Fix bug #227: Revert removal of SenderHeaders configuration setting.

Document that it is now limited to signature selection.

RELEASE_NOTES

@@ -7,6 +7,8 @@ release, and a summary of the changes in that release.
 	Fix bug #221: Report a DKIM result of "policy" if MinimumKeyBits
 		or UnprotectedKey cause the signature to result in a "pass"
 		override.  Reported by Kurt Roeckx.
+	Fix bug #227: Revert removal of SenderHeaders configuration setting.
+		Document that it is now limited to signature selection.
 	LIBOPENDKIM: Fix bug #226: Deal with header fields that are
 		wrpaped before there's any content.  Reported by
 		Alessandro Vesely.

opendkim/opendkim-config.h

@@ -185,6 +185,7 @@ struct configdef dkimf_config[] =
 #endif /* USE_LUA */
 	{ "Selector",			CONFIG_TYPE_STRING,	FALSE },
 	{ "SelectCanonicalizationHeader", CONFIG_TYPE_STRING,	FALSE },
+	{ "SenderHeaders",		CONFIG_TYPE_STRING,	FALSE },
 #ifdef _FFR_SENDER_MACRO
 	{ "SenderMacro",		CONFIG_TYPE_STRING,	FALSE },
 #endif /* _FFR_SENDER_MACRO */

opendkim/opendkim.c

@@ -392,6 +392,8 @@ struct dkimf_config
 	char **		conf_omithdrs;		/* headers to omit (array) */
 	DKIMF_DB	conf_signhdrsdb;	/* headers to sign (DB) */
 	char **		conf_signhdrs;		/* headers to sign (array) */
+	DKIMF_DB	conf_senderhdrsdb;	/* sender headers (DB) */
+	char **		conf_senderhdrs;	/* sender headers (array) */
 	DKIMF_DB	conf_mtasdb;		/* MTA ports to sign (DB) */
 	char **		conf_mtas;		/* MTA ports to sign (array) */
 	DKIMF_DB	conf_remardb;		/* A-R removal list (DB) */
@@ -5923,6 +5925,9 @@ dkimf_config_free(struct dkimf_config *conf)
 	if (conf->conf_signhdrsdb != NULL)
 		dkimf_db_close(conf->conf_signhdrsdb);
 
+	if (conf->conf_senderhdrsdb != NULL)
+		dkimf_db_close(conf->conf_senderhdrsdb);
+
 	if (conf->conf_oversigndb != NULL)
 		dkimf_db_close(conf->conf_oversigndb);
 
@@ -7334,6 +7339,33 @@ dkimf_config_load(struct config *data, struct dkimf_config *conf,
 		}
 	}
 
+	str = NULL;
+	if (data != NULL)
+		(void) config_get(data, "SenderHeaders", &str, sizeof str);
+	if (str != NULL)
+	{
+		int status;
+		char *dberr = NULL;
+
+		status = dkimf_db_open(&conf->conf_senderhdrsdb, str,
+		                       (dbflags |
+		                        DKIMF_DB_FLAG_ICASE |
+		                        DKIMF_DB_FLAG_READONLY),
+		                       NULL, &dberr);
+		if (status != 0)
+		{
+			snprintf(err, errlen, "%s: dkimf_db_open(): %s",
+			         str, dberr);
+			return -1;
+		}
+
+		status = dkimf_db_mkarray(conf->conf_senderhdrsdb,
+		                          &conf->conf_senderhdrs,
+		                          NULL);
+		if (status == -1)
+			return -1;
+	}
+
 #ifdef _FFR_VBR
 	if (data != NULL)
 	{
@@ -11558,12 +11590,26 @@ mlfi_eoh(SMFICTX *ctx)
 	}
 #endif /* _FFR_SENDER_MACRO */
 
-	if (dkimf_dstring_len(addr) == 0)
+  	if (dkimf_dstring_len(addr) == 0)
 	{
-		from = dkimf_findheader(dfc, "from", 0);
-		if (from != NULL)
-			dkimf_dstring_copy(addr, from->hdr_val);
+		for (c = 0; conf->conf_senderhdrs != NULL &&
+                            conf->conf_senderhdrs[c] != NULL; c++)
+		{
+			if (strcasecmp("from", conf->conf_senderhdrs[c]) == 0)
+				didfrom = TRUE;
+
+			from = dkimf_findheader(dfc, conf->conf_senderhdrs[c],
+			                        0);
+			if (from != NULL)
+				break;
+		}
+
+		if (from == NULL && !didfrom)
+			from = dkimf_findheader(dfc, "from", 0);
 	}
+
+  	if (from != NULL)
+		dkimf_dstring_copy(addr, from->hdr_val);
 
 	if (dkimf_dstring_len(addr) == 0)
 	{

opendkim/opendkim.conf.5.in

@@ -897,6 +897,16 @@ This parameter is ignored if a
 .I KeyTable
 is defined.
 
+.TP
+.I SenderHeaders (dataset)
+Specifies an ordered list of header fields that should be searched to
+determine the sender of a message.  The first header field found is the
+one whose value is used.  This is mainly used when signing
+for deciding which signing request(s) to make.  By default, the "From"
+header field is the only one checked.  See the
+.I OmitHeaders
+setting for a description of possible values.
+
 .TP
 .I SenderMacro (string)
 Use the milter macro string to determine the sender of the message.

opendkim/opendkim.conf.sample

@@ -550,6 +550,15 @@ KeyFile			/var/db/dkim/example.private
 
 Selector		my-selector-name
 
+##  SenderHeaders 	dataset
+##  	default (none)
+##
+##  Overrides the default list of headers that will be used to determine
+##  the sending domain when deciding whether to sign the message and with
+##  with which key(s).  See opendkim.conf(5) for details.
+
+# SenderHeaders		From
+
 ##  SendReports { yes | no }
 ##  	default "no"
 ##
@@ -590,13 +599,14 @@ Selector		my-selector-name
 ##
 ##  Defines a dataset that will be queried for the message sender's address
 ##  to determine which private key(s) (if any) should be used to sign the
-##  message.  The sender is determined from the value of the From:
-##  header field.  The key for this lookup should be an address or address
-##  pattern that matches senders; see the opendkim.conf(5) man page for
-##  more information.  The value of the lookup should return the name of a
-##  key found in the KeyTable that should be used to sign the message.  If
-##  MultipleSignatures is set, all possible lookup keys will be attempted
-##  which may result in multiple signatures being applied.
+##  message.  The sender is determined from the value of the sender
+##  header fields as described with SenderHeaders above.  The key for this
+##  lookup should be an address or address pattern that matches senders;
+##  see the opendkim.conf(5) man page for more information.  The value
+##  of the lookup should return the name of a key found in the KeyTable
+##  that should be used to sign the message.  If MultipleSignatures
+##  is set, all possible lookup keys will be attempted which may result
+##  in multiple signatures being applied.
 
 # SigningTable		filename