You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@spamassassin.apache.org by do...@apache.org on 2005/11/08 06:38:40 UTC
svn commit: r331692 - /spamassassin/trunk/lib/Mail/SpamAssassin/Plugin/SPF.pm
Author: dos
Date: Mon Nov 7 21:38:37 2005
New Revision: 331692
URL: http://svn.apache.org/viewcvs?rev=331692&view=rev
Log:
bug 4661: SPF checks should be done against trusted, but external relays
Modified:
spamassassin/trunk/lib/Mail/SpamAssassin/Plugin/SPF.pm
Modified: spamassassin/trunk/lib/Mail/SpamAssassin/Plugin/SPF.pm
URL: http://svn.apache.org/viewcvs/spamassassin/trunk/lib/Mail/SpamAssassin/Plugin/SPF.pm?rev=331692&r1=331691&r2=331692&view=diff
==============================================================================
--- spamassassin/trunk/lib/Mail/SpamAssassin/Plugin/SPF.pm (original)
+++ spamassassin/trunk/lib/Mail/SpamAssassin/Plugin/SPF.pm Mon Nov 7 21:38:37 2005
@@ -234,6 +234,30 @@
return;
}
+ # make sure we're checking against the relay that passsed the mail to the internal network
+ my $lasttrusted = $scanner->{relays_trusted}->[-1];
+ if (defined $lasttrusted && $scanner->{conf}->{internal_networks}->get_num_nets() > 0 && !$lasttrusted->{internal}) {
+ dbg("spf: last trusted relay was marked as non-internal, cannot use first untrusted relay for spf checks");
+
+ # look for the relay that passed the message to the trusted & internal
+ # network from the trusted & external network
+ my $found = 0;
+ my $i = scalar @{$scanner->{relays_trusted}}; # - 1;
+ for (; $i > 0 && !$found; $i--) {
+ if ($scanner->{relays_trusted}->[$i-1]->{internal}) {
+ $lasthop = $scanner->{relays_trusted}->[$i];
+ $found = 1;
+ }
+ }
+
+ if ($found) {
+ dbg("spf: using first trusted, but non-internal, relay for spf checks");
+ } else {
+ dbg("spf: could not determine a suitable relay to do spf checks against");
+ return;
+ }
+ }
+
my $ip = $lasthop->{ip};
my $helo = $lasthop->{helo};
$scanner->{sender} = '' unless $scanner->{sender_got};