132 lines
4.5 KiB
Diff
132 lines
4.5 KiB
Diff
diff --git a/opendmarc/opendmarc-config.h b/opendmarc/opendmarc-config.h
|
|
index 1b781df..8398007 100644
|
|
--- a/opendmarc/opendmarc-config.h
|
|
+++ b/opendmarc/opendmarc-config.h
|
|
@@ -47,6 +47,7 @@ struct configdef dmarcf_config[] =
|
|
{ "RequiredHeaders", CONFIG_TYPE_BOOLEAN, FALSE },
|
|
{ "RejectFailures", CONFIG_TYPE_BOOLEAN, FALSE },
|
|
{ "RejectMultiValueFrom", CONFIG_TYPE_BOOLEAN, FALSE },
|
|
+ { "RejectString", CONFIG_TYPE_STRING, FALSE },
|
|
{ "ReportCommand", CONFIG_TYPE_STRING, FALSE },
|
|
{ "Socket", CONFIG_TYPE_STRING, FALSE },
|
|
{ "SoftwareHeader", CONFIG_TYPE_BOOLEAN, FALSE },
|
|
diff --git a/opendmarc/opendmarc.c b/opendmarc/opendmarc.c
|
|
index a1e49ec..c28aedd 100644
|
|
--- a/opendmarc/opendmarc.c
|
|
+++ b/opendmarc/opendmarc.c
|
|
@@ -190,6 +190,7 @@ struct dmarcf_config
|
|
char * conf_historyfile;
|
|
char * conf_pslist;
|
|
char * conf_ignorelist;
|
|
+ char * conf_rejectstring;
|
|
char ** conf_trustedauthservids;
|
|
char ** conf_ignoredomains;
|
|
struct list * conf_domainwhitelist;
|
|
@@ -1427,6 +1428,10 @@ dmarcf_config_load(struct config *data, struct dmarcf_config *conf,
|
|
&conf->conf_rejectfail,
|
|
sizeof conf->conf_rejectfail);
|
|
|
|
+ (void) config_get(data, "RejectString",
|
|
+ &conf->conf_rejectstring,
|
|
+ sizeof conf->conf_rejectstring);
|
|
+
|
|
(void) config_get(data, "RequiredHeaders",
|
|
&conf->conf_reqhdrs,
|
|
sizeof conf->conf_reqhdrs);
|
|
@@ -1635,6 +1640,36 @@ dmarcf_config_load(struct config *data, struct dmarcf_config *conf,
|
|
|
|
pthread_rwlock_unlock(&hash_lock);
|
|
|
|
+ if ( conf->conf_rejectstring == NULL ) {
|
|
+ conf->conf_rejectstring = DEFREJECTSTR;
|
|
+ } else {
|
|
+ /* Count occurrences of "%s" in RejectString */
|
|
+ int countocc = 0;
|
|
+ const char *tmp = conf->conf_rejectstring;
|
|
+ if (strstr(tmp, '%%')) {
|
|
+ snprintf(err, errlen, "%s: The RejectString contains a %%%% (escaped %%)!",
|
|
+ basedir);
|
|
+ return -1;
|
|
+ }
|
|
+ while(tmp = strstr(tmp, "%s"))
|
|
+ {
|
|
+ countocc++;
|
|
+ tmp++;
|
|
+ }
|
|
+ switch ( countocc ) {
|
|
+ case 0:
|
|
+ snprintf(err, errlen, "%s: The RejectString doesn't contain %%s!",
|
|
+ basedir);
|
|
+ return -1;
|
|
+ case 1:
|
|
+ break;
|
|
+ default:
|
|
+ snprintf(err, errlen, "%s: The RejectString contains %d occurences of %%s instead of one!",
|
|
+ basedir, countocc);
|
|
+ return -1;
|
|
+ }
|
|
+ }
|
|
+
|
|
return 0;
|
|
}
|
|
|
|
@@ -3566,7 +3601,7 @@ mlfi_eom(SMFICTX *ctx)
|
|
random() % 100 < pct)
|
|
{
|
|
snprintf(replybuf, sizeof replybuf,
|
|
- "rejected by DMARC policy for %s", pdomain);
|
|
+ conf->conf_rejectstring, pdomain);
|
|
|
|
status = dmarcf_setreply(ctx, DMARC_REJECT_SMTP,
|
|
DMARC_REJECT_ESC, replybuf);
|
|
diff --git a/opendmarc/opendmarc.conf.5.in b/opendmarc/opendmarc.conf.5.in
|
|
index f6fd6b4..4b6df51 100644
|
|
--- a/opendmarc/opendmarc.conf.5.in
|
|
+++ b/opendmarc/opendmarc.conf.5.in
|
|
@@ -261,6 +261,13 @@ If set, messages with multiple addresses in the From: field of the message
|
|
will be rejected unless all domain names in that field are the same. They
|
|
will otherwise be ignored by the filter (the default).
|
|
|
|
+.TP
|
|
+.I RejectString (string)
|
|
+This string describes the reason of reject at SMTP level.
|
|
+The message MUST contain the word "%s" once, which will be replaced by the
|
|
+RFC5322.From domain. Escaped "%" ("%%") are not allowed in this string.
|
|
+The default is "rejected by DMARC policy for %s"
|
|
+
|
|
.TP
|
|
.I ReportCommand (string)
|
|
Indicates the shell command to which failure reports should be passed for
|
|
diff --git a/opendmarc/opendmarc.conf.sample b/opendmarc/opendmarc.conf.sample
|
|
index 7b31987..462e6cf 100644
|
|
--- a/opendmarc/opendmarc.conf.sample
|
|
+++ b/opendmarc/opendmarc.conf.sample
|
|
@@ -303,6 +303,15 @@
|
|
#
|
|
# RejectFailures false
|
|
|
|
+## RejectString string
|
|
+## default ("rejected by DMARC policy for %s")
|
|
+##
|
|
+## This string describes the reason of reject. The message MUST contain the
|
|
+## word "%s" (only once), which will be replaced with the RFC5322.From domain.
|
|
+## Escaped "%" ("%%") are not allowed in this string.
|
|
+#
|
|
+# RejectString rejected by DMARC policy for %s
|
|
+
|
|
## RejectMultiValueFrom { true | false }
|
|
## default "false"
|
|
##
|
|
diff --git a/opendmarc/opendmarc.h b/opendmarc/opendmarc.h
|
|
index e36f93a..a4593dc 100644
|
|
--- a/opendmarc/opendmarc.h
|
|
+++ b/opendmarc/opendmarc.h
|
|
@@ -34,6 +34,7 @@
|
|
#define BUFRSZ 2048
|
|
#define DEFCONFFILE CONFIG_BASE "/opendmarc.conf"
|
|
#define DEFREPORTCMD "/usr/sbin/sendmail -t -odq"
|
|
+#define DEFREJECTSTR "rejected by DMARC policy for %s"
|
|
#define JOBIDUNKNOWN "(unknown-jobid)"
|
|
#define MAXARGV 65536
|
|
#define MAXHEADER 1024
|