[opendmarc-users] OpenDMARC v1.3.2 behaving differently with IPv4 and IPv6.
Grant Taylor
gtaylor at tnetconsulting.net
Mon Sep 25 15:46:59 PDT 2017
On 09/25/2017 04:20 PM, Juri Haberland wrote:
> Hi Grant,
Hi Juri,
> there are three possible modes of operation:
> a1) OpenDMARC uses external SPF results
> a2) OpenDMARC uses internal SPF results
> a3) OpenDMARC uses external SPF results and lacking these, use internal
> SPF results
I believe that I'm running a2) OpenDMARC uses internal SPF results.
SPFIgnoreResults true
SPFSelfValidate true
> For case a2) and a3) there are two possible compile modes:
> b1) use the internal (and buggy) SPF code
> b2) use external libspf2 code
I suspect that I'm using b1. I configured & compiled OpenDMARC last
night --with-spf & --with-milter but /without/ --with-spf2-*
> If you are using mode a2) or a3) please make sure that you are using
> libspf2 by running:
> "strings /usr/lib/libopendmarc.so.2|grep spf2". This should show you
> something like:
Here's what I get:
> strings libopendmarc.la
> # libopendmarc.la - a libtool library file
> # Generated by libtool (GNU libtool) 2.4
> # Please DO NOT delete this file!
> # It is necessary for linking the library.
> # The name that we can dlopen(3).
> dlname='libopendmarc.so.2'
> # Names of this library.
> library_names='libopendmarc.so.2.0.2 libopendmarc.so.2 libopendmarc.so'
> # The name of the static archive.
> old_library='libopendmarc.a'
> # Linker flags that can not go in dependency_libs.
> inherited_linker_flags=''
> # Libraries that this one depends upon.
> dependency_libs=' -lbsd -lrt'
> # Names of additional weak libraries provided by this library
> weak_library_names=''
> # Version information for libopendmarc.
> current=2
> age=0
> revision=2
> # Is this an already installed library?
> installed=no
> # Should we warn about portability when linking against -modules?
> shouldnotlink=no
> # Files to dlopen/dlpreopen
> dlopen=''
> dlpreopen=''
> # Directory that this library needs to be installed in:
> libdir='/usr/local/lib'
Note: I've only configured & compiled, and not actually installed. -
I'm currently running the opendmarc binary out of a subdirectory of my
home while testing. Thus I cded to the opendmarc-1.3.2/libopendmarc
directory and ran the above command.
Once I know that things are better, I'll deal with removing the vendor
provided copy of OpenDMARC 1.3.0 (?) and replacing it with my copy of
OpenDMARC 1.3.2.
> If not, you are using the buggy internal SPF code.
I strongly suspect that I'm using the buggy internal SPF code.
I will investigate installing (or updating) libspf2 and re-configuring
and re-compiling using that.
Thank you Juri.
--
Grant. . . .
unix || die
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3717 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://www.trusteddomain.org/pipermail/opendmarc-users/attachments/20170925/74494f63/attachment-0001.bin>
More information about the opendmarc-users
mailing list