From: Jean-Marc Pigeon <jmp@safe.c>
Date: Tue, 18 Nov 2025 15:49:38 +0000 (-0500)
Subject: SPF management seemd to be working
X-Git-Tag: tag-0.18~24
X-Git-Url: https://jmp-git.ovh.safe.ca/?a=commitdiff_plain;h=ca7d570348415383f8295caaf5d85ffa52efcc49;p=jmp%2Fmailleur

SPF management seemd to be working
---

diff --git a/lib/lvleml.c b/lib/lvleml.c
index 4b7ce5d..7786730 100644
--- a/lib/lvleml.c
+++ b/lib/lvleml.c
@@ -965,14 +965,51 @@ while (proceed==true) {
         phase=999;      //No user found in database
         }
       break;
-    case 1      :       //is user lock?
+    case 1      :       //are we in relaying mode
+      switch (contact->privilege) {
+        case rel_authentic      :
+        case rel_isrelay        :       //everything fine
+          isok=true;                    //we accepte "internal user"
+          phase=999;                    //no need to check lock and spf
+          break;
+        default                 :
+          break;
+        }
+      break;
+    case 2      :       //is user lock?
       if (usr->lock==1) {
         (void) note_status(contact,EXPIRED,rcptto,"5.6.1 <%s> account lock",rcptto);
         phase=999;      //No user found in database
         }
       break;
-    case 2      :       //user is existing
-      isok=true;       
+    case 3      :       //check is origin is SPF OK
+      switch (contact->fromspf) {
+        case spf_neutral        :       //'?' status
+        case spf_pass           :       //good SPF
+          isok=true;       
+          break;
+        case spf_fail           :       //Bad SPF
+          (void) note_status(contact,FAILED,rcptto,
+                                            "%d 5.6.6 %s from IP=[%s]",
+                                            FAILED,
+                                            "Relaying not allowed",
+                                            contact->peerip);
+          break;
+        case spf_softfail       :       //Bad SPF
+          (void) note_status(contact,FAILED,rcptto,
+                                            "%d 5.6.7 %s from IP=[%s]",
+                                            FAILED,
+                                            "SPF soft fail not allowed",
+                                            contact->peerip);
+          break;
+        default                 :       //trouble trouble
+          (void) note_status(contact,FAILED,rcptto,
+                                            "%d 5.6.8 %s (<%s> SPF unknown)",
+                                            FAILED,
+                                            "Originator domain BAD SPF definition",
+                                            contact->mailfrom);
+          break;
+        }
       break;
     default     :       //SAFE Guard
       usr=sql_freeusr(usr);
@@ -1885,38 +1922,13 @@ while (proceed==true) {
           break;
         }
       break;
-    case 6      :       //IS originator spf good enough
-      switch (contact->fromspf) {
-        case spf_neutral        :       //'~' status
-        case spf_pass           :       //good SPF
-          break;
-        case spf_fail           :       //Bad SPF
-          (void) eml_transmit(contact,true,"%d 5.6.6 %s from IP=[%s]",
-                                            FAILED,
-                                            "Relaying not allowed",
-                                            contact->peerip);
-          break;
-        case spf_softfail       :       //Bad SPF
-          (void) eml_transmit(contact,true,"%d 5.6.6 %s from IP=[%s]",
-                                            FAILED,
-                                            "SPF soft fail not allowed",
-                                            contact->peerip);
-        default                 :       //trouble trouble
-          (void) eml_transmit(contact,true,"%d 5.6.6 %s (domain=%s SPF unknown)",
-                                            FAILED,
-                                            "Originator domain BAD SPF definition",
-                                            neu->domain);
-          phase=999;      //no need to go further
-          break;
-        }
-      break;
-    case 7      :       //Storing rcpt to
+    case 6      :       //Storing rcpt to
       if (eml_addrecipient(&(contact->recipients),neu)==false) {
         detail="duplicate recipients will be consolidated";
         neu=eml_freerecipient(neu);
         }
       break;
-    case 8      :       //everything ok
+    case 7      :       //everything ok
       (void) note_status(contact,CMDOK,rcptto,"5.6.7 %s <%s>",detail,rcptto);
       success=true;
       break;