------------------------------------------------------------
revno: 1335
committer: Mark Sapiro <m...@msapiro.net>
branch nick: 2.2
timestamp: Fri 2014-05-02 11:43:12 -0700
message:
More fine tuning of dmarc_moderation_action.
modified:
Mailman/Defaults.py.in
Mailman/Handlers/Moderate.py
Mailman/Utils.py
NEWS
--
lp:mailman/2.2
https://code.launchpad.net/~mailman-coders/mailman/2.2
Your team Mailman Checkins is subscribed to branch lp:mailman/2.2.
To unsubscribe from this branch go to
https://code.launchpad.net/~mailman-coders/mailman/2.2/+edit-subscription
=== modified file 'Mailman/Defaults.py.in'
--- Mailman/Defaults.py.in 2014-04-15 20:55:52 +0000
+++ Mailman/Defaults.py.in 2014-05-02 18:43:12 +0000
@@ -1074,6 +1074,14 @@
# 4 = Discard
DEFAULT_DMARC_MODERATION_ACTION = 0
+# Parameters for DMARC DNS lookups. If you are seeing 'DNSException:
+# Unable to query DMARC policy ...' entries in your error log, you may need
+# to adjust these.
+# The time to wait for a response from a name server before timeout.
+DMARC_RESOLVER_TIMEOUT = seconds(3)
+# The total time to spend trying to get an answer to the question.
+DMARC_RESOLVER_LIFETIME = seconds(5)
+
# What shold happen to non-member posts which are do not match explicit
# non-member actions?
# 0 = Accept
=== modified file 'Mailman/Handlers/Moderate.py'
--- Mailman/Handlers/Moderate.py 2014-04-16 19:13:17 +0000
+++ Mailman/Handlers/Moderate.py 2014-05-02 18:43:12 +0000
@@ -50,10 +50,10 @@
def process(mlist, msg, msgdata):
if msgdata.get('approved'):
return
- # Before anything else, check DMARC.
+ # Before anything else, check DMARC if necessary.
msgdata['from_is_list'] = 0
dn, addr = parseaddr(msg.get('from'))
- if addr:
+ if addr and mlist.dmarc_moderation_action > 0:
if Utils.IsDMARCProhibited(addr):
# Note that for dmarc_moderation_action, 0 = Accept,
# 1 = Munge, 2 = Wrap, 3 = Reject, 4 = Discard
=== modified file 'Mailman/Utils.py'
--- Mailman/Utils.py 2014-04-20 00:55:12 +0000
+++ Mailman/Utils.py 2014-05-02 18:43:12 +0000
@@ -1136,8 +1136,8 @@
try:
resolver = dns.resolver.Resolver()
- resolver.timeout = 3
- resolver.lifetime = 5
+ resolver.timeout = float(mm_cfg.DMARC_RESOLVER_TIMEOUT)
+ resolver.lifetime = float(mm_cfg.DMARC_RESOLVER_LIFETIME)
txt_recs = resolver.query(dmarc_domain, dns.rdatatype.TXT)
except (dns.resolver.NXDOMAIN, dns.resolver.NoAnswer):
return False
@@ -1193,16 +1193,16 @@
dmarc_domain, len(dmarc))
for entry in dmarcs:
if re.search(r'\bp=reject\b', entry, re.IGNORECASE):
-# syslog('info',
-# 'DMARC lookup for %s (%s) found p=reject in %s = %s',
-# email, dmarc_domain, name, entry)
+ syslog('vette',
+ 'DMARC lookup for %s (%s) found p=reject in %s = %s',
+ email, dmarc_domain, name, entry)
return True
if (mm_cfg.DMARC_QUARANTINE_MODERATION_ACTION and
re.search(r'\bp=quarantine\b', entry, re.IGNORECASE)):
-# syslog('info',
-# 'DMARC lookup for %s (%s) found p=quarantine in %s = %s',
-# email, dmarc_domain, name, entry)
+ syslog('vette',
+ 'DMARC lookup for %s (%s) found p=quarantine in %s = %s',
+ email, dmarc_domain, name, entry)
return True
return False
=== modified file 'NEWS'
--- NEWS 2014-05-02 17:33:07 +0000
+++ NEWS 2014-05-02 18:43:12 +0000
@@ -82,6 +82,11 @@
dmarc_moderation_action applies to that message. Otherwise the
from_is_list action applies.
+ Also associated with dmarc_moderation_action are configuration settings
+ DMARC_RESOLVER_TIMEOUT and DMARC_RESOLVER_LIFETIME. These are described
+ in more detail in Defaults.py. There are also new vette log entries
+ written when dmarc_moderation_action is found to apply to a post.
+
i18n
- Added missing <mm-digest-question-start> tag to French listinfo template.
_______________________________________________
Mailman-checkins mailing list
Mailman-checkins@python.org
Unsubscribe:
https://mail.python.org/mailman/options/mailman-checkins/archive%40jab.org
