[exim-cvs] cvs commit: exim/exim-doc/doc-txt ChangeLog NewSt…

Top Page
Delete this message
Reply to this message
Author: Nigel Metheringham
Date:  
To: exim-cvs
Subject: [exim-cvs] cvs commit: exim/exim-doc/doc-txt ChangeLog NewStuff experimental-spec.txt exim/exim-src/src acl.c expand.c globals.c globals.h readconf.c spf.c spf.h
nm4 2008/02/12 12:52:51 GMT

  Modified files:
    exim-doc/doc-txt     ChangeLog NewStuff experimental-spec.txt 
    exim-src/src         acl.c expand.c globals.c globals.h 
                         readconf.c spf.c spf.h 
  Log:
  Integrated SPF Best Guess.  Fixes: bug #521


  Revision  Changes    Path
  1.544     +4 -0      exim/exim-doc/doc-txt/ChangeLog
  1.158     +7 -0      exim/exim-doc/doc-txt/NewStuff
  1.11      +34 -0     exim/exim-doc/doc-txt/experimental-spec.txt
  1.82      +16 -1     exim/exim-src/src/acl.c
  1.93      +1 -0      exim/exim-src/src/expand.c
  1.81      +1 -0      exim/exim-src/src/globals.c
  1.62      +1 -0      exim/exim-src/src/globals.h
  1.35      +3 -0      exim/exim-src/src/readconf.c
  1.8       +9 -2      exim/exim-src/src/spf.c
  1.7       +5 -1      exim/exim-src/src/spf.h


  Index: ChangeLog
  ===================================================================
  RCS file: /home/cvs/exim/exim-doc/doc-txt/ChangeLog,v
  retrieving revision 1.543
  retrieving revision 1.544
  diff -u -r1.543 -r1.544
  --- ChangeLog    6 Feb 2008 18:57:46 -0000    1.543
  +++ ChangeLog    12 Feb 2008 12:52:51 -0000    1.544
  @@ -1,4 +1,4 @@
  -$Cambridge: exim/exim-doc/doc-txt/ChangeLog,v 1.543 2008/02/06 18:57:46 fanf2 Exp $
  +$Cambridge: exim/exim-doc/doc-txt/ChangeLog,v 1.544 2008/02/12 12:52:51 nm4 Exp $


   Change log file for Exim from version 4.21
   -------------------------------------------
  @@ -29,6 +29,10 @@
         does not use the address's named list lookup cache, since this
         contains cached lookups for the whole local part.


  +NM/05 Bugzilla 521: Integrated SPF Best Guess support contributed by
  +      Robert Millan.  Documentation is in experimental-spec.txt
  +
  +


Exim version 4.69
-----------------

  Index: NewStuff
  ===================================================================
  RCS file: /home/cvs/exim/exim-doc/doc-txt/NewStuff,v
  retrieving revision 1.157
  retrieving revision 1.158
  diff -u -r1.157 -r1.158
  --- NewStuff    23 Aug 2007 11:01:49 -0000    1.157
  +++ NewStuff    12 Feb 2008 12:52:51 -0000    1.158
  @@ -1,4 +1,4 @@
  -$Cambridge: exim/exim-doc/doc-txt/NewStuff,v 1.157 2007/08/23 11:01:49 ph10 Exp $
  +$Cambridge: exim/exim-doc/doc-txt/NewStuff,v 1.158 2008/02/12 12:52:51 nm4 Exp $


New Features in Exim
--------------------
@@ -8,6 +8,13 @@
test from the snapshots or the CVS before the documentation is updated. Once
the documentation is updated, this file is reduced to a short list.

  +Version 4.70
  +------------
  +
  + 1. Preliminary SPF Best Guess support.  Documentation for this is in
  +    experimental-spec.txt.
  +
  +
   Version 4.68
   ------------



  Index: experimental-spec.txt
  ===================================================================
  RCS file: /home/cvs/exim/exim-doc/doc-txt/experimental-spec.txt,v
  retrieving revision 1.10
  retrieving revision 1.11
  diff -u -r1.10 -r1.11
  --- experimental-spec.txt    16 Jan 2008 09:36:19 -0000    1.10
  +++ experimental-spec.txt    12 Feb 2008 12:52:51 -0000    1.11
  @@ -1,4 +1,4 @@
  -$Cambridge: exim/exim-doc/doc-txt/experimental-spec.txt,v 1.10 2008/01/16 09:36:19 tom Exp $
  +$Cambridge: exim/exim-doc/doc-txt/experimental-spec.txt,v 1.11 2008/02/12 12:52:51 nm4 Exp $


   From time to time, experimental features may be added to Exim.
   While a feature  is experimental, there  will be a  build-time
  @@ -799,6 +799,9 @@
     draft, this header must be added at the top of the header
     list. Please see section 10 on how you can do this.


  +  Note: in case of "Best-guess" (see below), the convention is
  +  to put this string in a header called X-SPF-Guess: instead.
  +
     $spf_result
     This contains the outcome of the SPF check in string form,
     one of pass, fail, softfail, none, neutral, err_perm or
  @@ -808,6 +811,37 @@
     This contains a string that can be used in a SMTP response
     to the calling party. Useful for "fail".


  +In addition to SPF, you can also perform checks for so-called
  +"Best-guess".  Strictly speaking, "Best-guess" is not standard
  +SPF, but it is supported by the same framework that enables SPF
  +capability.  Refer to http://www.openspf.org/FAQ/Best_guess_record
  +for a description of what it means.
  +
  +To access this feature, simply use the spf_guess condition in place
  +of the spf one.  For example:
  +
  +/* -----------------
  +deny message = $sender_host_address doesn't look trustworthy to me
  +     spf_guess = fail
  +--------------------- */
  +
  +In case you decide to reject messages based on this check, you
  +should note that although it uses the same framework, "Best-guess"
  +is NOT SPF, and therefore you should not mention SPF at all in your
  +reject message.
  +
  +When the spf_guess condition has run, it sets up the same expansion
  +variables as when spf condition is run, described above.
  +
  +Additionally, since Best-guess is not standarized, you may redefine
  +what "Best-guess" means to you by redefining spf_guess variable in
  +global config.  For example, the following:
  +
  +/* -----------------
  +spf_guess = v=spf1 a/16 mx/16 ptr ?all
  +--------------------- */
  +
  +would relax host matching rules to a broader network range.



4. SRS (Sender Rewriting Scheme) Support

  Index: acl.c
  ===================================================================
  RCS file: /home/cvs/exim/exim-src/src/acl.c,v
  retrieving revision 1.81
  retrieving revision 1.82
  diff -u -r1.81 -r1.82
  --- acl.c    17 Jan 2008 13:03:35 -0000    1.81
  +++ acl.c    12 Feb 2008 12:52:51 -0000    1.82
  @@ -1,4 +1,4 @@
  -/* $Cambridge: exim/exim-src/src/acl.c,v 1.81 2008/01/17 13:03:35 tom Exp $ */
  +/* $Cambridge: exim/exim-src/src/acl.c,v 1.82 2008/02/12 12:52:51 nm4 Exp $ */


   /*************************************************
   *     Exim - an Internet mail transport agent    *
  @@ -102,6 +102,7 @@
   #endif
   #ifdef EXPERIMENTAL_SPF
          ACLC_SPF,
  +       ACLC_SPF_GUESS,
   #endif
          ACLC_VERIFY };


  @@ -165,6 +166,7 @@
   #endif
   #ifdef EXPERIMENTAL_SPF
     US"spf",
  +  US"spf_guess",
   #endif
     US"verify" };


  @@ -300,6 +302,7 @@
   #endif
   #ifdef EXPERIMENTAL_SPF
     TRUE,    /* spf */
  +  TRUE,    /* spf_guess */
   #endif
     TRUE     /* verify */
   };
  @@ -363,6 +366,7 @@
   #endif
   #ifdef EXPERIMENTAL_SPF
     FALSE,   /* spf */
  +  FALSE,   /* spf_guess */
   #endif
     FALSE    /* verify */
   };
  @@ -547,6 +551,14 @@
       (1<<ACL_WHERE_STARTTLS)|(1<<ACL_WHERE_VRFY)|
       (1<<ACL_WHERE_NOTSMTP)|
       (1<<ACL_WHERE_NOTSMTP_START),
  +
  +  (1<<ACL_WHERE_AUTH)|(1<<ACL_WHERE_CONNECT)|      /* spf_guess */
  +    (1<<ACL_WHERE_HELO)|
  +    (1<<ACL_WHERE_MAILAUTH)|
  +    (1<<ACL_WHERE_ETRN)|(1<<ACL_WHERE_EXPN)|
  +    (1<<ACL_WHERE_STARTTLS)|(1<<ACL_WHERE_VRFY)|
  +    (1<<ACL_WHERE_NOTSMTP)|
  +    (1<<ACL_WHERE_NOTSMTP_START),
     #endif


     /* Certain types of verify are always allowed, so we let it through
  @@ -3134,7 +3146,10 @@


       #ifdef EXPERIMENTAL_SPF
       case ACLC_SPF:
  -      rc = spf_process(&arg, sender_address);
  +      rc = spf_process(&arg, sender_address, SPF_PROCESS_NORMAL);
  +    break;
  +    case ACLC_SPF_GUESS:
  +      rc = spf_process(&arg, sender_address, SPF_PROCESS_GUESS);
       break;
       #endif



  Index: expand.c
  ===================================================================
  RCS file: /home/cvs/exim/exim-src/src/expand.c,v
  retrieving revision 1.92
  retrieving revision 1.93
  diff -u -r1.92 -r1.93
  --- expand.c    17 Jan 2008 13:03:35 -0000    1.92
  +++ expand.c    12 Feb 2008 12:52:51 -0000    1.93
  @@ -1,4 +1,4 @@
  -/* $Cambridge: exim/exim-src/src/expand.c,v 1.92 2008/01/17 13:03:35 tom Exp $ */
  +/* $Cambridge: exim/exim-src/src/expand.c,v 1.93 2008/02/12 12:52:51 nm4 Exp $ */


   /*************************************************
   *     Exim - an Internet mail transport agent    *
  @@ -575,6 +575,7 @@
     { "spam_score_int",      vtype_stringptr,   &spam_score_int },
   #endif
   #ifdef EXPERIMENTAL_SPF
  +  { "spf_guess",           vtype_stringptr,   &spf_guess },
     { "spf_header_comment",  vtype_stringptr,   &spf_header_comment },
     { "spf_received",        vtype_stringptr,   &spf_received },
     { "spf_result",          vtype_stringptr,   &spf_result },


  Index: globals.c
  ===================================================================
  RCS file: /home/cvs/exim/exim-src/src/globals.c,v
  retrieving revision 1.80
  retrieving revision 1.81
  diff -u -r1.80 -r1.81
  --- globals.c    17 Jan 2008 13:03:35 -0000    1.80
  +++ globals.c    12 Feb 2008 12:52:51 -0000    1.81
  @@ -1,4 +1,4 @@
  -/* $Cambridge: exim/exim-src/src/globals.c,v 1.80 2008/01/17 13:03:35 tom Exp $ */
  +/* $Cambridge: exim/exim-src/src/globals.c,v 1.81 2008/02/12 12:52:51 nm4 Exp $ */


   /*************************************************
   *     Exim - an Internet mail transport agent    *
  @@ -1136,6 +1136,7 @@
   uschar *spam_score_int         = NULL;
   #endif
   #ifdef EXPERIMENTAL_SPF
  +uschar *spf_guess              = US"v=spf1 a/24 mx/24 ptr ?all";
   uschar *spf_header_comment     = NULL;
   uschar *spf_received           = NULL;
   uschar *spf_result             = NULL;


  Index: globals.h
  ===================================================================
  RCS file: /home/cvs/exim/exim-src/src/globals.h,v
  retrieving revision 1.61
  retrieving revision 1.62
  diff -u -r1.61 -r1.62
  --- globals.h    17 Jan 2008 13:03:35 -0000    1.61
  +++ globals.h    12 Feb 2008 12:52:51 -0000    1.62
  @@ -1,4 +1,4 @@
  -/* $Cambridge: exim/exim-src/src/globals.h,v 1.61 2008/01/17 13:03:35 tom Exp $ */
  +/* $Cambridge: exim/exim-src/src/globals.h,v 1.62 2008/02/12 12:52:51 nm4 Exp $ */


   /*************************************************
   *     Exim - an Internet mail transport agent    *
  @@ -705,6 +705,7 @@
   extern uschar *spam_score_int;         /* spam_score * 10 (int) */
   #endif
   #ifdef EXPERIMENTAL_SPF
  +extern uschar *spf_guess;              /* spf best-guess record */
   extern uschar *spf_header_comment;     /* spf header comment */
   extern uschar *spf_received;           /* Received-SPF: header */
   extern uschar *spf_result;             /* spf result in string form */


  Index: readconf.c
  ===================================================================
  RCS file: /home/cvs/exim/exim-src/src/readconf.c,v
  retrieving revision 1.34
  retrieving revision 1.35
  diff -u -r1.34 -r1.35
  --- readconf.c    17 Jan 2008 13:03:35 -0000    1.34
  +++ readconf.c    12 Feb 2008 12:52:51 -0000    1.35
  @@ -1,4 +1,4 @@
  -/* $Cambridge: exim/exim-src/src/readconf.c,v 1.34 2008/01/17 13:03:35 tom Exp $ */
  +/* $Cambridge: exim/exim-src/src/readconf.c,v 1.35 2008/02/12 12:52:51 nm4 Exp $ */


   /*************************************************
   *     Exim - an Internet mail transport agent    *
  @@ -357,6 +357,9 @@
   #ifdef WITH_CONTENT_SCAN
     { "spamd_address",            opt_stringptr,   &spamd_address },
   #endif
  +#ifdef EXPERIMENTAL_SPF
  +  { "spf_guess",                opt_stringptr,   &spf_guess },
  +#endif
     { "split_spool_directory",    opt_bool,        &split_spool_directory },
     { "spool_directory",          opt_stringptr,   &spool_directory },
   #ifdef LOOKUP_SQLITE


  Index: spf.c
  ===================================================================
  RCS file: /home/cvs/exim/exim-src/src/spf.c,v
  retrieving revision 1.7
  retrieving revision 1.8
  diff -u -r1.7 -r1.8
  --- spf.c    17 May 2007 19:55:10 -0000    1.7
  +++ spf.c    12 Feb 2008 12:52:51 -0000    1.8
  @@ -1,4 +1,4 @@
  -/* $Cambridge: exim/exim-src/src/spf.c,v 1.7 2007/05/17 19:55:10 tom Exp $ */
  +/* $Cambridge: exim/exim-src/src/spf.c,v 1.8 2008/02/12 12:52:51 nm4 Exp $ */


   /*************************************************
   *     Exim - an Internet mail transport agent    *
  @@ -73,7 +73,7 @@
      context (if any), retrieves the result, sets up expansion
      strings and evaluates the condition outcome. */


  -int spf_process(uschar **listptr, uschar *spf_envelope_sender) {
  +int spf_process(uschar **listptr, uschar *spf_envelope_sender, int action) {
     int sep = 0;
     uschar *list = *listptr;
     uschar *spf_result_id;
  @@ -93,7 +93,10 @@
     }


     /* get SPF result */
  -  SPF_request_query_mailfrom(spf_request, &spf_response);
  +  if (action == SPF_PROCESS_FALLBACK)
  +    SPF_request_query_fallback(spf_request, &spf_response, spf_guess);
  +  else
  +    SPF_request_query_mailfrom(spf_request, &spf_response);


     /* set up expansion items */
     spf_header_comment     = (uschar *)SPF_response_get_header_comment(spf_response);
  @@ -106,6 +109,10 @@
     /* We got a result. Now see if we should return OK or FAIL for it */
     SPF_EVALUATE:
     debug_printf("SPF result is %s (%d)\n", SPF_strresult(rc), rc);
  +
  +  if (action == SPF_PROCESS_GUESS && (!strcmp (SPF_strresult(rc), "none")))
  +    return spf_process(listptr, spf_envelope_sender, SPF_PROCESS_FALLBACK);
  +
     while ((spf_result_id = string_nextinlist(&list, &sep,
                                        spf_result_id_buffer,
                                        sizeof(spf_result_id_buffer))) != NULL) {


  Index: spf.h
  ===================================================================
  RCS file: /home/cvs/exim/exim-src/src/spf.h,v
  retrieving revision 1.6
  retrieving revision 1.7
  diff -u -r1.6 -r1.7
  --- spf.h    27 Jun 2005 15:28:45 -0000    1.6
  +++ spf.h    12 Feb 2008 12:52:51 -0000    1.7
  @@ -1,4 +1,4 @@
  -/* $Cambridge: exim/exim-src/src/spf.h,v 1.6 2005/06/27 15:28:45 tom Exp $ */
  +/* $Cambridge: exim/exim-src/src/spf.h,v 1.7 2008/02/12 12:52:51 nm4 Exp $ */


   /*************************************************
   *     Exim - an Internet mail transport agent    *
  @@ -26,6 +26,10 @@


   /* prototypes */
   int spf_init(uschar *,uschar *);
  -int spf_process(uschar **, uschar *);
  +int spf_process(uschar **, uschar *, int);
  +
  +#define SPF_PROCESS_NORMAL  0
  +#define SPF_PROCESS_GUESS   1
  +#define SPF_PROCESS_FALLBACK    2


#endif