[opendmarc-users] OpenDMARC v1.3.2 behaving differently with IPv4 and IPv6.

Grant Taylor gtaylor at tnetconsulting.net
Mon Sep 25 15:46:59 PDT 2017


On 09/25/2017 04:20 PM, Juri Haberland wrote:
> Hi Grant,

Hi Juri,

> there are three possible modes of operation:
> a1) OpenDMARC uses external SPF results
> a2) OpenDMARC uses internal SPF results
> a3) OpenDMARC uses external SPF results and lacking these, use internal 
> SPF results

I believe that I'm running a2) OpenDMARC uses internal SPF results.

SPFIgnoreResults   true
SPFSelfValidate    true

> For case a2) and a3) there are two possible compile modes:
> b1) use the internal (and buggy) SPF code
> b2) use external libspf2 code

I suspect that I'm using b1.  I configured & compiled OpenDMARC last 
night --with-spf & --with-milter but /without/ --with-spf2-*

> If you are using mode a2) or a3) please make sure that you are using 
> libspf2 by running:
> "strings /usr/lib/libopendmarc.so.2|grep spf2". This should show you 
> something like:

Here's what I get:

> strings libopendmarc.la
> # libopendmarc.la - a libtool library file
> # Generated by libtool (GNU libtool) 2.4
> # Please DO NOT delete this file!
> # It is necessary for linking the library.
> # The name that we can dlopen(3).
> dlname='libopendmarc.so.2'
> # Names of this library.
> library_names='libopendmarc.so.2.0.2 libopendmarc.so.2 libopendmarc.so'
> # The name of the static archive.
> old_library='libopendmarc.a'
> # Linker flags that can not go in dependency_libs.
> inherited_linker_flags=''
> # Libraries that this one depends upon.
> dependency_libs=' -lbsd -lrt'
> # Names of additional weak libraries provided by this library
> weak_library_names=''
> # Version information for libopendmarc.
> current=2
> age=0
> revision=2
> # Is this an already installed library?
> installed=no
> # Should we warn about portability when linking against -modules?
> shouldnotlink=no
> # Files to dlopen/dlpreopen
> dlopen=''
> dlpreopen=''
> # Directory that this library needs to be installed in:
> libdir='/usr/local/lib'

Note:  I've only configured & compiled, and not actually installed.  - 
I'm currently running the opendmarc binary out of a subdirectory of my 
home while testing.  Thus I cded to the opendmarc-1.3.2/libopendmarc 
directory and ran the above command.

Once I know that things are better, I'll deal with removing the vendor 
provided copy of OpenDMARC 1.3.0 (?) and replacing it with my copy of 
OpenDMARC 1.3.2.

> If not, you are using the buggy internal SPF code.

I strongly suspect that I'm using the buggy internal SPF code.

I will investigate installing (or updating) libspf2 and re-configuring 
and re-compiling using that.

Thank you Juri.



-- 
Grant. . . .
unix || die

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3717 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://www.trusteddomain.org/pipermail/opendmarc-users/attachments/20170925/74494f63/attachment-0001.bin>


More information about the opendmarc-users mailing list