[opendmarc-users] trouble with endutec.de
Juri Haberland
juri at sapienti-sat.org
Mon Aug 14 11:59:40 PDT 2017
On 14.08.2017 13:58, A. Schulze wrote:
> endutec.de publish a TXT record on _dmarc.endutec.de.
> It looks like DMARC record but formal it is not a valid one.
>
> $ dig _dmarc.endutec.de. txt +short
> "off-v=DMARC1; p=reject; pct=100; fo=1;
> rua=mailto:dmarc.rua at srv-ctrl.net; ruf=mailto:dmarc.ruf at srv-ctrl.net"
[...]
> looks like OpenDMARC don't correct) check for the RFC requirement. At
> least, my version...
> I'm still running 1.3.1 + my set of ~30 patches.
>
> Is the problem above known and addressed in 1.3.2?
No, it isn't. I just checked the sources and there is a check for
"v=DMARC1" in various places, but unfortunately these checks are never
anchored at the beginning of the string - they all pass if "v=DMARC1" is
*somewhere* in the DNS answer.
The only place where a more thorough check is used is in
opendmarc_policy_parse_dmarc(), but again unfortunately it isn't checked
whether something like "v=DMARC1" is found at all :(
Will you open a bug report?
Juri
More information about the opendmarc-users
mailing list