[Mailman-checkins] [Git][mailman/mailman][master] 2 commits: DMARC policy ignores domains with multiple DMARC records.

[Mark Sapiro (@msapiro) via Mailman-checkins]

Mark Sapiro pushed to branch master at GNU Mailman / Mailman Core


Commits:
90d440c9 by Mark Sapiro at 2021-06-06T10:51:14-07:00
DMARC policy ignores domains with multiple DMARC records.

- - - - -
f43d34a3 by Mark Sapiro at 2021-06-06T18:23:14+00:00
Merge branch 'dmarc' into 'master'

DMARC policy ignores domains with multiple DMARC records.

Closes #907

See merge request mailman/mailman!872
- - - - -


3 changed files:

- src/mailman/docs/NEWS.rst
- src/mailman/rules/dmarc.py
- src/mailman/rules/tests/test_dmarc.py


Changes:

=====================================
src/mailman/docs/NEWS.rst
=====================================
@@ -71,6 +71,8 @@ Bugs
   configured headers.  (Closes #905)
 * Require flufl.bounce >=3.0.2, which improves parsing of bounce messages.
   (Closes #892)
+* DMARC policy discovery ignores domains with multiple DMARC records per
+  RFC 7849.  (Closes #907)
 
 Command line
 ------------


=====================================
src/mailman/rules/dmarc.py
=====================================
@@ -245,8 +245,9 @@ def is_reject_or_quarantine(mlist, email, dmarc_domain, 
org=False):
         if len(dmarcs) > 1:
             elog.error(
                 'RRset of TXT records for %s has %d v=DMARC1 entries; '
-                'testing them all',
+                'ignoring them per RFC 7849',
                 dmarc_domain, len(dmarcs))
+            return False
         for entry in dmarcs:
             mo = re.search(r'\bsp=(\w*)\b', entry, re.IGNORECASE)
             if org and mo:


=====================================
src/mailman/rules/tests/test_dmarc.py
=====================================
@@ -414,12 +414,12 @@ To: a...@example.com
         mark = LogFileMark('mailman.error')
         rule = dmarc.DMARCMitigation()
         with get_dns_resolver(rmult=True):
-            self.assertTrue(rule.check(mlist, msg, {}))
+            self.assertFalse(rule.check(mlist, msg, {}))
         line = mark.readline()
         self.assertEqual(
-            line[-85:],
+            line[-95:],
             'RRset of TXT records for _dmarc.example.biz has 2 '
-            'v=DMARC1 entries; testing them all\n')
+            'v=DMARC1 entries; ignoring them per RFC 7849\n')
 
     def test_multiple_cnames(self):
         mlist = create_list('a...@example.com')



View it on GitLab: 
https://gitlab.com/mailman/mailman/-/compare/30f322951e961ff47e1a32ffcf5894f2ceb7583f...f43d34a367b204ab2d54a05124f762d6f10335e9

-- 
View it on GitLab: 
https://gitlab.com/mailman/mailman/-/compare/30f322951e961ff47e1a32ffcf5894f2ceb7583f...f43d34a367b204ab2d54a05124f762d6f10335e9
You're receiving this email because of your account on gitlab.com.



_______________________________________________
Mailman-checkins mailing list -- mailman-checkins@python.org
To unsubscribe send an email to mailman-checkins-le...@python.org
https://mail.python.org/mailman3/lists/mailman-checkins.python.org/
Member address: arch...@jab.org