SPF: Remove the parameters of the broken explanation link
authorHeiko Schlittermann (HS12-RIPE) <hs@schlittermann.de>
Mon, 18 May 2020 20:40:24 +0000 (22:40 +0200)
committerHeiko Schlittermann (HS12-RIPE) <hs@schlittermann.de>
Fri, 22 May 2020 15:34:32 +0000 (17:34 +0200)
The complete www.open-spf.org is a static copy of the formerly working
openspf.org page. The explanation form doesn't work anymore.

doc/doc-docbook/spec.xfpt
doc/doc-txt/ChangeLog
src/src/spf.c
test/log/4600

index 12c03df648cc20d0a0eb9b7c502598594a879fbb..4147ee205179977af26d09f9162eb9e1bb15e487 100644 (file)
@@ -41000,13 +41000,16 @@ deny spf = fail
      message = $sender_host_address is not allowed to send mail from \
                ${if def:sender_address_domain \
                     {$sender_address_domain}{$sender_helo_name}}.  \
      message = $sender_host_address is not allowed to send mail from \
                ${if def:sender_address_domain \
                     {$sender_address_domain}{$sender_helo_name}}.  \
-               Please see http://www.open-spf.org/Why?scope=\
-               ${if def:sender_address_domain {mfrom}{helo}};\
+               Please see http://www.open-spf.org/Why;\
                identity=${if def:sender_address_domain \
                              {$sender_address}{$sender_helo_name}};\
                ip=$sender_host_address
 .endd
 
                identity=${if def:sender_address_domain \
                              {$sender_address}{$sender_helo_name}};\
                ip=$sender_host_address
 .endd
 
+Note: The above mentioned URL may not be as helpful as expected. You are
+encouraged to replace the link with a link to a site with more
+explanations.
+
 When the spf condition has run, it sets up several expansion
 variables:
 
 When the spf condition has run, it sets up several expansion
 variables:
 
index 1682a78b743f847b5184c648f48efa1db88d4aa4..2d7c5e014991ac5305e856c996bab4f3b592bdff 100644 (file)
@@ -203,6 +203,9 @@ JH/43 Fix possible long line in DSN.  Previously when a very long SMTP error
       response was received it would be used unchecked in a fail-DSN, violating
       standards on line-length limits.  Truncate if needed.
 
       response was received it would be used unchecked in a fail-DSN, violating
       standards on line-length limits.  Truncate if needed.
 
+HS/01 Remove parameters of the link to www.open-spf.org. The linked form
+      doesn't work.
+
 
 Exim version 4.93
 -----------------
 
 Exim version 4.93
 -----------------
index f120f722c81106274966517b09423ca6c920f2e0..f1a2bed724a973543603cb2e5573b09518878b6e 100644 (file)
@@ -91,7 +91,7 @@ switch (dns_rc = dns_lookup(dnsa, US domain, rr_type, NULL))
   case DNS_NODATA:     srr.herrno = NO_DATA;           break;
   case DNS_FAIL:
   default:             srr.herrno = NO_RECOVERY;       break;
   case DNS_NODATA:     srr.herrno = NO_DATA;           break;
   case DNS_FAIL:
   default:             srr.herrno = NO_RECOVERY;       break;
-  } 
+  }
 
 for (dns_record * rr = dns_next_rr(dnsa, &dnss, RESET_ANSWERS); rr;
      rr = dns_next_rr(dnsa, &dnss, RESET_NEXT))
 
 for (dns_record * rr = dns_next_rr(dnsa, &dnss, RESET_ANSWERS); rr;
      rr = dns_next_rr(dnsa, &dnss, RESET_NEXT))
@@ -240,9 +240,11 @@ if (!(spf_server = SPF_server_new_dns(dc, debug)))
   DEBUG(D_receive) debug_printf("spf: SPF_server_new() failed.\n");
   return FALSE;
   }
   DEBUG(D_receive) debug_printf("spf: SPF_server_new() failed.\n");
   return FALSE;
   }
-  /* Quick hack to override the outdated explanation URL.
-  See https://www.mail-archive.com/mailop@mailop.org/msg08019.html */
-  SPF_server_set_explanation(spf_server, "Please%_see%_http://www.open-spf.org/Why?id=%{S}&ip=%{C}&receiver=%{R}", &spf_response);
+  /* Override the outdated explanation URL.
+  See https://www.mail-archive.com/mailop@mailop.org/msg08019.html
+  Used to work as "Please%_see%_http://www.open-spf.org/Why?id=%{S}&ip=%{C}&receiver=%{R}",
+  but is broken now (May 18th, 2020) */
+  SPF_server_set_explanation(spf_server, "Please%_see%_http://www.open-spf.org/Why", &spf_response);
   if (SPF_response_errcode(spf_response) != SPF_E_SUCCESS)
     log_write(0, LOG_MAIN|LOG_PANIC_DIE, "%s", SPF_strerror(SPF_response_errcode(spf_response)));
 
   if (SPF_response_errcode(spf_response) != SPF_E_SUCCESS)
     log_write(0, LOG_MAIN|LOG_PANIC_DIE, "%s", SPF_strerror(SPF_response_errcode(spf_response)));
 
index 1e8af6531879b5fc5f60665d5fd09dc9a5af7ef1..de8432e4934475b331860b4adb552fac1e43ed61 100644 (file)
@@ -18,7 +18,7 @@
 1999-03-02 09:44:33 Authentication-Results: myhost.test.ex;\n  spf=pass smtp.mailfrom=example.com
 1999-03-02 09:44:33 spf_result         neutral (guess <yes>)
 1999-03-02 09:44:33 spf_header_comment myhost.test.ex: ip4.ip4.ip4.ip4 is neither permitted nor denied by domain of test.example.com
 1999-03-02 09:44:33 Authentication-Results: myhost.test.ex;\n  spf=pass smtp.mailfrom=example.com
 1999-03-02 09:44:33 spf_result         neutral (guess <yes>)
 1999-03-02 09:44:33 spf_header_comment myhost.test.ex: ip4.ip4.ip4.ip4 is neither permitted nor denied by domain of test.example.com
-1999-03-02 09:44:33 spf_smtp_comment   Please see http://www.open-spf.org/Why?id=b%40test.example.com&ip=ip4.ip4.ip4.ip4&receiver=myhost.test.ex : Reason: mechanism
+1999-03-02 09:44:33 spf_smtp_comment   Please see http://www.open-spf.org/Why : Reason: mechanism
 1999-03-02 09:44:33 spf_received       Received-SPF: neutral (myhost.test.ex: ip4.ip4.ip4.ip4 is neither permitted nor denied by domain of test.example.com) client-ip=ip4.ip4.ip4.ip4; envelope-from=b@test.example.com; helo=testclient;
 1999-03-02 09:44:33 Authentication-Results: myhost.test.ex;\n  spf=neutral (best guess record for domain) smtp.mailfrom=test.example.com
 1999-03-02 09:44:33 H=(testclient) [ip4.ip4.ip4.ip4] F=<b@test.example.com> rejected RCPT <fred@test.ex>
 1999-03-02 09:44:33 spf_received       Received-SPF: neutral (myhost.test.ex: ip4.ip4.ip4.ip4 is neither permitted nor denied by domain of test.example.com) client-ip=ip4.ip4.ip4.ip4; envelope-from=b@test.example.com; helo=testclient;
 1999-03-02 09:44:33 Authentication-Results: myhost.test.ex;\n  spf=neutral (best guess record for domain) smtp.mailfrom=test.example.com
 1999-03-02 09:44:33 H=(testclient) [ip4.ip4.ip4.ip4] F=<b@test.example.com> rejected RCPT <fred@test.ex>