Commit | Line | Data |
---|---|---|
4840604e TL |
1 | /************************************************* |
2 | * Exim - an Internet mail transport agent * | |
3 | *************************************************/ | |
4 | /* Experimental DMARC support. | |
5 | Copyright (c) Todd Lyons <tlyons@exim.org> 2012, 2013 | |
6 | License: GPL */ | |
7 | ||
8 | /* Portions Copyright (c) 2012, 2013, The Trusted Domain Project; | |
9 | All rights reserved, licensed for use per LICENSE.opendmarc. */ | |
10 | ||
11 | /* Code for calling dmarc checks via libopendmarc. Called from acl.c. */ | |
12 | ||
13 | #include "exim.h" | |
14 | #ifdef EXPERIMENTAL_DMARC | |
4a8ce2d8 TL |
15 | #if !defined EXPERIMENTAL_SPF |
16 | #error SPF must also be enabled for DMARC | |
17 | #elif defined DISABLE_DKIM | |
18 | #error DKIM must also be enabled for DMARC | |
19 | #else | |
4840604e TL |
20 | |
21 | #include "functions.h" | |
22 | #include "dmarc.h" | |
23 | #include "pdkim/pdkim.h" | |
24 | ||
25 | OPENDMARC_LIB_T dmarc_ctx; | |
26 | DMARC_POLICY_T *dmarc_pctx = NULL; | |
27 | OPENDMARC_STATUS_T libdm_status, action, dmarc_policy; | |
28 | OPENDMARC_STATUS_T da, sa, action; | |
29 | BOOL dmarc_abort = FALSE; | |
30 | uschar *dmarc_pass_fail = US"skipped"; | |
31 | extern pdkim_signature *dkim_signatures; | |
32 | header_line *from_header = NULL; | |
4840604e | 33 | extern SPF_response_t *spf_response; |
620df281 | 34 | int dmarc_spf_ares_result = 0; |
4840604e TL |
35 | uschar *spf_sender_domain = NULL; |
36 | uschar *spf_human_readable = NULL; | |
4840604e TL |
37 | u_char *header_from_sender = NULL; |
38 | int history_file_status = DMARC_HIST_OK; | |
4840604e TL |
39 | uschar *dkim_history_buffer= NULL; |
40 | ||
41 | /* Accept an error_block struct, initialize if empty, parse to the | |
42 | * end, and append the two strings passed to it. Used for adding | |
43 | * variable amounts of value:pair data to the forensic emails. */ | |
44 | ||
45 | static error_block * | |
46 | add_to_eblock(error_block *eblock, uschar *t1, uschar *t2) | |
47 | { | |
48 | error_block *eb = malloc(sizeof(error_block)); | |
49 | if (eblock == NULL) | |
50 | eblock = eb; | |
51 | else | |
52 | { | |
53 | /* Find the end of the eblock struct and point it at eb */ | |
54 | error_block *tmp = eblock; | |
55 | while(tmp->next != NULL) | |
56 | tmp = tmp->next; | |
57 | tmp->next = eb; | |
58 | } | |
59 | eb->text1 = t1; | |
60 | eb->text2 = t2; | |
61 | eb->next = NULL; | |
62 | return eblock; | |
63 | } | |
64 | ||
65 | /* dmarc_init sets up a context that can be re-used for several | |
66 | messages on the same SMTP connection (that come from the | |
67 | same host with the same HELO string) */ | |
68 | ||
4a8ce2d8 TL |
69 | int dmarc_init() |
70 | { | |
4840604e TL |
71 | int *netmask = NULL; /* Ignored */ |
72 | int is_ipv6 = 0; | |
73 | char *tld_file = (dmarc_tld_file == NULL) ? | |
74 | "/etc/exim/opendmarc.tlds" : | |
75 | (char *)dmarc_tld_file; | |
76 | ||
77 | /* Set some sane defaults. Also clears previous results when | |
78 | * multiple messages in one connection. */ | |
79 | dmarc_pctx = NULL; | |
80 | dmarc_status = US"none"; | |
81 | dmarc_abort = FALSE; | |
82 | dmarc_pass_fail = US"skipped"; | |
83 | dmarc_used_domain = US""; | |
84 | header_from_sender = NULL; | |
4840604e TL |
85 | spf_sender_domain = NULL; |
86 | spf_human_readable = NULL; | |
4840604e TL |
87 | |
88 | /* ACLs have "control=dmarc_disable_verify" */ | |
89 | if (dmarc_disable_verify == TRUE) | |
90 | return OK; | |
91 | ||
92 | (void) memset(&dmarc_ctx, '\0', sizeof dmarc_ctx); | |
93 | dmarc_ctx.nscount = 0; | |
94 | libdm_status = opendmarc_policy_library_init(&dmarc_ctx); | |
95 | if (libdm_status != DMARC_PARSE_OKAY) | |
96 | { | |
97 | log_write(0, LOG_MAIN|LOG_PANIC, "DMARC failure to init library: %s", | |
98 | opendmarc_policy_status_to_str(libdm_status)); | |
99 | dmarc_abort = TRUE; | |
100 | } | |
ac7a78c5 TL |
101 | if (dmarc_tld_file == NULL) |
102 | dmarc_abort = TRUE; | |
103 | else if (opendmarc_tld_read_file(tld_file, NULL, NULL, NULL)) | |
4840604e TL |
104 | { |
105 | log_write(0, LOG_MAIN|LOG_PANIC, "DMARC failure to load tld list %s: %d", | |
106 | tld_file, errno); | |
107 | dmarc_abort = TRUE; | |
108 | } | |
109 | if (sender_host_address == NULL) | |
110 | dmarc_abort = TRUE; | |
111 | /* This catches locally originated email and startup errors above. */ | |
112 | if ( dmarc_abort == FALSE ) | |
113 | { | |
114 | is_ipv6 = string_is_ip_address(sender_host_address, netmask); | |
115 | is_ipv6 = (is_ipv6 == 6) ? TRUE : | |
116 | (is_ipv6 == 4) ? FALSE : FALSE; | |
117 | dmarc_pctx = opendmarc_policy_connect_init(sender_host_address, is_ipv6); | |
118 | if (dmarc_pctx == NULL ) | |
119 | { | |
120 | log_write(0, LOG_MAIN|LOG_PANIC, "DMARC failure creating policy context: ip=%s", | |
121 | sender_host_address); | |
122 | dmarc_abort = TRUE; | |
123 | } | |
124 | } | |
125 | ||
126 | return OK; | |
127 | } | |
128 | ||
129 | ||
130 | /* dmarc_store_data stores the header data so that subsequent | |
131 | * dmarc_process can access the data */ | |
132 | ||
133 | int dmarc_store_data(header_line *hdr) { | |
134 | /* No debug output because would change every test debug output */ | |
135 | if (dmarc_disable_verify != TRUE) | |
136 | from_header = hdr; | |
137 | return OK; | |
138 | } | |
139 | ||
140 | ||
141 | /* dmarc_process adds the envelope sender address to the existing | |
142 | context (if any), retrieves the result, sets up expansion | |
143 | strings and evaluates the condition outcome. */ | |
144 | ||
145 | int dmarc_process() { | |
620df281 TL |
146 | int sr, origin; /* used in SPF section */ |
147 | int dmarc_spf_result = 0; /* stores spf into dmarc conn ctx */ | |
4840604e TL |
148 | pdkim_signature *sig = NULL; |
149 | BOOL has_dmarc_record = TRUE; | |
150 | u_char **ruf; /* forensic report addressees, if called for */ | |
151 | ||
152 | /* ACLs have "control=dmarc_disable_verify" */ | |
153 | if (dmarc_disable_verify == TRUE) | |
154 | { | |
155 | dmarc_ar_header = dmarc_auth_results_header(from_header, NULL); | |
156 | return OK; | |
157 | } | |
158 | ||
159 | /* Store the header From: sender domain for this part of DMARC. | |
160 | * If there is no from_header struct, then it's likely this message | |
161 | * is locally generated and relying on fixups to add it. Just skip | |
162 | * the entire DMARC system if we can't find a From: header....or if | |
163 | * there was a previous error. | |
164 | */ | |
165 | if (from_header == NULL || dmarc_abort == TRUE) | |
166 | dmarc_abort = TRUE; | |
167 | else | |
168 | { | |
169 | /* I strongly encourage anybody who can make this better to contact me directly! | |
170 | * <cannonball> Is this an insane way to extract the email address from the From: header? | |
171 | * <jgh_hm> it's sure a horrid layer-crossing.... | |
172 | * <cannonball> I'm not denying that :-/ | |
173 | * <jgh_hm> there may well be no better though | |
174 | */ | |
175 | header_from_sender = expand_string( | |
176 | string_sprintf("${domain:${extract{1}{:}{${addresses:%s}}}}", | |
177 | from_header->text) ); | |
178 | /* The opendmarc library extracts the domain from the email address, but | |
179 | * only try to store it if it's not empty. Otherwise, skip out of DMARC. */ | |
180 | if (strcmp( CCS header_from_sender, "") == 0) | |
181 | dmarc_abort = TRUE; | |
182 | libdm_status = (dmarc_abort == TRUE) ? | |
183 | DMARC_PARSE_OKAY : | |
184 | opendmarc_policy_store_from_domain(dmarc_pctx, header_from_sender); | |
185 | if (libdm_status != DMARC_PARSE_OKAY) | |
186 | { | |
187 | log_write(0, LOG_MAIN|LOG_PANIC, "failure to store header From: in DMARC: %s, header was '%s'", | |
188 | opendmarc_policy_status_to_str(libdm_status), from_header->text); | |
189 | dmarc_abort = TRUE; | |
190 | } | |
191 | } | |
192 | ||
193 | /* Skip DMARC if connection is SMTP Auth. Temporarily, admin should | |
194 | * instead do this in the ACLs. */ | |
195 | if (dmarc_abort == FALSE && sender_host_authenticated == NULL) | |
196 | { | |
4840604e TL |
197 | /* Use the envelope sender domain for this part of DMARC */ |
198 | spf_sender_domain = expand_string(US"$sender_address_domain"); | |
199 | if ( spf_response == NULL ) | |
200 | { | |
201 | /* No spf data means null envelope sender so generate a domain name | |
620df281 | 202 | * from the sender_helo_name */ |
4840604e TL |
203 | if (spf_sender_domain == NULL) |
204 | { | |
620df281 | 205 | spf_sender_domain = sender_helo_name; |
4840604e TL |
206 | log_write(0, LOG_MAIN, "DMARC using synthesized SPF sender domain = %s\n", |
207 | spf_sender_domain); | |
208 | DEBUG(D_receive) | |
209 | debug_printf("DMARC using synthesized SPF sender domain = %s\n", spf_sender_domain); | |
210 | } | |
211 | dmarc_spf_result = DMARC_POLICY_SPF_OUTCOME_NONE; | |
620df281 | 212 | dmarc_spf_ares_result = ARES_RESULT_UNKNOWN; |
4840604e TL |
213 | origin = DMARC_POLICY_SPF_ORIGIN_HELO; |
214 | spf_human_readable = US""; | |
215 | } | |
216 | else | |
217 | { | |
218 | sr = spf_response->result; | |
219 | dmarc_spf_result = (sr == SPF_RESULT_NEUTRAL) ? DMARC_POLICY_SPF_OUTCOME_NONE : | |
220 | (sr == SPF_RESULT_PASS) ? DMARC_POLICY_SPF_OUTCOME_PASS : | |
221 | (sr == SPF_RESULT_FAIL) ? DMARC_POLICY_SPF_OUTCOME_FAIL : | |
222 | (sr == SPF_RESULT_SOFTFAIL) ? DMARC_POLICY_SPF_OUTCOME_TMPFAIL : | |
223 | DMARC_POLICY_SPF_OUTCOME_NONE; | |
620df281 TL |
224 | dmarc_spf_ares_result = (sr == SPF_RESULT_NEUTRAL) ? ARES_RESULT_NEUTRAL : |
225 | (sr == SPF_RESULT_PASS) ? ARES_RESULT_PASS : | |
226 | (sr == SPF_RESULT_FAIL) ? ARES_RESULT_FAIL : | |
227 | (sr == SPF_RESULT_SOFTFAIL) ? ARES_RESULT_SOFTFAIL : | |
228 | (sr == SPF_RESULT_NONE) ? ARES_RESULT_NONE : | |
229 | (sr == SPF_RESULT_TEMPERROR) ? ARES_RESULT_TEMPERROR : | |
230 | (sr == SPF_RESULT_PERMERROR) ? ARES_RESULT_PERMERROR : | |
231 | ARES_RESULT_UNKNOWN; | |
4840604e TL |
232 | origin = DMARC_POLICY_SPF_ORIGIN_MAILFROM; |
233 | spf_human_readable = (uschar *)spf_response->header_comment; | |
234 | DEBUG(D_receive) | |
235 | debug_printf("DMARC using SPF sender domain = %s\n", spf_sender_domain); | |
236 | } | |
237 | if (strcmp( CCS spf_sender_domain, "") == 0) | |
238 | dmarc_abort = TRUE; | |
239 | if (dmarc_abort == FALSE) | |
240 | { | |
241 | libdm_status = opendmarc_policy_store_spf(dmarc_pctx, spf_sender_domain, | |
242 | dmarc_spf_result, origin, spf_human_readable); | |
243 | if (libdm_status != DMARC_PARSE_OKAY) | |
244 | log_write(0, LOG_MAIN|LOG_PANIC, "failure to store spf for DMARC: %s", | |
245 | opendmarc_policy_status_to_str(libdm_status)); | |
246 | } | |
4840604e TL |
247 | |
248 | /* Now we cycle through the dkim signature results and put into | |
249 | * the opendmarc context, further building the DMARC reply. */ | |
250 | sig = dkim_signatures; | |
251 | dkim_history_buffer = US""; | |
252 | while (sig != NULL) | |
253 | { | |
620df281 TL |
254 | int dkim_result, dkim_ares_result, vs, ves; |
255 | vs = sig->verify_status; | |
256 | ves = sig->verify_ext_status; | |
4840604e | 257 | dkim_result = ( vs == PDKIM_VERIFY_PASS ) ? DMARC_POLICY_DKIM_OUTCOME_PASS : |
620df281 TL |
258 | ( vs == PDKIM_VERIFY_FAIL ) ? DMARC_POLICY_DKIM_OUTCOME_FAIL : |
259 | ( vs == PDKIM_VERIFY_INVALID ) ? DMARC_POLICY_DKIM_OUTCOME_TMPFAIL : | |
4840604e TL |
260 | DMARC_POLICY_DKIM_OUTCOME_NONE; |
261 | libdm_status = opendmarc_policy_store_dkim(dmarc_pctx, (uschar *)sig->domain, | |
262 | dkim_result, US""); | |
263 | DEBUG(D_receive) | |
264 | debug_printf("DMARC adding DKIM sender domain = %s\n", sig->domain); | |
265 | if (libdm_status != DMARC_PARSE_OKAY) | |
266 | log_write(0, LOG_MAIN|LOG_PANIC, "failure to store dkim (%s) for DMARC: %s", | |
267 | sig->domain, opendmarc_policy_status_to_str(libdm_status)); | |
268 | ||
620df281 TL |
269 | dkim_ares_result = ( vs == PDKIM_VERIFY_PASS ) ? ARES_RESULT_PASS : |
270 | ( vs == PDKIM_VERIFY_FAIL ) ? ARES_RESULT_FAIL : | |
271 | ( vs == PDKIM_VERIFY_NONE ) ? ARES_RESULT_NONE : | |
272 | ( vs == PDKIM_VERIFY_INVALID ) ? | |
273 | ( ves == PDKIM_VERIFY_INVALID_PUBKEY_UNAVAILABLE ? ARES_RESULT_PERMERROR : | |
274 | ves == PDKIM_VERIFY_INVALID_BUFFER_SIZE ? ARES_RESULT_PERMERROR : | |
275 | ves == PDKIM_VERIFY_INVALID_PUBKEY_PARSING ? ARES_RESULT_PERMERROR : | |
276 | ARES_RESULT_UNKNOWN ) : | |
277 | ARES_RESULT_UNKNOWN; | |
4840604e | 278 | dkim_history_buffer = string_sprintf("%sdkim %s %d\n", dkim_history_buffer, |
620df281 | 279 | sig->domain, dkim_ares_result); |
4840604e TL |
280 | sig = sig->next; |
281 | } | |
282 | libdm_status = opendmarc_policy_query_dmarc(dmarc_pctx, US""); | |
283 | switch (libdm_status) | |
284 | { | |
285 | case DMARC_DNS_ERROR_NXDOMAIN: | |
286 | case DMARC_DNS_ERROR_NO_RECORD: | |
287 | DEBUG(D_receive) | |
288 | debug_printf("DMARC no record found for %s\n", header_from_sender); | |
289 | has_dmarc_record = FALSE; | |
290 | break; | |
291 | case DMARC_PARSE_OKAY: | |
292 | DEBUG(D_receive) | |
293 | debug_printf("DMARC record found for %s\n", header_from_sender); | |
294 | break; | |
295 | case DMARC_PARSE_ERROR_BAD_VALUE: | |
296 | DEBUG(D_receive) | |
297 | debug_printf("DMARC record parse error for %s\n", header_from_sender); | |
298 | has_dmarc_record = FALSE; | |
299 | break; | |
300 | default: | |
301 | /* everything else, skip dmarc */ | |
302 | DEBUG(D_receive) | |
303 | debug_printf("DMARC skipping (%d), unsure what to do with %s", | |
304 | libdm_status, from_header->text); | |
305 | has_dmarc_record = FALSE; | |
306 | break; | |
307 | } | |
308 | /* Can't use exim's string manipulation functions so allocate memory | |
309 | * for libopendmarc using its max hostname length definition. */ | |
310 | uschar *dmarc_domain = (uschar *)calloc(DMARC_MAXHOSTNAMELEN, sizeof(uschar)); | |
311 | libdm_status = opendmarc_policy_fetch_utilized_domain(dmarc_pctx, dmarc_domain, | |
312 | DMARC_MAXHOSTNAMELEN-1); | |
313 | dmarc_used_domain = string_copy(dmarc_domain); | |
314 | free(dmarc_domain); | |
315 | if (libdm_status != DMARC_PARSE_OKAY) | |
316 | { | |
317 | log_write(0, LOG_MAIN|LOG_PANIC, "failure to read domainname used for DMARC lookup: %s", | |
318 | opendmarc_policy_status_to_str(libdm_status)); | |
319 | } | |
320 | libdm_status = opendmarc_get_policy_to_enforce(dmarc_pctx); | |
321 | dmarc_policy = libdm_status; | |
322 | switch(libdm_status) | |
323 | { | |
324 | case DMARC_POLICY_ABSENT: /* No DMARC record found */ | |
325 | dmarc_status = US"norecord"; | |
326 | dmarc_pass_fail = US"temperror"; | |
327 | dmarc_status_text = US"No DMARC record"; | |
328 | action = DMARC_RESULT_ACCEPT; | |
329 | break; | |
330 | case DMARC_FROM_DOMAIN_ABSENT: /* No From: domain */ | |
331 | dmarc_status = US"nofrom"; | |
332 | dmarc_pass_fail = US"temperror"; | |
333 | dmarc_status_text = US"No From: domain found"; | |
334 | action = DMARC_RESULT_ACCEPT; | |
335 | break; | |
336 | case DMARC_POLICY_NONE: /* Accept and report */ | |
337 | dmarc_status = US"none"; | |
338 | dmarc_pass_fail = US"none"; | |
339 | dmarc_status_text = US"None, Accept"; | |
340 | action = DMARC_RESULT_ACCEPT; | |
341 | break; | |
342 | case DMARC_POLICY_PASS: /* Explicit accept */ | |
343 | dmarc_status = US"accept"; | |
344 | dmarc_pass_fail = US"pass"; | |
345 | dmarc_status_text = US"Accept"; | |
346 | action = DMARC_RESULT_ACCEPT; | |
347 | break; | |
348 | case DMARC_POLICY_REJECT: /* Explicit reject */ | |
349 | dmarc_status = US"reject"; | |
350 | dmarc_pass_fail = US"fail"; | |
351 | dmarc_status_text = US"Reject"; | |
352 | action = DMARC_RESULT_REJECT; | |
353 | break; | |
354 | case DMARC_POLICY_QUARANTINE: /* Explicit quarantine */ | |
355 | dmarc_status = US"quarantine"; | |
356 | dmarc_pass_fail = US"fail"; | |
357 | dmarc_status_text = US"Quarantine"; | |
358 | action = DMARC_RESULT_QUARANTINE; | |
359 | break; | |
360 | default: | |
361 | dmarc_status = US"temperror"; | |
362 | dmarc_pass_fail = US"temperror"; | |
363 | dmarc_status_text = US"Internal Policy Error"; | |
364 | action = DMARC_RESULT_TEMPFAIL; | |
365 | break; | |
366 | } | |
367 | ||
368 | libdm_status = opendmarc_policy_fetch_alignment(dmarc_pctx, &da, &sa); | |
369 | if (libdm_status != DMARC_PARSE_OKAY) | |
370 | { | |
371 | log_write(0, LOG_MAIN|LOG_PANIC, "failure to read DMARC alignment: %s", | |
372 | opendmarc_policy_status_to_str(libdm_status)); | |
373 | } | |
374 | ||
375 | if (has_dmarc_record == TRUE) | |
376 | { | |
377 | log_write(0, LOG_MAIN, "DMARC results: spf_domain=%s dmarc_domain=%s " | |
378 | "spf_align=%s dkim_align=%s enforcement='%s'", | |
379 | spf_sender_domain, dmarc_used_domain, | |
380 | (sa==DMARC_POLICY_SPF_ALIGNMENT_PASS) ?"yes":"no", | |
381 | (da==DMARC_POLICY_DKIM_ALIGNMENT_PASS)?"yes":"no", | |
382 | dmarc_status_text); | |
383 | history_file_status = dmarc_write_history_file(); | |
384 | /* Now get the forensic reporting addresses, if any */ | |
385 | ruf = opendmarc_policy_fetch_ruf(dmarc_pctx, NULL, 0, 1); | |
386 | dmarc_send_forensic_report(ruf); | |
387 | } | |
388 | } | |
389 | ||
390 | /* set some global variables here */ | |
391 | dmarc_ar_header = dmarc_auth_results_header(from_header, NULL); | |
392 | ||
393 | /* shut down libopendmarc */ | |
394 | if ( dmarc_pctx != NULL ) | |
395 | (void) opendmarc_policy_connect_shutdown(dmarc_pctx); | |
396 | if ( dmarc_disable_verify == FALSE ) | |
397 | (void) opendmarc_policy_library_shutdown(&dmarc_ctx); | |
398 | ||
399 | return OK; | |
400 | } | |
401 | ||
402 | int dmarc_write_history_file() | |
403 | { | |
abcc8901 | 404 | int history_file_fd; |
4840604e TL |
405 | ssize_t written_len; |
406 | int tmp_ans; | |
407 | u_char **rua; /* aggregate report addressees */ | |
4a8ce2d8 | 408 | uschar *history_buffer = NULL; |
4840604e TL |
409 | |
410 | if (dmarc_history_file == NULL) | |
411 | return DMARC_HIST_DISABLED; | |
412 | history_file_fd = log_create(dmarc_history_file); | |
413 | ||
414 | if (history_file_fd < 0) | |
415 | { | |
416 | log_write(0, LOG_MAIN|LOG_PANIC, "failure to create DMARC history file: %s", | |
417 | dmarc_history_file); | |
418 | return DMARC_HIST_FILE_ERR; | |
419 | } | |
420 | ||
421 | /* Generate the contents of the history file */ | |
422 | history_buffer = string_sprintf("job %s\n", message_id); | |
423 | history_buffer = string_sprintf("%sreporter %s\n", history_buffer, primary_hostname); | |
424 | history_buffer = string_sprintf("%sreceived %ld\n", history_buffer, time(NULL)); | |
425 | history_buffer = string_sprintf("%sipaddr %s\n", history_buffer, sender_host_address); | |
426 | history_buffer = string_sprintf("%sfrom %s\n", history_buffer, header_from_sender); | |
427 | history_buffer = string_sprintf("%smfrom %s\n", history_buffer, | |
428 | expand_string(US"$sender_address_domain")); | |
429 | ||
4840604e | 430 | if (spf_response != NULL) |
620df281 | 431 | history_buffer = string_sprintf("%sspf %d\n", history_buffer, dmarc_spf_ares_result); |
4a8ce2d8 | 432 | // history_buffer = string_sprintf("%sspf -1\n", history_buffer); |
4840604e TL |
433 | |
434 | history_buffer = string_sprintf("%s%s", history_buffer, dkim_history_buffer); | |
435 | history_buffer = string_sprintf("%spdomain %s\n", history_buffer, dmarc_used_domain); | |
436 | history_buffer = string_sprintf("%spolicy %d\n", history_buffer, dmarc_policy); | |
437 | ||
438 | rua = opendmarc_policy_fetch_rua(dmarc_pctx, NULL, 0, 1); | |
439 | if (rua != NULL) | |
440 | { | |
441 | for (tmp_ans = 0; rua[tmp_ans] != NULL; tmp_ans++) | |
442 | { | |
443 | history_buffer = string_sprintf("%srua %s\n", history_buffer, rua[tmp_ans]); | |
444 | } | |
445 | } | |
446 | else | |
447 | history_buffer = string_sprintf("%srua -\n", history_buffer); | |
448 | ||
449 | opendmarc_policy_fetch_pct(dmarc_pctx, &tmp_ans); | |
450 | history_buffer = string_sprintf("%spct %d\n", history_buffer, tmp_ans); | |
451 | ||
452 | opendmarc_policy_fetch_adkim(dmarc_pctx, &tmp_ans); | |
453 | history_buffer = string_sprintf("%sadkim %d\n", history_buffer, tmp_ans); | |
454 | ||
455 | opendmarc_policy_fetch_aspf(dmarc_pctx, &tmp_ans); | |
456 | history_buffer = string_sprintf("%saspf %d\n", history_buffer, tmp_ans); | |
457 | ||
458 | opendmarc_policy_fetch_p(dmarc_pctx, &tmp_ans); | |
459 | history_buffer = string_sprintf("%sp %d\n", history_buffer, tmp_ans); | |
460 | ||
461 | opendmarc_policy_fetch_sp(dmarc_pctx, &tmp_ans); | |
462 | history_buffer = string_sprintf("%ssp %d\n", history_buffer, tmp_ans); | |
463 | ||
464 | history_buffer = string_sprintf("%salign_dkim %d\n", history_buffer, da); | |
465 | history_buffer = string_sprintf("%salign_spf %d\n", history_buffer, sa); | |
466 | history_buffer = string_sprintf("%saction %d\n", history_buffer, action); | |
467 | ||
468 | /* Write the contents to the history file */ | |
469 | DEBUG(D_receive) | |
470 | debug_printf("DMARC logging history data for opendmarc reporting%s\n", | |
471 | (host_checking || running_in_test_harness) ? " (not really)" : ""); | |
472 | if (host_checking || running_in_test_harness) | |
473 | { | |
474 | DEBUG(D_receive) | |
475 | debug_printf("DMARC history data for debugging:\n%s", history_buffer); | |
476 | } | |
477 | else | |
478 | { | |
479 | written_len = write_to_fd_buf(history_file_fd, | |
480 | history_buffer, | |
481 | Ustrlen(history_buffer)); | |
482 | if (written_len == 0) | |
483 | { | |
484 | log_write(0, LOG_MAIN|LOG_PANIC, "failure to write to DMARC history file: %s", | |
485 | dmarc_history_file); | |
486 | return DMARC_HIST_WRITE_ERR; | |
487 | } | |
488 | (void)close(history_file_fd); | |
489 | } | |
490 | return DMARC_HIST_OK; | |
491 | } | |
492 | ||
493 | void dmarc_send_forensic_report(u_char **ruf) | |
494 | { | |
495 | int c; | |
496 | uschar *recipient, *save_sender; | |
497 | BOOL send_status = FALSE; | |
498 | error_block *eblock = NULL; | |
499 | FILE *message_file = NULL; | |
500 | ||
501 | /* Earlier ACL does not have *required* control=dmarc_enable_forensic */ | |
502 | if (dmarc_enable_forensic == FALSE) | |
503 | return; | |
504 | ||
505 | if ((dmarc_policy == DMARC_POLICY_REJECT && action == DMARC_RESULT_REJECT) || | |
506 | (dmarc_policy == DMARC_POLICY_QUARANTINE && action == DMARC_RESULT_QUARANTINE) ) | |
507 | { | |
508 | if (ruf != NULL) | |
509 | { | |
510 | eblock = add_to_eblock(eblock, US"Sender Domain", dmarc_used_domain); | |
511 | eblock = add_to_eblock(eblock, US"Sender IP Address", sender_host_address); | |
512 | eblock = add_to_eblock(eblock, US"Received Date", tod_stamp(tod_full)); | |
513 | eblock = add_to_eblock(eblock, US"SPF Alignment", | |
514 | (sa==DMARC_POLICY_SPF_ALIGNMENT_PASS) ?US"yes":US"no"); | |
515 | eblock = add_to_eblock(eblock, US"DKIM Alignment", | |
516 | (da==DMARC_POLICY_DKIM_ALIGNMENT_PASS)?US"yes":US"no"); | |
517 | eblock = add_to_eblock(eblock, US"DMARC Results", dmarc_status_text); | |
518 | /* Set a sane default envelope sender */ | |
519 | dsn_from = dmarc_forensic_sender ? dmarc_forensic_sender : | |
520 | dsn_from ? dsn_from : | |
521 | string_sprintf("do-not-reply@%s",primary_hostname); | |
522 | for (c = 0; ruf[c] != NULL; c++) | |
523 | { | |
524 | recipient = string_copylc(ruf[c]); | |
525 | if (Ustrncmp(recipient, "mailto:",7)) | |
526 | continue; | |
527 | /* Move to first character past the colon */ | |
528 | recipient += 7; | |
529 | DEBUG(D_receive) | |
530 | debug_printf("DMARC forensic report to %s%s\n", recipient, | |
531 | (host_checking || running_in_test_harness) ? " (not really)" : ""); | |
532 | if (host_checking || running_in_test_harness) | |
533 | continue; | |
534 | save_sender = sender_address; | |
535 | sender_address = recipient; | |
536 | send_status = moan_to_sender(ERRMESS_DMARC_FORENSIC, eblock, | |
537 | header_list, message_file, FALSE); | |
538 | sender_address = save_sender; | |
539 | if (send_status == FALSE) | |
540 | log_write(0, LOG_MAIN|LOG_PANIC, "failure to send DMARC forensic report to %s", | |
541 | recipient); | |
542 | } | |
543 | } | |
544 | } | |
545 | } | |
546 | ||
547 | uschar *dmarc_exim_expand_query(int what) | |
548 | { | |
549 | if (dmarc_disable_verify || !dmarc_pctx) | |
550 | return dmarc_exim_expand_defaults(what); | |
551 | ||
552 | switch(what) { | |
553 | case DMARC_VERIFY_STATUS: | |
554 | return(dmarc_status); | |
555 | default: | |
556 | return US""; | |
557 | } | |
558 | } | |
559 | ||
560 | uschar *dmarc_exim_expand_defaults(int what) | |
561 | { | |
562 | switch(what) { | |
563 | case DMARC_VERIFY_STATUS: | |
564 | return (dmarc_disable_verify) ? | |
565 | US"off" : | |
566 | US"none"; | |
567 | default: | |
568 | return US""; | |
569 | } | |
570 | } | |
571 | ||
572 | uschar *dmarc_auth_results_header(header_line *from_header, uschar *hostname) | |
573 | { | |
574 | uschar *hdr_tmp = US""; | |
575 | ||
576 | /* Allow a server hostname to be passed to this function, but is | |
577 | * currently unused */ | |
578 | if (hostname == NULL) | |
579 | hostname = primary_hostname; | |
580 | hdr_tmp = string_sprintf("%s %s;", DMARC_AR_HEADER, hostname); | |
581 | ||
582 | #if 0 | |
583 | /* I don't think this belongs here, but left it here commented out | |
584 | * because it was a lot of work to get working right. */ | |
4840604e TL |
585 | if (spf_response != NULL) { |
586 | uschar *dmarc_ar_spf = US""; | |
587 | int sr = 0; | |
588 | sr = spf_response->result; | |
589 | dmarc_ar_spf = (sr == SPF_RESULT_NEUTRAL) ? US"neutral" : | |
590 | (sr == SPF_RESULT_PASS) ? US"pass" : | |
591 | (sr == SPF_RESULT_FAIL) ? US"fail" : | |
592 | (sr == SPF_RESULT_SOFTFAIL) ? US"softfail" : | |
593 | US"none"; | |
594 | hdr_tmp = string_sprintf("%s spf=%s (%s) smtp.mail=%s;", | |
595 | hdr_tmp, dmarc_ar_spf_result, | |
596 | spf_response->header_comment, | |
597 | expand_string(US"$sender_address") ); | |
598 | } | |
4840604e TL |
599 | #endif |
600 | hdr_tmp = string_sprintf("%s dmarc=%s", | |
601 | hdr_tmp, dmarc_pass_fail); | |
602 | if (header_from_sender) | |
603 | hdr_tmp = string_sprintf("%s header.from=%s", | |
604 | hdr_tmp, header_from_sender); | |
605 | return hdr_tmp; | |
606 | } | |
607 | ||
4a8ce2d8 TL |
608 | #endif /* EXPERIMENTAL_SPF */ |
609 | #endif /* EXPERIMENTAL_DMARC */ | |
4840604e TL |
610 | |
611 | // vim:sw=2 expandtab |