diff --git a/indimail-mta-x/doc/ChangeLog b/indimail-mta-x/doc/ChangeLog index 0e6e5531a..ed1109a24 100644 --- a/indimail-mta-x/doc/ChangeLog +++ b/indimail-mta-x/doc/ChangeLog @@ -177,6 +177,10 @@ Release 3.0.6-1.1 Start 25/10/2023 End 01/01/2024 file 97. spawn-filter.c: display filter used for mail rejected message 98. qmail-dkim.c: added DKIM_BAD_IDENTITY with letter Y +- 10/01/2024 +99. qmail-dkim.c: use bouncehost/me control file if BOUNCEDOMAIN is not set +100. qmail-dkim.c: set DKIMSIGN to private key from dkimkeys control file + * Tue Oct 17 2023 18:34:04 +0000 Manvendra Bhangui 3.0.5-1.1%{?dist} Release 3.0.5-1.1 Start 11/09/2023 End 17/10/2023 diff --git a/indimail-mta-x/qmail-dkim.9 b/indimail-mta-x/qmail-dkim.9 index 8f8e03d30..8b1b5f3af 100644 --- a/indimail-mta-x/qmail-dkim.9 +++ b/indimail-mta-x/qmail-dkim.9 @@ -116,8 +116,10 @@ respectively. \fBDKIMIDENTITY\fR takes precedence over -i option specified in \fBDKIMSIGNOPTIONS\fR. Similarly, \fBDKIMEXPIRE\fR takes precedence over -x option specifed in \fBR DKIMSIGNOPTIONS\fR. \fBqmail-dkim\fR uses the domain found in the Return-Path, Sender, From, X-Bounced-Address headers to -set the domain tag. If not it uses the \fBBOUNCEDOMAIN\fR environment -variable. \fBBOUNCEDOMAIN\fR can be set to an email address or a domain +set the domain tag. If not it uses the value in \fIbouncehost\fR control +file. If \fIbouncehost\fR is missing, \fIme\fR is used. You can use +\fBBOUNCEDOMAIN\fR environment variable to override the value in the +control file. \fBBOUNCEDOMAIN\fR can be set to an email address or a domain (without the at sign). As a default \fBqmail-dkim\fR inserts RSA-SHA256 DKIM-Signature and expects diff --git a/indimail-mta-x/qmail-dkim.c b/indimail-mta-x/qmail-dkim.c index 51bd17dc5..f1a83b762 100644 --- a/indimail-mta-x/qmail-dkim.c +++ b/indimail-mta-x/qmail-dkim.c @@ -1,5 +1,5 @@ /* - * $Id: qmail-dkim.c,v 1.79 2024-01-09 19:18:44+05:30 Cprogrammer Exp mbhangui $ + * $Id: qmail-dkim.c,v 1.80 2024-01-10 10:05:58+05:30 Cprogrammer Exp mbhangui $ */ #include "hasdkim.h" #ifdef HASDKIM @@ -153,6 +153,7 @@ static stralloc sigdomains = { 0 }; /*- domains which must have signatures */ static stralloc nsigdomains = { 0 }; /*- domains which do not have signatures */ static stralloc dkimopts = { 0 }; static stralloc dkimkeys = { 0 }; +static stralloc bouncehost = { 0 }; void restore_gid() @@ -334,6 +335,10 @@ write_signature(char *domain, DKIMSignOptions *opts, size_t selector_size) i = 0; keyfn = dkimsign; } else { /*- has reading dkimkeys altered DKIMSIGNOPTIONS? */ + ptr = env_get("DKIMSIGN"); + /*- don't allow DKIMSIGN to be altered by dkimkeys */ + if (str_diff(ptr, keyfn) && !env_put2("DKIMSIGN", keyfn)) + die(QQ_OUT_OF_MEMORY, 1); ptr = env_get("DKIMSIGNOPTIONS"); if (!dkimsignoptions || str_diff(dkimsignoptions, ptr)) { dkimsignoptions = ptr; @@ -978,6 +983,13 @@ main(int argc, char *argv[]) } } if (dkimsign) { + if (!(ptr = env_get("BOUNCEDOMAIN"))) { + if ((ret = control_readfile(&bouncehost, "bouncehost", 1)) == -1) + custom_error("qmail-dkim", "Z", "unable to read bouncehost.", 0, "X.3.0"); + else + if (ret && !env_put2("BOUNCEDOMAIN", bouncehost.s)) + die(QQ_OUT_OF_MEMORY, 0); + } /* selector */ ptr = dkimsign; selector = ptr; @@ -1283,7 +1295,7 @@ main(int argc, char **argv) void getversion_qmail_dkim_c() { - static char *x = "$Id: qmail-dkim.c,v 1.79 2024-01-09 19:18:44+05:30 Cprogrammer Exp mbhangui $"; + static char *x = "$Id: qmail-dkim.c,v 1.80 2024-01-10 10:05:58+05:30 Cprogrammer Exp mbhangui $"; #ifdef HASDKIM x = sccsidmakeargsh; @@ -1297,6 +1309,10 @@ getversion_qmail_dkim_c() /* * $Log: qmail-dkim.c,v $ + * Revision 1.80 2024-01-10 10:05:58+05:30 Cprogrammer + * use bouncehost/me control file if BOUNCEDOMAIN is not set + * set DKIMSIGN to private key from dkimkeys control file + * * Revision 1.79 2024-01-09 19:18:44+05:30 Cprogrammer * added DKIM_BAD_IDENTITY with letter Y *