You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@spamassassin.apache.org by mm...@apache.org on 2011/03/23 04:31:05 UTC
svn commit: r1084469 -
/spamassassin/trunk/lib/Mail/SpamAssassin/Message/Metadata/Received.pm
Author: mmartinec
Date: Wed Mar 23 03:31:05 2011
New Revision: 1084469
URL: http://svn.apache.org/viewvc?rev=1084469&view=rev
Log:
Allow a caller-supplied 'originating' attribut be treated
as equivalent to submission via an MSA (as in msa_networks).
Modified:
spamassassin/trunk/lib/Mail/SpamAssassin/Message/Metadata/Received.pm
Modified: spamassassin/trunk/lib/Mail/SpamAssassin/Message/Metadata/Received.pm
URL: http://svn.apache.org/viewvc/spamassassin/trunk/lib/Mail/SpamAssassin/Message/Metadata/Received.pm?rev=1084469&r1=1084468&r2=1084469&view=diff
==============================================================================
--- spamassassin/trunk/lib/Mail/SpamAssassin/Message/Metadata/Received.pm (original)
+++ spamassassin/trunk/lib/Mail/SpamAssassin/Message/Metadata/Received.pm Wed Mar 23 03:31:05 2011
@@ -56,6 +56,14 @@ use Mail::SpamAssassin::Constants qw(:ip
sub parse_received_headers {
my ($self, $permsgstatus, $msg) = @_;
+ my $suppl_attrib = $msg->{suppl_attrib}; # out-of-band info from a caller
+
+ # a caller may assert that a message is coming from inside or from an
+ # authenticated roaming users; this info may not be available in mail
+ # header section, e.g. in case of nonstandard authentication mechanisms
+ my $originating; # boolean
+ $originating = $suppl_attrib->{originating} if ref $suppl_attrib;
+
$self->{relays_trusted} = [ ];
$self->{num_relays_trusted} = 0;
$self->{relays_trusted_str} = '';
@@ -190,7 +198,15 @@ sub parse_received_headers {
} else {
# trusted_networks matches?
if (!$relay->{auth} && !$trusted->contains_ip($relay->{ip})) {
- $in_trusted = 0;
+ if (!$originating) {
+ $in_trusted = 0; # break the trust chain
+ } else { # caller asserts a msg was submitted from inside or auth'd
+ $found_msa = 1; # let's assume the previous hop was actually
+ # an MSA, and propagate trust from here on
+ dbg('received-header: originating, '.
+ '%s and remaining relays will be considered trusted%s',
+ $relay->{ip}, !$in_internal ? '' : ', but no longer internal');
+ }
$in_internal = 0; # if it's not trusted it's not internal
} else {
# internal_networks matches?