Merge pull request #32 from jcbf/jcbf/received_spf_header

Allow Received-SPF header back.
jcbf · Sep 11, 2017 · 40dd600 · 40dd600
2 parents 451d113 + 7494cec
commit 40dd600
Show file tree

Hide file tree

Showing 2 changed files with 49 additions and 1 deletion.
diff --git a/smf-spf.c b/smf-spf.c
@@ -55,6 +55,7 @@
 #define ACCEPT_PERMERR		1
 #define TAG_SUBJECT		1
 #define ADD_HEADER		1
+#define ADD_RECV_HEADER		0
 #define QUARANTINE		0
 #define DAEMONIZE		1
 #define VERSION			"2.3.0"
@@ -136,6 +137,7 @@ typedef struct config {
     int accept_temperror;
     int tag_subject;
     int add_header;
+    int add_recv_spf_header;
     int quarantine;
     int syslog_facility;
     int daemonize;
@@ -374,6 +376,7 @@ static int load_config(void) {
     conf.accept_temperror = ACCEPT_PERMERR;
     conf.tag_subject = TAG_SUBJECT;
     conf.add_header = ADD_HEADER;
+    conf.add_recv_spf_header = ADD_RECV_HEADER;
     conf.quarantine = QUARANTINE;
     conf.spf_ttl = SPF_TTL;
     conf.daemonize = DAEMONIZE;
@@ -483,6 +486,10 @@ static int load_config(void) {
 	    conf.add_header = 0;
 	    continue;
 	}
+	if (!strcasecmp(key, "addreceivedheader") && !strcasecmp(val, "on")) {
+	    conf.add_recv_spf_header = 1;
+	    continue;
+	}
 	if (!strcasecmp(key, "quarantine") && !strcasecmp(val, "on")) {
 	    conf.quarantine = 1;
 	    continue;
@@ -888,6 +895,39 @@ static sfsistat smf_eom(SMFICTX *ctx) {
 	    free(spf_hdr);
 	}
     }
+
+
+    if (conf.add_recv_spf_header) {
+	char *spf_hdr = NULL;
+
+	if ((spf_hdr = calloc(1, 512))) {
+	    switch (context->status) {
+		case SPF_RESULT_PASS:
+		    snprintf(spf_hdr, 512, "Pass (%s: domain of %s\n\tdesignates %s as permitted sender)\n\treceiver=%s; client-ip=%s;\n\tenvelope-from=%s; helo=%s;",
+			context->site, context->sender, context->addr, context->site, context->addr, context->from, context->helo);
+		    break;
+		case SPF_RESULT_FAIL:
+		    snprintf(spf_hdr, 512, "Fail (%s: domain of %s\n\tdoes not designate %s as permitted sender)\n\treceiver=%s; client-ip=%s;\n\tenvelope-from=%s; helo=%s;",
+			context->site, context->sender, context->addr, context->site, context->addr, context->from, context->helo);
+		    break;
+		case SPF_RESULT_SOFTFAIL:
+		    snprintf(spf_hdr, 512, "SoftFail (%s: transitioning domain of %s\n\tdoes not designate %s as permitted sender)\n\treceiver=%s; client-ip=%s;\n\tenvelope-from=%s; helo=%s;",
+			context->site, context->sender, context->addr, context->site, context->addr, context->from, context->helo);
+		    break;
+		case SPF_RESULT_NEUTRAL:
+		    snprintf(spf_hdr, 512, "Neutral (%s: %s is neither permitted\n\tnor denied by domain of %s)\n\treceiver=%s; client-ip=%s;\n\tenvelope-from=%s; helo=%s;",
+			context->site, context->addr, context->sender, context->site, context->addr, context->from, context->helo);
+		    break;
+		case SPF_RESULT_NONE:
+		default:
+		    snprintf(spf_hdr, 512, "None (%s: domain of %s\n\tdoes not designate permitted sender hosts)\n\treceiver=%s; client-ip=%s;\n\tenvelope-from=%s; helo=%s;",
+			context->site, context->sender, context->site, context->addr, context->from, context->helo);
+		    break;
+	    }
+	    smfi_addheader(ctx, "Received-SPF", spf_hdr);
+	    free(spf_hdr);
+	}
+    }
     if (context->rcpts) {
 	STR *it = context->rcpts;
 

diff --git a/smf-spf.conf b/smf-spf.conf
@@ -68,7 +68,15 @@ WhitelistIP	192.168.0.0/16
 #
 #Tag		[SPF:fail]
 
-# Build a standard Received-SPF: header
+# Add the deprecated Received-SPF: header
+#
+# Default: off
+#
+# AddReceivedHeader off
+
+
+
+# Build a standard Authentication-Results: header
 #
 # Default: on
 #