[opendmarc-users] Problems with 1.3.2~Beta0..deb and this mailing list failing DMARC

Scott Kitterman sklist at kitterman.com
Sat Dec 3 21:54:12 PST 2016 

Fix is finally uploaded.  Thanks for letting me know.

Scott K

On Thursday, November 17, 2016 10:10:33 AM Juri Haberland wrote:
> Ping!
> 
> Scott,
> now that opendmarc-1.3.2~Beta0+dfsg-3 was migrated to testing, I just want
> to remind you that the way it is now libopendmarc-1.3.2~Beta0+dfsg-3 uses
> the internal SPF implementation and *not libspf2* ...
> 
> See below.
> 
> Cheers,
>   Juri
> 
> PS: and please reconsider the decision to not include tickets 95 & 165 as
> they are for libspf2
> 
> Juri Haberland wrote:
> > On 2016-11-09 01:25, Scott Kitterman wrote:
> >>> On 08.11.2016 21:34, Juri Haberland wrote:
> >>>> I'd like to suggest at least the following tickets, which are all
> >>>> bugs in 1.3.2-beta0 (or even older):
> >>>> 
> >>>> ticket  95 - SPF validation fail for ipv6
> >>>> ticket 165 - SPF Internal check fails on helo
> >> 
> >> Generally, I stayed away from adding features and avoided things that
> >> looked like they only apply to the internal SPF code.  The Debian
> >> packages are built using libspf2.  I recommend everyone do that and
> >> not worry about the internal implementation.
> > 
> > Agreed, but the two patches above touch the code used to interact with
> > libspf2.
> > 
> > And just for completeness, reconsider including ticket 171 - it's just a
> > documentation fix.
> > 
> > Oh, looking at the sources of your new Debian package, I discovered a
> > problem present also in your older packages:
> > Somehow the \$${prefix} syntax in the configure call in the debian/rules
> > 
> > file does not work:
> >> [...] --with-spf2-include=\$${prefix}/include/spf2 [...]
> > 
> > Your package ends up with a libopendmarc2 using the old internal spf
> > code. This is also reflected in the debian/libopendmarc2.symbols file:
> > [...]
> > opendmarc_spf_alloc_ctx at Base 1.3.1+dfsg-2~
> > opendmarc_spf_free_ctx at Base 1.3.1+dfsg-2~
> > [...]
> > opendmarc_spf_test at Base 1.3.1+dfsg-2~
> > [...]
> > 
> > It should read:
> > [...]
> > opendmarc_spf2_alloc_ctx at Base 1.3.1+dfsg-2~
> > opendmarc_spf2_free_ctx at Base 1.3.1+dfsg-2~
> > opendmarc_spf2_find_mailfrom_domain at Base 1.3.1+dfsg-2~
> > opendmarc_spf2_specify_ip_address at Base 1.3.1+dfsg-2~
> > opendmarc_spf2_test at Base 1.3.1+dfsg-2~
> > [...]
> > 
> > Notice the 'spf' versus 'spf2'!
> > 
> > Check it yourself with 'strings /usr/lib/libopendmarc.so.2 | grep spf'
> > and don't get fooled by running
> > 'ldd /usr/lib/libopendmarc.so.2' - it will report libspf2 in both cases.

More information about the opendmarc-users mailing list