[opendmarc-dev] wildcards in config file?

[Carsey, Robert]

I think I have an issue where I'm going to need to hack a few lines of code in opendmarc.  Before I dive into it, I wanted to pass this by you guys..

In our setup, all of the mail for my domain passes through a cloud service.  They're nice enough to do the SPF check and insert the headers into messages.  Example:

Received-SPF: pass (mx24.ess.sfj.cudaops.com: domain of opendmarc-dev-bounces at trusteddomain.org designates 208.69.40.157 as permitted sender)

After the message passes their scanners, they forward it along to a machine under my control where I'm running sendmail/opendkim/opendmarc.  I can take advantage of this by using the opendmarc.conf config line: "TrustedAuthservIDs mx24.ess.sfj.cudaops.com,mx6.ess.sfj.cudaops.com".

However, the SPF may have come from any number of their servers.. mx01 through who knows.  I'm only guaranteed that the ID will end with "cudaops.com".

I'd like to just say "TrustedAuthservIDs *.cudaops.com" which I don't think I can do based on the man page.  I can hack the opendmarc code, or I can write a milter to do a regex replace on the string to a static string I can tell opendmarc about.

I suppose I could also let my server do the SPF check..but it would see the message came from my cloud service, rather than the actual internet mail host.

Ideas?

-Rob
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.trusteddomain.org/pipermail/opendmarc-dev/attachments/20160217/74a5da5d/attachment.htm>