spf.h

Go to the documentation of this file.
00001 /* libspf - Sender Policy Framework library 00002 * 00003 * ANSI C implementation of draft-mengwong-spf-02.9.7.txt 00004 * 00005 * Author: James Couzens <jcouzens@6o4.ca> 00006 * Author: Sean Comeau <scomeau@obscurity.org> 00007 * 00008 * FILE: spf.h 00009 * DESC: main library header file 00010 * 00011 * License: 00012 * 00013 * The libspf Software License, Version 1.0 00014 * 00015 * Copyright (c) 2004 James Couzens & Sean Comeau All rights 00016 * reserved. 00017 * 00018 * Redistribution and use in source and binary forms, with or without 00019 * modification, are permitted provided that the following conditions 00020 * are met: 00021 * 00022 * 1. Redistributions of source code must retain the above copyright 00023 * notice, this list of conditions and the following disclaimer. 00024 * 00025 * 2. Redistributions in binary form must reproduce the above copyright 00026 * notice, this list of conditions and the following disclaimer in 00027 * the documentation and/or other materials provided with the 00028 * distribution. 00029 * 00030 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED 00031 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 00032 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 00033 * DISCLAIMED. IN NO EVENT SHALL THE AUTHORS MAKING USE OF THIS LICESEN 00034 * OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 00035 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 00036 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF 00037 * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND 00038 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 00039 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT 00040 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 00041 * SUCH DAMAGE. 00042 * 00043 */ 00044 00045 00046 #ifndef _SPF_H 00047 #define _SPF_H 1 00048 00049 #include <sys/types.h> /* typedefs */ 00050 #include <arpa/inet.h> /* in_addr struct */ 00051 00052 __BEGIN_DECLS 00053 00054 /* spf protocol version we support */ 00055 #define SPF_VERSION 1 00056 00057 /* 00058 * For reference purposes commented out are the constants based on 00059 * RFC 883, RFC 1034, RFC 1035. Because we're working with IN_TXT 00060 * records we will use a larger packet size at 65536 bytes which 00061 * is likey to cover most circumstances. 00062 * 00063 * #define PACKETSZ 512 max response packet size 00064 * #define MAXDNAME 1025 max uncompressed IN_TXT record 00065 * #define MAXCDNAME 255 max compressed IN_TXT record 00066 * 00067 */ 00068 00069 #define MAX_CNAME 5 /* we follow up max CNAMEs */ 00070 00071 #define MAX_DEBUG_LEN 1024 00072 00073 #define MAX_MACRO_LEN 1024 /* max length of an expanded macro */ 00074 #define MAX_PLEN 1024 /* buffer to make UTIL_printf thread safe */ 00075 #define LOCAL_PART 256 /* local-part, text before @ in email addy */ 00076 #define ENV_SENDER 512 /* entire FROM: string passed by MTA */ 00077 #define CUR_DOM 256 /* text after @ in email addy for cur query */ 00078 #define UTC_TIME 22 /* time since epoch */ 00079 #define IP_ADDR 17 /* ip of remote peer - DON'T CHANGE FROM 17!! */ 00080 #define IP_VER 8 /* ip protocol version */ 00081 #define ENV_HELO 512 /* entire HELO string passed by MTA */ 00082 00083 #define MAX_HNAME 256 /* hostname of MTA */ 00084 #define MAX_RESULT 64 /* human readable SPF result */ 00085 #define MAX_ERROR 96 /* human readable error reason */ 00086 #define EXPLAIN_S 256 /* change to EXPLAIN when cleaning up */ 00087 #define ENV_RECV 512 /* Received-SPF: header string */ 00088 #define MAX_RES_STR 12 /* maximum legnth of a res str eg: "pass" */ 00089 00090 #define MAX_MECHANISM 256 /* maximum length of a mechanism */ 00091 #define MAX_HEADER 512 /* maximum length of header for prepend */ 00092 #define MAX_SMTP_RES 256 /* maximum length of smtp resonse string */ 00093 00094 /* human readable string equivalents of spf responses */ 00095 #define HR_PASS "pass" 00096 #define HR_NONE "none" 00097 #define HR_S_FAIL "softfail" 00098 #define HR_H_FAIL "fail" 00099 #define HR_ERROR "error" 00100 #define HR_NEUTRAL "neutral" 00101 #define HR_UNKNOWN "unknown" 00102 #define HR_UNMECH "unknown mechanism" 00103 00104 /* default explanation */ 00105 #define SPF_EXPLAIN "See http://spf.pobox.com/why.html?sender=%{S}&" \ 00106 "ip=%{I}&receiver=%{xR}" 00107 00108 /* default best guess */ 00109 #define SPF_GUESS "v=spf1 a/24 mx/24 ptr " 00110 00111 /* trusted forwarder */ 00112 #define SPF_TRUSTED "v=spf1 include:spf.trusted-forwarder.org " 00113 00114 00115 /* SPF_BOOL 00116 * 00117 * Our own internal boolean enumeration, simple true or false. 00118 * 00119 */ 00120 typedef enum SPF_BOOL 00121 { 00122 FALSE = 0, 00123 TRUE 00124 } SPF_BOOL; 00125 00126 00127 /* SPF_RESULT 00128 * 00129 * Error codes representing the result of an SPF policy examination 00130 * 00131 * sucessful parse (some match was made) (+all) 00132 * not participating (no SPF/TXT records) 00133 * ~all 00134 * failed parse (no match made) (-all) 00135 * dns problem / error 00136 * ?all 00137 * permanent parsing error during record examination 00138 * 00139 */ 00140 typedef enum SPF_RESULT 00141 { 00142 SPF_PASS = 0, /* + */ 00143 SPF_NONE, 00144 SPF_S_FAIL, /* ~ */ 00145 SPF_H_FAIL, /* - */ 00146 SPF_ERROR, 00147 SPF_NEUTRAL, /* ? */ 00148 SPF_UNKNOWN, 00149 SPF_UNMECH /* unknown mechanism */ 00150 } SPF_RESULT; 00151 00152 00153 /* SPF_ACTION 00154 * 00155 * Error codes representing the the action to be taken as a result 00156 * of the response the library was able to obtain whilst trying to 00157 * obtain or examin an SPF policy 00158 * 00159 */ 00160 typedef enum SPF_ACTION 00161 { 00162 DEFER = 0, 00163 TARPIT, 00164 ALLOW, 00165 REJECT 00166 } SPF_ACTION; 00167 00168 00169 /* SPF_MECHANISM 00170 * 00171 * Error codes representing the various mechanism types employed 00172 * as defined in the RFC 00173 * 00174 */ 00175 typedef enum SPF_MECHANISM 00176 { 00177 NO_POLICY = 0, 00178 VERSION, 00179 ALL, 00180 INCLUDE, 00181 A, 00182 MX, 00183 PTR, 00184 IP4, 00185 IP6, 00186 EXISTS, 00187 REDIRECT, 00188 EXPLAIN, 00189 DEFAULT, /* this is OLD school for early adopters = ~,?,+,- */ 00190 UNMECH 00191 } SPF_MECHANISM; 00192 00193 00194 typedef struct spf_result_t 00195 { 00196 size_t sl; /* spf result string length */ 00197 char s[32]; /* spf result type string */ 00198 SPF_RESULT i; /* spf result type */ 00199 size_t hl; /* length of header string */ 00200 char h[512]; /* Received-SPF: header string */ 00201 char p; /* prefix identifier */ 00202 } spf_result_t; 00203 00204 00205 /* policy_addr_t 00206 * 00207 * Storage container used to store parsed out ip addresses in their 00208 * binary format (in_addr struct) and an unsigned integer containing 00209 * the netmask 00210 * 00211 */ 00212 typedef struct policy_addr_s 00213 { 00214 struct in_addr addr; /* in_addr struct (unsigned long) */ 00215 int8_t cidr; /* address cidr length */ 00216 SPF_RESULT prefix; /* spf prefix (-,+,~,?) */ 00217 } policy_addr_t; 00218 00219 00220 /* spf_config_t 00221 * 00222 * Global config structure 00223 * 00224 */ 00225 typedef struct spf_config_s 00226 { 00227 int level; /* w: */ 00228 } spf_config_t; 00229 00230 00231 /* split_str_node_t 00232 * 00233 * This structure is used to store where the head and tail are when 00234 * creating a list of split_str_node_t structures. 00235 * 00236 */ 00237 typedef struct strbuf_node_s 00238 { 00239 size_t len; /* length of string */ 00240 char *s; /* expanded string macro */ 00241 struct strbuf_node_s *next; /* pointer to next node */ 00242 } strbuf_node_t; 00243 00244 00245 /* strbuf_t 00246 * 00247 * This structure is used exclusively by marco.c functions and is used 00248 * to store macros during parsing. 00249 * 00250 */ 00251 typedef struct strbuf_s 00252 { 00253 strbuf_node_t *head; /* head node */ 00254 u_int8_t elements; /* number of nodes in list */ 00255 } strbuf_t; 00256 00257 00258 /* split_str_node_t 00259 * 00260 * This structure is used to store where the head and tail are when 00261 * creating a list of split_str_node_t structures. 00262 * 00263 */ 00264 typedef struct split_str_node_s 00265 { 00266 size_t len; /* length of string */ 00267 char *s; /* expanded string macro */ 00268 struct split_str_node_s *next; /* pointer to next node */ 00269 } split_str_node_t; 00270 00271 00272 /* split_str_t 00273 * 00274 * This structure is used exclusively by the UTIL_reverse function and is 00275 * used to reverse a string using a semi-arbitrary delimiter (see 00276 * UTIL_is_spf_delim for valid delimiters, or the SPF RFC) 00277 */ 00278 typedef struct split_str_s 00279 { 00280 split_str_node_t *head; /* head node */ 00281 split_str_node_t *tail; /* tail node */ 00282 int elements; /* number of nodes in list */ 00283 } split_str_t; 00284 00285 00286 /* peer_info_t 00287 * 00288 * Used to store information about the connected peer. Only one of 00289 * SMTP protocol specific three strings will be necessarily be 00290 * populated in the following order of precedence: FROM, EHLO, HELO. 00291 * 00292 * The ip_ver string will contain 'in-addr' if the connecting peer 00293 * is using IPv4, or 'ip6' if the connect 00294 * 00295 * Various political and technical pressures have recently led to 00296 * the deprecation of the IP6.INT name space in favour of IP6.ARPA. 00297 * This makes IPv6 PTR data management difficult, since interim 00298 * clients will search IP6.INT while standard clients will search 00299 * IP6.ARPA. We present a simple method based on DNAME RR's 00300 * (see [RFC2672]) and ISC BIND9 whereby zone information can be 00301 * managed in a single location and then made visible in two 00302 * namespaces. (http://www.isc.org/tn/isc-tn-2002-1.html) 00303 * 00304 * RFC 937 (POP) states: The maximum length of a command line is 512 00305 * characters (including the command word and the CRLF). 00306 * POLICY_MATCH = TRUE 00307 * 00308 * Note: from can be removed and just work on local_part@cur_dom 00309 * 00310 */ 00311 typedef struct peer_info_s 00312 { 00313 u_int8_t use_trust; /* if 1 then enabled trustedfwder */ 00314 u_int8_t use_guess; /* if 1 then enabled best guess */ 00315 00316 spf_result_t *spf_result; /* table of str, see spf_result_t */ 00317 SPF_RESULT RES; /* SPF error codes for result */ 00318 SPF_RESULT RES_P; /* prefix behaviour */ 00319 char *rs; /* ptr str result of SPF query */ 00320 00321 SPF_BOOL ALL; /* Was all mechanism parsed */ 00322 char *p; /* prefix from all mechanism */ 00323 00324 u_int8_t spf_ver; /* version of SPF */ 00325 00326 char *helo; /* HELO string */ 00327 char *ehlo; /* pointer to HELO string */ 00328 char *from; /* FROM string */ 00329 00330 char *explain; /* Result of an explain query */ 00331 char *guess; /* Query if result is TF fails */ 00332 char *trusted; /* Query if primary result is none */ 00333 char *ptr_mhost; /* validate against during ptr mech */ 00334 char *cur_dom; /* @domain of the current query */ 00335 char *cur_eaddr; /* current email address, updated during 00336 * to be accurate during INCLUDE and 00337 * REDIRECT mechanisms 00338 */ 00339 char *mta_hname; /* ptr to MTA hname eg: mail.foo.org */ 00340 00341 char ip_ver[IP_VER]; /* IP Protocol Version */ 00342 struct in_addr addr; /* IP of the remote host (peer) */ 00343 char *r_ip; /* pointer to remote ip from MTA */ 00344 char *r_vhname; /* validated hostname of remotehost */ 00345 00346 char local_part[LOCAL_PART]; /* local part of address (user) */ 00347 char utc_time[UTC_TIME]; /* The number of seconds since the Epoch */ 00348 char last_m[MAX_MECHANISM]; /* last mechanism parsed */ 00349 char error[MAX_ERROR]; /* error (if any) that caused failure */ 00350 00351 } peer_info_t; 00352 00353 extern spf_config_t confg; 00354 extern u_int8_t spf_rlevel; 00355 00356 /* Main library functions (spf.c) */ 00357 extern void SPF_dbg_level(int level); 00358 extern peer_info_t *SPF_init(const char *local, const char *rip, const char *expl, 00359 const char *tf, const char *guess, u_int32_t use_trust, 00360 u_int32_t use_guess); 00361 extern peer_info_t *SPF_close(peer_info_t *peer_info); 00362 extern SPF_RESULT SPF_policy_main(peer_info_t *peer_info); 00363 extern SPF_RESULT SPF_policy_main_rec(peer_info_t *peer_info, int rec); 00364 extern SPF_BOOL SPF_parse_policy(peer_info_t *peer_info, const char *policy); 00365 extern char *SPF_result(peer_info_t *peer_info); 00366 extern SPF_BOOL SPF_smtp_from(peer_info_t *peer_info, const char *s); 00367 extern SPF_BOOL SPF_smtp_helo(peer_info_t *peer_info, const char *s); 00368 00369 /* Functions that alter headers (header.c) */ 00370 extern char *SPF_build_header(peer_info_t *peer_info); 00371 extern char *SPF_get_explain(peer_info_t *peer_info); 00372 00373 00374 __END_DECLS /* _SPF_H */ 00375 00376 #endif /* spf.h */

Generated on Thu Jul 1 14:05:44 2004 for libspf v1.0 by doxygen 1.3.7