feat: add IgnoreMailTo option to suppress history recording by recipient#393
Merged
thegushi merged 8 commits intoMay 30, 2026
Merged
Conversation
- Add attribution to policy_published.domain fix (trusteddomainproject#270): independently patched by Eneas U. de Queiroz for openSUSE, submitted by Dirk Stöcker - Add attribution to opendmarc_tld_read_file memory leak fix (trusteddomainproject#347): independently patched by Juri Haberland for openSUSE, submitted by Dirk Stöcker - Add attribution to domain case normalization fix (trusteddomainproject#351): independently patched by Dirk Stöcker for openSUSE - Document failure report Subject line fix (trusteddomainproject#391): written by Juri Haberland, submitted by Dirk Stöcker - Document failure report hostname in body (trusteddomainproject#389): written by Juri Haberland, submitted by Dirk Stöcker - Document IgnoreAuthenticatedClients logging (trusteddomainproject#387): written by Juri Haberland, submitted by Dirk Stöcker - Document --skipdomains option (trusteddomainproject#383): written by Dirk Stöcker Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…e format in report body)
…one, migration script)
…ription MIME headers)
Converts the 25-line shell script to a proper Perl .in template, consistent with every other script in reports/. - Reads HistoryFile from opendmarc.conf using a real parser (no grep/sed), so users who configure a non-default path get correct behaviour automatically - --history-file=path overrides the config for command-line flexibility - --conf=file selects an alternate opendmarc.conf - Falls back to /var/run/opendmarc.dat when HistoryFile is not set - Uses open(pipe) instead of shell redirection to avoid injection risk - --verbose and --version consistent with other reporting tools Closes trusteddomainproject#358.
Adds a comma-separated IgnoreMailTo config option analogous to IgnoreMailFrom. Messages addressed to any listed address are not written to the history file and generate no aggregate reports. The primary use case is loop prevention: a domain whose rua=/ruf= address also receives mail through the filter can suppress report traffic from being treated as reportable. Original patch by Dirk Stöcker (openSUSE ticket208 / PR trusteddomainproject#381).
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Closes #319. Original patch by Dirk Stöcker (openSUSE ticket208 / PR #381, which was closed in favour of this cleaner implementation).
What it does
Adds
IgnoreMailTo, a comma-separated config option analogous to the existingIgnoreMailFrom. Messages whoseTo:header contains any listed address are not written to the history file and therefore generate no aggregate reports.Primary use case — loop prevention: if your domain's
rua=orruf=address also receives mail through the filter, DMARC report messages sent to it will be processed as normal traffic and may trigger further reports. Adding the address toIgnoreMailTobreaks the loop at the earliest point.Example
Implementation
Follows the exact same pattern as
IgnoreMailFrom/conf_ignoredomains: comma-separated list parsed at config load time intoconf_ignorereceivers, checked inmlfi_eom()before the history file write. No changes to report delivery or the milter verdict.