You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@spamassassin.apache.org by mm...@apache.org on 2011/03/23 04:31:05 UTC

svn commit: r1084469 - /spamassassin/trunk/lib/Mail/SpamAssassin/Message/Metadata/Received.pm

Author: mmartinec
Date: Wed Mar 23 03:31:05 2011
New Revision: 1084469

URL: http://svn.apache.org/viewvc?rev=1084469&view=rev
Log:
Allow a caller-supplied 'originating' attribut be treated
as equivalent to submission via an MSA (as in msa_networks).

Modified:
    spamassassin/trunk/lib/Mail/SpamAssassin/Message/Metadata/Received.pm

Modified: spamassassin/trunk/lib/Mail/SpamAssassin/Message/Metadata/Received.pm
URL: http://svn.apache.org/viewvc/spamassassin/trunk/lib/Mail/SpamAssassin/Message/Metadata/Received.pm?rev=1084469&r1=1084468&r2=1084469&view=diff
==============================================================================
--- spamassassin/trunk/lib/Mail/SpamAssassin/Message/Metadata/Received.pm (original)
+++ spamassassin/trunk/lib/Mail/SpamAssassin/Message/Metadata/Received.pm Wed Mar 23 03:31:05 2011
@@ -56,6 +56,14 @@ use Mail::SpamAssassin::Constants qw(:ip
 sub parse_received_headers {
   my ($self, $permsgstatus, $msg) = @_;
 
+  my $suppl_attrib = $msg->{suppl_attrib};  # out-of-band info from a caller
+
+  # a caller may assert that a message is coming from inside or from an
+  # authenticated roaming users; this info may not be available in mail
+  # header section, e.g. in case of nonstandard authentication mechanisms
+  my $originating;  # boolean
+  $originating = $suppl_attrib->{originating}  if ref $suppl_attrib;
+
   $self->{relays_trusted} = [ ];
   $self->{num_relays_trusted} = 0;
   $self->{relays_trusted_str} = '';
@@ -190,7 +198,15 @@ sub parse_received_headers {
       } else {
 	# trusted_networks matches?
 	if (!$relay->{auth} && !$trusted->contains_ip($relay->{ip})) {
-	  $in_trusted = 0;
+	  if (!$originating) {
+	    $in_trusted = 0;	# break the trust chain
+	  } else {  # caller asserts a msg was submitted from inside or auth'd
+	    $found_msa = 1;	# let's assume the previous hop was actually
+				# an MSA, and propagate trust from here on
+	    dbg('received-header: originating, '.
+	        '%s and remaining relays will be considered trusted%s',
+	        $relay->{ip}, !$in_internal ? '' : ', but no longer internal');
+	  }
 	  $in_internal = 0;	# if it's not trusted it's not internal
 	} else {
 	  # internal_networks matches?