[opendmarc-users] Problems with 1.3.2~Beta0..deb and this mailing list failing DMARC

Scott Kitterman sklist at kitterman.com
Thu Nov 17 05:05:32 PST 2016


I do intend to make those changes in the next day or three.

Scott K

On November 17, 2016 3:10:33 AM CST, Juri Haberland <juri at sapienti-sat.org> wrote:
>Ping!
>
>Scott,
>now that opendmarc-1.3.2~Beta0+dfsg-3 was migrated to testing, I just
>want to
>remind you that the way it is now libopendmarc-1.3.2~Beta0+dfsg-3 uses
>the
>internal SPF implementation and *not libspf2* ...
>
>See below.
>
>Cheers,
>  Juri
>
>PS: and please reconsider the decision to not include tickets 95 & 165
>as they
>are for libspf2
>
>Juri Haberland wrote:
>> On 2016-11-09 01:25, Scott Kitterman wrote:
>>>> On 08.11.2016 21:34, Juri Haberland wrote:
>>
>>>>> I'd like to suggest at least the following tickets, which are all
>>>>> bugs in 1.3.2-beta0 (or even older):
>>
>>>>> ticket  95 - SPF validation fail for ipv6
>>>>> ticket 165 - SPF Internal check fails on helo
>>
>>> Generally, I stayed away from adding features and avoided things
>that
>>> looked like they only apply to the internal SPF code.  The Debian
>>> packages are built using libspf2.  I recommend everyone do that and
>>> not worry about the internal implementation.
>>
>> Agreed, but the two patches above touch the code used to interact
>with
>> libspf2.
>>
>> And just for completeness, reconsider including ticket 171 - it's
>just a
>> documentation fix.
>>
>> Oh, looking at the sources of your new Debian package, I discovered a
>> problem present also in your older packages:
>> Somehow the \$${prefix} syntax in the configure call in the
>debian/rules
>> file does not work:
>>> [...] --with-spf2-include=\$${prefix}/include/spf2 [...]
>>
>> Your package ends up with a libopendmarc2 using the old internal spf
>> code. This is also reflected in the debian/libopendmarc2.symbols
>file:
>> [...]
>> opendmarc_spf_alloc_ctx at Base 1.3.1+dfsg-2~
>> opendmarc_spf_free_ctx at Base 1.3.1+dfsg-2~
>> [...]
>> opendmarc_spf_test at Base 1.3.1+dfsg-2~
>> [...]
>>
>> It should read:
>> [...]
>> opendmarc_spf2_alloc_ctx at Base 1.3.1+dfsg-2~
>> opendmarc_spf2_free_ctx at Base 1.3.1+dfsg-2~
>> opendmarc_spf2_find_mailfrom_domain at Base 1.3.1+dfsg-2~
>> opendmarc_spf2_specify_ip_address at Base 1.3.1+dfsg-2~
>> opendmarc_spf2_test at Base 1.3.1+dfsg-2~
>> [...]
>>
>> Notice the 'spf' versus 'spf2'!
>>
>> Check it yourself with 'strings /usr/lib/libopendmarc.so.2 | grep
>spf'
>> and don't get fooled by running
>> 'ldd /usr/lib/libopendmarc.so.2' - it will report libspf2 in both
>cases.



More information about the opendmarc-users mailing list