resend - mailman 2.1.21 - dmarc check problem
I'm resending this with a new subject. The last email just disappeared (no bounce). Maybe having DMARC_ORGANIZATIONAL_DOMAIN_DATA_URL in the subject tripped an all caps in subject test. (Or the moderator is slacking?) By default DMARC_ORGANIZATIONAL_DOMAIN_DATA_URL is set to https://publicsuffix.org/list/public_suffix_list.dat I have mailman set up on an IPv6 only host and publicsuffix.org has no IPv6 address. A near identical configuration is set up on a dual stack host. Any email to the IPv6 only host fails with an entry in logs/error of the form "Unable to retrieve data from https://publicsuffix.org/list/public_suffix_list.dat: <urlopen error [Errno 43] Protocol not supported>" It doesn't look as if publicsuffix.org will be getting an IPv6 address any time soon. The alternative github.com also doesn't have an IPv6 address. In the mean time I would like to disable the use of DMARC_ORGANIZATIONAL_DOMAIN_DATA_URL by setting it empty. To do this it seems that I would need the following change: - --- Mailman/Utils.py.orig 2016-04-09 04:08:56.000000000 -0400 +++ Mailman/Utils.py 2016-05-03 14:37:12.683904000 -0400 @@ -1205,6 +1205,8 @@ Domain which may be the same as the input.""" global s_dict if not s_dict: - get_suffixes(mm_cfg.DMARC_ORGANIZATIONAL_DOMAIN_DATA_URL) + if mm_cfg.DMARC_ORGANIZATIONAL_DOMAIN_DATA_URL: + get_suffixes(mm_cfg.DMARC_ORGANIZATIONAL_DOMAIN_DATA_URL) hits = [] d = domain.lower().split('.') In mm_sfg.py I just set "DMARC_ORGANIZATIONAL_DOMAIN_DATA_URL = ''". This works for .com, .org, .net, etc but not for things like co.uk, etc (which in my case is not an issue). A second question is why does failing to access publicsuffix.org result in a hard fail rather than a soft fail? The change I made just skips over get_suffixes and leaves s_dict empty. It seems that get_suffixes does do a "try and except" which logs and returns, but then the mail gets rejected and the reason is not clear to me by just reading the code. In logs/smtp-failure there is a message of the form "failed with code 554: 5.7.1 <fqdn[ipv6addr]>: Client host rejected: Access denied". Skipping get_suffixes throws no error and leaves s_dict empty. At most an error in get_suffixes should put the email in shunt but that seems to be in error handling upstream. Curtis
On 05/04/2016 09:27 AM, Curtis Villamizar wrote:
I'm resending this with a new subject. The last email just disappeared (no bounce). Maybe having DMARC_ORGANIZATIONAL_DOMAIN_DATA_URL in the subject tripped an all caps in subject test. (Or the moderator is slacking?)
A moderator (me) approved your post and cleared your mod bit approximately 2 hours before you posted this. My reply to that post is at <https://mail.python.org/pipermail/mailman-users/2016-May/080772.html>.
I don't know why you didn't receive it. It was successfully sent per
May 4 10:36:04 mail postfix/smtp[22778]: 3r0LDW0F1DzFqP0: to=<curtis@ipv6.occnc.com>, relay=mta2-em1.orleans.occnc.com[50.252.223.140]:25, delay=42, delays=0.08/0/31/11, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 316BF9DDA)
(time stamp is UTC - 0400)
Maybe the ALL CAPS filtered it at your end.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
participants (2)
-
Curtis Villamizar -
Mark Sapiro