If the ACL returns defer the result is a forced-fail. Otherwise the expansion fails.
+.new
+.vitem "&*${authresults{*&<&'authserv-id&>&*}}*&"
+.cindex authentication "results header"
+.cindex headers "authentication-results:"
+This item returns a string suitable for insertion as an
+&'Authentication-Results"'&
+header line.
+The given <&'authserv-id'&> is included in the result; typically this
+will ba a domain name identifying the system performing the authentications.
+Methods that may be present in the result include:
+.code
+none
+iprev
+auth
+spf
+dkim
+.endd
+
+Example use (as an ACL modifier):
+.code
+ add_header = :at_start:${authresults {$primary_hostname}}
+.endd
+.wen
+
+
.vitem "&*${certextract{*&<&'field'&>&*}{*&<&'certificate'&>&*}&&&
{*&<&'string2'&>&*}{*&<&'string3'&>&*}}*&"
.cindex "expansion" "extracting certificate fields"
11. "exim -bP macro <name>" returns caller-usable status.
+12. Expansion item ${authresults {<machine>}} for creating an
+ Authentication-Results: header.
+
Version 4.90
------------
if (!sig) return;
+if ( dkim_verify_status
+ && ( dkim_verify_status != dkim_exim_expand_query(DKIM_VERIFY_STATUS)
+ || dkim_verify_reason != dkim_exim_expand_query(DKIM_VERIFY_REASON)
+ ) )
+ sig->verify_status |= PDKIM_VERIFY_POLICY;
+
if ( !dkim_verify_overall
&& dkim_verify_status
? Ustrcmp(dkim_verify_status, US"pass") == 0
if (!(s = sig->selector)) s = US"<UNSET>";
logmsg = string_append(logmsg, 2, " s=", s);
logmsg = string_append(logmsg, 7,
-" c=", sig->canon_headers == PDKIM_CANON_SIMPLE ? "simple" : "relaxed",
-"/", sig->canon_body == PDKIM_CANON_SIMPLE ? "simple" : "relaxed",
-" a=", dkim_sig_to_a_tag(sig),
+ " c=", sig->canon_headers == PDKIM_CANON_SIMPLE ? "simple" : "relaxed",
+ "/", sig->canon_body == PDKIM_CANON_SIMPLE ? "simple" : "relaxed",
+ " a=", dkim_sig_to_a_tag(sig),
string_sprintf(" b=" SIZE_T_FMT,
(int)sig->sighash.len > -1 ? sig->sighash.len * 8 : 0));
if ((s= sig->identity)) logmsg = string_append(logmsg, 2, " i=", s);
if (sig->bodylength > -1) logmsg = string_cat(logmsg,
string_sprintf(" l=%lu", sig->bodylength));
-if ( !dkim_verify_status
- || ( dkim_verify_status == dkim_exim_expand_query(DKIM_VERIFY_STATUS)
- && dkim_verify_reason == dkim_exim_expand_query(DKIM_VERIFY_REASON)
- ) )
+if (sig->verify_status & PDKIM_VERIFY_POLICY)
+ logmsg = string_append(logmsg, 5,
+ US" [", dkim_verify_status, US" - ", dkim_verify_reason, US"]");
+else
switch (sig->verify_status)
{
case PDKIM_VERIFY_NONE:
logmsg = string_cat(logmsg,
US"signature did not verify "
"(headers probably modified in transit)]");
- break;
+ break;
default:
logmsg = string_cat(logmsg, US"unspecified reason]");
logmsg = string_cat(logmsg, US" [verification succeeded]");
break;
}
-else
- logmsg = string_append(logmsg, 5,
- US" [", dkim_verify_status, US" - ", dkim_verify_reason, US"]");
log_write(0, LOG_MAIN, "%s", string_from_gstring(logmsg));
return;
goto bad;
}
+
+
+
+gstring *
+authres_dkim(gstring * g)
+{
+pdkim_signature * sig;
+
+for (sig = dkim_signatures; sig; sig = sig->next)
+ {
+ g = string_catn(g, US";\\n\\tdkim=", 10);
+
+ if (sig->verify_status & PDKIM_VERIFY_POLICY)
+ g = string_append(g, 5,
+ US"policy (", dkim_verify_status, US" - ", dkim_verify_reason, US")");
+ else switch(sig->verify_status)
+ {
+ case PDKIM_VERIFY_NONE: g = string_cat(g, US"none"); break;
+ case PDKIM_VERIFY_INVALID:
+ switch (sig->verify_ext_status)
+ {
+ case PDKIM_VERIFY_INVALID_PUBKEY_UNAVAILABLE:
+ g = string_cat(g, US"tmperror (pubkey unavailable)"); break;
+ case PDKIM_VERIFY_INVALID_BUFFER_SIZE:
+ g = string_cat(g, US"permerror (overlong public key record)"); break;
+ case PDKIM_VERIFY_INVALID_PUBKEY_DNSRECORD:
+ case PDKIM_VERIFY_INVALID_PUBKEY_IMPORT:
+ g = string_cat(g, US"neutral (syntax error in public key record)");
+ break;
+ case PDKIM_VERIFY_INVALID_SIGNATURE_ERROR:
+ g = string_cat(g, US"neutral (signature tag missing or invalid)");
+ break;
+ case PDKIM_VERIFY_INVALID_DKIM_VERSION:
+ g = string_cat(g, US"neutral (unsupported DKIM version)");
+ break;
+ default:
+ g = string_cat(g, US"permerror (unspecified problem)"); break;
+ }
+ break;
+ case PDKIM_VERIFY_FAIL:
+ switch (sig->verify_ext_status)
+ {
+ case PDKIM_VERIFY_FAIL_BODY:
+ g = string_cat(g,
+ US"fail (body hash mismatch; body probably modified in transit)");
+ break;
+ case PDKIM_VERIFY_FAIL_MESSAGE:
+ g = string_cat(g,
+ US"fail (signature did not verify; headers probably modified in transit)");
+ break;
+ default:
+ g = string_cat(g, US"fail (unspecified reason)");
+ break;
+ }
+ break;
+ case PDKIM_VERIFY_PASS: g = string_cat(g, US"pass"); break;
+ default: g = string_cat(g, US"permerror"); break;
+ }
+ if (sig->domain) g = string_append(g, 2, US" header.d=", sig->domain);
+ if (sig->identity) g = string_append(g, 2, US" header.i=", sig->identity);
+ if (sig->selector) g = string_append(g, 2, US" header.s=", sig->selector);
+ g = string_append(g, 2, US" header.a=", dkim_sig_to_a_tag(sig));
+ }
+return g;
+}
+
+
# endif /*!MACRO_PREDEF*/
#endif /*!DISABLE_DKIM*/
static uschar *item_table[] = {
US"acl",
+ US"authresults",
US"certextract",
US"dlfunc",
US"env",
enum {
EITEM_ACL,
+ EITEM_AUTHRESULTS,
EITEM_CERTEXTRACT,
EITEM_DLFUNC,
EITEM_ENV,
+/* Append an "iprev" element to an Autherntication-Results: header
+if we have attempted to get the calling host's name.
+*/
+
+static gstring *
+authres_iprev(gstring * g)
+{
+if (sender_host_name)
+ return string_append(g, 3, US";\\n\\tiprev=pass (", sender_host_name, US")");
+if (host_lookup_deferred)
+ return string_catn(g, US";\\n\\tiprev=temperror", 21);
+if (host_lookup_failed)
+ return string_catn(g, US";\\n\\tiprev=fail", 15);
+return g;
+}
+
+
+
/*************************************************
* Return list of recipients *
*************************************************/
}
}
+ case EITEM_AUTHRESULTS:
+ /* ${authresults {mysystemname}} */
+ {
+ uschar *sub_arg[1];
+
+ switch(read_subs(sub_arg, nelem(sub_arg), 1, &s, skipping, TRUE, name,
+ &resetok))
+ {
+ case 1: goto EXPAND_FAILED_CURLY;
+ case 2:
+ case 3: goto EXPAND_FAILED;
+ }
+
+ yield = string_append(yield, 3,
+ US"Authentication-Results: ", sub_arg[0], US"; none");
+ yield->ptr -= 6;
+
+ yield = authres_iprev(yield);
+ yield = authres_smtpauth(yield);
+#ifdef SUPPORT_SPF
+ yield = authres_spf(yield);
+#endif
+#ifndef DISABLE_DKIM
+ yield = authres_dkim(yield);
+#endif
+ continue;
+ }
+
/* Handle conditionals - preserve the values of the numerical expansion
variables in case they get changed by a regular expression match in the
condition. If not, they retain their external settings. At the end
extern uschar *auth_xtextencode(uschar *, int);
extern int auth_xtextdecode(uschar *, uschar **);
+extern gstring *authres_smtpauth(gstring *);
+#ifdef SUPPORT_SPF
+extern gstring *authres_spf(gstring *);
+#endif
+#ifndef DISABLE_DKIM
+extern gstring *authres_dkim(gstring *);
+#endif
+
extern uschar *b64encode(uschar *, int);
extern int b64decode(const uschar *, uschar **);
extern int bdat_getc(unsigned);
#define PDKIM_VERIFY_INVALID 1
#define PDKIM_VERIFY_FAIL 2
#define PDKIM_VERIFY_PASS 3
+#define PDKIM_VERIFY_POLICY BIT(31)
#define PDKIM_VERIFY_FAIL_BODY 1
#define PDKIM_VERIFY_FAIL_MESSAGE 2
return done - 2; /* Convert yield values */
}
+
+
+gstring *
+authres_smtpauth(gstring * g)
+{
+if (!sender_host_authenticated)
+ return g;
+
+g = string_append(g, 4, US";\\n\\tauth=pass"
+ " (", sender_host_authenticated, US") smtp.auth=", authenticated_id);
+if (authenticated_sender)
+ g = string_append(g, 2, US" smtp.mailfrom=", authenticated_sender);
+return g;
+}
+
+
+
/* vi: aw ai sw=2
*/
/* End of smtp_in.c */
return FAIL;
}
+
+
+gstring *
+authres_spf(gstring * g)
+{
+if (!spf_result) return g;
+
+return string_append(g, 4, US";\\n\\tspf=", spf_result,
+ US" smtp.mailfrom=", expand_string(US"$sender_address_domain"));
+}
+
+
#endif
# ----- Main settings -----
acl_smtp_rcpt = accept
+acl_smtp_data = accept add_header = :at_start:${authresults {$primary_hostname}}
# ----- Authentication -----
acl_smtp_rcpt = accept
acl_smtp_dkim = check_dkim
+acl_smtp_data = accept logwrite = ${authresults {$primary_hostname}}
log_selector = +dkim_verbose
logwrite = spf_header_comment $spf_header_comment
logwrite = spf_smtp_comment $spf_smtp_comment
logwrite = spf_received $spf_received
+ logwrite = ${authresults {$primary_hostname}}
accept hosts = 127.0.0.1
spf = pass : softfail : neutral
logwrite = spf_header_comment $spf_header_comment
logwrite = spf_smtp_comment $spf_smtp_comment
logwrite = spf_received $spf_received
+ logwrite = ${authresults {$primary_hostname}}
deny
logwrite = spf_result $spf_result
logwrite = spf_header_comment $spf_header_comment
logwrite = spf_smtp_comment $spf_smtp_comment
logwrite = spf_received $spf_received
+ logwrite = ${authresults {$primary_hostname}}
# End
1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225
1999-03-02 09:44:33 10HmaX-0005vi-00 signer: test.ex bits: 1024
1999-03-02 09:44:33 10HmaX-0005vi-00 DKIM: d=test.ex s=sel c=simple/simple a=rsa-sha1 b=1024 [verification succeeded]
+1999-03-02 09:44:33 10HmaX-0005vi-00 Authentication-Results: myhost.test.ex;\n dkim=pass header.d=test.ex header.s=sel header.a=rsa-sha1
1999-03-02 09:44:33 10HmaX-0005vi-00 <= CALLER@bloggs.com H=(xxx) [127.0.0.1] P=smtp S=sss DKIM=test.ex id=qwerty1234@disco-zombie.net
1999-03-02 09:44:33 10HmaY-0005vi-00 signer: test.ex bits: 512
1999-03-02 09:44:33 10HmaY-0005vi-00 DKIM: d=test.ex s=ses c=simple/simple a=rsa-sha1 b=512 [verification succeeded]
+1999-03-02 09:44:33 10HmaY-0005vi-00 Authentication-Results: myhost.test.ex;\n dkim=pass header.d=test.ex header.s=ses header.a=rsa-sha1
1999-03-02 09:44:33 10HmaY-0005vi-00 <= CALLER@bloggs.com H=(xxx) [127.0.0.1] P=smtp S=sss DKIM=test.ex id=qwerty1234@disco-zombie.net
1999-03-02 09:44:33 10HmaZ-0005vi-00 signer: test.ex bits: 1024
1999-03-02 09:44:33 10HmaZ-0005vi-00 DKIM: d=test.ex s=sel c=simple/simple a=rsa-sha256 b=1024 [verification succeeded]
+1999-03-02 09:44:33 10HmaZ-0005vi-00 Authentication-Results: myhost.test.ex;\n dkim=pass header.d=test.ex header.s=sel header.a=rsa-sha256
1999-03-02 09:44:33 10HmaZ-0005vi-00 <= CALLER@bloggs.com H=(xxx) [127.0.0.1] P=smtp S=sss DKIM=test.ex id=qwerty1234@disco-zombie.net
1999-03-02 09:44:33 10HmbA-0005vi-00 signer: test.ex bits: 512
1999-03-02 09:44:33 10HmbA-0005vi-00 DKIM: d=test.ex s=ses_sha1 c=simple/simple a=rsa-sha1 b=512 [verification succeeded]
+1999-03-02 09:44:33 10HmbA-0005vi-00 Authentication-Results: myhost.test.ex;\n dkim=pass header.d=test.ex header.s=ses_sha1 header.a=rsa-sha1
1999-03-02 09:44:33 10HmbA-0005vi-00 <= CALLER@bloggs.com H=(xxx) [127.0.0.1] P=smtp S=sss DKIM=test.ex id=qwerty1234@disco-zombie.net
1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225
1999-03-02 09:44:33 10HmbB-0005vi-00 NOTE: forcing dkim verify fail (was pass)
1999-03-02 09:44:33 10HmbB-0005vi-00 signer: test.ex bits: 1024
1999-03-02 09:44:33 10HmbB-0005vi-00 DKIM: d=test.ex s=sel c=simple/simple a=rsa-sha1 b=1024 [fail - hash too weak]
+1999-03-02 09:44:33 10HmbB-0005vi-00 Authentication-Results: myhost.test.ex;\n dkim=policy (fail - hash too weak) header.d=test.ex header.s=sel header.a=rsa-sha1
1999-03-02 09:44:33 10HmbB-0005vi-00 <= CALLER@bloggs.com H=(xxx) [127.0.0.1] P=smtp S=sss id=qwerty1234@disco-zombie.net
1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225
1999-03-02 09:44:33 10HmaX-0005vi-00 signer: test.ex bits: 1024
1999-03-02 09:44:33 10HmaX-0005vi-00 DKIM: d=test.ex s=sel c=simple/simple a=rsa-sha1 b=1024 [verification succeeded]
+1999-03-02 09:44:33 10HmaX-0005vi-00 Authentication-Results: myhost.test.ex;\n dkim=pass header.d=test.ex header.s=sel header.a=rsa-sha1
1999-03-02 09:44:33 10HmaX-0005vi-00 <= pass@bloggs.com H=(xxx) [127.0.0.1] P=smtp S=sss DKIM=test.ex id=qwerty1234@disco-zombie.net
1999-03-02 09:44:33 10HmaY-0005vi-00 signer: test.ex bits: 1024
1999-03-02 09:44:33 10HmaY-0005vi-00 DKIM: d=test.ex s=sel c=simple/simple a=rsa-sha1 b=1024 [verification failed - body hash mismatch (body probably modified in transit)]
+1999-03-02 09:44:33 10HmaY-0005vi-00 Authentication-Results: myhost.test.ex;\n dkim=fail (body hash mismatch; body probably modified in transit) header.d=test.ex header.s=sel header.a=rsa-sha1
1999-03-02 09:44:33 10HmaY-0005vi-00 <= fail@bloggs.com H=(xxx) [127.0.0.1] P=smtp S=sss id=qwerty1234@disco-zombie.net
1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225
1999-03-02 09:44:33 10HmaX-0005vi-00 signer: test.ex bits: 1024
1999-03-02 09:44:33 10HmaX-0005vi-00 DKIM: d=test.ex s=sel c=relaxed/relaxed a=rsa-sha1 b=1024 [verification succeeded]
+1999-03-02 09:44:33 10HmaX-0005vi-00 Authentication-Results: myhost.test.ex;\n dkim=pass header.d=test.ex header.s=sel header.a=rsa-sha1
1999-03-02 09:44:33 10HmaX-0005vi-00 <= CALLER@bloggs.com H=(xxx) [127.0.0.1] P=smtp S=sss DKIM=test.ex id=564CFC9B.1040905@yahoo.com
1999-03-02 09:44:33 10HmaY-0005vi-00 signer: test.ex bits: 1024
1999-03-02 09:44:33 10HmaY-0005vi-00 DKIM: d=test.ex s=sel c=relaxed/simple a=rsa-sha1 b=1024 [verification succeeded]
+1999-03-02 09:44:33 10HmaY-0005vi-00 Authentication-Results: myhost.test.ex;\n dkim=pass header.d=test.ex header.s=sel header.a=rsa-sha1
1999-03-02 09:44:33 10HmaY-0005vi-00 <= CALLER@bloggs.com H=(xxx) [127.0.0.1] P=smtp S=sss DKIM=test.ex
1999-03-02 09:44:33 10HmaZ-0005vi-00 signer: test.ex bits: 1024
1999-03-02 09:44:33 10HmaZ-0005vi-00 DKIM: d=test.ex s=sel c=relaxed/simple a=rsa-sha1 b=1024 [verification succeeded]
+1999-03-02 09:44:33 10HmaZ-0005vi-00 Authentication-Results: myhost.test.ex;\n dkim=pass header.d=test.ex header.s=sel header.a=rsa-sha1
1999-03-02 09:44:33 10HmaZ-0005vi-00 <= CALLER@bloggs.com H=(xxx) [127.0.0.1] P=smtp S=sss DKIM=test.ex
1999-03-02 09:44:33 10HmbA-0005vi-00 PDKIM: d=test.ex s=sel_bad [failed key import]
1999-03-02 09:44:33 10HmbA-0005vi-00 signer: test.ex bits: 1024
1999-03-02 09:44:33 10HmbA-0005vi-00 DKIM: d=test.ex s=sel_bad c=relaxed/relaxed a=rsa-sha1 b=1024 [invalid - syntax error in public key record]
+1999-03-02 09:44:33 10HmbA-0005vi-00 Authentication-Results: myhost.test.ex;\n dkim=neutral (syntax error in public key record) header.d=test.ex header.s=sel_bad header.a=rsa-sha1
1999-03-02 09:44:33 10HmbA-0005vi-00 <= CALLER@bloggs.com H=(xxx) [127.0.0.1] P=smtp S=sss id=564CFC9B.1040905@yahoo.com
1999-03-02 09:44:33 10HmaX-0005vi-00 DKIM: validation error: Public key signature verification has failed.
1999-03-02 09:44:33 10HmaX-0005vi-00 signer: test.ex bits: 1024
1999-03-02 09:44:33 10HmaX-0005vi-00 DKIM: d=test.ex s=sel c=simple/simple a=rsa-sha512 b=1024 [verification failed - signature did not verify (headers probably modified in transit)]
+1999-03-02 09:44:33 10HmaX-0005vi-00 Authentication-Results: myhost.test.ex;\n dkim=fail (signature did not verify; headers probably modified in transit) header.d=test.ex header.s=sel header.a=rsa-sha512
1999-03-02 09:44:33 10HmaX-0005vi-00 <= CALLER@bloggs.com H=(xxx) [127.0.0.1] P=smtp S=sss id=qwerty1234@disco-zombie.net
1999-03-02 09:44:33 10HmaX-0005vi-00 DKIM: validation error: Public key signature verification has failed.
1999-03-02 09:44:33 10HmaX-0005vi-00 signer: test.ex bits: 1024
1999-03-02 09:44:33 10HmaX-0005vi-00 DKIM: d=test.ex s=sel2 c=simple/simple a=rsa-sha512 b=1024 [verification failed - signature did not verify (headers probably modified in transit)]
+1999-03-02 09:44:33 10HmaX-0005vi-00 Authentication-Results: myhost.test.ex;\n dkim=fail (signature did not verify; headers probably modified in transit) header.d=test.ex header.s=sel2 header.a=rsa-sha512
1999-03-02 09:44:33 10HmaX-0005vi-00 <= CALLER@bloggs.com H=(xxx) [127.0.0.1] P=smtp S=sss id=qwerty1234@disco-zombie.net
1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225
1999-03-02 09:44:33 10HmaY-0005vi-00 signer: test.ex bits: 0
1999-03-02 09:44:33 10HmaY-0005vi-00 DKIM: d=test.ex s=sel c=simple/simple a=rsa-sha1 b=0 [invalid - signature tag missing or invalid]
+1999-03-02 09:44:33 10HmaY-0005vi-00 Authentication-Results: myhost.test.ex;\n dkim=neutral (signature tag missing or invalid) header.d=test.ex header.s=sel header.a=rsa-sha1
1999-03-02 09:44:33 10HmaY-0005vi-00 <= CALLER@bloggs.com H=(xxx) [127.0.0.1] P=smtp S=sss id=qwerty1234@disco-zombie.net
1999-03-02 09:44:33 10HmaZ-0005vi-00 signer: test.ex bits: 1024
1999-03-02 09:44:33 10HmaZ-0005vi-00 DKIM: d=test.ex s=sel c=simple/simple a=rsa-sha1 b=1024 [invalid - signature tag missing or invalid]
+1999-03-02 09:44:33 10HmaZ-0005vi-00 Authentication-Results: myhost.test.ex;\n dkim=neutral (signature tag missing or invalid) header.d=test.ex header.s=sel header.a=rsa-sha1
1999-03-02 09:44:33 10HmaZ-0005vi-00 <= CALLER@bloggs.com H=(xxx) [127.0.0.1] P=smtp S=sss id=qwerty1234@disco-zombie.net
1999-03-02 09:44:33 10HmbA-0005vi-00 signer: test.ex bits: 1024
1999-03-02 09:44:33 10HmbA-0005vi-00 DKIM: d=test.ex s=sel c=simple/simple a=rsa-sha1 b=1024 [verification failed - body hash mismatch (body probably modified in transit)]
+1999-03-02 09:44:33 10HmbA-0005vi-00 Authentication-Results: myhost.test.ex;\n dkim=fail (body hash mismatch; body probably modified in transit) header.d=test.ex header.s=sel header.a=rsa-sha1
1999-03-02 09:44:33 10HmbA-0005vi-00 <= CALLER@bloggs.com H=(xxx) [127.0.0.1] P=smtp S=sss id=qwerty1234@disco-zombie.net
1999-03-02 09:44:33 10HmbB-0005vi-00 DKIM: validation error: LONG_LINE
1999-03-02 09:44:33 10HmbB-0005vi-00 DKIM: Error during validation, disabling signature verification: LONG_LINE
+1999-03-02 09:44:33 10HmbB-0005vi-00 Authentication-Results: myhost.test.ex
1999-03-02 09:44:33 10HmbB-0005vi-00 <= CALLER@bloggs.com H=(xxx) [127.0.0.1] P=smtp S=sss id=qwerty1234@disco-zombie.net
1999-03-02 09:44:33 10HmbC-0005vi-00 signer: test.ex bits: 512
1999-03-02 09:44:33 10HmbC-0005vi-00 DKIM: d=test.ex s=ses_sha256 c=simple/simple a=rsa-sha1 b=512 [verification failed - unspecified reason]
+1999-03-02 09:44:33 10HmbC-0005vi-00 Authentication-Results: myhost.test.ex;\n dkim=fail (unspecified reason) header.d=test.ex header.s=ses_sha256 header.a=rsa-sha1
1999-03-02 09:44:33 10HmbC-0005vi-00 <= CALLER@bloggs.com H=(xxx) [127.0.0.1] P=smtp S=sss id=qwerty1234@disco-zombie.net
1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225
1999-03-02 09:44:33 10HmbD-0005vi-00 unknown
1999-03-02 09:44:33 10HmbD-0005vi-00 signer: test.ex bits: 0
1999-03-02 09:44:33 10HmbD-0005vi-00 DKIM: d=test.ex s=sel c=simple/simple a=rsa-sha1 b=0 [invalid - signature tag missing or invalid]
+1999-03-02 09:44:33 10HmbD-0005vi-00 Authentication-Results: myhost.test.ex;\n dkim=neutral (signature tag missing or invalid) header.d=test.ex header.s=sel header.a=rsa-sha1
1999-03-02 09:44:33 10HmbD-0005vi-00 <= CALLER@bloggs.com H=(xxx) [127.0.0.1] P=smtp S=sss id=qwerty1234@disco-zombie.net
1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225
1999-03-02 09:44:33 10HmaX-0005vi-00 signer: test.ex bits: 0
1999-03-02 09:44:33 spf_header_comment myhost.test.ex: domain of example.com does not designate ip4.ip4.ip4.ip4 as permitted sender
1999-03-02 09:44:33 spf_smtp_comment Please see http://www.openspf.org/Why?id=a%40example.com&ip=ip4.ip4.ip4.ip4&receiver=myhost.test.ex : Reason: mechanism
1999-03-02 09:44:33 spf_received Received-SPF: fail (myhost.test.ex: domain of example.com does not designate ip4.ip4.ip4.ip4 as permitted sender) client-ip=ip4.ip4.ip4.ip4; envelope-from=a@example.com; helo=testclient;
+1999-03-02 09:44:33 Authentication-Results: myhost.test.ex;\n\tspf=fail smtp.mailfrom=example.com
1999-03-02 09:44:33 H=(testclient) [ip4.ip4.ip4.ip4] F=<a@example.com> rejected RCPT <fred@test.ex>
1999-03-02 09:44:33 spf_result pass
1999-03-02 09:44:33 spf_header_comment myhost.test.ex: localhost is always allowed.
1999-03-02 09:44:33 spf_smtp_comment
1999-03-02 09:44:33 spf_received Received-SPF: pass (myhost.test.ex: localhost is always allowed.) client-ip=127.0.0.1; envelope-from=b@example.com; helo=testclient;
+1999-03-02 09:44:33 Authentication-Results: myhost.test.ex;\n\tspf=pass smtp.mailfrom=example.com
From CALLER@myhost.test.ex Tue Mar 02 09:44:33 1999
+Authentication-Results: myhost.test.ex;
+ auth=pass (plain1) smtp.auth=userx
Received: from CALLER (helo=testing.ex)
by myhost.test.ex with local-esmtpa (Exim x.yz)
(envelope-from <CALLER@myhost.test.ex>)
>>> accept: condition test succeeded in ACL "check_dkim"
>>> end of ACL "check_dkim": ACCEPT
LOG: 10HmaX-0005vi-00 DKIM: d=test.ex s=sel c=simple/simple a=rsa-sha1 b=1024 [verification succeeded]
+>>> processing "accept"
+>>> check logwrite = Authentication-Results: myhost.test.ex;\n\tdkim=pass header.d=test.ex header.s=sel header.a=rsa-sha1
+>>> = Authentication-Results: myhost.test.ex;
+>>> dkim=pass header.d=test.ex header.s=sel header.a=rsa-sha1
+LOG: 10HmaX-0005vi-00 Authentication-Results: myhost.test.ex;\n dkim=pass header.d=test.ex header.s=sel header.a=rsa-sha1
+>>> accept: condition test succeeded in inline ACL
+>>> end of inline ACL: ACCEPT
LOG: 10HmaX-0005vi-00 <= CALLER@bloggs.com H=(xxx) [127.0.0.1] P=smtp S=sss DKIM=test.ex id=qwerty1234@disco-zombie.net
git://git.exim.org / exim.git / commitdiff