+if (history_file_fd < 0)
+ {
+ log_write(0, LOG_MAIN|LOG_PANIC, "failure to create DMARC history file: %s",
+ dmarc_history_file);
+ return DMARC_HIST_FILE_ERR;
+ }
+
+/* Generate the contents of the history file */
+g = string_fmt_append(NULL,
+ "job %s\nreporter %s\nreceived %ld\nipaddr %s\nfrom %s\nmfrom %s\n",
+ message_id, primary_hostname, time(NULL), sender_host_address,
+ header_from_sender, expand_string(US"$sender_address_domain"));
+
+if (spf_response)
+ g = string_fmt_append(g, "spf %d\n", dmarc_spf_ares_result);
+
+g = string_fmt_append(g, "%spdomain %s\npolicy %d\n",
+ dkim_history_buffer, dmarc_used_domain, dmarc_policy);
+
+if ((rua = opendmarc_policy_fetch_rua(dmarc_pctx, NULL, 0, 1)))
+ for (tmp_ans = 0; rua[tmp_ans]; tmp_ans++)
+ g = string_fmt_append(g, "rua %s\n", rua[tmp_ans]);
+else
+ g = string_fmt_append(g, "rua -\n");
+
+opendmarc_policy_fetch_pct(dmarc_pctx, &tmp_ans);
+g = string_fmt_append(g, "pct %d\n", tmp_ans);
+
+opendmarc_policy_fetch_adkim(dmarc_pctx, &tmp_ans);
+g = string_fmt_append(g, "adkim %d\n", tmp_ans);
+
+opendmarc_policy_fetch_aspf(dmarc_pctx, &tmp_ans);
+g = string_fmt_append(g, "aspf %d\n", tmp_ans);
+
+opendmarc_policy_fetch_p(dmarc_pctx, &tmp_ans);
+g = string_fmt_append(g, "p %d\n", tmp_ans);
+
+opendmarc_policy_fetch_sp(dmarc_pctx, &tmp_ans);
+g = string_fmt_append(g, "sp %d\n", tmp_ans);
+
+g = string_fmt_append(g, "align_dkim %d\nalign_spf %d\naction %d\n",
+ da, sa, action);
+
+/* Write the contents to the history file */
+DEBUG(D_receive)
+ debug_printf("DMARC logging history data for opendmarc reporting%s\n",
+ (host_checking || f.running_in_test_harness) ? " (not really)" : "");
+if (host_checking || f.running_in_test_harness)
+ {
+ DEBUG(D_receive)
+ debug_printf("DMARC history data for debugging:\n%Y", g);
+ }
+else
+ {
+ written_len = write_to_fd_buf(history_file_fd,
+ g->s,
+ gstring_length(g));
+ if (written_len == 0)
+ {
+ log_write(0, LOG_MAIN|LOG_PANIC, "failure to write to DMARC history file: %s",
+ dmarc_history_file);
+ return DMARC_HIST_WRITE_ERR;
+ }
+ (void)close(history_file_fd);
+ }
+return DMARC_HIST_OK;
+}
+
+
+/* dmarc_process adds the envelope sender address to the existing
+context (if any), retrieves the result, sets up expansion
+strings and evaluates the condition outcome. */
+
+int
+dmarc_process()
+{
+int sr, origin; /* used in SPF section */
+int dmarc_spf_result = 0; /* stores spf into dmarc conn ctx */
+int tmp_ans, c;
+pdkim_signature * sig = dkim_signatures;
+uschar * rr;
+BOOL has_dmarc_record = TRUE;
+u_char ** ruf; /* forensic report addressees, if called for */
+
+/* ACLs have "control=dmarc_disable_verify" */
+if (f.dmarc_disable_verify)
+ return OK;
+
+/* Store the header From: sender domain for this part of DMARC.
+If there is no from_header struct, then it's likely this message
+is locally generated and relying on fixups to add it. Just skip
+the entire DMARC system if we can't find a From: header....or if
+there was a previous error. */
+
+if (!from_header)
+ {
+ DEBUG(D_receive) debug_printf("DMARC: no From: header\n");
+ dmarc_abort = TRUE;
+ }
+else if (!dmarc_abort)