commit 8a24065: [Minor] Log bad elements in SPF records, relax some common mistakes

Tue Sep 3 14:00:05 UTC 2019

Author: Vsevolod Stakhov
Date: 2019-09-03 14:58:54 +0100
URL: https://github.com/rspamd/rspamd/commit/8a240656d8378ac20e4c4c3ae61d1a9c33488a20 (HEAD -> master)

[Minor] Log bad elements in SPF records, relax some common mistakes

---
 src/libserver/spf.c | 58 ++++++++++++++++++++++++++++++++++++++++++++---------
 1 file changed, 49 insertions(+), 9 deletions(-)

diff --git a/src/libserver/spf.c b/src/libserver/spf.c
index 220e7adfa..02041b015 100644
--- a/src/libserver/spf.c
+++ b/src/libserver/spf.c
@@ -963,7 +963,7 @@ parse_spf_domain_mask (struct spf_record *rec, struct spf_addr *addr,
 
 		switch (state) {
 			case parse_spf_elt:
-				if (t == ':') {
+				if (t == ':' || t == '=') {
 					state = parse_semicolon;
 				}
 				else if (t == '/') {
@@ -1011,7 +1011,8 @@ parse_spf_domain_mask (struct spf_record *rec, struct spf_addr *addr,
 						addr->m.dual.mask_v4 = cur_mask;
 					}
 					else {
-						msg_info_spf ("bad ipv4 mask: %d", cur_mask);
+						msg_info_spf ("bad ipv4 mask for %s: %d",
+								rec->sender_domain, cur_mask);
 					}
 					state = parse_second_slash;
 				}
@@ -1041,7 +1042,7 @@ parse_spf_domain_mask (struct spf_record *rec, struct spf_addr *addr,
 			addr->m.dual.mask_v4 = cur_mask;
 		}
 		else {
-			msg_info_spf ("bad ipv4 mask: %d", cur_mask);
+			msg_info_spf ("bad ipv4 mask for %s: %d", rec->sender_domain, cur_mask);
 		}
 	}
 	else if (state == parse_ipv6_mask) {
@@ -1228,7 +1229,13 @@ parse_spf_ip4 (struct spf_record *rec, struct spf_addr *addr)
 	semicolon = strchr (addr->spf_string, ':');
 
 	if (semicolon == NULL) {
-		return FALSE;
+		semicolon = strchr (addr->spf_string, '=');
+
+		if (semicolon == NULL) {
+			msg_info_spf ("invalid ip4 element for %s: %s", addr->spf_string,
+					rec->sender_domain);
+			return FALSE;
+		}
 	}
 
 	semicolon++;
@@ -1244,12 +1251,16 @@ parse_spf_ip4 (struct spf_record *rec, struct spf_addr *addr)
 	rspamd_strlcpy (ipbuf, semicolon, MIN (len + 1, sizeof (ipbuf)));
 
 	if (inet_pton (AF_INET, ipbuf, addr->addr4) != 1) {
+		msg_info_spf ("invalid ip4 element for %s: %s", addr->spf_string,
+				rec->sender_domain);
 		return FALSE;
 	}
 
 	if (slash) {
 		mask = strtoul (slash + 1, NULL, 10);
 		if (mask > 32) {
+			msg_info_spf ("invalid mask for ip4 element for %s: %s", addr->spf_string,
+					rec->sender_domain);
 			return FALSE;
 		}
 
@@ -1285,7 +1296,13 @@ parse_spf_ip6 (struct spf_record *rec, struct spf_addr *addr)
 	semicolon = strchr (addr->spf_string, ':');
 
 	if (semicolon == NULL) {
-		return FALSE;
+		semicolon = strchr (addr->spf_string, '=');
+
+		if (semicolon == NULL) {
+			msg_info_spf ("invalid ip6 element for %s: %s", addr->spf_string,
+					rec->sender_domain);
+			return FALSE;
+		}
 	}
 
 	semicolon++;
@@ -1301,12 +1318,16 @@ parse_spf_ip6 (struct spf_record *rec, struct spf_addr *addr)
 	rspamd_strlcpy (ipbuf, semicolon, MIN (len + 1, sizeof (ipbuf)));
 
 	if (inet_pton (AF_INET6, ipbuf, addr->addr6) != 1) {
+		msg_info_spf ("invalid ip6 element for %s: %s", addr->spf_string,
+				rec->sender_domain);
 		return FALSE;
 	}
 
 	if (slash) {
 		mask = strtoul (slash + 1, NULL, 10);
 		if (mask > 128) {
+			msg_info_spf ("invalid mask for ip6 element for %s: %s", addr->spf_string,
+					rec->sender_domain);
 			return FALSE;
 		}
 
@@ -1341,7 +1362,14 @@ parse_spf_include (struct spf_record *rec, struct spf_addr *addr)
 	domain = strchr (addr->spf_string, ':');
 
 	if (domain == NULL) {
-		return FALSE;
+		/* Common mistake */
+		domain = strchr (addr->spf_string, '=');
+
+		if (domain == NULL) {
+			msg_info_spf ("invalid include element for %s: %s", addr->spf_string,
+					rec->sender_domain);
+			return FALSE;
+		}
 	}
 
 	domain++;
@@ -1390,7 +1418,14 @@ parse_spf_redirect (struct spf_record *rec,
 	domain = strchr (addr->spf_string, '=');
 
 	if (domain == NULL) {
-		return FALSE;
+		/* Common mistake */
+		domain = strchr (addr->spf_string, ':');
+
+		if (domain == NULL) {
+			msg_info_spf ("invalid redirect element for %s: %s", addr->spf_string,
+					rec->sender_domain);
+			return FALSE;
+		}
 	}
 
 	domain++;
@@ -1433,8 +1468,13 @@ parse_spf_exists (struct spf_record *rec, struct spf_addr *addr)
 
 	host = strchr (addr->spf_string, ':');
 	if (host == NULL) {
-		msg_info_spf ("bad SPF exist record: %s", addr->spf_string);
-		return FALSE;
+		host = strchr (addr->spf_string, '=');
+
+		if (host == NULL) {
+			msg_info_spf ("invalid exists element for %s: %s", addr->spf_string,
+					rec->sender_domain);
+			return FALSE;
+		}
 	}
 
 	host++;
