git » chasquid » commit 6640c09

diff --git a/internal/smtpsrv/conn.go b/internal/smtpsrv/conn.go
index 0c167f1..877475d 100644
--- a/internal/smtpsrv/conn.go
+++ b/internal/smtpsrv/conn.go
@@ -653,14 +653,18 @@ func (c *Conn) runPostDataHook(data []byte) ([]byte, bool, error) {
 	cmd.Env = append(cmd.Env, "REMOTE_ADDR="+c.conn.RemoteAddr().String())
 	cmd.Env = append(cmd.Env, "MAIL_FROM="+c.mailFrom)
 	cmd.Env = append(cmd.Env, "RCPT_TO="+strings.Join(c.rcptTo, " "))
-	cmd.Env = append(cmd.Env, "AUTH_AS="+c.authUser+"@"+c.authDomain)
-	if c.onTLS {
-		cmd.Env = append(cmd.Env, "ON_TLS=1")
-	}
-	if envelope.DomainIn(c.mailFrom, c.localDomains) {
-		cmd.Env = append(cmd.Env, "FROM_LOCAL_DOMAIN=1")
+
+	if c.completedAuth {
+		cmd.Env = append(cmd.Env, "AUTH_AS="+c.authUser+"@"+c.authDomain)
+	} else {
+		cmd.Env = append(cmd.Env, "AUTH_AS=")
 	}
 
+	cmd.Env = append(cmd.Env, "ON_TLS="+boolToStr(c.onTLS))
+	cmd.Env = append(cmd.Env, "FROM_LOCAL_DOMAIN="+boolToStr(
+		envelope.DomainIn(c.mailFrom, c.localDomains)))
+	cmd.Env = append(cmd.Env, "SPF_PASS="+boolToStr(c.spfResult == spf.Pass))
+
 	out, err := cmd.Output()
 	if err != nil {
 		hookResults.Add("post-data:fail", 1)
@@ -741,6 +745,13 @@ func lastLine(s string) string {
 	return l[len(l)-2]
 }
 
+func boolToStr(b bool) string {
+	if b {
+		return "1"
+	}
+	return "0"
+}
+
 func (c *Conn) STARTTLS(params string) (code int, msg string) {
 	if c.onTLS {
 		return 503, "You are already wearing that!"
diff --git a/test/t-10-hooks/run.sh b/test/t-10-hooks/run.sh
index 564a4b6..fb8244a 100755
--- a/test/t-10-hooks/run.sh
+++ b/test/t-10-hooks/run.sh
@@ -42,6 +42,7 @@ check "ON_TLS=1"
 check "AUTH_AS=user@testserver"
 check "PATH="
 check "REMOTE_ADDR="
+check "SPF_PASS=0"
 
 
 # Check that a failure in the script results in failing delivery.