[Minor] Dkim/ARC: allow to sign merely for specific settings id

author Vsevolod Stakhov <vsevolod@highsecure.ru>

Tue, 18 Aug 2020 10:28:42 +0000 (11:28 +0100)

committer Vsevolod Stakhov <vsevolod@highsecure.ru>

Tue, 18 Aug 2020 10:28:42 +0000 (11:28 +0100)
author Vsevolod Stakhov <vsevolod@highsecure.ru>
Tue, 18 Aug 2020 10:28:42 +0000 (11:28 +0100)
committer Vsevolod Stakhov <vsevolod@highsecure.ru>
Tue, 18 Aug 2020 10:28:42 +0000 (11:28 +0100)
diff --git a/src/plugins/lua/arc.lua b/src/plugins/lua/arc.lua

index caad927374352e768a383c5b4fc78f760d238432..31327f595b33b30889b8ae2f9910e4e21420e539 100644 (file)
--- a/src/plugins/lua/arc.lua
+++ b/src/plugins/lua/arc.lua
@@ -89,6 +89,8 @@ local settings = {
    key_prefix = 'arc_keys', -- default hash name
    reuse_auth_results = false, -- Reuse the existing authentication results
    whitelisted_signers_map = nil, -- Trusted signers domains
+  allowed_ids = nil, -- Allowed settings id
+  forbidden_ids = nil, -- Banned settings id
  }
  
  -- To match normal AR
@@ -684,12 +686,20 @@ if settings.use_redis then
    settings.redis_params = redis_params
  end
  
-rspamd_config:register_symbol({
+local sym_reg_tbl = {
    name = settings['sign_symbol'],
    callback = arc_signing_cb,
    groups = {"policies", "arc"},
    score = 0.0,
-})
+}
+if type(settings.allowed_ids) == 'table' then
+  sym_reg_tbl.allowed_ids = settings.allowed_ids
+end
+if type(settings.forbidden_ids) == 'table' then
+  sym_reg_tbl.forbidden_ids = settings.forbidden_ids
+end
+
+rspamd_config:register_symbol(sym_reg_tbl)
  
--- Do not sign unless valid
+-- Do not sign unless checked
  rspamd_config:register_dependency(settings['sign_symbol'], 'ARC_CALLBACK')
diff --git a/src/plugins/lua/dkim_signing.lua b/src/plugins/lua/dkim_signing.lua

index 4dfcd3b812fcef8de91340c627d8330434b74cb5..cfb8d8fe22a31d7e16fb679e25c7ccb768f2e309 100644 (file)
--- a/src/plugins/lua/dkim_signing.lua
+++ b/src/plugins/lua/dkim_signing.lua
@@ -33,6 +33,8 @@ local settings = {
    allow_username_mismatch = false,
    allow_pubkey_mismatch = true,
    sign_authenticated = true,
+  allowed_ids = nil,
+  forbidden_ids = nil,
    check_pubkey = false,
    domain = {},
    path = string.format('%s/%s/%s', rspamd_paths['DBDIR'], 'dkim', '$domain.$selector.key'),
@@ -160,13 +162,20 @@ if settings.use_redis then
    settings.redis_params = redis_params
  end
  
-
-rspamd_config:register_symbol({
+local sym_reg_tbl = {
    name = settings['symbol'],
    callback = dkim_signing_cb,
    groups = {"policies", "dkim"},
    score = 0.0,
-})
+}
+
+if type(settings.allowed_ids) == 'table' then
+  sym_reg_tbl.allowed_ids = settings.allowed_ids
+end
+if type(settings.forbidden_ids) == 'table' then
+  sym_reg_tbl.forbidden_ids = settings.forbidden_ids
+end
  
+rspamd_config:register_symbol(sym_reg_tbl)
  -- Add dependency on DKIM checks
  rspamd_config:register_dependency(settings['symbol'], 'DKIM_CHECK')
author	Vsevolod Stakhov <vsevolod@highsecure.ru>
	Tue, 18 Aug 2020 10:28:42 +0000 (11:28 +0100)
committer	Vsevolod Stakhov <vsevolod@highsecure.ru>
	Tue, 18 Aug 2020 10:28:42 +0000 (11:28 +0100)
src/plugins/lua/arc.lua		patch \| blob \| blame \| history
src/plugins/lua/dkim_signing.lua		patch \| blob \| blame \| history