From 39fdec3c4a4b4c1cc60cd17413b096dd07344734 Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Fri, 13 Dec 2019 14:26:17 +0000 Subject: [PATCH 1/1] DMARC: default dmarc_tld_file to unset. Bug 2494 --- doc/doc-docbook/spec.xfpt | 5 ++++- doc/doc-txt/ChangeLog | 6 ++++++ src/src/globals.c | 2 +- src/src/receive.c | 8 ++------ 4 files changed, 13 insertions(+), 8 deletions(-) diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index 8be9b7121..a92ac9151 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -40533,7 +40533,10 @@ the most current version can be downloaded from a link at &url(https://publicsuffix.org/list/, currently pointing at https://publicsuffix.org/list/public_suffix_list.dat) See also util/renew-opendmarc-tlds.sh script. -The default for the option is /etc/exim/opendmarc.tlds. +.new +The default for the option is unset. +If not set, DMARC processing is disabled. +.wen The &%dmarc_history_file%& option, if set diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index f9a939d72..032bfc917 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -39,6 +39,12 @@ JH/10 Bug 2492: Use tainted memory for retry record when needed. Previously whe a new record was being constructed with information from the peer, a trap was taken. +JH/11 Bug 2494: Unset the default for dmarc_tld_file. Previously a naiive + installation would get error messages from DMARC verify, when it hit the + nonexistent file indicated by the default. Distros wanting DMARC enabled + should both provide the file and set the option. + Also enforce no DMARC verification for command-line sourced messages. + Exim version 4.93 ----------------- diff --git a/src/src/globals.c b/src/src/globals.c index de1149b6c..ff50cce31 100644 --- a/src/src/globals.c +++ b/src/src/globals.c @@ -845,7 +845,7 @@ uschar *dmarc_forensic_sender = NULL; uschar *dmarc_history_file = NULL; uschar *dmarc_status = NULL; uschar *dmarc_status_text = NULL; -uschar *dmarc_tld_file = US DMARC_TLD_FILE; +uschar *dmarc_tld_file = NULL; uschar *dmarc_used_domain = NULL; #endif diff --git a/src/src/receive.c b/src/src/receive.c index 83613092f..f30ffd92d 100644 --- a/src/src/receive.c +++ b/src/src/receive.c @@ -1703,10 +1703,6 @@ header_line *msgid_header = NULL; header_line *received_header; BOOL msgid_header_newly_created = FALSE; -#ifdef SUPPORT_DMARC -int dmarc_up = 0; -#endif - /* Variables for use when building the Received: header. */ uschar *timestamp; @@ -1768,7 +1764,7 @@ if (smtp_input && !smtp_batched_input && !f.dkim_disable_verify) #endif #ifdef SUPPORT_DMARC -dmarc_up = dmarc_init(); /* initialize libopendmarc */ +if (sender_host_address) dmarc_init(); /* initialize libopendmarc */ #endif /* Remember the time of reception. Exim uses time+pid for uniqueness of message @@ -3499,7 +3495,7 @@ else #endif /* WITH_CONTENT_SCAN */ #ifdef SUPPORT_DMARC - dmarc_up = dmarc_store_data(from_header); + dmarc_store_data(from_header); #endif #ifndef DISABLE_PRDR -- 2.25.1