diff options
| author | Barry Warsaw | 2016-12-31 12:44:27 -0500 |
|---|---|---|
| committer | Barry Warsaw | 2016-12-31 12:44:27 -0500 |
| commit | 192d76f1330041336a1f5793646df36a932210f0 (patch) | |
| tree | 2b0745a9a08fa977f34ded2f8bc9437ca1f82992 /src/mailman/rules | |
| parent | bdea4d68798c977560e22949a42ec44d9b1a60c1 (diff) | |
| download | mailman-192d76f1330041336a1f5793646df36a932210f0.tar.gz mailman-192d76f1330041336a1f5793646df36a932210f0.tar.zst mailman-192d76f1330041336a1f5793646df36a932210f0.zip | |
Diffstat (limited to 'src/mailman/rules')
| -rw-r--r-- | src/mailman/rules/dmarc.py | 46 |
1 files changed, 23 insertions, 23 deletions
diff --git a/src/mailman/rules/dmarc.py b/src/mailman/rules/dmarc.py index d7e76bf0f..c8c4e56f4 100644 --- a/src/mailman/rules/dmarc.py +++ b/src/mailman/rules/dmarc.py @@ -83,7 +83,7 @@ def _get_org_dom(domain): # Domain which may be the same as the input. global s_dict if not s_dict: - _get_suffixes(config.mailman.dmarc_org_domain_data) + _get_suffixes(config.dmarc.org_domain_data) hits = [] d = domain.lower().split('.') d.reverse() @@ -108,32 +108,12 @@ def _get_org_dom(domain): return _get_dom(d, l) -def _IsDMARCProhibited(mlist, email): - # This takes an email address, and returns True if DMARC policy is - # p=reject or quarantine. - email = email.lower() - # Scan from the right in case quoted local part has an '@'. - local, at, from_domain = email.rpartition('@') - if at != '@': - return False - x = _DMARCProhibited(mlist, email, '_dmarc.{}'.format(from_domain)) - if x is not KEEP_LOOKING: - return x - org_dom = _get_org_dom(from_domain) - if org_dom != from_domain: - x = _DMARCProhibited( - mlist, email, '_dmarc.{}'.format(org_dom), org=True) - if x is not KEEP_LOOKING: - return x - return False - - def _DMARCProhibited(mlist, email, dmarc_domain, org=False): resolver = dns.resolver.Resolver() resolver.timeout = as_timedelta( - config.mailman.dmarc_resolver_timeout).total_seconds() + config.dmarc.resolver_timeout).total_seconds() resolver.lifetime = as_timedelta( - config.mailman.dmarc_resolver_lifetime).total_seconds() + config.dmarc.resolver_lifetime).total_seconds() try: txt_recs = resolver.query(dmarc_domain, dns.rdatatype.TXT) except (dns.resolver.NXDOMAIN, dns.resolver.NoAnswer): @@ -210,6 +190,26 @@ def _DMARCProhibited(mlist, email, dmarc_domain, org=False): return False +def _IsDMARCProhibited(mlist, email): + # This takes an email address, and returns True if DMARC policy is + # p=reject or quarantine. + email = email.lower() + # Scan from the right in case quoted local part has an '@'. + local, at, from_domain = email.rpartition('@') + if at != '@': + return False + x = _DMARCProhibited(mlist, email, '_dmarc.{}'.format(from_domain)) + if x is not KEEP_LOOKING: + return x + org_dom = _get_org_dom(from_domain) + if org_dom != from_domain: + x = _DMARCProhibited( + mlist, email, '_dmarc.{}'.format(org_dom), org=True) + if x is not KEEP_LOOKING: + return x + return False + + @public @implementer(IRule) class DMARCMitigation: |