=head1 NAME

Mail::SpamAssassin::Plugin::AuthResults

=head1 SYNOPSIS

 loadplugin Mail::SpamAssassin::Plugin::AuthResults [/path/to/AuthResults.pm]

 header AUTH_RESULTS eval:check_authresults()
 describe AUTH_RESULTS Authentication Results DomainKeys

 score AUTH_RESULTS -2

 authresults_whitelist elandsys.com

 =head1 DESCRIPTION

This SpamAssassin plugin module provides eval test for DomainKeys results passed
through the Authentication-Results  header.

=head1 AUTHOR

Eland Systems <scam+authresults@elandsys.com>

=head1 COPYRIGHT

Copyright (c) 2005 Eland Systems. All rights reserved.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

    http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

=cut

package Mail::SpamAssassin::Plugin::AuthResults;

use Mail::SpamAssassin::Plugin;
use Mail::SpamAssassin::Logger;
use strict;
use warnings;
use bytes;

use vars qw(@ISA);
@ISA = qw(Mail::SpamAssassin::Plugin);

# constructor: register the eval rule
sub new {
  my $class = shift;
  my $mailsaobject = shift;

  $class = ref($class) || $class;
  my $self = $class->SUPER::new($mailsaobject);
  bless ($self, $class);

  $self->register_eval_rule ("check_authresults");

  $self->set_config($mailsaobject->{conf});

  return $self;
}

sub set_config {
  my ($self, $conf) = @_;

  my @cmds = ();

  push(@cmds, {
               setting => 'authresults_whitelist',
			   default => {},
               code => sub {
                 my ($self, $key, $value, $line) = @_;

                 $value = lc $value;
				 my $re = $value;
				$re =~ s/[\000\;\'\"\!\|]/_/gs;                   # paranoia
				$re =~ s/([^\*\?_a-zA-Z0-9])/\\$1/g; # escape any possible metachars

				 $conf->{$key}->{$value} = ${re};
			}});

	$conf->{parser}->register_commands(\@cmds);
}

sub check_authresults {
  my ($self, $permsgstatus) = @_;

  my $ar = $permsgstatus->get('Authentication-Results');

  return 0 unless $ar;

  $ar =~ s/\n[ \t]+/ /gs;


  my $ardom = $self->parse_auth_line ($ar);
  return $self->_check_domain($permsgstatus->{conf}->{authresults_whitelist}, $ardom);

}


sub parse_auth_line {
  my ($self) = shift;
  local ($_) = shift;

  s/\s+/ /gs;

  my $fqdnhost = Mail::SpamAssassin::Util::fq_hostname();
  #Authentication-Results: hostname From=email; domainkeys=pass
  if (/(?:${fqdnhost}) From=(?:[^@]+)@([A-Za-z0-9\.\-]+); (?:domainkeys=pass)/i) {
	my $passdom = $1;

	dbg("authresults: found $passdom");

	return $passdom;
  }

	return;
}

sub _check_domain {
  my ($self, $list, $domain) = @_;

  $domain = lc $domain;

  return 1 if defined($list->{$domain});

  study $domain;
  foreach my $regexp (values %{$list}) {
    if ($domain =~ qr/$regexp/i) {
	  dbg("authresults: match $regexp");
      return 1;
    }
  }

  return 0;
}

1;