[opendmarc-users] OpenDMARC v0.2.0 released

[Murray S. Kucherawy]

On Sat, 25 Aug 2012, Andreas Schulze wrote:
> Some, but not all mail are deferred by my mailserver because opendmarc logs that error:
> Aug 25 13:04:52 taro opendmarc[1271]: 3X3xMk57rWz2596: opendmarc_policy_store_from_spf() returned status 1

This means opendmarc scanned Authentication-Results fields and found one 
that talked about a local passing SPF result, but was unable to extract a 
usable domain name from the envelope sender.

> The sender domain in question is mout.andreasschulze.de. The mail is a 
> delivery status notification. So envelope sender is <> and From-Line is 
> "From: MAILER-DAEMON <MAILER-DAEMON at mout.andreasschulze.de>"

The current DMARC spec doesn't support the HELO style of SPF evaluation, 
so this message can't pass DMARC via SPF.  The current code doesn't handle 
this case properly, however.

Patch attached.

> btw: the log message tells "opendmarc_policy_store_from_spf" failed but 
> the functions is named "opendmarc_policy_store_spf" (without from_).

Fixed for next release (but not included in this patch).

-MSK
-------------- next part --------------
diff --git a/opendmarc/opendmarc.c b/opendmarc/opendmarc.c
index 8848054..421f173 100644
--- a/opendmarc/opendmarc.c
+++ b/opendmarc/opendmarc.c
@@ -1988,7 +1988,8 @@ mlfi_eom(SMFICTX *ctx)
 
 				status = dmarcf_mail_parse(addrbuf, &user,
 				                           &domain);
-				if (status != 0)
+				if (status != 0 || domain == NULL
+				    domain[0] == '\0')
 				{
 					if (conf->conf_dolog)
 					{
@@ -1997,7 +1998,7 @@ mlfi_eom(SMFICTX *ctx)
 						       dfc->mctx_jobid);
 					}
 
-					return SMFIS_ACCEPT;
+					continue;
 				}
 
 				spfmode = DMARC_POLICY_SPF_ORIGIN_HELO;