[dmarc-discuss] probably bug in OpenDMARCs AR-header parser

Mon, 15 Jun 2015 12:21:58 -0700 


Hello,

today I stumbled upon a message from amazon.de
see http://lists.dmarc.org/pipermail/dmarc-discuss/2015-June/003155.html

I striped down the message to a bare minimum:

/tmp/msg
      Authentication-Results: mail.example.org;
          dkim=pass header.d=amazon.de;
          dkim=pass header.d=amazonses.com
      From: "foo" <[email protected]>

      body

/tmp/opendkim.conf
      AuthservID              mail.example.org
      PublicSuffixList        /tmp/public_suffix_list.dat

# cd /tmp && wget https://publicsuffix.org/list/public_suffix_list.dat

# opendmarc -V
opendmarc: OpenDMARC Filter v1.3.1
         SMFI_VERSION 0x1000001
         libmilter version 1.0.1

# opendmarc -vv -c /tmp/config -t /tmp/msg
opendmarc: mlfi_connect() returned SMFIS_CONTINUE
opendmarc: mlfi_helo() returned SMFIS_CONTINUE
opendmarc: /tmp/msg: mlfi_envfrom() returned SMFIS_CONTINUE
opendmarc: /tmp/msg: line 1: mlfi_header() returned SMFIS_CONTINUE
opendmarc: /tmp/msg: line 4: mlfi_header() returned SMFIS_CONTINUE
### INSHEADER: idx=1 hname='Authentication-Results' hvalue='mail.example.org; dmarc=fail header.from=marketplace.amazon.de' 
opendmarc: /tmp/msg: mlfi_eom() returned SMFIS_CONTINUE
opendmarc: mlfi_close() returned SMFIS_CONTINUE

If I now change the second dkim=pass to foo=pass it looks different:
# opendmarc -vv -c /tmp/config -t /tmp/msg
opendmarc: mlfi_connect() returned SMFIS_CONTINUE
opendmarc: mlfi_helo() returned SMFIS_CONTINUE
opendmarc: /tmp/msg: mlfi_envfrom() returned SMFIS_CONTINUE
opendmarc: /tmp/msg: line 1: mlfi_header() returned SMFIS_CONTINUE
opendmarc: /tmp/msg: line 4: mlfi_header() returned SMFIS_CONTINUE
### INSHEADER: idx=1 hname='Authentication-Results' hvalue='mail.example.org; dmarc=pass header.from=marketplace.amazon.de' 
opendmarc: /tmp/msg: mlfi_eom() returned SMFIS_ACCEPT
opendmarc: mlfi_close() returned SMFIS_CONTINUE
It looks like the OpenDMARCs AR-header parser fail to recognise the AR-header generated by OpenDKIM. 
As long there is only one "dkim=pass header.d=amazon.de" anything is fine.
But there is also a second signature from amazonses.com the trigger the trouble. 

If confirmed I could open a Bugticket...

Andreas


_______________________________________________
dmarc-discuss mailing list
[email protected]
http://www.dmarc.org/mailman/listinfo/dmarc-discuss

NOTE: Participating in this list means you agree to the DMARC Note Well terms 
(http://www.dmarc.org/note_well.html)

Reply via email to