.row &%percent_hack_domains%& "recognize %-hack for these domains"
.row &%spamd_address%& "set interface to SpamAssassin"
.row &%strict_acl_vars%& "object to unset ACL variables"
+.row &%spf_smtp_comment_template%& "template for &$spf_smtp_comment$&"
.endtable
This option is available when Exim is compiled with SPF support.
See section &<<SECSPF>>& for more details.
+.new
+.option spf_smtp_comment_template main string&!! "Please%_see%_http://www.open-spf.org/Why"
+This option is available when Exim is compiled with SPF support. It
+allows the customisation of the SMTP comment that the SPF library
+generates. You are strongly encouraged to link to your own explanative
+site. The following placeholders (along with Exim variables) are allowed
+in the template (this list is compiled from the libspf2 sources):
+.ilist
+&*L*&: Envelope sender's local part.
+.next
+&*S*&: Envelope sender.
+.next
+&*O*&: Envelope sender's domain.
+.next
+&*D*&: Current(?) domain.
+.next
+&*I*&: SMTP client Ip.
+.next
+&*C*&: SMTP client pretty IP.
+.next
+&*T*&: Epoch time (UTC).
+.next
+&*P*&: SMTP client domain name.
+.next
+&*V*&: IP version.
+.next
+&*H*&: EHLO/HELO domain.
+.next
+&*R*&: Receiving domain.
+.endlist
+The capitalized placeholders do proper URL encoding, if you use them
+lowercased, no encoding takes place. A note on using Exim variables: As
+currenty the SPF library is initialized already during the EHLO phase,
+the amount of variables available for expansion is quite limited.
+.wen
.option split_spool_directory main boolean false
.vitem &$spf_smtp_comment$&
.vindex &$spf_smtp_comment$&
+.vindex &%spf_smtp_comment_template%&
This contains a string that can be used in a SMTP response
to the calling party. Useful for "fail".
+.new
+ The string is generated by the SPF library from the template configured in the main config
+ option &%spf_smtp_comment_template%&.
+.wen
.endlist
standards on line-length limits. Truncate if needed.
HS/01 Remove parameters of the link to www.open-spf.org. The linked form
- doesn't work.
+ doesn't work. (Additionally add a new main config option to configure the
+ spf_smtp_comment)
Exim version 4.93
3. A msg:defer event.
- 4. Client-side support in the gsasl authenticator. Tested against the
+ 4. Client-side support in the gsasl authenticator. Tested against the
plaintext driver for PLAIN; only against itself for SCRAM-SHA-1 and
SCRAM-SHA-1-PLUS methods.
21. bounce_message_file and warn_message_file are now expanded before use.
+22. New main config option spf_smtp_comment_template to customise the
+ $spf_smtp_comment variable
+
Version 4.93
15: Support under OpenSSL for writing NSS-style key files for packet-capture
decode. The environment variable SSLKEYLOGFILE is used; if an absolute path
it must indicate a file under the spool directory; if relative the the spool
- directory is prepended. Works on the server side only. Support under
+ directory is prepended. Works on the server side only. Support under
GnuTLS was already there, being done purely by the library (server side
only, and exim must be run as root).
uschar *spf_received = NULL;
uschar *spf_result = NULL;
uschar *spf_smtp_comment = NULL;
+uschar *spf_smtp_comment_template
+ /* Used to be: "Please%_see%_http://www.open-spf.org/Why?id=%{S}&ip=%{C}&receiver=%{R}" */
+ = US"Please%_see%_http://www.open-spf.org/Why";
+
#endif
FILE *spool_data_file = NULL;
uschar *cipher; /* Cipher used */
const uschar *cipher_stdname; /* Cipher used, RFC version */
const uschar *ver; /* TLS version */
-
+
BOOL on_connect; /* For older MTAs that don't STARTTLS */
uschar *on_connect_ports; /* Ports always tls-on-connect */
void *ourcert; /* Certificate we presented, binary */
extern uschar *spf_result; /* spf result in string form */
extern BOOL spf_result_guessed; /* spf result is of best-guess operation */
extern uschar *spf_smtp_comment; /* spf comment to include in SMTP reply */
+extern uschar *spf_smtp_comment_template;
+ /* template to construct the spf comment by libspf2 */
#endif
extern BOOL split_spool_directory; /* TRUE to use multiple subdirs */
extern FILE *spool_data_file; /* handle for -D file */
#endif
#ifdef SUPPORT_SPF
{ "spf_guess", opt_stringptr, {&spf_guess} },
+ { "spf_smtp_comment_template",opt_stringptr, {&spf_smtp_comment_template} },
#endif
{ "split_spool_directory", opt_bool, {&split_spool_directory} },
{ "spool_directory", opt_stringptr, {&spool_directory} },
{
SPF_dns_server_t * dc;
int debug = 0;
+const uschar *s;
DEBUG(D_receive) debug = 1;
See https://www.mail-archive.com/mailop@mailop.org/msg08019.html
Used to work as "Please%_see%_http://www.open-spf.org/Why?id=%{S}&ip=%{C}&receiver=%{R}",
but is broken now (May 18th, 2020) */
- SPF_server_set_explanation(spf_server, "Please%_see%_http://www.open-spf.org/Why", &spf_response);
- if (SPF_response_errcode(spf_response) != SPF_E_SUCCESS)
- log_write(0, LOG_MAIN|LOG_PANIC_DIE, "%s", SPF_strerror(SPF_response_errcode(spf_response)));
+if (!(s = expand_string(spf_smtp_comment_template)))
+ log_write(0, LOG_MAIN|LOG_PANIC_DIE, "expansion of spf_smtp_comment_template failed");
+
+SPF_server_set_explanation(spf_server, s, &spf_response);
+if (SPF_response_errcode(spf_response) != SPF_E_SUCCESS)
+ log_write(0, LOG_MAIN|LOG_PANIC_DIE, "%s", SPF_strerror(SPF_response_errcode(spf_response)));
return TRUE;
}
git://git.exim.org / exim.git / commitdiff