[opendmarc-users] OpenDMARC v1.3.2 behaving differently with IPv4 and IPv6.
Juri Haberland
juri at sapienti-sat.org
Mon Sep 25 15:20:01 PDT 2017
On 25.09.2017 22:19, Grant Taylor wrote:
> On 09/25/2017 02:01 PM, Scott Kitterman wrote:
>> Are you using the internal opendmarc SPF implementation? Did you use libspf2?
>> Or do you have an external SPF checker that's adding a header field that
>> opendmarc reads?
>
> It was my misunderstanding that SPFSelfValidate caused OpenDMARC to do
> the SPF checking. But as I (re)read the man page, I see that is now
> fallback.
>
> I'll try enabling SPFIgnoreResults to "Causes the filter to ignore any
> SPF results in the header of the message."
Hi Grant,
there are three possible modes of operation:
a1) OpenDMARC uses external SPF results
a2) OpenDMARC uses internal SPF results
a3) OpenDMARC uses external SPF results and lacking these, use internal SPF
results
For case a2) and a3) there are two possible compile modes:
b1) use the internal (and buggy) SPF code
b2) use external libspf2 code
If you are using mode a2) or a3) please make sure that you are using
libspf2 by running:
"strings /usr/lib/libopendmarc.so.2|grep spf2". This should show you
something like:
> opendmarc_spf2_alloc_ctx
> opendmarc_spf2_free_ctx
> opendmarc_spf2_find_mailfrom_domain
> opendmarc_spf2_specify_ip_address
> opendmarc_spf2_test
> libspf2.so.2
If not, you are using the buggy internal SPF code.
Juri
More information about the opendmarc-users
mailing list