aboutsummaryrefslogtreecommitdiffstats
path: root/Mailman/Utils.py
diff options
context:
space:
mode:
authorYasuhito FUTATSUKI at POEM <futatuki@poem.co.jp>2016-05-13 03:54:42 +0900
committerYasuhito FUTATSUKI at POEM <futatuki@poem.co.jp>2016-05-13 03:54:42 +0900
commit92fe2d084b3db7c533b3860428afccec7af95036 (patch)
tree70b89624a61f75cb8efb7c10a9a37abe5fb7bb16 /Mailman/Utils.py
parent0d0624665b0a1f1779e2fb7a670b39fd7509258f (diff)
parentd2145608089777cd27175763cf9f71ca2a3159f5 (diff)
downloadmailman2-92fe2d084b3db7c533b3860428afccec7af95036.tar.gz
mailman2-92fe2d084b3db7c533b3860428afccec7af95036.tar.xz
mailman2-92fe2d084b3db7c533b3860428afccec7af95036.zip
Merge lp:mailman/2.1 up to rev 1649
Diffstat (limited to '')
-rw-r--r--Mailman/Utils.py26
1 files changed, 19 insertions, 7 deletions
diff --git a/Mailman/Utils.py b/Mailman/Utils.py
index f821f13a..2dbaef0b 100644
--- a/Mailman/Utils.py
+++ b/Mailman/Utils.py
@@ -1170,6 +1170,8 @@ def get_suffixes(url):
global s_dict
if s_dict:
return
+ if not url:
+ return
try:
d = urllib2.urlopen(url)
except urllib2.URLError, e:
@@ -1241,7 +1243,8 @@ def IsDMARCProhibited(mlist, email):
return False
email = email.lower()
- at_sign = email.find('@')
+ # Scan from the right in case quoted local part has an '@'.
+ at_sign = email.rfind('@')
if at_sign < 1:
return False
f_dom = email[at_sign+1:]
@@ -1250,12 +1253,12 @@ def IsDMARCProhibited(mlist, email):
return x
o_dom = get_org_dom(f_dom)
if o_dom != f_dom:
- x = _DMARCProhibited(mlist, email, '_dmarc.' + o_dom)
+ x = _DMARCProhibited(mlist, email, '_dmarc.' + o_dom, org=True)
if x != 'continue':
return x
return False
-def _DMARCProhibited(mlist, email, dmarc_domain):
+def _DMARCProhibited(mlist, email, dmarc_domain, org=False):
try:
resolver = dns.resolver.Resolver()
@@ -1267,7 +1270,7 @@ def _DMARCProhibited(mlist, email, dmarc_domain):
except DNSException, e:
syslog('error',
'DNSException: Unable to query DMARC policy for %s (%s). %s',
- email, dmarc_domain, e.__class__)
+ email, dmarc_domain, e.__doc__)
return 'continue'
else:
# people are already being dumb, don't trust them to provide honest DNS
@@ -1315,14 +1318,23 @@ def _DMARCProhibited(mlist, email, dmarc_domain):
testing them all""",
dmarc_domain, len(dmarc))
for entry in dmarcs:
- if re.search(r'\bp=reject\b', entry, re.IGNORECASE):
+ mo = re.search(r'\bsp=(\w*)\b', entry, re.IGNORECASE)
+ if org and mo:
+ policy = mo.group(1).lower()
+ else:
+ mo = re.search(r'\bp=(\w*)\b', entry, re.IGNORECASE)
+ if mo:
+ policy = mo.group(1).lower()
+ else:
+ continue
+ if policy == 'reject':
syslog('vette',
'%s: DMARC lookup for %s (%s) found p=reject in %s = %s',
mlist.real_name, email, dmarc_domain, name, entry)
return True
if (mlist.dmarc_quarantine_moderation_action and
- re.search(r'\bp=quarantine\b', entry, re.IGNORECASE)):
+ policy == 'quarantine'):
syslog('vette',
'%s: DMARC lookup for %s (%s) found p=quarantine in %s = %s',
mlist.real_name, email, dmarc_domain, name, entry)
@@ -1331,7 +1343,7 @@ def _DMARCProhibited(mlist, email, dmarc_domain):
if (mlist.dmarc_none_moderation_action and
mlist.dmarc_quarantine_moderation_action and
mlist.dmarc_moderation_action in (1, 2) and
- re.search(r'\bp=none\b', entry, re.IGNORECASE)):
+ policy == 'none'):
syslog('vette',
'%s: DMARC lookup for %s (%s) found p=none in %s = %s',
mlist.real_name, email, dmarc_domain, name, entry)