On Thu, 2017-10-12 at 13:15 -0700, Mark Sapiro wrote: > On 10/12/2017 12:37 PM, Lindsay Haisley wrote: > > So, if someone could give me a few pointers to the relevant code in > > Mailman 2, and any suggestions which might save me some time, I can > > take it from there. I'm python-literate and have hacked our copy of > > Mailman here in the past - perhaps more than is wise since every time I > > upgrade I need to apply a number of patches to bring my mods along with > > the upgrade :) > > There are two pieces to this in Mailman (both 2.1 and 3.1). One piece is > determining the DMARC policy of the From: domain. In MM 2, the code that > does this is in Mailman/Utils.py beginning with the comments > > # The next functions read data from > # https://publicsuffix.org/list/public_suffix_list.dat and implement the > # algorithm at https://publicsuffix.org/list/ to find the "Organizational > # Domain corresponding to a From: domain. > > and extending through the end of the > > def _DMARCProhibited(mlist, email, dmarc_domain, org=False):
I'm running MM 2.1.18-1 here and find only > # This takes an email address, and returns True if DMARC policy is p=reject > # or possibly quarantine. > def IsDMARCProhibited(mlist, email): > ... etc This looks pretty straight-forward. I can dispense with code related to mlist since I need only a True|False determination of whether the sending domain publishes a DMARC "p=reject" or "p=quarantine" record. You folks are obviously up-to-speed on DMARC nuances and this code looks pretty through. I assume the reference to publicsuffix.org comes with later versions of 2.x and in MM 3 since there's none in 2.1.18-1. This must be something new in the DMARC mitigation world and I'm not familiar with it. Is there any reason to pull in a more recent MM 2 and use the DMARC detection code therein? Speed is important here since this is simply a turnaround on a single email, not dependent on any list variables. I'm reluctant to burden every redirection turnaround with an HTTP look-up. Replacement of the From header is just a matter of reading the email headers into an array, making modifications if necessary and pushing the result, followed by the message body, out to Courier's sendmail clone. Basically: if from_domain publishes bad DMARC: if Reply-To does not exist: copy From header to Reply-To Replace From with "On behalf of old_From" <postmas...@fmp.com> Feed headers and body to Courier's sendmail clone My take on it is that this should work OK. -- Lindsay Haisley | "The first casualty when FMP Computer Services | war comes is truth." 512-259-1190 | http://www.fmp.com | -- Hiram W Johnson _______________________________________________ Mailman-Developers mailing list Mailman-Developers@python.org https://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9
