
my $mess = load Mail::DomainKeys::Message( my $message = load Mail::DomainKeys::Message(
HeadString => $tran->header->as_string, HeadString => $transaction->header->as_string,
BodyReference => \@body) or BodyReference => \@body) or
$self->log(LOGWARN, "unable to load message"), $self->log(LOGWARN, "unable to load message"),
return DECLINED; return DECLINED;
# no sender domain means no verification # no sender domain means no verification
$mess->senderdomain or $message->senderdomain or
return DECLINED; return DECLINED;
my $status; my $status;
# key testing # key testing
if ( $mess->testing ) { if ( $message->testing ) {
# Don't do anything else # Don't do anything else
$status = "testing"; $status = "testing";
} }
elsif ( $mess->signed ) { elsif ( $message->signed ) {
if ( $mess->verify ) { if ( $message->verify ) {
# verified: add good header # verified: add good header
$status = $mess->signature->status; $status = $message->signature->status;
} }
else { else {
# not verified, i.e. forged signature # not verified, i.e. forged signature
@ -44,20 +46,20 @@ sub hook_data_post {
} }
} }
else { # not signed else { # not signed
my $plcy = fetch Mail::DomainKeys::Policy( my $policy = fetch Mail::DomainKeys::Policy(
Protocol => "dns", Protocol => "dns",
Domain => $mess->senderdomain Domain => $message->senderdomain
); );
if ( $plcy ) { if ( $policy ) {
if ( $plcy->testing ) { if ( $policy->testing ) {
# Don't do anything else # Don't do anything else
$status = "testing"; $status = "testing";
} }
elsif ( $plcy->signall ) { elsif ( $policy->signall ) {
# if policy requires all mail to be signed # if policy requires all mail to be signed
$status = undef; $status = undef;
} }
else { # $plcy->signsome else { # $policy->signsome
# not signed and domain doesn't sign all # not signed and domain doesn't sign all
$status = "no signature"; $status = "no signature";
} }
@ -69,7 +71,7 @@ sub hook_data_post {
if ( defined $status ) { if ( defined $status ) {
$tran->header->replace("DomainKey-Status", $status); $transaction->header->replace("DomainKey-Status", $status);
return DECLINED; return DECLINED;
} }
else { else {
@ -100,7 +102,7 @@ unless Mail::DomainKeys::Message->can('header');
domainkeys: validate a DomainKeys signature on an incoming mail domainkeys: validate a DomainKeys signature on an incoming mail
Copyright (C) 2005 John Peacock. Copyright (C) 2005-2006 John Peacock.
Portions Copyright (C) 2004 Anthony D. Urso. All rights reserved. This Portions Copyright (C) 2004 Anthony D. Urso. All rights reserved. This
program is free software; you can redistribute it and/or modify it under program is free software; you can redistribute it and/or modify it under