From d8d784da666f6cd366f08a2a87bff73b3762e3fd Mon Sep 17 00:00:00 2001 From: Mark Sapiro Date: Fri, 2 May 2014 20:26:03 -0700 Subject: Make dmarc_quarantine_moderaction_action a list setting. --- Mailman/Defaults.py.in | 5 +++-- Mailman/Gui/Privacy.py | 21 +++++++++++++++++++-- Mailman/Handlers/Moderate.py | 2 +- Mailman/MailList.py | 2 ++ Mailman/Utils.py | 5 ++--- Mailman/Version.py | 2 +- Mailman/versions.py | 4 +++- NEWS | 8 +++++--- 8 files changed, 36 insertions(+), 13 deletions(-) diff --git a/Mailman/Defaults.py.in b/Mailman/Defaults.py.in index 07c7a726..3ecf996a 100755 --- a/Mailman/Defaults.py.in +++ b/Mailman/Defaults.py.in @@ -1061,8 +1061,9 @@ DEFAULT_DEFAULT_MEMBER_MODERATION = No DEFAULT_FORWARD_AUTO_DISCARDS = Yes # Shall dmarc_moderation_action be applied to messages From: domains with -# a DMARC policy of quarantine as well as reject? -DMARC_QUARANTINE_MODERATION_ACTION = Yes +# a DMARC policy of quarantine as well as reject? This sets the default for +# the list setting that controls it. +DEFAULT_DMARC_QUARANTINE_MODERATION_ACTION = Yes # Default action for posts whose From: address domain has a DMARC policy of # reject or quarantine. See DEFAULT_FROM_IS_LIST below. Whatever is set as diff --git a/Mailman/Gui/Privacy.py b/Mailman/Gui/Privacy.py index 477304c6..7f1e12f3 100644 --- a/Mailman/Gui/Privacy.py +++ b/Mailman/Gui/Privacy.py @@ -159,7 +159,7 @@ class Privacy(GUIBase): adminurl = mlist.GetScriptURL('admin', absolute=1) - if mm_cfg.DMARC_QUARANTINE_MODERATION_ACTION: + if mlist.dmarc_quarantine_moderation_action: quarantine = _('/Quarantine') else: quarantine = '' @@ -269,6 +269,23 @@ class Privacy(GUIBase): if the message is From: an affected domain and the setting is other than Accept.""")), + ('dmarc_quarantine_moderation_action', mm_cfg.Radio, + (_('No'), _('Yes')), 0, + _("""Shall the above dmarc_moderation_action apply to messages + From: domains with DMARC p=quarantine as well as p=reject"""), + + _("""

If a message is From: a domain with DMARC p=quarantine + and dmarc_moderation_action is not applied (this set to No) + the message will likely not bounce, but will be delivered to + recipients' spam folders or other hard to find places.""")), + ('dmarc_moderation_notice', mm_cfg.Text, (10, WIDTH), 1, _("""Text to include in any 0: - if Utils.IsDMARCProhibited(addr): + if Utils.IsDMARCProhibited(mlist, addr): # Note that for dmarc_moderation_action, 0 = Accept, # 1 = Munge, 2 = Wrap, 3 = Reject, 4 = Discard if mlist.dmarc_moderation_action == 1: diff --git a/Mailman/MailList.py b/Mailman/MailList.py index 02646b7e..0ebf8ab8 100755 --- a/Mailman/MailList.py +++ b/Mailman/MailList.py @@ -390,6 +390,8 @@ class MailList(HTMLFormatter, Deliverer, ListAdmin, self.member_moderation_action = 0 self.member_moderation_notice = '' self.dmarc_moderation_action = mm_cfg.DEFAULT_DMARC_MODERATION_ACTION + self.dmarc_quarantine_moderation_action = ( + mm_cfg.DEFAULT_DMARC_QUARANTINE_MODERATION_ACTION) self.dmarc_moderation_notice = '' self.accept_these_nonmembers = [] self.hold_these_nonmembers = [] diff --git a/Mailman/Utils.py b/Mailman/Utils.py index eab085a8..8290bf14 100644 --- a/Mailman/Utils.py +++ b/Mailman/Utils.py @@ -1068,7 +1068,7 @@ def suspiciousHTML(html): # This takes an email address, and returns True if DMARC policy is p=reject # or possibly quarantine. -def IsDMARCProhibited(email): +def IsDMARCProhibited(mlist, email): if not dns_resolver: return False @@ -1142,7 +1142,7 @@ def IsDMARCProhibited(email): email, dmarc_domain, name, entry) return True - if (mm_cfg.DMARC_QUARANTINE_MODERATION_ACTION and + if (mlist.dmarc_quarantine_moderation_action and re.search(r'\bp=quarantine\b', entry, re.IGNORECASE)): syslog('vette', 'DMARC lookup for %s (%s) found p=quarantine in %s = %s', @@ -1151,4 +1151,3 @@ def IsDMARCProhibited(email): return False - diff --git a/Mailman/Version.py b/Mailman/Version.py index 107dfa7e..85ebe4b5 100644 --- a/Mailman/Version.py +++ b/Mailman/Version.py @@ -37,7 +37,7 @@ HEX_VERSION = ((MAJOR_REV << 24) | (MINOR_REV << 16) | (MICRO_REV << 8) | (REL_LEVEL << 4) | (REL_SERIAL << 0)) # config.pck schema version number -DATA_FILE_VERSION = 103 +DATA_FILE_VERSION = 104 # qfile/*.db schema version number QFILE_SCHEMA_VERSION = 3 diff --git a/Mailman/versions.py b/Mailman/versions.py index a568e8e6..a6cc51cc 100755 --- a/Mailman/versions.py +++ b/Mailman/versions.py @@ -389,7 +389,9 @@ def NewVars(l): add_only_if_missing('member_moderation_action', 0) add_only_if_missing('member_moderation_notice', '') add_only_if_missing('dmarc_moderation_action', - mm_cfg.DEFAULT_DMARC_MODERATION_ACTION) + mm_cfg.DEFAULT_DMARC_MODERATION_ACTION) + add_only_if_missing('dmarc_quarantine_moderation_action', + mm_cfg.DEFAULT_DMARC_QUARANTINE_MODERATION_ACTION) add_only_if_missing('dmarc_moderation_notice', '') add_only_if_missing('new_member_options', mm_cfg.DEFAULT_NEW_MEMBER_OPTIONS) diff --git a/NEWS b/NEWS index 04ec2788..adf3effc 100755 --- a/NEWS +++ b/NEWS @@ -28,9 +28,11 @@ Here is a history of user visible changes to Mailman. default for this, and the list admin UI is not able to set an action which is 'less' than the default. The prior ALLOW_FROM_IS_LIST setting has been removed and is effectively always Yes. There is a new - DMARC_QUARANTINE_MODERATION_ACTION configuration setting which defaults - to Yes but can be set to No to exclude domains with DMARC policy of - quarantine from dmarc_moderation_action. + dmarc_quarantine_moderation_action list setting with default set by a + new DEFAULT_DMARC_QUARANTINE_MODERATION_ACTION configuration setting + which in turn defaults to Yes. The list setting can be set to No to + exclude domains with DMARC policy of quarantine from + dmarc_moderation_action. dmarc_moderation_action and from_is_list interact in the following way. If the message is From: a domain to which dmarc_moderation_action applies -- cgit v1.2.3