DMARC: promote the support from Experimental to mainline

17 files changed, 49 insertions, 50 deletions

diff --git a/src/src/EDITME b/src/src/EDITME
index 37e43ac39..965f058bb 100644
--- a/src/src/EDITME
+++ b/src/src/EDITME
@@ -589,7 +589,7 @@ DISABLE_MAL_MKS=yes
 
 # Uncomment the following line to add DMARC checking capability, implemented
 # using libopendmarc libraries. You must have SPF and DKIM support enabled also.
-# EXPERIMENTAL_DMARC=yes
+# SUPPORT_DMARC=yes
 # CFLAGS += -I/usr/local/include
 # LDFLAGS += -lopendmarc
 # Uncomment the following if you need to change the default. You can
diff --git a/src/src/acl.c b/src/src/acl.c
index 5f0a7864b..8e34513d0 100644
--- a/src/src/acl.c
+++ b/src/src/acl.c
@@ -70,7 +70,7 @@ enum { ACLC_ACL,
        ACLC_DKIM_SIGNER,
        ACLC_DKIM_STATUS,
 #endif
-#ifdef EXPERIMENTAL_DMARC
+#ifdef SUPPORT_DMARC
        ACLC_DMARC_STATUS,
 #endif
        ACLC_DNSLISTS,
@@ -192,7 +192,7 @@ static condition_def conditions[] = {
   [ACLC_DKIM_SIGNER] =		{ US"dkim_signers",	TRUE, FALSE, (unsigned int) ~ACL_BIT_DKIM },
   [ACLC_DKIM_STATUS] =		{ US"dkim_status",	TRUE, FALSE, (unsigned int) ~ACL_BIT_DKIM },
 #endif
-#ifdef EXPERIMENTAL_DMARC
+#ifdef SUPPORT_DMARC
   [ACLC_DMARC_STATUS] =		{ US"dmarc_status",	TRUE, FALSE, (unsigned int) ~ACL_BIT_DATA },
 #endif
 
@@ -346,7 +346,7 @@ enum {
 #ifndef DISABLE_DKIM
   CONTROL_DKIM_VERIFY,
 #endif
-#ifdef EXPERIMENTAL_DMARC
+#ifdef SUPPORT_DMARC
   CONTROL_DMARC_VERIFY,
   CONTROL_DMARC_FORENSIC,
 #endif
@@ -417,7 +417,7 @@ static control_def controls_list[] = {
   },
 #endif
 
-#ifdef EXPERIMENTAL_DMARC
+#ifdef SUPPORT_DMARC
 [CONTROL_DMARC_VERIFY] =
   { US"dmarc_disable_verify",    FALSE,
 	  ACL_BIT_DATA | ACL_BIT_NOTSMTP | ACL_BIT_NOTSMTP_START
@@ -3029,18 +3029,18 @@ for (; cb; cb = cb->next)
 	break;
 	#endif
 
-	#ifndef DISABLE_DKIM
+#ifndef DISABLE_DKIM
 	case CONTROL_DKIM_VERIFY:
 	f.dkim_disable_verify = TRUE;
-	#ifdef EXPERIMENTAL_DMARC
+# ifdef SUPPORT_DMARC
 	/* Since DKIM was blocked, skip DMARC too */
 	f.dmarc_disable_verify = TRUE;
 	f.dmarc_enable_forensic = FALSE;
-	#endif
+# endif
 	break;
-	#endif
+#endif
 
-	#ifdef EXPERIMENTAL_DMARC
+#ifdef SUPPORT_DMARC
 	case CONTROL_DMARC_VERIFY:
 	f.dmarc_disable_verify = TRUE;
 	break;
@@ -3048,7 +3048,7 @@ for (; cb; cb = cb->next)
 	case CONTROL_DMARC_FORENSIC:
 	f.dmarc_enable_forensic = TRUE;
 	break;
-	#endif
+#endif
 
 	case CONTROL_DSCP:
 	if (*p == '/')
@@ -3442,7 +3442,7 @@ for (; cb; cb = cb->next)
     break;
     #endif
 
-    #ifdef EXPERIMENTAL_DMARC
+#ifdef SUPPORT_DMARC
     case ACLC_DMARC_STATUS:
     if (!f.dmarc_has_been_checked)
       dmarc_process();
@@ -3452,7 +3452,7 @@ for (; cb; cb = cb->next)
     rc = match_isinlist(dmarc_exim_expand_query(DMARC_VERIFY_STATUS),
                         &arg,0,NULL,NULL,MCL_STRING,TRUE,NULL);
     break;
-    #endif
+#endif
 
     case ACLC_DNSLISTS:
     rc = verify_check_dnsbl(where, &arg, log_msgptr);
diff --git a/src/src/config.h.defaults b/src/src/config.h.defaults
index 17239bb85..b94b36866 100644
--- a/src/src/config.h.defaults
+++ b/src/src/config.h.defaults
@@ -143,6 +143,8 @@ Do not put spaces between # and the 'define'.
 
 #define SUPPORT_CRYPTEQ
 #define SUPPORT_DANE
+#define SUPPORT_DMARC
+#define DMARC_TLD_FILE "/etc/exim/opendmarc.tlds"
 #define SUPPORT_I18N
 #define SUPPORT_I18N_2008
 #define SUPPORT_MAILDIR
@@ -199,8 +201,6 @@ Do not put spaces between # and the 'define'.
 #define EXPERIMENTAL_BRIGHTMAIL
 #define EXPERIMENTAL_DCC
 #define EXPERIMENTAL_DSN_INFO
-#define EXPERIMENTAL_DMARC
-#define DMARC_TLD_FILE "/etc/exim/opendmarc.tlds"
 #define EXPERIMENTAL_LMDB
 #define EXPERIMENTAL_QUEUEFILE
 #define EXPERIMENTAL_SRS
diff --git a/src/src/dmarc.c b/src/src/dmarc.c
index 0644563d0..2e43f846d 100644
--- a/src/src/dmarc.c
+++ b/src/src/dmarc.c
@@ -1,7 +1,7 @@
 /*************************************************
 *     Exim - an Internet mail transport agent    *
 *************************************************/
-/* Experimental DMARC support.
+/* DMARC support.
    Copyright (c) Todd Lyons <tlyons@exim.org> 2012 - 2014
    Copyright (c) The Exim Maintainers 2019
    License: GPL */
@@ -12,7 +12,7 @@
 /* Code for calling dmarc checks via libopendmarc. Called from acl.c. */
 
 #include "exim.h"
-#ifdef EXPERIMENTAL_DMARC
+#ifdef SUPPORT_DMARC
 # if !defined SUPPORT_SPF
 #  error SPF must also be enabled for DMARC
 # elif defined DISABLE_DKIM
@@ -635,6 +635,6 @@ return g;
 }
 
 # endif /* SUPPORT_SPF */
-#endif /* EXPERIMENTAL_DMARC */
+#endif /* SUPPORT_DMARC */
 /* vi: aw ai sw=2
  */
diff --git a/src/src/dmarc.h b/src/src/dmarc.h
index 3a3bc6d13..c94d939cc 100644
--- a/src/src/dmarc.h
+++ b/src/src/dmarc.h
@@ -9,7 +9,7 @@
 /* Portions Copyright (c) 2012, 2013, The Trusted Domain Project;
    All rights reserved, licensed for use per LICENSE.opendmarc. */
 
-#ifdef EXPERIMENTAL_DMARC
+#ifdef SUPPORT_DMARC
 
 # include "opendmarc/dmarc.h"
 # ifdef SUPPORT_SPF
@@ -58,4 +58,4 @@ static int dmarc_write_history_file();
 #define ARES_RESULT_UNKNOWN 11
 #define ARES_RESULT_DISCARD 12
 
-#endif /* EXPERIMENTAL_DMARC */
+#endif /* SUPPORT_DMARC */
diff --git a/src/src/exim.c b/src/src/exim.c
index f163b1249..388743f8d 100644
--- a/src/src/exim.c
+++ b/src/src/exim.c
@@ -916,6 +916,9 @@ fprintf(fp, "Support for:");
 #ifdef SUPPORT_SPF
   fprintf(fp, " SPF");
 #endif
+#ifdef SUPPORT_DMARC
+  fprintf(fp, " DMARC");
+#endif
 #ifdef TCP_FASTOPEN
   deliver_init();
   if (f.tcp_fastopen_ok) fprintf(fp, " TCP_Fast_Open");
@@ -938,9 +941,6 @@ fprintf(fp, "Support for:");
 #ifdef EXPERIMENTAL_DCC
   fprintf(fp, " Experimental_DCC");
 #endif
-#ifdef EXPERIMENTAL_DMARC
-  fprintf(fp, " Experimental_DMARC");
-#endif
 #ifdef EXPERIMENTAL_DSN_INFO
   fprintf(fp, " Experimental_DSN_info");
 #endif
diff --git a/src/src/exim.h b/src/src/exim.h
index 263c00321..2cc2621c4 100644
--- a/src/src/exim.h
+++ b/src/src/exim.h
@@ -499,7 +499,7 @@ config.h, mytypes.h, and store.h, so we don't need to mention them explicitly.
 #ifndef DISABLE_DKIM
 # include "dkim.h"
 #endif
-#ifdef EXPERIMENTAL_DMARC
+#ifdef SUPPORT_DMARC
 # include "dmarc.h"
 # include <opendmarc/dmarc.h>
 #endif
diff --git a/src/src/expand.c b/src/src/expand.c
index f38d7a492..d2ccddc73 100644
--- a/src/src/expand.c
+++ b/src/src/expand.c
@@ -530,7 +530,7 @@ static var_entry var_table[] = {
   { "dkim_verify_reason",  vtype_stringptr,   &dkim_verify_reason },
   { "dkim_verify_status",  vtype_stringptr,   &dkim_verify_status },
 #endif
-#ifdef EXPERIMENTAL_DMARC
+#ifdef SUPPORT_DMARC
   { "dmarc_domain_policy", vtype_stringptr,   &dmarc_domain_policy },
   { "dmarc_status",        vtype_stringptr,   &dmarc_status },
   { "dmarc_status_text",   vtype_stringptr,   &dmarc_status_text },
@@ -4390,7 +4390,7 @@ while (*s != 0)
 #ifndef DISABLE_DKIM
       yield = authres_dkim(yield);
 #endif
-#ifdef EXPERIMENTAL_DMARC
+#ifdef SUPPORT_DMARC
       yield = authres_dmarc(yield);
 #endif
 #ifdef EXPERIMENTAL_ARC
diff --git a/src/src/functions.h b/src/src/functions.h
index 4a44096ea..0cd0a0d18 100644
--- a/src/src/functions.h
+++ b/src/src/functions.h
@@ -124,7 +124,7 @@ extern gstring *authres_arc(gstring *);
 #ifndef DISABLE_DKIM
 extern gstring *authres_dkim(gstring *);
 #endif
-#ifdef EXPERIMENTAL_DMARC
+#ifdef SUPPORT_DMARC
 extern gstring *authres_dmarc(gstring *);
 #endif
 extern gstring *authres_smtpauth(gstring *);
diff --git a/src/src/globals.c b/src/src/globals.c
index 61a9c9796..ad6b38ec5 100644
--- a/src/src/globals.c
+++ b/src/src/globals.c
@@ -239,7 +239,7 @@ struct global_flags f =
 #ifndef DISABLE_DKIM
 	.dkim_disable_verify      = FALSE,
 #endif
-#ifdef EXPERIMENTAL_DMARC
+#ifdef SUPPORT_DMARC
 	.dmarc_has_been_checked  = FALSE,
 	.dmarc_disable_verify    = FALSE,
 	.dmarc_enable_forensic   = FALSE,
@@ -838,7 +838,7 @@ uschar *dkim_verify_signers      = US"$dkim_signers";
 uschar *dkim_verify_status	 = NULL;
 uschar *dkim_verify_reason	 = NULL;
 #endif
-#ifdef EXPERIMENTAL_DMARC
+#ifdef SUPPORT_DMARC
 uschar *dmarc_domain_policy     = NULL;
 uschar *dmarc_forensic_sender   = NULL;
 uschar *dmarc_history_file      = NULL;
diff --git a/src/src/globals.h b/src/src/globals.h
index 4ab43ca65..533def981 100644
--- a/src/src/globals.h
+++ b/src/src/globals.h
@@ -199,7 +199,7 @@ extern struct global_flags {
 #ifndef DISABLE_DKIM
  BOOL   dkim_disable_verify		:1; /* Set via ACL control statement. When set, DKIM verification is disabled for the current message */
 #endif
-#ifdef EXPERIMENTAL_DMARC
+#ifdef SUPPORT_DMARC
  BOOL   dmarc_has_been_checked		:1; /* Global variable to check if test has been called yet */
  BOOL   dmarc_disable_verify		:1; /* Set via ACL control statement. When set, DMARC verification is disabled for the current message */
  BOOL   dmarc_enable_forensic		:1; /* Set via ACL control statement. When set, DMARC forensic reports are enabled for the current message */
@@ -511,7 +511,7 @@ extern uschar *dkim_verify_signers;    /* Colon-separated list of domains for ea
 extern uschar *dkim_verify_status;     /* result for this signature */
 extern uschar *dkim_verify_reason;     /* result for this signature */
 #endif
-#ifdef EXPERIMENTAL_DMARC
+#ifdef SUPPORT_DMARC
 extern uschar *dmarc_domain_policy;    /* Expansion for declared policy of used domain */
 extern uschar *dmarc_forensic_sender;  /* Set sender address for forensic reports */
 extern uschar *dmarc_history_file;     /* Expansion variable, file to store dmarc results */
diff --git a/src/src/macro_predef.c b/src/src/macro_predef.c
index fce981996..e96fef938 100644
--- a/src/src/macro_predef.c
+++ b/src/src/macro_predef.c
@@ -146,6 +146,9 @@ due to conflicts with other common macros. */
 #ifndef DISABLE_DKIM
   builtin_macro_create(US"_HAVE_DKIM");
 #endif
+#ifdef SUPPORT_DMARC
+  builtin_macro_create(US"_HAVE_DMARC");
+#endif
 #ifndef DISABLE_DNSSEC
   builtin_macro_create(US"_HAVE_DNSSEC");
 #endif
@@ -194,9 +197,6 @@ due to conflicts with other common macros. */
 #ifdef EXPERIMENTAL_DCC
   builtin_macro_create(US"_HAVE_DCC");
 #endif
-#ifdef EXPERIMENTAL_DMARC
-  builtin_macro_create(US"_HAVE_DMARC");
-#endif
 #ifdef EXPERIMENTAL_DSN_INFO
   builtin_macro_create(US"_HAVE_DSN_INFO");
 #endif
diff --git a/src/src/macros.h b/src/src/macros.h
index a94a71f7e..e36c09c47 100644
--- a/src/src/macros.h
+++ b/src/src/macros.h
@@ -238,7 +238,7 @@ enum {
   ERRMESS_TOOMANYRECIP,     /* Too many recipients */
   ERRMESS_LOCAL_SCAN,       /* Rejected by local scan */
   ERRMESS_LOCAL_ACL         /* Rejected by non-SMTP ACL */
-#ifdef EXPERIMENTAL_DMARC
+#ifdef SUPPORT_DMARC
  ,ERRMESS_DMARC_FORENSIC    /* DMARC Forensic Report */
 #endif
 };
diff --git a/src/src/moan.c b/src/src/moan.c
index fea3683ba..f6cda37f2 100644
--- a/src/src/moan.c
+++ b/src/src/moan.c
@@ -73,7 +73,7 @@ int size_limit = bounce_return_size_limit;
 FILE * fp;
 int pid;
 
-#ifdef EXPERIMENTAL_DMARC
+#ifdef SUPPORT_DMARC
 uschar * s, * s2;
 
 /* For DMARC if there is a specific sender set, expand the variable for the
@@ -111,7 +111,7 @@ fp = fdopen(fd, "wb");
 if (errors_reply_to) fprintf(fp, "Reply-To: %s\n", errors_reply_to);
 fprintf(fp, "Auto-Submitted: auto-replied\n");
 
-#ifdef EXPERIMENTAL_DMARC
+#ifdef SUPPORT_DMARC
 if (s)
   fprintf(fp, "From: %s\n", s);
 else
@@ -228,7 +228,7 @@ switch(ident)
   fprintf(fp, "\n");
   break;
 
-#ifdef EXPERIMENTAL_DMARC
+#ifdef SUPPORT_DMARC
   case ERRMESS_DMARC_FORENSIC:
     bounce_return_message = TRUE;
     bounce_return_body    = FALSE;
@@ -339,7 +339,7 @@ if (bounce_return_message)
       fputs(CS buf, fp);
       }
     }
-#ifdef EXPERIMENTAL_DMARC
+#ifdef SUPPORT_DMARC
   /* Overkill, but use exact test in case future code gets inserted */
   else if (bounce_return_body && message_file == NULL)
     {
diff --git a/src/src/readconf.c b/src/src/readconf.c
index 16f4a8abe..2f78cd746 100644
--- a/src/src/readconf.c
+++ b/src/src/readconf.c
@@ -122,7 +122,7 @@ static optionlist optionlist_config[] = {
   { "dkim_verify_minimal",      opt_bool,        &dkim_verify_minimal },
   { "dkim_verify_signers",      opt_stringptr,   &dkim_verify_signers },
 #endif
-#ifdef EXPERIMENTAL_DMARC
+#ifdef SUPPORT_DMARC
   { "dmarc_forensic_sender",    opt_stringptr,   &dmarc_forensic_sender },
   { "dmarc_history_file",       opt_stringptr,   &dmarc_history_file },
   { "dmarc_tld_file",           opt_stringptr,   &dmarc_tld_file },
diff --git a/src/src/receive.c b/src/src/receive.c
index ada3ca519..31e3f7cbb 100644
--- a/src/src/receive.c
+++ b/src/src/receive.c
@@ -14,9 +14,9 @@
 extern int dcc_ok;
 #endif
 
-#ifdef EXPERIMENTAL_DMARC
+#ifdef SUPPORT_DMARC
 # include "dmarc.h"
-#endif /* EXPERIMENTAL_DMARC */
+#endif
 
 /*************************************************
 *                Local static variables          *
@@ -1703,9 +1703,9 @@ header_line *msgid_header = NULL;
 header_line *received_header;
 BOOL msgid_header_newly_created = FALSE;
 
-#ifdef EXPERIMENTAL_DMARC
+#ifdef SUPPORT_DMARC
 int dmarc_up = 0;
-#endif /* EXPERIMENTAL_DMARC */
+#endif
 
 /* Variables for use when building the Received: header. */
 
@@ -1767,9 +1767,8 @@ if (smtp_input && !smtp_batched_input && !f.dkim_disable_verify)
   dkim_exim_verify_init(chunking_state <= CHUNKING_OFFERED);
 #endif
 
-#ifdef EXPERIMENTAL_DMARC
-/* initialize libopendmarc */
-dmarc_up = dmarc_init();
+#ifdef SUPPORT_DMARC
+dmarc_up = dmarc_init();	/* initialize libopendmarc */
 #endif
 
 /* Remember the time of reception. Exim uses time+pid for uniqueness of message
@@ -3499,9 +3498,9 @@ else
       goto TIDYUP;
 #endif /* WITH_CONTENT_SCAN */
 
-#ifdef EXPERIMENTAL_DMARC
+#ifdef SUPPORT_DMARC
     dmarc_up = dmarc_store_data(from_header);
-#endif /* EXPERIMENTAL_DMARC */
+#endif
 
 #ifndef DISABLE_PRDR
     if (prdr_requested && recipients_count > 1 && acl_smtp_data_prdr)
diff --git a/src/src/smtp_in.c b/src/src/smtp_in.c
index 257c33de1..671798641 100644
--- a/src/src/smtp_in.c
+++ b/src/src/smtp_in.c
@@ -2075,7 +2075,7 @@ dkim_collect_input = 0;
 dkim_verify_overall = dkim_verify_status = dkim_verify_reason = NULL;
 dkim_key_length = 0;
 #endif
-#ifdef EXPERIMENTAL_DMARC
+#ifdef SUPPORT_DMARC
 f.dmarc_has_been_checked = f.dmarc_disable_verify = f.dmarc_enable_forensic = FALSE;
 dmarc_domain_policy = dmarc_status = dmarc_status_text =
 dmarc_used_domain = NULL;