On Wed, 20 May 2020 11:51:42 +0200
Giovanni Bechis wrote:
> Hi,
> for those that might be interested, I developed a DMARC plugin for
> SpamAssassin, code is at https://github.com/bigio/spamassassin-dmarc.
The use of uri_to_domain() looks wrong:
$dmarc->envelope_to($self->uri_to_domain($pms->get('To:addr')));
$dmarc->envelope_from($self->uri_to_domain($lasthop->{envfrom}));
$dmarc->header_from($self->uri_to_domain($pms->get('From:addr')));
AFAIK this passes the organizational domain when the DMARC library
needs the full RHS for envelope_from and header_from. Doing
this can cause the wrong DMARC record to be fetched. It can also change
a pass into a fail or vice versa.
It looks Mail::DMARC does it it's own organizational domain conversion
using the file 'public_suffix_list' there's also an updating script
'dmarc_update_public_suffix_list'.
