[opendmarc-users] probably bug in OpenDMARCs AR-header parser
Robert Schetterer
rs at sys4.de
Mon Jun 15 13:52:21 PDT 2015
Am 15.06.2015 um 21:12 schrieb A. Schulze:
>
> Hello,
>
> today I stumbled upon a message from amazon.de
> see http://lists.dmarc.org/pipermail/dmarc-discuss/2015-June/003155.html
>
> I striped down the message to a bare minimum:
>
> /tmp/msg
> Authentication-Results: mail.example.org;
> dkim=pass header.d=amazon.de;
> dkim=pass header.d=amazonses.com
> From: "foo" <foo at marketplace.amazon.de>
>
> body
>
> /tmp/opendkim.conf
> AuthservID mail.example.org
> PublicSuffixList /tmp/public_suffix_list.dat
>
> # cd /tmp && wget https://publicsuffix.org/list/public_suffix_list.dat
>
> # opendmarc -V
> opendmarc: OpenDMARC Filter v1.3.1
> SMFI_VERSION 0x1000001
> libmilter version 1.0.1
>
> # opendmarc -vv -c /tmp/config -t /tmp/msg
> opendmarc: mlfi_connect() returned SMFIS_CONTINUE
> opendmarc: mlfi_helo() returned SMFIS_CONTINUE
> opendmarc: /tmp/msg: mlfi_envfrom() returned SMFIS_CONTINUE
> opendmarc: /tmp/msg: line 1: mlfi_header() returned SMFIS_CONTINUE
> opendmarc: /tmp/msg: line 4: mlfi_header() returned SMFIS_CONTINUE
> ### INSHEADER: idx=1 hname='Authentication-Results'
> hvalue='mail.example.org; dmarc=fail header.from=marketplace.amazon.de'
> opendmarc: /tmp/msg: mlfi_eom() returned SMFIS_CONTINUE
> opendmarc: mlfi_close() returned SMFIS_CONTINUE
>
> If I now change the second dkim=pass to foo=pass it looks different:
> # opendmarc -vv -c /tmp/config -t /tmp/msg
> opendmarc: mlfi_connect() returned SMFIS_CONTINUE
> opendmarc: mlfi_helo() returned SMFIS_CONTINUE
> opendmarc: /tmp/msg: mlfi_envfrom() returned SMFIS_CONTINUE
> opendmarc: /tmp/msg: line 1: mlfi_header() returned SMFIS_CONTINUE
> opendmarc: /tmp/msg: line 4: mlfi_header() returned SMFIS_CONTINUE
> ### INSHEADER: idx=1 hname='Authentication-Results'
> hvalue='mail.example.org; dmarc=pass header.from=marketplace.amazon.de'
> opendmarc: /tmp/msg: mlfi_eom() returned SMFIS_ACCEPT
> opendmarc: mlfi_close() returned SMFIS_CONTINUE
>
> It looks like the OpenDMARCs AR-header parser fail to recognise the
> AR-header generated by OpenDKIM.
> As long there is only one "dkim=pass header.d=amazon.de" anything is fine.
> But there is also a second signature from amazonses.com the trigger the
> trouble.
>
> If confirmed I could open a Bugticket...
>
> Andreas
>
>
> _______________________________________________
> opendmarc-users mailing list
> opendmarc-users at trusteddomain.org
> http://www.trusteddomain.org/mailman/listinfo/opendmarc-users
i think i saw equal stuff last week
Best Regards
MfG Robert Schetterer
--
[*] sys4 AG
http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München
Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein
More information about the opendmarc-users
mailing list