diff options
| author |   martijn <martijn@openbsd.org> | 2020-09-14 09:48:08 +0000 |
|---|---|---|
| committer |   Gilles Chehade <gilles@poolp.org> | 2020-11-20 11:11:45 +0100 |
| commit | 150961ab8910f301a0f053121ad6429b80f488ca (patch) | |
| tree | 1a9ab2d8e2e818500e4a3943535a382da4379916 | |
| parent | add missing "regex" keyword; from heddi nabbisen (diff) | |
| download | OpenSMTPD-150961ab8910f301a0f053121ad6429b80f488ca.tar.xz OpenSMTPD-150961ab8910f301a0f053121ad6429b80f488ca.zip | |
Make "spf walk" report if an spf-record has macro's and can't be resolved.
Originally reported by and OK on earlier version giovanni@
Looks good to deraadt@
feedback and OK jmc@
feedback semarie@
OK sthen@
| -rw-r--r-- | usr.sbin/smtpd/smtpctl.8 | 11 | ||||
| -rw-r--r-- | usr.sbin/smtpd/spfwalk.c | 10 |
2 files changed, 18 insertions, 3 deletions
diff --git a/usr.sbin/smtpd/smtpctl.8 b/usr.sbin/smtpd/smtpctl.8 index 1efcff63..b29f2063 100644 --- a/usr.sbin/smtpd/smtpctl.8 +++ b/usr.sbin/smtpd/smtpctl.8 @@ -1,4 +1,4 @@ -.\" $OpenBSD: smtpctl.8,v 1.64 2018/09/18 06:21:45 miko Exp $ +.\" $OpenBSD: smtpctl.8,v 1.65 2020/09/14 09:48:08 martijn Exp $ .\" .\" Copyright (c) 2006 Pierre-Yves Ritschard <pyr@openbsd.org> .\" Copyright (c) 2012 Gilles Chehade <gilles@poolp.org> @@ -15,7 +15,7 @@ .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.Dd $Mdocdate: September 18 2018 $ +.Dd $Mdocdate: September 14 2020 $ .Dt SMTPCTL 8 .Os .Sh NAME @@ -247,8 +247,13 @@ Shows if MTA, MDA and SMTP systems are currently running or paused. Recursively look up SPF records for the domains read from stdin. For example: .Bd -literal -offset indent -# smtpctl spf walk < domains.txt +$ smtpctl spf walk < domains.txt .Ed +.Pp +SPF records may contain macros which cannot be included in a static list and +must be resolved dynamically at connection time. +.Cm spf walk +cannot provide full results in these cases. .It Cm trace Ar subsystem Enables real-time tracing of .Ar subsystem . diff --git a/usr.sbin/smtpd/spfwalk.c b/usr.sbin/smtpd/spfwalk.c index 0832d1bc..d23f43a1 100644 --- a/usr.sbin/smtpd/spfwalk.c +++ b/usr.sbin/smtpd/spfwalk.c @@ -124,7 +124,17 @@ lookup_record(int type, const char *record, struct target *tgt) { struct asr_query *as; struct target *ntgt; + size_t i; + if (strchr(record, '%') != NULL) { + for (i = 0; record[i] != '\0'; i++) { + if (!isprint(record[i])) + record[i] = '?'; + } + warnx("%s: %s contains macros and can't be resolved", __func__, + record); + return; + } as = res_query_async(record, C_IN, type, NULL); if (as == NULL) err(1, "res_query_async"); |