[Mailman-Developers] DMARC mitigation code question
Lindsay Haisley
fmouse at fmp.com
Fri Oct 20 12:24:44 EDT 2017
On Thu, 2017-10-19 at 18:13 -0700, Mark Sapiro wrote:
> On 10/19/2017 07:32 AM, Lindsay Haisley wrote:
> > Mark, et al
> >
> > While configuring the MM 2.1 DMARC mitigation code for use in Courier-
> > MTA I note that the return from _DMARCProhibited(..) for a detected
> > policy of "p=none" is True, just as it is for "p=quarantine" and
> > "p=reject". Why is this? I would assume that if this code is reached,
> > and p=none, that no From munging would be required.
>
>
> I think the code you're looking at is conditional on
> dmarc_none_moderation_action being True which is neither a default nor a
> recommended setting. It was added (reluctantly) in response to
> <https://bugs.launchpad.net/mailman/+bug/1539384> and probably should
> not have been. It is not in Mailman 3.
>
> If you have time and interest, read the bug report (and all 11 comments).
I read the comments on the bug report and looked further at the original
code at
<http://bazaar.launchpad.net/~mailman-coders/mailman/2.1/view/head:/Mailman/Utils.py>.
It looks as if munging on a policy of "p=none" is a per-list or per-site
choice. I cut out code related to the mlist object from my application
so this remained as a default. I've set line 1359 to "return False", but
will give the issue some thought and possibly make it a configuration
option from a comment-annotated variable definitions near the start of
the code. I'm trying to keep this piece as simple as possible. For
anyone interested, I've posted the dmarc_shield.py publicly at
<http://linode.fmp.com/contrib/dmarc_shield.py>.
--
Lindsay Haisley | "Everything works if you let it"
FMP Computer Services |
512-259-1190 | - The Roadie
http://www.fmp.com |
More information about the Mailman-Developers
mailing list