Commit | Line | Data |
---|---|---|
4840604e TL |
1 | /************************************************* |
2 | * Exim - an Internet mail transport agent * | |
3 | *************************************************/ | |
4 | /* Experimental DMARC support. | |
5 | Copyright (c) Todd Lyons <tlyons@exim.org> 2012, 2013 | |
6 | License: GPL */ | |
7 | ||
8 | /* Portions Copyright (c) 2012, 2013, The Trusted Domain Project; | |
9 | All rights reserved, licensed for use per LICENSE.opendmarc. */ | |
10 | ||
11 | /* Code for calling dmarc checks via libopendmarc. Called from acl.c. */ | |
12 | ||
13 | #include "exim.h" | |
14 | #ifdef EXPERIMENTAL_DMARC | |
4a8ce2d8 TL |
15 | #if !defined EXPERIMENTAL_SPF |
16 | #error SPF must also be enabled for DMARC | |
17 | #elif defined DISABLE_DKIM | |
18 | #error DKIM must also be enabled for DMARC | |
19 | #else | |
4840604e TL |
20 | |
21 | #include "functions.h" | |
22 | #include "dmarc.h" | |
23 | #include "pdkim/pdkim.h" | |
24 | ||
25 | OPENDMARC_LIB_T dmarc_ctx; | |
26 | DMARC_POLICY_T *dmarc_pctx = NULL; | |
27 | OPENDMARC_STATUS_T libdm_status, action, dmarc_policy; | |
28 | OPENDMARC_STATUS_T da, sa, action; | |
29 | BOOL dmarc_abort = FALSE; | |
30 | uschar *dmarc_pass_fail = US"skipped"; | |
31 | extern pdkim_signature *dkim_signatures; | |
32 | header_line *from_header = NULL; | |
4840604e | 33 | extern SPF_response_t *spf_response; |
620df281 | 34 | int dmarc_spf_ares_result = 0; |
4840604e TL |
35 | uschar *spf_sender_domain = NULL; |
36 | uschar *spf_human_readable = NULL; | |
4840604e TL |
37 | u_char *header_from_sender = NULL; |
38 | int history_file_status = DMARC_HIST_OK; | |
4840604e TL |
39 | uschar *dkim_history_buffer= NULL; |
40 | ||
41 | /* Accept an error_block struct, initialize if empty, parse to the | |
42 | * end, and append the two strings passed to it. Used for adding | |
43 | * variable amounts of value:pair data to the forensic emails. */ | |
44 | ||
45 | static error_block * | |
46 | add_to_eblock(error_block *eblock, uschar *t1, uschar *t2) | |
47 | { | |
48 | error_block *eb = malloc(sizeof(error_block)); | |
49 | if (eblock == NULL) | |
50 | eblock = eb; | |
51 | else | |
52 | { | |
53 | /* Find the end of the eblock struct and point it at eb */ | |
54 | error_block *tmp = eblock; | |
55 | while(tmp->next != NULL) | |
56 | tmp = tmp->next; | |
57 | tmp->next = eb; | |
58 | } | |
59 | eb->text1 = t1; | |
60 | eb->text2 = t2; | |
61 | eb->next = NULL; | |
62 | return eblock; | |
63 | } | |
64 | ||
65 | /* dmarc_init sets up a context that can be re-used for several | |
66 | messages on the same SMTP connection (that come from the | |
67 | same host with the same HELO string) */ | |
68 | ||
4a8ce2d8 TL |
69 | int dmarc_init() |
70 | { | |
4840604e TL |
71 | int *netmask = NULL; /* Ignored */ |
72 | int is_ipv6 = 0; | |
73 | char *tld_file = (dmarc_tld_file == NULL) ? | |
74 | "/etc/exim/opendmarc.tlds" : | |
75 | (char *)dmarc_tld_file; | |
76 | ||
77 | /* Set some sane defaults. Also clears previous results when | |
78 | * multiple messages in one connection. */ | |
79 | dmarc_pctx = NULL; | |
80 | dmarc_status = US"none"; | |
81 | dmarc_abort = FALSE; | |
82 | dmarc_pass_fail = US"skipped"; | |
83 | dmarc_used_domain = US""; | |
a8c34306 TL |
84 | dmarc_ar_header = NULL; |
85 | dmarc_has_been_checked = FALSE; | |
4840604e | 86 | header_from_sender = NULL; |
4840604e TL |
87 | spf_sender_domain = NULL; |
88 | spf_human_readable = NULL; | |
4840604e TL |
89 | |
90 | /* ACLs have "control=dmarc_disable_verify" */ | |
91 | if (dmarc_disable_verify == TRUE) | |
92 | return OK; | |
93 | ||
94 | (void) memset(&dmarc_ctx, '\0', sizeof dmarc_ctx); | |
95 | dmarc_ctx.nscount = 0; | |
96 | libdm_status = opendmarc_policy_library_init(&dmarc_ctx); | |
97 | if (libdm_status != DMARC_PARSE_OKAY) | |
98 | { | |
99 | log_write(0, LOG_MAIN|LOG_PANIC, "DMARC failure to init library: %s", | |
100 | opendmarc_policy_status_to_str(libdm_status)); | |
101 | dmarc_abort = TRUE; | |
102 | } | |
ac7a78c5 TL |
103 | if (dmarc_tld_file == NULL) |
104 | dmarc_abort = TRUE; | |
105 | else if (opendmarc_tld_read_file(tld_file, NULL, NULL, NULL)) | |
4840604e TL |
106 | { |
107 | log_write(0, LOG_MAIN|LOG_PANIC, "DMARC failure to load tld list %s: %d", | |
108 | tld_file, errno); | |
109 | dmarc_abort = TRUE; | |
110 | } | |
111 | if (sender_host_address == NULL) | |
112 | dmarc_abort = TRUE; | |
113 | /* This catches locally originated email and startup errors above. */ | |
114 | if ( dmarc_abort == FALSE ) | |
115 | { | |
116 | is_ipv6 = string_is_ip_address(sender_host_address, netmask); | |
117 | is_ipv6 = (is_ipv6 == 6) ? TRUE : | |
118 | (is_ipv6 == 4) ? FALSE : FALSE; | |
119 | dmarc_pctx = opendmarc_policy_connect_init(sender_host_address, is_ipv6); | |
120 | if (dmarc_pctx == NULL ) | |
121 | { | |
122 | log_write(0, LOG_MAIN|LOG_PANIC, "DMARC failure creating policy context: ip=%s", | |
123 | sender_host_address); | |
124 | dmarc_abort = TRUE; | |
125 | } | |
126 | } | |
127 | ||
128 | return OK; | |
129 | } | |
130 | ||
131 | ||
132 | /* dmarc_store_data stores the header data so that subsequent | |
133 | * dmarc_process can access the data */ | |
134 | ||
135 | int dmarc_store_data(header_line *hdr) { | |
136 | /* No debug output because would change every test debug output */ | |
137 | if (dmarc_disable_verify != TRUE) | |
138 | from_header = hdr; | |
139 | return OK; | |
140 | } | |
141 | ||
142 | ||
143 | /* dmarc_process adds the envelope sender address to the existing | |
144 | context (if any), retrieves the result, sets up expansion | |
145 | strings and evaluates the condition outcome. */ | |
146 | ||
147 | int dmarc_process() { | |
620df281 TL |
148 | int sr, origin; /* used in SPF section */ |
149 | int dmarc_spf_result = 0; /* stores spf into dmarc conn ctx */ | |
4840604e TL |
150 | pdkim_signature *sig = NULL; |
151 | BOOL has_dmarc_record = TRUE; | |
152 | u_char **ruf; /* forensic report addressees, if called for */ | |
153 | ||
154 | /* ACLs have "control=dmarc_disable_verify" */ | |
155 | if (dmarc_disable_verify == TRUE) | |
156 | { | |
157 | dmarc_ar_header = dmarc_auth_results_header(from_header, NULL); | |
158 | return OK; | |
159 | } | |
160 | ||
161 | /* Store the header From: sender domain for this part of DMARC. | |
162 | * If there is no from_header struct, then it's likely this message | |
163 | * is locally generated and relying on fixups to add it. Just skip | |
164 | * the entire DMARC system if we can't find a From: header....or if | |
165 | * there was a previous error. | |
166 | */ | |
167 | if (from_header == NULL || dmarc_abort == TRUE) | |
168 | dmarc_abort = TRUE; | |
169 | else | |
170 | { | |
171 | /* I strongly encourage anybody who can make this better to contact me directly! | |
172 | * <cannonball> Is this an insane way to extract the email address from the From: header? | |
173 | * <jgh_hm> it's sure a horrid layer-crossing.... | |
174 | * <cannonball> I'm not denying that :-/ | |
175 | * <jgh_hm> there may well be no better though | |
176 | */ | |
177 | header_from_sender = expand_string( | |
5a1b8443 WB |
178 | string_sprintf("${domain:${extract{1}{:}{${addresses:\\N%s\\N}}}}", |
179 | from_header->text) ); | |
4840604e TL |
180 | /* The opendmarc library extracts the domain from the email address, but |
181 | * only try to store it if it's not empty. Otherwise, skip out of DMARC. */ | |
5a1b8443 | 182 | if ((header_from_sender == NULL) || (strcmp( CCS header_from_sender, "") == 0)) |
4840604e TL |
183 | dmarc_abort = TRUE; |
184 | libdm_status = (dmarc_abort == TRUE) ? | |
5a1b8443 WB |
185 | DMARC_PARSE_OKAY : |
186 | opendmarc_policy_store_from_domain(dmarc_pctx, header_from_sender); | |
4840604e TL |
187 | if (libdm_status != DMARC_PARSE_OKAY) |
188 | { | |
5a1b8443 WB |
189 | log_write(0, LOG_MAIN|LOG_PANIC, |
190 | "failure to store header From: in DMARC: %s, header was '%s'", | |
191 | opendmarc_policy_status_to_str(libdm_status), from_header->text); | |
4840604e TL |
192 | dmarc_abort = TRUE; |
193 | } | |
194 | } | |
195 | ||
196 | /* Skip DMARC if connection is SMTP Auth. Temporarily, admin should | |
197 | * instead do this in the ACLs. */ | |
198 | if (dmarc_abort == FALSE && sender_host_authenticated == NULL) | |
199 | { | |
4840604e TL |
200 | /* Use the envelope sender domain for this part of DMARC */ |
201 | spf_sender_domain = expand_string(US"$sender_address_domain"); | |
202 | if ( spf_response == NULL ) | |
203 | { | |
204 | /* No spf data means null envelope sender so generate a domain name | |
620df281 | 205 | * from the sender_helo_name */ |
4840604e TL |
206 | if (spf_sender_domain == NULL) |
207 | { | |
620df281 | 208 | spf_sender_domain = sender_helo_name; |
4840604e TL |
209 | log_write(0, LOG_MAIN, "DMARC using synthesized SPF sender domain = %s\n", |
210 | spf_sender_domain); | |
211 | DEBUG(D_receive) | |
212 | debug_printf("DMARC using synthesized SPF sender domain = %s\n", spf_sender_domain); | |
213 | } | |
214 | dmarc_spf_result = DMARC_POLICY_SPF_OUTCOME_NONE; | |
620df281 | 215 | dmarc_spf_ares_result = ARES_RESULT_UNKNOWN; |
4840604e TL |
216 | origin = DMARC_POLICY_SPF_ORIGIN_HELO; |
217 | spf_human_readable = US""; | |
218 | } | |
219 | else | |
220 | { | |
221 | sr = spf_response->result; | |
222 | dmarc_spf_result = (sr == SPF_RESULT_NEUTRAL) ? DMARC_POLICY_SPF_OUTCOME_NONE : | |
223 | (sr == SPF_RESULT_PASS) ? DMARC_POLICY_SPF_OUTCOME_PASS : | |
224 | (sr == SPF_RESULT_FAIL) ? DMARC_POLICY_SPF_OUTCOME_FAIL : | |
225 | (sr == SPF_RESULT_SOFTFAIL) ? DMARC_POLICY_SPF_OUTCOME_TMPFAIL : | |
226 | DMARC_POLICY_SPF_OUTCOME_NONE; | |
620df281 TL |
227 | dmarc_spf_ares_result = (sr == SPF_RESULT_NEUTRAL) ? ARES_RESULT_NEUTRAL : |
228 | (sr == SPF_RESULT_PASS) ? ARES_RESULT_PASS : | |
229 | (sr == SPF_RESULT_FAIL) ? ARES_RESULT_FAIL : | |
230 | (sr == SPF_RESULT_SOFTFAIL) ? ARES_RESULT_SOFTFAIL : | |
231 | (sr == SPF_RESULT_NONE) ? ARES_RESULT_NONE : | |
232 | (sr == SPF_RESULT_TEMPERROR) ? ARES_RESULT_TEMPERROR : | |
233 | (sr == SPF_RESULT_PERMERROR) ? ARES_RESULT_PERMERROR : | |
234 | ARES_RESULT_UNKNOWN; | |
4840604e TL |
235 | origin = DMARC_POLICY_SPF_ORIGIN_MAILFROM; |
236 | spf_human_readable = (uschar *)spf_response->header_comment; | |
237 | DEBUG(D_receive) | |
238 | debug_printf("DMARC using SPF sender domain = %s\n", spf_sender_domain); | |
239 | } | |
240 | if (strcmp( CCS spf_sender_domain, "") == 0) | |
241 | dmarc_abort = TRUE; | |
242 | if (dmarc_abort == FALSE) | |
243 | { | |
244 | libdm_status = opendmarc_policy_store_spf(dmarc_pctx, spf_sender_domain, | |
245 | dmarc_spf_result, origin, spf_human_readable); | |
246 | if (libdm_status != DMARC_PARSE_OKAY) | |
247 | log_write(0, LOG_MAIN|LOG_PANIC, "failure to store spf for DMARC: %s", | |
248 | opendmarc_policy_status_to_str(libdm_status)); | |
249 | } | |
4840604e TL |
250 | |
251 | /* Now we cycle through the dkim signature results and put into | |
252 | * the opendmarc context, further building the DMARC reply. */ | |
253 | sig = dkim_signatures; | |
254 | dkim_history_buffer = US""; | |
255 | while (sig != NULL) | |
256 | { | |
620df281 TL |
257 | int dkim_result, dkim_ares_result, vs, ves; |
258 | vs = sig->verify_status; | |
259 | ves = sig->verify_ext_status; | |
4840604e | 260 | dkim_result = ( vs == PDKIM_VERIFY_PASS ) ? DMARC_POLICY_DKIM_OUTCOME_PASS : |
620df281 TL |
261 | ( vs == PDKIM_VERIFY_FAIL ) ? DMARC_POLICY_DKIM_OUTCOME_FAIL : |
262 | ( vs == PDKIM_VERIFY_INVALID ) ? DMARC_POLICY_DKIM_OUTCOME_TMPFAIL : | |
4840604e TL |
263 | DMARC_POLICY_DKIM_OUTCOME_NONE; |
264 | libdm_status = opendmarc_policy_store_dkim(dmarc_pctx, (uschar *)sig->domain, | |
5a1b8443 | 265 | dkim_result, US""); |
4840604e TL |
266 | DEBUG(D_receive) |
267 | debug_printf("DMARC adding DKIM sender domain = %s\n", sig->domain); | |
268 | if (libdm_status != DMARC_PARSE_OKAY) | |
269 | log_write(0, LOG_MAIN|LOG_PANIC, "failure to store dkim (%s) for DMARC: %s", | |
5a1b8443 | 270 | sig->domain, opendmarc_policy_status_to_str(libdm_status)); |
4840604e | 271 | |
620df281 | 272 | dkim_ares_result = ( vs == PDKIM_VERIFY_PASS ) ? ARES_RESULT_PASS : |
5a1b8443 WB |
273 | ( vs == PDKIM_VERIFY_FAIL ) ? ARES_RESULT_FAIL : |
274 | ( vs == PDKIM_VERIFY_NONE ) ? ARES_RESULT_NONE : | |
275 | ( vs == PDKIM_VERIFY_INVALID ) ? | |
620df281 TL |
276 | ( ves == PDKIM_VERIFY_INVALID_PUBKEY_UNAVAILABLE ? ARES_RESULT_PERMERROR : |
277 | ves == PDKIM_VERIFY_INVALID_BUFFER_SIZE ? ARES_RESULT_PERMERROR : | |
278 | ves == PDKIM_VERIFY_INVALID_PUBKEY_PARSING ? ARES_RESULT_PERMERROR : | |
279 | ARES_RESULT_UNKNOWN ) : | |
280 | ARES_RESULT_UNKNOWN; | |
4840604e | 281 | dkim_history_buffer = string_sprintf("%sdkim %s %d\n", dkim_history_buffer, |
5a1b8443 | 282 | sig->domain, dkim_ares_result); |
4840604e TL |
283 | sig = sig->next; |
284 | } | |
285 | libdm_status = opendmarc_policy_query_dmarc(dmarc_pctx, US""); | |
286 | switch (libdm_status) | |
287 | { | |
288 | case DMARC_DNS_ERROR_NXDOMAIN: | |
289 | case DMARC_DNS_ERROR_NO_RECORD: | |
290 | DEBUG(D_receive) | |
291 | debug_printf("DMARC no record found for %s\n", header_from_sender); | |
292 | has_dmarc_record = FALSE; | |
293 | break; | |
294 | case DMARC_PARSE_OKAY: | |
295 | DEBUG(D_receive) | |
296 | debug_printf("DMARC record found for %s\n", header_from_sender); | |
297 | break; | |
298 | case DMARC_PARSE_ERROR_BAD_VALUE: | |
299 | DEBUG(D_receive) | |
300 | debug_printf("DMARC record parse error for %s\n", header_from_sender); | |
301 | has_dmarc_record = FALSE; | |
302 | break; | |
303 | default: | |
304 | /* everything else, skip dmarc */ | |
305 | DEBUG(D_receive) | |
306 | debug_printf("DMARC skipping (%d), unsure what to do with %s", | |
307 | libdm_status, from_header->text); | |
308 | has_dmarc_record = FALSE; | |
309 | break; | |
310 | } | |
311 | /* Can't use exim's string manipulation functions so allocate memory | |
312 | * for libopendmarc using its max hostname length definition. */ | |
313 | uschar *dmarc_domain = (uschar *)calloc(DMARC_MAXHOSTNAMELEN, sizeof(uschar)); | |
314 | libdm_status = opendmarc_policy_fetch_utilized_domain(dmarc_pctx, dmarc_domain, | |
5a1b8443 | 315 | DMARC_MAXHOSTNAMELEN-1); |
4840604e TL |
316 | dmarc_used_domain = string_copy(dmarc_domain); |
317 | free(dmarc_domain); | |
318 | if (libdm_status != DMARC_PARSE_OKAY) | |
319 | { | |
320 | log_write(0, LOG_MAIN|LOG_PANIC, "failure to read domainname used for DMARC lookup: %s", | |
321 | opendmarc_policy_status_to_str(libdm_status)); | |
322 | } | |
323 | libdm_status = opendmarc_get_policy_to_enforce(dmarc_pctx); | |
324 | dmarc_policy = libdm_status; | |
325 | switch(libdm_status) | |
326 | { | |
327 | case DMARC_POLICY_ABSENT: /* No DMARC record found */ | |
328 | dmarc_status = US"norecord"; | |
645800e0 | 329 | dmarc_pass_fail = US"none"; |
4840604e TL |
330 | dmarc_status_text = US"No DMARC record"; |
331 | action = DMARC_RESULT_ACCEPT; | |
332 | break; | |
333 | case DMARC_FROM_DOMAIN_ABSENT: /* No From: domain */ | |
334 | dmarc_status = US"nofrom"; | |
335 | dmarc_pass_fail = US"temperror"; | |
336 | dmarc_status_text = US"No From: domain found"; | |
337 | action = DMARC_RESULT_ACCEPT; | |
338 | break; | |
339 | case DMARC_POLICY_NONE: /* Accept and report */ | |
340 | dmarc_status = US"none"; | |
341 | dmarc_pass_fail = US"none"; | |
342 | dmarc_status_text = US"None, Accept"; | |
343 | action = DMARC_RESULT_ACCEPT; | |
344 | break; | |
345 | case DMARC_POLICY_PASS: /* Explicit accept */ | |
346 | dmarc_status = US"accept"; | |
347 | dmarc_pass_fail = US"pass"; | |
348 | dmarc_status_text = US"Accept"; | |
349 | action = DMARC_RESULT_ACCEPT; | |
350 | break; | |
351 | case DMARC_POLICY_REJECT: /* Explicit reject */ | |
352 | dmarc_status = US"reject"; | |
353 | dmarc_pass_fail = US"fail"; | |
354 | dmarc_status_text = US"Reject"; | |
355 | action = DMARC_RESULT_REJECT; | |
356 | break; | |
357 | case DMARC_POLICY_QUARANTINE: /* Explicit quarantine */ | |
358 | dmarc_status = US"quarantine"; | |
359 | dmarc_pass_fail = US"fail"; | |
360 | dmarc_status_text = US"Quarantine"; | |
361 | action = DMARC_RESULT_QUARANTINE; | |
362 | break; | |
363 | default: | |
364 | dmarc_status = US"temperror"; | |
365 | dmarc_pass_fail = US"temperror"; | |
366 | dmarc_status_text = US"Internal Policy Error"; | |
367 | action = DMARC_RESULT_TEMPFAIL; | |
368 | break; | |
369 | } | |
370 | ||
371 | libdm_status = opendmarc_policy_fetch_alignment(dmarc_pctx, &da, &sa); | |
372 | if (libdm_status != DMARC_PARSE_OKAY) | |
373 | { | |
374 | log_write(0, LOG_MAIN|LOG_PANIC, "failure to read DMARC alignment: %s", | |
375 | opendmarc_policy_status_to_str(libdm_status)); | |
376 | } | |
377 | ||
378 | if (has_dmarc_record == TRUE) | |
379 | { | |
380 | log_write(0, LOG_MAIN, "DMARC results: spf_domain=%s dmarc_domain=%s " | |
381 | "spf_align=%s dkim_align=%s enforcement='%s'", | |
382 | spf_sender_domain, dmarc_used_domain, | |
383 | (sa==DMARC_POLICY_SPF_ALIGNMENT_PASS) ?"yes":"no", | |
384 | (da==DMARC_POLICY_DKIM_ALIGNMENT_PASS)?"yes":"no", | |
385 | dmarc_status_text); | |
386 | history_file_status = dmarc_write_history_file(); | |
387 | /* Now get the forensic reporting addresses, if any */ | |
388 | ruf = opendmarc_policy_fetch_ruf(dmarc_pctx, NULL, 0, 1); | |
389 | dmarc_send_forensic_report(ruf); | |
390 | } | |
391 | } | |
392 | ||
393 | /* set some global variables here */ | |
394 | dmarc_ar_header = dmarc_auth_results_header(from_header, NULL); | |
395 | ||
396 | /* shut down libopendmarc */ | |
397 | if ( dmarc_pctx != NULL ) | |
398 | (void) opendmarc_policy_connect_shutdown(dmarc_pctx); | |
399 | if ( dmarc_disable_verify == FALSE ) | |
400 | (void) opendmarc_policy_library_shutdown(&dmarc_ctx); | |
401 | ||
402 | return OK; | |
403 | } | |
404 | ||
405 | int dmarc_write_history_file() | |
406 | { | |
abcc8901 | 407 | int history_file_fd; |
4840604e TL |
408 | ssize_t written_len; |
409 | int tmp_ans; | |
410 | u_char **rua; /* aggregate report addressees */ | |
4a8ce2d8 | 411 | uschar *history_buffer = NULL; |
4840604e TL |
412 | |
413 | if (dmarc_history_file == NULL) | |
414 | return DMARC_HIST_DISABLED; | |
415 | history_file_fd = log_create(dmarc_history_file); | |
416 | ||
417 | if (history_file_fd < 0) | |
418 | { | |
419 | log_write(0, LOG_MAIN|LOG_PANIC, "failure to create DMARC history file: %s", | |
420 | dmarc_history_file); | |
421 | return DMARC_HIST_FILE_ERR; | |
422 | } | |
423 | ||
424 | /* Generate the contents of the history file */ | |
425 | history_buffer = string_sprintf("job %s\n", message_id); | |
426 | history_buffer = string_sprintf("%sreporter %s\n", history_buffer, primary_hostname); | |
427 | history_buffer = string_sprintf("%sreceived %ld\n", history_buffer, time(NULL)); | |
428 | history_buffer = string_sprintf("%sipaddr %s\n", history_buffer, sender_host_address); | |
429 | history_buffer = string_sprintf("%sfrom %s\n", history_buffer, header_from_sender); | |
430 | history_buffer = string_sprintf("%smfrom %s\n", history_buffer, | |
431 | expand_string(US"$sender_address_domain")); | |
432 | ||
4840604e | 433 | if (spf_response != NULL) |
620df281 | 434 | history_buffer = string_sprintf("%sspf %d\n", history_buffer, dmarc_spf_ares_result); |
4a8ce2d8 | 435 | // history_buffer = string_sprintf("%sspf -1\n", history_buffer); |
4840604e TL |
436 | |
437 | history_buffer = string_sprintf("%s%s", history_buffer, dkim_history_buffer); | |
438 | history_buffer = string_sprintf("%spdomain %s\n", history_buffer, dmarc_used_domain); | |
439 | history_buffer = string_sprintf("%spolicy %d\n", history_buffer, dmarc_policy); | |
440 | ||
441 | rua = opendmarc_policy_fetch_rua(dmarc_pctx, NULL, 0, 1); | |
442 | if (rua != NULL) | |
443 | { | |
444 | for (tmp_ans = 0; rua[tmp_ans] != NULL; tmp_ans++) | |
445 | { | |
446 | history_buffer = string_sprintf("%srua %s\n", history_buffer, rua[tmp_ans]); | |
447 | } | |
448 | } | |
449 | else | |
450 | history_buffer = string_sprintf("%srua -\n", history_buffer); | |
451 | ||
452 | opendmarc_policy_fetch_pct(dmarc_pctx, &tmp_ans); | |
453 | history_buffer = string_sprintf("%spct %d\n", history_buffer, tmp_ans); | |
454 | ||
455 | opendmarc_policy_fetch_adkim(dmarc_pctx, &tmp_ans); | |
456 | history_buffer = string_sprintf("%sadkim %d\n", history_buffer, tmp_ans); | |
457 | ||
458 | opendmarc_policy_fetch_aspf(dmarc_pctx, &tmp_ans); | |
459 | history_buffer = string_sprintf("%saspf %d\n", history_buffer, tmp_ans); | |
460 | ||
461 | opendmarc_policy_fetch_p(dmarc_pctx, &tmp_ans); | |
462 | history_buffer = string_sprintf("%sp %d\n", history_buffer, tmp_ans); | |
463 | ||
464 | opendmarc_policy_fetch_sp(dmarc_pctx, &tmp_ans); | |
465 | history_buffer = string_sprintf("%ssp %d\n", history_buffer, tmp_ans); | |
466 | ||
467 | history_buffer = string_sprintf("%salign_dkim %d\n", history_buffer, da); | |
468 | history_buffer = string_sprintf("%salign_spf %d\n", history_buffer, sa); | |
469 | history_buffer = string_sprintf("%saction %d\n", history_buffer, action); | |
470 | ||
471 | /* Write the contents to the history file */ | |
472 | DEBUG(D_receive) | |
473 | debug_printf("DMARC logging history data for opendmarc reporting%s\n", | |
474 | (host_checking || running_in_test_harness) ? " (not really)" : ""); | |
475 | if (host_checking || running_in_test_harness) | |
476 | { | |
477 | DEBUG(D_receive) | |
478 | debug_printf("DMARC history data for debugging:\n%s", history_buffer); | |
479 | } | |
480 | else | |
481 | { | |
482 | written_len = write_to_fd_buf(history_file_fd, | |
483 | history_buffer, | |
484 | Ustrlen(history_buffer)); | |
485 | if (written_len == 0) | |
486 | { | |
487 | log_write(0, LOG_MAIN|LOG_PANIC, "failure to write to DMARC history file: %s", | |
488 | dmarc_history_file); | |
489 | return DMARC_HIST_WRITE_ERR; | |
490 | } | |
491 | (void)close(history_file_fd); | |
492 | } | |
493 | return DMARC_HIST_OK; | |
494 | } | |
495 | ||
496 | void dmarc_send_forensic_report(u_char **ruf) | |
497 | { | |
498 | int c; | |
499 | uschar *recipient, *save_sender; | |
500 | BOOL send_status = FALSE; | |
501 | error_block *eblock = NULL; | |
502 | FILE *message_file = NULL; | |
503 | ||
504 | /* Earlier ACL does not have *required* control=dmarc_enable_forensic */ | |
505 | if (dmarc_enable_forensic == FALSE) | |
506 | return; | |
507 | ||
508 | if ((dmarc_policy == DMARC_POLICY_REJECT && action == DMARC_RESULT_REJECT) || | |
509 | (dmarc_policy == DMARC_POLICY_QUARANTINE && action == DMARC_RESULT_QUARANTINE) ) | |
510 | { | |
511 | if (ruf != NULL) | |
512 | { | |
513 | eblock = add_to_eblock(eblock, US"Sender Domain", dmarc_used_domain); | |
514 | eblock = add_to_eblock(eblock, US"Sender IP Address", sender_host_address); | |
515 | eblock = add_to_eblock(eblock, US"Received Date", tod_stamp(tod_full)); | |
516 | eblock = add_to_eblock(eblock, US"SPF Alignment", | |
517 | (sa==DMARC_POLICY_SPF_ALIGNMENT_PASS) ?US"yes":US"no"); | |
518 | eblock = add_to_eblock(eblock, US"DKIM Alignment", | |
519 | (da==DMARC_POLICY_DKIM_ALIGNMENT_PASS)?US"yes":US"no"); | |
520 | eblock = add_to_eblock(eblock, US"DMARC Results", dmarc_status_text); | |
521 | /* Set a sane default envelope sender */ | |
522 | dsn_from = dmarc_forensic_sender ? dmarc_forensic_sender : | |
523 | dsn_from ? dsn_from : | |
524 | string_sprintf("do-not-reply@%s",primary_hostname); | |
525 | for (c = 0; ruf[c] != NULL; c++) | |
526 | { | |
527 | recipient = string_copylc(ruf[c]); | |
528 | if (Ustrncmp(recipient, "mailto:",7)) | |
529 | continue; | |
530 | /* Move to first character past the colon */ | |
531 | recipient += 7; | |
532 | DEBUG(D_receive) | |
533 | debug_printf("DMARC forensic report to %s%s\n", recipient, | |
534 | (host_checking || running_in_test_harness) ? " (not really)" : ""); | |
535 | if (host_checking || running_in_test_harness) | |
536 | continue; | |
537 | save_sender = sender_address; | |
538 | sender_address = recipient; | |
539 | send_status = moan_to_sender(ERRMESS_DMARC_FORENSIC, eblock, | |
540 | header_list, message_file, FALSE); | |
541 | sender_address = save_sender; | |
542 | if (send_status == FALSE) | |
543 | log_write(0, LOG_MAIN|LOG_PANIC, "failure to send DMARC forensic report to %s", | |
544 | recipient); | |
545 | } | |
546 | } | |
547 | } | |
548 | } | |
549 | ||
550 | uschar *dmarc_exim_expand_query(int what) | |
551 | { | |
552 | if (dmarc_disable_verify || !dmarc_pctx) | |
553 | return dmarc_exim_expand_defaults(what); | |
554 | ||
555 | switch(what) { | |
556 | case DMARC_VERIFY_STATUS: | |
557 | return(dmarc_status); | |
558 | default: | |
559 | return US""; | |
560 | } | |
561 | } | |
562 | ||
563 | uschar *dmarc_exim_expand_defaults(int what) | |
564 | { | |
565 | switch(what) { | |
566 | case DMARC_VERIFY_STATUS: | |
567 | return (dmarc_disable_verify) ? | |
568 | US"off" : | |
569 | US"none"; | |
570 | default: | |
571 | return US""; | |
572 | } | |
573 | } | |
574 | ||
575 | uschar *dmarc_auth_results_header(header_line *from_header, uschar *hostname) | |
576 | { | |
577 | uschar *hdr_tmp = US""; | |
578 | ||
579 | /* Allow a server hostname to be passed to this function, but is | |
580 | * currently unused */ | |
581 | if (hostname == NULL) | |
582 | hostname = primary_hostname; | |
583 | hdr_tmp = string_sprintf("%s %s;", DMARC_AR_HEADER, hostname); | |
584 | ||
585 | #if 0 | |
586 | /* I don't think this belongs here, but left it here commented out | |
587 | * because it was a lot of work to get working right. */ | |
4840604e TL |
588 | if (spf_response != NULL) { |
589 | uschar *dmarc_ar_spf = US""; | |
590 | int sr = 0; | |
591 | sr = spf_response->result; | |
592 | dmarc_ar_spf = (sr == SPF_RESULT_NEUTRAL) ? US"neutral" : | |
593 | (sr == SPF_RESULT_PASS) ? US"pass" : | |
594 | (sr == SPF_RESULT_FAIL) ? US"fail" : | |
595 | (sr == SPF_RESULT_SOFTFAIL) ? US"softfail" : | |
596 | US"none"; | |
597 | hdr_tmp = string_sprintf("%s spf=%s (%s) smtp.mail=%s;", | |
598 | hdr_tmp, dmarc_ar_spf_result, | |
599 | spf_response->header_comment, | |
600 | expand_string(US"$sender_address") ); | |
601 | } | |
4840604e TL |
602 | #endif |
603 | hdr_tmp = string_sprintf("%s dmarc=%s", | |
604 | hdr_tmp, dmarc_pass_fail); | |
605 | if (header_from_sender) | |
606 | hdr_tmp = string_sprintf("%s header.from=%s", | |
607 | hdr_tmp, header_from_sender); | |
608 | return hdr_tmp; | |
609 | } | |
610 | ||
4a8ce2d8 TL |
611 | #endif /* EXPERIMENTAL_SPF */ |
612 | #endif /* EXPERIMENTAL_DMARC */ | |
4840604e TL |
613 | |
614 | // vim:sw=2 expandtab |