[opendmarc-users] Unable to parse From header field

Robert Schetterer rs at sys4.de
Wed May 20 11:44:55 PDT 2015


Am 20.05.2015 um 20:25 schrieb Murray S. Kucherawy:
> On Wed, 20 May 2015, Urban Loesch wrote:
>> May 19 10:05:28 mil1 opendkim[5429]: 3lrVBc5GtLz11LwX: mail.isp55.de
>> [213.139.150.150] not internal
>> May 19 10:05:28 mil1 opendkim[5429]: 3lrVBc5GtLz11LwX: not authenticated
>> May 19 10:05:28 mil1 opendmarc[519]: 3lrVBc5GtLz11LwX: unable to parse
>> From header field
>> ...
>>
>> After some searching I found out that opendmarc does not recognize
>> some combinations in the "From:" field.
>>
>> For example:
>>
>> ...
>> From: "paket at dhl.com" <hkmlease>
>> ...
>> or
>> ...
>> From: ''paket at dhl.com'' <hkmlease>
>> (strange windows like double quote signs)
>> ...
>>
>> passes the filter without getting blocked.
>>
>> I'm still waiting for the original mail from my customer for further
>> analysis.
>>
>> This behaviour makes it easy to create some crappy formatted mail to
>> bypass opendmarc.
>> I have no idea if this is bug or not. What do you think about it?
> 
> I would imagine the idea here is that some other component of your mail
> system would identify such a message as clearly bogus and reject it,
> independent of DMARC.
> 
> What do others think?  We could easily add an option that will cause
> OpenDMARC to request rejection of messages where From is unparseable.
> 
> -MSK
> _______________________________________________
> opendmarc-users mailing list
> opendmarc-users at trusteddomain.org
> http://www.trusteddomain.org/mailman/listinfo/opendmarc-users

this is a well done virus wave i.e

http://p.mit42.de/view/c52b824b

some other have problems too catching them


Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein


More information about the opendmarc-users mailing list