From 0ea0fca404813e6c568b02b1d1d068983d055b5d Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Sat, 1 Aug 2020 21:16:19 +0100 Subject: [PATCH] SPF: enhance A-R result --- doc/doc-txt/ChangeLog | 4 ++++ src/src/spf.c | 6 +++++- test/log/4600 | 7 ++++++- test/scripts/4600-SPF/4600 | 15 +++++++++++++-- test/stdout/4600 | 16 +++++++++++++++- 5 files changed, 43 insertions(+), 5 deletions(-) diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index 60627364d..59d2ad659 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -92,6 +92,10 @@ JH/18 Bug 2617: Fix a taint trap in parse_fix_phrase(). Previously when the rewrite with the "h" flag, by using the "-F" command-line option, or by using a "name=" option on a control=submission ACL modifier. +JH/19 SPF: change the Authentication-Results expansion component to give + smtp.helo when the sender domain is empty. Previously it gave + "smtp.mailfrom=<>" + Exim version 4.94 ----------------- diff --git a/src/src/spf.c b/src/src/spf.c index 48f26f315..3a1912a91 100644 --- a/src/src/spf.c +++ b/src/src/spf.c @@ -402,8 +402,12 @@ if (spf_result_guessed) g = string_cat(g, US" (best guess record for domain)"); s = expand_string(US"$sender_address_domain"); +if (s && *s) + return string_append(g, 2, US" smtp.mailfrom=", s); + +s = sender_helo_name; return s && *s - ? string_append(g, 2, US" smtp.mailfrom=", s) + ? string_append(g, 2, US" smtp.helo=", s) : string_cat(g, US" smtp.mailfrom=<>"); } diff --git a/test/log/4600 b/test/log/4600 index de8432e49..065cd544c 100644 --- a/test/log/4600 +++ b/test/log/4600 @@ -1,6 +1,6 @@ ******** SERVER ******** -1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_D port PORT_S port PORT_N +1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_D port PORT_S port PORT_D2 1999-03-02 09:44:33 spf_result pass 1999-03-02 09:44:33 spf_header_comment myhost.test.ex: localhost is always allowed. 1999-03-02 09:44:33 spf_smtp_comment @@ -28,3 +28,8 @@ 1999-03-02 09:44:33 spf_received 1999-03-02 09:44:33 Authentication-Results: myhost.test.ex 1999-03-02 09:44:33 H=(testclient) [127.0.0.1] F= rejected RCPT +1999-03-02 09:44:33 spf_result pass +1999-03-02 09:44:33 spf_header_comment myhost.test.ex: localhost is always allowed. +1999-03-02 09:44:33 spf_smtp_comment +1999-03-02 09:44:33 spf_received Received-SPF: pass (myhost.test.ex: localhost is always allowed.) client-ip=127.0.0.1; envelope-from=postmaster@example.com; helo=example.com; +1999-03-02 09:44:33 Authentication-Results: myhost.test.ex;\n spf=pass smtp.helo=example.com diff --git a/test/scripts/4600-SPF/4600 b/test/scripts/4600-SPF/4600 index 8490288e1..cb67d19ae 100644 --- a/test/scripts/4600-SPF/4600 +++ b/test/scripts/4600-SPF/4600 @@ -7,7 +7,7 @@ # so the testsuite intercept to fakedns works. Be careful of names and addresses # used, as nonhandled lookups are passed on to real DNS. # -exim -bd -DSERVER=server -oX PORT_D:PORT_S:PORT_N +exim -bd -DSERVER=server -oX PORT_D:PORT_S:PORT_D2 **** client 127.0.0.1 PORT_S ??? 220 @@ -49,7 +49,7 @@ rcpt to: ??? 550 quit **** -client 127.0.0.1 PORT_N +client 127.0.0.1 PORT_D2 ??? 220 helo testclient ??? 250 @@ -60,4 +60,15 @@ rcpt to: quit **** # +client 127.0.0.1 PORT_S +??? 220 +helo example.com +??? 250 +mail from:<> +??? 250 +rcpt to: +??? 250 +quit +**** +# killdaemon diff --git a/test/stdout/4600 b/test/stdout/4600 index 030d1ebd4..a0d3eed8b 100644 --- a/test/stdout/4600 +++ b/test/stdout/4600 @@ -54,7 +54,7 @@ Connecting to ip4.ip4.ip4.ip4 port 1225 ... connected <<< 550 Administrative prohibition >>> quit End of script -Connecting to 127.0.0.1 port 1223 ... connected +Connecting to 127.0.0.1 port 1226 ... connected ??? 220 <<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 >>> helo testclient @@ -68,3 +68,17 @@ Connecting to 127.0.0.1 port 1223 ... connected <<< 550 Administrative prohibition >>> quit End of script +Connecting to 127.0.0.1 port 1224 ... connected +??? 220 +<<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 +>>> helo example.com +??? 250 +<<< 250 myhost.test.ex Hello example.com [127.0.0.1] +>>> mail from:<> +??? 250 +<<< 250 OK +>>> rcpt to: +??? 250 +<<< 250 Accepted +>>> quit +End of script -- 2.30.2