https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7226
Bug ID: 7226
Summary: Enhance whitelist_from_dkim to let it accept signing
subdomains
Product: Spamassassin
Version: 3.4.1
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P2
Component: Plugins
Assignee: [email protected]
Reporter: [email protected]
Currently the whitelist_from_dkim only accepts author domain
signatures or third part signatures with a fixed signing domain
name:
$ man Mail::SpamAssassin::Plugin::DKIM
whitelist_from_dkim [email protected] [signing-domain]
[...]
The second parameter does not accept wildcards.
In case of certain remailers (such as Mailchimp), which
unwisely sign their mail with a domain name of their outgoing
mailer (e.g. mail70.atl11.rsgsv.net) instead of using their
top domain name (e.g. sgsv.net), the current limitation of
whitelist_from_dkim does not allow for flexibly accepting
whitelisting based on valid signatures from subdomains.
The attached small patch lifts this restrictions, allowing
a signing domain to be prefixed by '*.' (or just a '.'),
so that one is able to specify a rule like:
whitelist_from_dkim *@sbra.be *.rsgsv.net
Here is a summary of the documentation change:
-The second parameter does not accept wildcards.
[...]
+The second parameter (the signing-domain) does not accept full file-glob style
+wildcards, although a simple '*.' (or just a '.') prefix to a domain name
+is recognized and implies any subdomain of the specified domain (but not
+the domain itself).
[...]
whitelist_from_dkim [email protected] example.org
whitelist_from_dkim [email protected] example.net
whitelist_from_dkim *@info.example.net example.net
- whitelist_from_dkim *@* remailer.example.com
+ whitelist_from_dkim *@* mail7.remailer.example.com
+ whitelist_from_dkim *@* *.remailer.example.com
--
You are receiving this mail because:
You are the assignee for the bug.
