[Mailman-Users] resend - mailman 2.1.21 - dmarc check problem
curtis at ipv6.occnc.com
Wed May 4 12:27:24 EDT 2016
I'm resending this with a new subject. The last email just
disappeared (no bounce). Maybe having
DMARC_ORGANIZATIONAL_DOMAIN_DATA_URL in the subject tripped an all
caps in subject test. (Or the moderator is slacking?)
By default DMARC_ORGANIZATIONAL_DOMAIN_DATA_URL is set to
I have mailman set up on an IPv6 only host and publicsuffix.org has no
IPv6 address. A near identical configuration is set up on a dual
stack host. Any email to the IPv6 only host fails with an entry in
logs/error of the form "Unable to retrieve data from
https://publicsuffix.org/list/public_suffix_list.dat: <urlopen error
[Errno 43] Protocol not supported>"
It doesn't look as if publicsuffix.org will be getting an IPv6 address
any time soon. The alternative github.com also doesn't have an IPv6
address. In the mean time I would like to disable the use of
DMARC_ORGANIZATIONAL_DOMAIN_DATA_URL by setting it empty. To do this
it seems that I would need the following change:
- --- Mailman/Utils.py.orig 2016-04-09 04:08:56.000000000 -0400
+++ Mailman/Utils.py 2016-05-03 14:37:12.683904000 -0400
@@ -1205,6 +1205,8 @@
Domain which may be the same as the input."""
if not s_dict:
+ if mm_cfg.DMARC_ORGANIZATIONAL_DOMAIN_DATA_URL:
hits = 
d = domain.lower().split('.')
In mm_sfg.py I just set "DMARC_ORGANIZATIONAL_DOMAIN_DATA_URL = ''".
This works for .com, .org, .net, etc but not for things like co.uk,
etc (which in my case is not an issue).
A second question is why does failing to access publicsuffix.org
result in a hard fail rather than a soft fail? The change I made just
skips over get_suffixes and leaves s_dict empty. It seems that
get_suffixes does do a "try and except" which logs and returns, but
then the mail gets rejected and the reason is not clear to me by just
reading the code. In logs/smtp-failure there is a message of the form
"failed with code 554: 5.7.1 <fqdn[ipv6addr]>: Client host rejected:
Access denied". Skipping get_suffixes throws no error and leaves
s_dict empty. At most an error in get_suffixes should put the email
in shunt but that seems to be in error handling upstream.
More information about the Mailman-Users