DMARC: default dmarc_tld_file to unset. Bug 2494

(cherry picked from commit 39fdec3c4a4b4c1cc60cd17413b096dd07344734)

diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt
index ea90259f09925372c81be7e60d794c0d399802a3..bf37671376fc476dad45b864d388ac175e9ffa51 100644 (file)
--- a/doc/doc-docbook/spec.xfpt
+++ b/doc/doc-docbook/spec.xfpt
@@ -40626,7 +40626,10 @@ the most current version can be downloaded
 from a link at &url(https://publicsuffix.org/list/, currently pointing
 at https://publicsuffix.org/list/public_suffix_list.dat)
 See also util/renew-opendmarc-tlds.sh script.
 from a link at &url(https://publicsuffix.org/list/, currently pointing
 at https://publicsuffix.org/list/public_suffix_list.dat)
 See also util/renew-opendmarc-tlds.sh script.

-The default for the option is /etc/exim/opendmarc.tlds.
+.new
+The default for the option is unset.
+If not set, DMARC processing is disabled.
+.wen

 
 
 The &%dmarc_history_file%& option, if set
 
 
 The &%dmarc_history_file%& option, if set

diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index b231a3f758d4bb3701edc66107a0deeb3e74dc5b..8e096face68cbfa02436f01d7023d01de9bdbcf3 100644 (file)
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -26,6 +26,12 @@ JH/10 Bug 2492: Use tainted memory for retry record when needed.  Previously whe
       a new record was being constructed with information from the peer, a trap
       was taken.
 
       a new record was being constructed with information from the peer, a trap
       was taken.
 

+JH/11 Bug 2494: Unset the default for dmarc_tld_file.  Previously a naiive
+      installation would get error messages from DMARC verify, when it hit the
+      nonexistent file indicated by the default.  Distros wanting DMARC enabled
+      should both provide the file and set the option.
+      Also enforce no DMARC verification for command-line sourced messages.
+

 
 Exim version 4.93
 -----------------
 
 Exim version 4.93
 -----------------

diff --git a/src/src/globals.c b/src/src/globals.c
index 358c380a8c2f7d47631b976af7fddaa25f9ad235..85a25a7f2c2a79c07d1ff6e89be1a3b5b61e1a23 100644 (file)
--- a/src/src/globals.c
+++ b/src/src/globals.c
@@ -844,7 +844,7 @@ uschar *dmarc_forensic_sender   = NULL;
 uschar *dmarc_history_file      = NULL;
 uschar *dmarc_status            = NULL;
 uschar *dmarc_status_text       = NULL;
 uschar *dmarc_history_file      = NULL;
 uschar *dmarc_status            = NULL;
 uschar *dmarc_status_text       = NULL;

-uschar *dmarc_tld_file          = US DMARC_TLD_FILE;
+uschar *dmarc_tld_file          = NULL;

 uschar *dmarc_used_domain       = NULL;
 #endif
 
 uschar *dmarc_used_domain       = NULL;
 #endif
 

diff --git a/src/src/receive.c b/src/src/receive.c
index 31e3f7cbb78ee043a7bf19c11d52fee76f53a84a..4e85ffacf82ae2be001de40fc7cdd18f14159d08 100644 (file)
--- a/src/src/receive.c
+++ b/src/src/receive.c
@@ -1703,10 +1703,6 @@ header_line *msgid_header = NULL;
 header_line *received_header;
 BOOL msgid_header_newly_created = FALSE;
 
 header_line *received_header;
 BOOL msgid_header_newly_created = FALSE;
 

-#ifdef SUPPORT_DMARC
-int dmarc_up = 0;
-#endif
-

 /* Variables for use when building the Received: header. */
 
 uschar *timestamp;
 /* Variables for use when building the Received: header. */
 
 uschar *timestamp;


@@ -1768,7 +1764,7 @@ if (smtp_input && !smtp_batched_input && !f.dkim_disable_verify)
 #endif
 
 #ifdef SUPPORT_DMARC
 #endif
 
 #ifdef SUPPORT_DMARC

-dmarc_up = dmarc_init();       /* initialize libopendmarc */
+if (sender_host_address) dmarc_init(); /* initialize libopendmarc */

 #endif
 
 /* Remember the time of reception. Exim uses time+pid for uniqueness of message
 #endif
 
 /* Remember the time of reception. Exim uses time+pid for uniqueness of message


@@ -3499,7 +3495,7 @@ else
 #endif /* WITH_CONTENT_SCAN */
 
 #ifdef SUPPORT_DMARC
 #endif /* WITH_CONTENT_SCAN */
 
 #ifdef SUPPORT_DMARC

-    dmarc_up = dmarc_store_data(from_header);
+    dmarc_store_data(from_header);

 #endif
 
 #ifndef DISABLE_PRDR
 #endif
 
 #ifndef DISABLE_PRDR