[exim-dev] [Bug 1389] New: DMARC $dmarc_ar_header contains t…

Pàgina inicial
Delete this message
Reply to this message
Autor: bes
Data:  
A: exim-dev
Assumpte: [exim-dev] [Bug 1389] New: DMARC $dmarc_ar_header contains trash
------- You are receiving this mail because: -------
You are on the CC list for the bug.

http://bugs.exim.org/show_bug.cgi?id=1389
           Summary: DMARC $dmarc_ar_header contains trash
           Product: Exim
           Version: N/A
          Platform: Other
        OS/Version: Linux
            Status: NEW
          Severity: bug
          Priority: medium
         Component: Unfiled
        AssignedTo: nigel@???
        ReportedBy: bes.internal@???
                CC: exim-dev@???



Exim version 4.80_230-b1f3784 #2 built 29-Sep-2013 22:54:20 (some minor updates
from exim-4_82_RC1 tag)
opendmarc-1.1.3

Sometimes I got strange dmarc behavior. $dmarc_ar_header contains trash. For
example:

DKIM: d=mail75.atl11.rsgsv.net s=k1 c=relaxed/relaxed a=rsa-sha1
i=lera=it-labs.ru@??? [verification succeeded]
H=mail75.atl11.rsgsv.net [205.201.133.75] I=[194.226.121.90]:25 Warning: DMARC
DEBUG: none TT No DMARC record TT TT k\364\b0k\364\bnMIR\021
<=
bounce-mc.us2_5466910.1551729-comp-news=nestormedia.com@???
H=mail75.atl11.rsgsv.net [205.201.133.75] I=[194.226.121.90]:25 P=esmtp S=61495
M8S=8
id=ca494670d3e568680d6819006f6e57bbdf7.20130930100723@???
from
<bounce-mc.us2_5466910.1551729-comp-news=nestormedia.com@???>
for comp-news@???
=> pumpur <comp-news@???>
F=<bounce-mc.us2_5466910.1551729-comp-news=nestormedia.com@???>
P=<postmaster@???> R=mysqluser T=mysql_delivery S=61581 QT=2s DT=0s
Completed QT=2s

Where
In emails headers - From: =?utf-8?Q?IT=20Labs?= <lera@???>
opendmarc-check: opendmarc_policy_query_dmarc(it-labs.ru): Looked up domain
lacked a DMARC record
But no DMARC triggered in logs. Only my debug sets in acl_check_data:

warn    dmarc_status   = accept : none : off : reject : quarantine : norecord :
nofrom : error
          log_message    = DMARC DEBUG: $dmarc_status TT $dmarc_status_text TT
$dmarc_used_domain TT $dmarc_ar_header


As you see $dmarc_ar_header is k\364\b0k\364\bnMIR\021


Second example from logs:
DKIM: d=yandex.ru s=mail c=relaxed/relaxed a=rsa-sha256 t=1380516274
[verification failed - body hash mismatch (body probably modified in transit)]
H=papir.sysla.by.ded.neolocation.net (papir.neolocation.net) [91.149.189.237]
I=[194.226.121.90]:25 Warning: DMARC DEBUG: none TT Accept TT TT af.gov.
<= seminar+bounces-8-nestorinfo=nestormedia.com@???
H=papir.sysla.by.ded.neolocation.net (papir.neolocation.net) [91.149.189.237]
I=[194.226.121.90]:25 P=esmtp S=376032 M8S=0
id=000001cebd07$3123e5e0$936bb1a0$@ru from
<seminar+bounces-8-nestorinfo=nestormedia.com@???> for
nestorinfo@???
=> nestorinfo <nestorinfo@???>
F=<seminar+bounces-8-nestorinfo=nestormedia.com@???>
P=<seminar+bounces-8-nestorinfo=nestormedia.com@???>
R=local_delivery_yandex_spam_router T=local_delivery_dspam_transport S=376196
QT=4s DT=0s
Completed QT=4s

>From domain in message is yandex.ru

$dmarc_ar_header - af.gov. but wholly message not contain this
And not DMARC lines in logs too

---
Please provide DMARC as component in bugzilla


--
Configure bugmail: http://bugs.exim.org/userprefs.cgi?tab=email