[exim-cvs] SPF: enhance A-R result

Gitweb: https://git.exim.org/exim.git/commitdiff/0ea0fca404813e6c568b02b1d1d068983d055b5d

Commit:     0ea0fca404813e6c568b02b1d1d068983d055b5d
Parent:     980bb6b778928aeb9401bafc9e1a00c184fb5ff0
Author:     Jeremy Harris <jgh146exb@???>
AuthorDate: Sat Aug 1 21:16:19 2020 +0100
Committer:  Jeremy Harris <jgh146exb@???>
CommitDate: Sat Aug 1 21:16:19 2020 +0100

    SPF: enhance A-R result
---
 doc/doc-txt/ChangeLog      |  4 ++++
 src/src/spf.c              |  6 +++++-
 test/log/4600              |  7 ++++++-
 test/scripts/4600-SPF/4600 | 15 +++++++++++++--
 test/stdout/4600           | 16 +++++++++++++++-
 5 files changed, 43 insertions(+), 5 deletions(-)

diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 6062736..59d2ad6 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -92,6 +92,10 @@ JH/18 Bug 2617: Fix a taint trap in parse_fix_phrase().  Previously when the
       rewrite with the "h" flag, by using the "-F" command-line option, or
       by using a "name=" option on a control=submission ACL modifier.

+JH/19 SPF: change the Authentication-Results expansion component to give
+      smtp.helo when the sender domain is empty.  Previously it gave
+      "smtp.mailfrom=<>"
+

Exim version 4.94
-----------------
diff --git a/src/src/spf.c b/src/src/spf.c
index 48f26f3..3a1912a 100644
--- a/src/src/spf.c
+++ b/src/src/spf.c
@@ -402,8 +402,12 @@ if (spf_result_guessed)
g = string_cat(g, US" (best guess record for domain)");

s = expand_string(US"$sender_address_domain");
+if (s && *s)
+ return string_append(g, 2, US" smtp.mailfrom=", s);
+
+s = sender_helo_name;
return s && *s
- ? string_append(g, 2, US" smtp.mailfrom=", s)
+ ? string_append(g, 2, US" smtp.helo=", s)
: string_cat(g, US" smtp.mailfrom=<>");
}

diff --git a/test/log/4600 b/test/log/4600
index de8432e..065cd54 100644
--- a/test/log/4600
+++ b/test/log/4600
@@ -1,6 +1,6 @@

 ******** SERVER ********
-1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_D port PORT_S port PORT_N
+1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_D port PORT_S port PORT_D2
 1999-03-02 09:44:33 spf_result         pass
 1999-03-02 09:44:33 spf_header_comment myhost.test.ex: localhost is always allowed.
 1999-03-02 09:44:33 spf_smtp_comment   
@@ -28,3 +28,8 @@
 1999-03-02 09:44:33 spf_received       
 1999-03-02 09:44:33 Authentication-Results: myhost.test.ex
 1999-03-02 09:44:33 H=(testclient) [127.0.0.1] F=<c@???> rejected RCPT <fred@???>
+1999-03-02 09:44:33 spf_result         pass
+1999-03-02 09:44:33 spf_header_comment myhost.test.ex: localhost is always allowed.
+1999-03-02 09:44:33 spf_smtp_comment   
+1999-03-02 09:44:33 spf_received       Received-SPF: pass (myhost.test.ex: localhost is always allowed.) client-ip=127.0.0.1; envelope-from=postmaster@???; helo=example.com;
+1999-03-02 09:44:33 Authentication-Results: myhost.test.ex;\n    spf=pass smtp.helo=example.com
diff --git a/test/scripts/4600-SPF/4600 b/test/scripts/4600-SPF/4600
index 8490288..cb67d19 100644
--- a/test/scripts/4600-SPF/4600
+++ b/test/scripts/4600-SPF/4600
@@ -7,7 +7,7 @@
 # so the testsuite intercept to fakedns works.  Be careful of names and addresses
 # used, as nonhandled lookups are passed on to real DNS.
 #
-exim -bd -DSERVER=server -oX PORT_D:PORT_S:PORT_N
+exim -bd -DSERVER=server -oX PORT_D:PORT_S:PORT_D2
 ****
 client 127.0.0.1 PORT_S
 ??? 220
@@ -49,7 +49,7 @@ rcpt to:<fred@???>
 ??? 550
 quit
 ****
-client 127.0.0.1 PORT_N
+client 127.0.0.1 PORT_D2
 ??? 220
 helo testclient
 ??? 250
@@ -60,4 +60,15 @@ rcpt to:<fred@???>
 quit
 ****
 #
+client 127.0.0.1 PORT_S
+??? 220
+helo example.com
+??? 250
+mail from:<>
+??? 250
+rcpt to:<fred@???>
+??? 250
+quit
+****
+#
 killdaemon
diff --git a/test/stdout/4600 b/test/stdout/4600
index 030d1eb..a0d3eed 100644
--- a/test/stdout/4600
+++ b/test/stdout/4600
@@ -54,7 +54,7 @@ Connecting to ip4.ip4.ip4.ip4 port 1225 ... connected
 <<< 550 Administrative prohibition

>>> quit
End of script
-Connecting to 127.0.0.1 port 1223 ... connected
+Connecting to 127.0.0.1 port 1226 ... connected
??? 220
<<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000
>>> helo testclient
@@ -68,3 +68,17 @@ Connecting to 127.0.0.1 port 1223 ... connected
<<< 550 Administrative prohibition
>>> quit
End of script
+Connecting to 127.0.0.1 port 1224 ... connected
+??? 220
+<<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000
+>>> helo example.com
+??? 250
+<<< 250 myhost.test.ex Hello example.com [127.0.0.1]
+>>> mail from:<>
+??? 250
+<<< 250 OK
+>>> rcpt to:<fred@???>
+??? 250
+<<< 250 Accepted
+>>> quit
+End of script