On Sat, 3 Apr 2021, Simon Wilson wrote:
Please read CVE-2019-20790, and tell me you’ve found a way to tell
PyPolicyd not to trust the SMTP HELO to generate a passing AR header.
This is possibly off-topic for the Postfix list... maybe not.
…with tongue in cheek, I’ll take all the discussion about mail filtering
over any about political correctness that’s happened this year. That said,
if people feel this is off topic, nudge me privately and I’ll take a hint.
Ditto - perhaps some of these comments are better placed at
https://github.com/trusteddomainproject/OpenDMARC/issues/49
For the rest of the list, Simon and I are working quietly to the side, but
I really would like to make OpenDMARC do the fully correct thing. My
current reading of the various specs is that there's no hard requirement
that the requisite filters *actually put enough info into the headers* to
do such a thing.
Apologies for the noise here. It may not fully be over, but it's my hope
that the net result is good software for the internet at large.
-Dan
--
--------Dan Mahoney--------
Techie, Sysadmin, WebGeek
Gushi on efnet/undernet IRC
FB: fb.com/DanielMahoneyIV
LI: linkedin.com/in/gushi
Site: http://www.gushi.org
---------------------------
