You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@spamassassin.apache.org by he...@apache.org on 2021/05/08 10:00:28 UTC
svn commit: r1889669 -
/spamassassin/trunk/lib/Mail/SpamAssassin/DnsResolver.pm
Author: hege
Date: Sat May 8 10:00:28 2021
New Revision: 1889669
URL: http://svn.apache.org/viewvc?rev=1889669&view=rev
Log:
Apply dns_query_restriction to SPF/DKIM queries
Modified:
spamassassin/trunk/lib/Mail/SpamAssassin/DnsResolver.pm
Modified: spamassassin/trunk/lib/Mail/SpamAssassin/DnsResolver.pm
URL: http://svn.apache.org/viewvc/spamassassin/trunk/lib/Mail/SpamAssassin/DnsResolver.pm?rev=1889669&r1=1889668&r2=1889669&view=diff
==============================================================================
--- spamassassin/trunk/lib/Mail/SpamAssassin/DnsResolver.pm (original)
+++ spamassassin/trunk/lib/Mail/SpamAssassin/DnsResolver.pm Sat May 8 10:00:28 2021
@@ -46,7 +46,8 @@ use Mail::SpamAssassin;
use Mail::SpamAssassin::Logger;
use Mail::SpamAssassin::Constants qw(:ip);
use Mail::SpamAssassin::Util qw(untaint_var decode_dns_question_entry
- idn_to_ascii reverse_ip_address);
+ idn_to_ascii reverse_ip_address
+ domain_to_search_list);
use Socket;
use Errno qw(EADDRINUSE EACCES);
@@ -683,6 +684,19 @@ sub bgsend {
my ($self, $domain, $type, $class, $cb) = @_;
return if $self->{no_resolver};
+ my $dns_query_blockages = $self->{main}->{conf}->{dns_query_blocked};
+ if ($dns_query_blockages) {
+ my $search_list = domain_to_search_list($domain);
+ foreach my $parent_domain ((@$search_list, '*')) {
+ my $blocked = $dns_query_blockages->{$parent_domain};
+ next if !defined $blocked; # not listed
+ last if !$blocked; # allowed
+ # blocked
+ dbg("dns: bgsend, query $type/$domain blocked by dns_query_restriction: $parent_domain");
+ return;
+ }
+ }
+
$self->{send_timed_out} = 0;
my $pkt = $self->new_dns_packet($domain, $type, $class);