[opendmarc-users] OpenDMARC v1.3.2 behaving differently with IPv4 and IPv6.

Juri Haberland juri at sapienti-sat.org
Mon Sep 25 15:20:01 PDT 2017


On 25.09.2017 22:19, Grant Taylor wrote:
> On 09/25/2017 02:01 PM, Scott Kitterman wrote:
>> Are you using the internal opendmarc SPF implementation?  Did you use libspf2?
>> Or do you have an external SPF checker that's adding a header field that
>> opendmarc reads?
> 
> It was my misunderstanding that SPFSelfValidate caused OpenDMARC to do 
> the SPF checking.  But as I (re)read the man page, I see that is now 
> fallback.
> 
> I'll try enabling SPFIgnoreResults to "Causes  the  filter to ignore any 
> SPF results in the header of the message."

Hi Grant,

there are three possible modes of operation:
a1) OpenDMARC uses external SPF results
a2) OpenDMARC uses internal SPF results
a3) OpenDMARC uses external SPF results and lacking these, use internal SPF
results

For case a2) and a3) there are two possible compile modes:
b1) use the internal (and buggy) SPF code
b2) use external libspf2 code

If you are using mode a2) or a3) please make sure that you are using
libspf2 by running:
"strings /usr/lib/libopendmarc.so.2|grep spf2". This should show you
something like:

> opendmarc_spf2_alloc_ctx
> opendmarc_spf2_free_ctx
> opendmarc_spf2_find_mailfrom_domain
> opendmarc_spf2_specify_ip_address
> opendmarc_spf2_test
> libspf2.so.2

If not, you are using the buggy internal SPF code.


  Juri


More information about the opendmarc-users mailing list