diff options
author | Yasuhito FUTATSUKI at POEM <futatuki@poem.co.jp> | 2016-05-13 03:54:42 +0900 |
---|---|---|
committer | Yasuhito FUTATSUKI at POEM <futatuki@poem.co.jp> | 2016-05-13 03:54:42 +0900 |
commit | 92fe2d084b3db7c533b3860428afccec7af95036 (patch) | |
tree | 70b89624a61f75cb8efb7c10a9a37abe5fb7bb16 /Mailman/Utils.py | |
parent | 0d0624665b0a1f1779e2fb7a670b39fd7509258f (diff) | |
parent | d2145608089777cd27175763cf9f71ca2a3159f5 (diff) | |
download | mailman2-92fe2d084b3db7c533b3860428afccec7af95036.tar.gz mailman2-92fe2d084b3db7c533b3860428afccec7af95036.tar.xz mailman2-92fe2d084b3db7c533b3860428afccec7af95036.zip |
Merge lp:mailman/2.1 up to rev 1649
Diffstat (limited to '')
-rw-r--r-- | Mailman/Utils.py | 26 |
1 files changed, 19 insertions, 7 deletions
diff --git a/Mailman/Utils.py b/Mailman/Utils.py index f821f13a..2dbaef0b 100644 --- a/Mailman/Utils.py +++ b/Mailman/Utils.py @@ -1170,6 +1170,8 @@ def get_suffixes(url): global s_dict if s_dict: return + if not url: + return try: d = urllib2.urlopen(url) except urllib2.URLError, e: @@ -1241,7 +1243,8 @@ def IsDMARCProhibited(mlist, email): return False email = email.lower() - at_sign = email.find('@') + # Scan from the right in case quoted local part has an '@'. + at_sign = email.rfind('@') if at_sign < 1: return False f_dom = email[at_sign+1:] @@ -1250,12 +1253,12 @@ def IsDMARCProhibited(mlist, email): return x o_dom = get_org_dom(f_dom) if o_dom != f_dom: - x = _DMARCProhibited(mlist, email, '_dmarc.' + o_dom) + x = _DMARCProhibited(mlist, email, '_dmarc.' + o_dom, org=True) if x != 'continue': return x return False -def _DMARCProhibited(mlist, email, dmarc_domain): +def _DMARCProhibited(mlist, email, dmarc_domain, org=False): try: resolver = dns.resolver.Resolver() @@ -1267,7 +1270,7 @@ def _DMARCProhibited(mlist, email, dmarc_domain): except DNSException, e: syslog('error', 'DNSException: Unable to query DMARC policy for %s (%s). %s', - email, dmarc_domain, e.__class__) + email, dmarc_domain, e.__doc__) return 'continue' else: # people are already being dumb, don't trust them to provide honest DNS @@ -1315,14 +1318,23 @@ def _DMARCProhibited(mlist, email, dmarc_domain): testing them all""", dmarc_domain, len(dmarc)) for entry in dmarcs: - if re.search(r'\bp=reject\b', entry, re.IGNORECASE): + mo = re.search(r'\bsp=(\w*)\b', entry, re.IGNORECASE) + if org and mo: + policy = mo.group(1).lower() + else: + mo = re.search(r'\bp=(\w*)\b', entry, re.IGNORECASE) + if mo: + policy = mo.group(1).lower() + else: + continue + if policy == 'reject': syslog('vette', '%s: DMARC lookup for %s (%s) found p=reject in %s = %s', mlist.real_name, email, dmarc_domain, name, entry) return True if (mlist.dmarc_quarantine_moderation_action and - re.search(r'\bp=quarantine\b', entry, re.IGNORECASE)): + policy == 'quarantine'): syslog('vette', '%s: DMARC lookup for %s (%s) found p=quarantine in %s = %s', mlist.real_name, email, dmarc_domain, name, entry) @@ -1331,7 +1343,7 @@ def _DMARCProhibited(mlist, email, dmarc_domain): if (mlist.dmarc_none_moderation_action and mlist.dmarc_quarantine_moderation_action and mlist.dmarc_moderation_action in (1, 2) and - re.search(r'\bp=none\b', entry, re.IGNORECASE)): + policy == 'none'): syslog('vette', '%s: DMARC lookup for %s (%s) found p=none in %s = %s', mlist.real_name, email, dmarc_domain, name, entry) |