[Mailman-Users] DNS error behaviour with DMARC
Jeff White
jaw171 at pitt.edu
Wed Aug 27 17:54:54 CEST 2014
With dmarc_moderation_notice set to anything but "Accept" Mailman will
do a DNS query for every message that comes in and check the DMARC
record of the sending domain. I have two questions regarding this:
1. Has anyone on this list noticed any performance issues with the
overhead this adds? I doubt there is anything noticeable but curious if
anyone has seen any issue.
2. What is Mailman's behaviour if the query fails (e.g. times out)?
Defaults.py says:
# Parameters for DMARC DNS lookups. If you are seeing 'DNSException:
# Unable to query DMARC policy ...' entries in your error log, you may need
# to adjust these.
# The time to wait for a response from a name server before timeout.
DMARC_RESOLVER_TIMEOUT = seconds(3)
# The total time to spend trying to get an answer to the question.
DMARC_RESOLVER_LIFETIME = seconds(5)
... but what happens to the post when DNSException is thrown? Is the
message rejected and a bounce sent to the poster? Is it re-queued and
tried again? If so when does Mailman give up? Does Mailman simply
shunt the post and throw an error?
If someone can point me to the file that holds this code I can review it
and report what the behaviour is.
--
Jeff White - GNU+Linux Systems Administrator
University of Pittsburgh - CSSD
More information about the Mailman-Users
mailing list