DMARC: default dmarc_tld_file to unset. Bug 2494

diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt
index 8be9b7121424e62d151ac73780f8bc8ecf26aac8..a92ac9151d23cbd822efc895e5ca7d713177e6a7 100644 (file)
--- a/doc/doc-docbook/spec.xfpt
+++ b/doc/doc-docbook/spec.xfpt
@@ -40533,7 +40533,10 @@ the most current version can be downloaded
 from a link at &url(https://publicsuffix.org/list/, currently pointing
 at https://publicsuffix.org/list/public_suffix_list.dat)
 See also util/renew-opendmarc-tlds.sh script.
 from a link at &url(https://publicsuffix.org/list/, currently pointing
 at https://publicsuffix.org/list/public_suffix_list.dat)
 See also util/renew-opendmarc-tlds.sh script.

-The default for the option is /etc/exim/opendmarc.tlds.
+.new
+The default for the option is unset.
+If not set, DMARC processing is disabled.
+.wen

 
 
 The &%dmarc_history_file%& option, if set
 
 
 The &%dmarc_history_file%& option, if set

diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index f9a939d723cb2d56759149a37308a32356a682b3..032bfc91724a9a7a5f693ea466142da6769da0ac 100644 (file)
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -39,6 +39,12 @@ JH/10 Bug 2492: Use tainted memory for retry record when needed.  Previously whe
       a new record was being constructed with information from the peer, a trap
       was taken.
 
       a new record was being constructed with information from the peer, a trap
       was taken.
 

+JH/11 Bug 2494: Unset the default for dmarc_tld_file.  Previously a naiive
+      installation would get error messages from DMARC verify, when it hit the
+      nonexistent file indicated by the default.  Distros wanting DMARC enabled
+      should both provide the file and set the option.
+      Also enforce no DMARC verification for command-line sourced messages.
+

 
 Exim version 4.93
 -----------------
 
 Exim version 4.93
 -----------------

diff --git a/src/src/globals.c b/src/src/globals.c
index de1149b6cd4e61fe41638e2d9ac8e20da80b8e0b..ff50cce313cf95cbe012a6ed8d41094d7a63ecab 100644 (file)
--- a/src/src/globals.c
+++ b/src/src/globals.c
@@ -845,7 +845,7 @@ uschar *dmarc_forensic_sender   = NULL;
 uschar *dmarc_history_file      = NULL;
 uschar *dmarc_status            = NULL;
 uschar *dmarc_status_text       = NULL;
 uschar *dmarc_history_file      = NULL;
 uschar *dmarc_status            = NULL;
 uschar *dmarc_status_text       = NULL;

-uschar *dmarc_tld_file          = US DMARC_TLD_FILE;
+uschar *dmarc_tld_file          = NULL;

 uschar *dmarc_used_domain       = NULL;
 #endif
 
 uschar *dmarc_used_domain       = NULL;
 #endif
 

diff --git a/src/src/receive.c b/src/src/receive.c
index 83613092fea8b2d7eb32e1eae335584206d70142..f30ffd92d68fc613823671e07b54987794fb095c 100644 (file)
--- a/src/src/receive.c
+++ b/src/src/receive.c
@@ -1703,10 +1703,6 @@ header_line *msgid_header = NULL;
 header_line *received_header;
 BOOL msgid_header_newly_created = FALSE;
 
 header_line *received_header;
 BOOL msgid_header_newly_created = FALSE;
 

-#ifdef SUPPORT_DMARC
-int dmarc_up = 0;
-#endif
-

 /* Variables for use when building the Received: header. */
 
 uschar *timestamp;
 /* Variables for use when building the Received: header. */
 
 uschar *timestamp;


@@ -1768,7 +1764,7 @@ if (smtp_input && !smtp_batched_input && !f.dkim_disable_verify)
 #endif
 
 #ifdef SUPPORT_DMARC
 #endif
 
 #ifdef SUPPORT_DMARC

-dmarc_up = dmarc_init();       /* initialize libopendmarc */
+if (sender_host_address) dmarc_init(); /* initialize libopendmarc */

 #endif
 
 /* Remember the time of reception. Exim uses time+pid for uniqueness of message
 #endif
 
 /* Remember the time of reception. Exim uses time+pid for uniqueness of message


@@ -3499,7 +3495,7 @@ else
 #endif /* WITH_CONTENT_SCAN */
 
 #ifdef SUPPORT_DMARC
 #endif /* WITH_CONTENT_SCAN */
 
 #ifdef SUPPORT_DMARC

-    dmarc_up = dmarc_store_data(from_header);
+    dmarc_store_data(from_header);

 #endif
 
 #ifndef DISABLE_PRDR
 #endif
 
 #ifndef DISABLE_PRDR