[opendmarc-users] probably bug in OpenDMARCs AR-header parser
A. Schulze
sca at andreasschulze.de
Mon Jun 15 12:12:25 PDT 2015
Hello,
today I stumbled upon a message from amazon.de
see http://lists.dmarc.org/pipermail/dmarc-discuss/2015-June/003155.html
I striped down the message to a bare minimum:
/tmp/msg
Authentication-Results: mail.example.org;
dkim=pass header.d=amazon.de;
dkim=pass header.d=amazonses.com
From: "foo" <foo at marketplace.amazon.de>
body
/tmp/opendkim.conf
AuthservID mail.example.org
PublicSuffixList /tmp/public_suffix_list.dat
# cd /tmp && wget https://publicsuffix.org/list/public_suffix_list.dat
# opendmarc -V
opendmarc: OpenDMARC Filter v1.3.1
SMFI_VERSION 0x1000001
libmilter version 1.0.1
# opendmarc -vv -c /tmp/config -t /tmp/msg
opendmarc: mlfi_connect() returned SMFIS_CONTINUE
opendmarc: mlfi_helo() returned SMFIS_CONTINUE
opendmarc: /tmp/msg: mlfi_envfrom() returned SMFIS_CONTINUE
opendmarc: /tmp/msg: line 1: mlfi_header() returned SMFIS_CONTINUE
opendmarc: /tmp/msg: line 4: mlfi_header() returned SMFIS_CONTINUE
### INSHEADER: idx=1 hname='Authentication-Results'
hvalue='mail.example.org; dmarc=fail header.from=marketplace.amazon.de'
opendmarc: /tmp/msg: mlfi_eom() returned SMFIS_CONTINUE
opendmarc: mlfi_close() returned SMFIS_CONTINUE
If I now change the second dkim=pass to foo=pass it looks different:
# opendmarc -vv -c /tmp/config -t /tmp/msg
opendmarc: mlfi_connect() returned SMFIS_CONTINUE
opendmarc: mlfi_helo() returned SMFIS_CONTINUE
opendmarc: /tmp/msg: mlfi_envfrom() returned SMFIS_CONTINUE
opendmarc: /tmp/msg: line 1: mlfi_header() returned SMFIS_CONTINUE
opendmarc: /tmp/msg: line 4: mlfi_header() returned SMFIS_CONTINUE
### INSHEADER: idx=1 hname='Authentication-Results'
hvalue='mail.example.org; dmarc=pass header.from=marketplace.amazon.de'
opendmarc: /tmp/msg: mlfi_eom() returned SMFIS_ACCEPT
opendmarc: mlfi_close() returned SMFIS_CONTINUE
It looks like the OpenDMARCs AR-header parser fail to recognise the
AR-header generated by OpenDKIM.
As long there is only one "dkim=pass header.d=amazon.de" anything is fine.
But there is also a second signature from amazonses.com the trigger
the trouble.
If confirmed I could open a Bugticket...
Andreas
More information about the opendmarc-users
mailing list