Up to [cvs.NetBSD.org] / pkgsrc / mail / opendmarc
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.14 / (download) - annotate - [select for diffs], Thu May 12 13:49:28 2022 UTC (18 months, 3 weeks ago) by jperkin
CVS Tags: pkgsrc-2023Q3-base, pkgsrc-2023Q3, pkgsrc-2023Q2-base, pkgsrc-2023Q2, pkgsrc-2023Q1-base, pkgsrc-2023Q1, pkgsrc-2022Q4-base, pkgsrc-2022Q4, pkgsrc-2022Q3-base, pkgsrc-2022Q3, pkgsrc-2022Q2-base, pkgsrc-2022Q2, HEAD
Changes since 1.13: +12 -9 lines
Diff to previous 1.13 (colored)
opendmarc: Update to 1.4.2 and overhaul package. pkgsrc changes: * Use PKG_SYSCONFSUBDIR, there are a number of extra files supported in the configuration file so everything should live in a sub-directory. HEADS-UP! Users will need to migrate over to new config file location. * Create opendmarc user/group, not currently used in rc.d script. * Fix build on SunOS and add SMF support. * Split multi-file patch correctly into separate files. * Add TEST_TARGET. * Various pkglint and cleanup. opendmarc changes: 1.4.2 2021/12/19 Fix issue #175: Don't reject a multi-valued From when all of the domains match. Fix issue #179: Don't crash when a value in a multi-valued From field is missing a domain name. Resolves CVE-2021-34555.
Revision 1.13 / (download) - annotate - [select for diffs], Tue Oct 26 10:54:11 2021 UTC (2 years, 1 month ago) by nia
CVS Tags: pkgsrc-2022Q1-base, pkgsrc-2022Q1, pkgsrc-2021Q4-base, pkgsrc-2021Q4
Changes since 1.12: +2 -2 lines
Diff to previous 1.12 (colored)
mail: Replace RMD160 checksums with BLAKE2s checksums All checksums have been double-checked against existing RMD160 and SHA512 hashes The following distfiles were unfetchable (possibly fetched conditionally?): ./mail/qmail/distinfo netqmail-1.05-TAI-leapsecs.patch
Revision 1.12 / (download) - annotate - [select for diffs], Thu Oct 7 14:25:29 2021 UTC (2 years, 1 month ago) by nia
Changes since 1.11: +1 -2 lines
Diff to previous 1.11 (colored)
mail: Remove SHA1 hashes for distfiles
Revision 1.11 / (download) - annotate - [select for diffs], Thu May 27 16:52:00 2021 UTC (2 years, 6 months ago) by manu
CVS Tags: pkgsrc-2021Q3-base, pkgsrc-2021Q3, pkgsrc-2021Q2-base, pkgsrc-2021Q2
Changes since 1.10: +9 -10 lines
Diff to previous 1.10 (colored)
Update mail/opendmarc to 18.104.22.168 Changes since 1.4.0 from the RELEASE_NOTES file NOTE: In response to CVE-2019-20790, opendmarc has changed how it evaluates headers added by previous SPF milters. Users are encouraged to read the CVE-2019-20790 file in the "SECURITY" folder for more details. (#49, #158). Originally reported by Jianjun Chen, feedback by Simon Wilson and David Bürgin <email@example.com>. NOTE: OpenDMARC's internal SPF handling will be removed in a future version. Users are encouraged to build linked against libspf2. Many pre-built packages provided by OS packagers already do this. (See https://www.libspf2.org) Addition of defines for MUSL C Library. (#129/#133). Patches by Marco Rebhan. Updated opendmarc.conf manpage and opendmarc.conf.sample to point to https://publicsuffix.org/list/. Added a CONTRIBUTING document. Fix two #ifdefs in arc functions for strlcpy. (#138). Reported by Leo Bicknell. Fixes to MySQL Schema (#98/#99). Patch by Bond Keevil. LIBSPF2 calls would not compile on OpenBSD due to OpenBSD not having the ns_type definition in arpa/resolv.h. Added detection to configure script. (#134) Reworked hcreate_r calls to use hcreate, to compile natively on OpenBSD and MacOS. (Part of #94) Reported by Rupert Gallagher. Add compatibility with AutoConf 2.70. (#95) Documentation updates about SourceForge being deprecated. (#101) Only accept results from Received-SPF fields that indicate clearly which identifier was being evaluated, since DMARC specifically only wants results based on MAIL FROM. Many build-time fixes (#100, #91, #90, #86, #85, #84, #83, #82, #81) Patches provided by Rupert Gallagher (firstname.lastname@example.org) Added config option HoldQuarantinedMessages (default false), which controls if messages with p=quarantine will be passed on to the mail stream (if False) or placed in the MTA's "hold" queue (if True). Issue #105. Patch by Marcos Moraes, on the OpenDMARC mailing list. Remove "--with-wall" from "configure". Suggested by Leo Bicknell. LIBOPENDMARC: Fix bug #50: Ignore all RRTYPEs other than TXT. Problem reported by Jan Bouwhuis. LIBOPENDMARC: Fix bug #89: Repair absurd RRTYPE test in SPF code. LIBOPENDMARC: Fix bug #104: Fix bogus header field parsing code. LIBOPENDMARC: Fix bug #161: Don't pass the client IP address through htonl() since it's already in network byte order. This was causing SPF errors when the internal SPF implementation was in use. LIBOPENDMARC: Fix numerous problems with the internal SPF implementation.
Revision 1.10 / (download) - annotate - [select for diffs], Mon Mar 29 09:30:59 2021 UTC (2 years, 8 months ago) by manu
CVS Tags: pkgsrc-2021Q1-base, pkgsrc-2021Q1
Changes since 1.9: +2 -1 lines
Diff to previous 1.9 (colored)
Add RequiredFrom option If RequiredFrom is set, opendmarc will reject messages that lack a From header from which a valid domain can be extracted. This is a subset of the full RFC5322 requirements enforced by the RequiredHeaders option. While non RFC5322-compliant messages are too common to make RequiredHeaders always usable, the check on the From header remains especially valuable. It makes sure forged domain messages cannot evade the filter by just omitting the From header and relying on the MTA to fill it by a copy from the enveloppe header. Submitted upstream as https://github.com/trusteddomainproject/OpenDMARC/pull/147
Revision 1.9 / (download) - annotate - [select for diffs], Wed Feb 17 01:49:12 2021 UTC (2 years, 9 months ago) by manu
Changes since 1.8: +2 -0 lines
Diff to previous 1.8 (colored)
Fix two null pointer reference
Revision 1.8 / (download) - annotate - [select for diffs], Thu Dec 24 01:10:23 2020 UTC (2 years, 11 months ago) by manu
CVS Tags: pkgsrc-2020Q4-base, pkgsrc-2020Q4
Changes since 1.7: +7 -9 lines
Diff to previous 1.7 (colored)
Updated mail/opendmarc to 1.4.0beta1 Change since 1.3.1 from RELEASE_NOTES 1.4.0 2018/06/?? Add ARC support. Extensive work contributed by ValiMail. Add "DomainWhitelist" and "DomainWhitelistFile" config options. Extract client IP address for ARC reports when provided via Authentication-Results. Update SQL schema to support new reporting functionality for DKIM selectors and ARC local policy overrides (refer to the example schema.mysql file). Add experimental support for reporting of ARC local policy overrides. Add support for recording and reporting of DKIM selectors. Override a DMARC "fail" if an ARC "pass" is recorded in conjunction with an ARC policy pass. Fix bug #137: Handle base64 inside AR tokens that are values. Problem reported by Joseph Coffland. LIBOPENDMARC: Fix bug #203: Reject DMARC records that have duplicate tags in them. Reported by Dirk Stoecker. REPORTS: Feature request #146: Add option to pull input from a file. REPORTS: Fix bug #153: Suppress duplicate results from the same domain. Patch from Tomki Camp. 1.3.2 2017/03/04 Feature request #86: Change meaning of "RequiredHeaders" such that header validity is always checked, but messages are only rejected on that basis when the flag is set. Based on a patch from Andreas Schulze. Feature request #127: Log SPF results when rejecting. Requested by Patrick Wagner; patch from Andreas Schulze, follow-up patch from Juri Haberland. Feature request #138: Inculde policy and disposition information in an Authentication-Results comment. Based on a patch from Juri Haberland. Feature request #139: Include the client host name if known in failure reports. Suggested by Roland Turner; patch by Andreas Schulze. Fix bug #95: Assume IPv6 for SPF operations. Patch from Juri Haberland. Fix bug #120: Fix control logic around the SPF result. Reported by Christophe Wolfhugel; patch from Andreas Schulze. Fix bug #122: Don't skip the HELO milter phase when SPF is enabled. Reported by Christophe Wolfhugel. Fix bug #157: Fix logging of implicit authserv-ids. Reported by Andreas Schulze; patch from Juri Haberland. Fix bug #158: Log ignored connections. Patch from Andreas Schulze. Fix bug #160: Fix "SyslogFacility" handling. Patch from Juri Haberland. Fix bug #163: Use a larger buffer for the raw MAIL FROM value. Based on a patch from Andreas Schulze. Fix bug #174: Trim "!" suffixes from reporting addresses. Problem noted by Juri Haberland. Fix bug #186: When reloading the configuration file, the public suffix list was read in with the wrong comment indicator. Patch from Federico Omoto. Fix bug #194: Fix inappropriate DMARC status when "p=none" is discovered. Patch from Juri Haberland. Fix bug #195: When parsing Received-SPF, use the correct constants in the history file entries. Patch from Juri Haberland. LIBOPENDMARC: Fix bug #115: Fix type mismatch. Patch from Sebastian A. Siewior via Scott Kitterman. LIBOPENDMARC: Fix bug #121: Fix IPv6 CIDR matching in SPF code. Patch from Christophe Wolfhugel. LIBOPENDMARC: Fix bug #125: Compile time IPv6 fix. Reported by Christophe Wolfhugel. LIBOPENDMARC: Fix bug #131: Fix alignment bug. Patch from Andreas Schulze. LIBOPENDMARC: Fix bug #147: Fix stripping of whitespace from DMARC DNS records. Based on a patch from Job Noorman. LIBOPENDMARC: Fix bug #149: Apply "sp" setting, if present and applicable. Patch from Petr Novak. LIBOPENDMARC: Fix bug #154: Fix "rf" and "fo" processing logic. LIBOPENDMARC: Fix bug #156: Fix variable name. Patch by Andreas Schulze. LIBOPENDMARC: Fix bug #165: Fix logic in checking which SPF identifier was used. Patches from Marco Favero and Juri Haberland. LIBOPENDMARC: Fix bug #167: Don't return "fail" when we should return "none". Patch from Marco Favero. REPORTS: Fix bug #134: Handle SMTP errors correctly. Patch from Andreas Schulze. REPORTS: Fix bug #141: Set the HELO parameter correctly. Reported by Alan Smith; patch from Andreas Schulze. REPORTS: Fix bug #143: Fix logic in table truncation. Reported by Wayne Andersen; patch from Juri Haberland. REPORTS: Fix bug #162: Always report "sp" in aggregate reports. Patch from Juri Haberland. REPORTS: Fix bug #166: Fix report start/end time logic. Patch from Juri Haberland. REPORTS: Fix bug #188: Don't delete inputs too early in opendmarc-reports. Patch from Juri Haberland. TOOLS: Fix bug #161: "Forensic" reports were renamed "Failure" reports. Patch from Andreas Schulze. TOOLS: Fix bug #164: Handle IPv6 test addresses. Reported by Andreas Schulze; patch from Juri Haberland. DOCS: Patch #189: Replace the DMARC RFC with an HTML page referencing the relevant specs, since Debian doesn't consider RFCs to be "free". Patch from Scott Kitterman via Juri Haberland.
Revision 22.214.171.124 / (download) - annotate - [select for diffs], Thu Jul 30 18:48:38 2020 UTC (3 years, 4 months ago) by bsiegert
Changes since 1.6: +6 -3 lines
Diff to previous 1.6 (colored) next main 1.7 (colored)
Pullup ticket #6282 - requested by oster mail/opendmarc: bugfix Revisions pulled up: - mail/opendmarc/Makefile 1.19 - mail/opendmarc/distinfo 1.7 - mail/opendmarc/patches/patch-build-config.h.in 1.1 - mail/opendmarc/patches/patch-configure 1.2 - mail/opendmarc/patches/patch-configure.ac 1.2 - mail/opendmarc/patches/patch-libopendmarc_opendmarc__dns.c 1.1 - mail/opendmarc/patches/patch-libopendmarc_opendmarc__spf__dns.c 1.1 --- Module Name: pkgsrc Committed By: oster Date: Mon Jul 27 20:41:10 UTC 2020 Modified Files: pkgsrc/mail/opendmarc: distinfo pkgsrc/mail/opendmarc/patches: patch-configure patch-configure.ac Added Files: pkgsrc/mail/opendmarc/patches: patch-build-config.h.in patch-libopendmarc_opendmarc__dns.c patch-libopendmarc_opendmarc__spf__dns.c Log Message: Fix resource leakage observed when using opendmarc on NetBSD. Use res_ndestroy() instead of res_nclose() to properly cleanup resources on NetBSD (and others that use __res_ndestroy() or res_ndestroy() instead of res_nclose()). Original patch by Roy Marples. --- Module Name: pkgsrc Committed By: oster Date: Mon Jul 27 22:28:47 UTC 2020 Modified Files: pkgsrc/mail/opendmarc: Makefile Log Message: Bump pkgrevision. Thanks, Joerg.
Revision 1.7 / (download) - annotate - [select for diffs], Mon Jul 27 20:41:09 2020 UTC (3 years, 4 months ago) by oster
CVS Tags: pkgsrc-2020Q3-base, pkgsrc-2020Q3
Changes since 1.6: +6 -3 lines
Diff to previous 1.6 (colored)
Fix resource leakage observed when using opendmarc on NetBSD. Use res_ndestroy() instead of res_nclose() to properly cleanup resources on NetBSD (and others that use __res_ndestroy() or res_ndestroy() instead of res_nclose()). Original patch by Roy Marples.
Revision 1.6 / (download) - annotate - [select for diffs], Tue Nov 3 23:27:11 2015 UTC (8 years, 1 month ago) by agc
CVS Tags: pkgsrc-2020Q2-base, pkgsrc-2020Q1-base, pkgsrc-2020Q1, pkgsrc-2019Q4-base, pkgsrc-2019Q4, pkgsrc-2019Q3-base, pkgsrc-2019Q3, pkgsrc-2019Q2-base, pkgsrc-2019Q2, pkgsrc-2019Q1-base, pkgsrc-2019Q1, pkgsrc-2018Q4-base, pkgsrc-2018Q4, pkgsrc-2018Q3-base, pkgsrc-2018Q3, pkgsrc-2018Q2-base, pkgsrc-2018Q2, pkgsrc-2018Q1-base, pkgsrc-2018Q1, pkgsrc-2017Q4-base, pkgsrc-2017Q4, pkgsrc-2017Q3-base, pkgsrc-2017Q3, pkgsrc-2017Q2-base, pkgsrc-2017Q2, pkgsrc-2017Q1-base, pkgsrc-2017Q1, pkgsrc-2016Q4-base, pkgsrc-2016Q4, pkgsrc-2016Q3-base, pkgsrc-2016Q3, pkgsrc-2016Q2-base, pkgsrc-2016Q2, pkgsrc-2016Q1-base, pkgsrc-2016Q1, pkgsrc-2015Q4-base, pkgsrc-2015Q4
Branch point for: pkgsrc-2020Q2
Changes since 1.5: +2 -1 lines
Diff to previous 1.5 (colored)
Add SHA512 digests for distfiles for mail category Problems found locating distfiles: Package mutt: missing distfile patch-1.5.24.rr.compressed.gz Package p5-Email-Valid: missing distfile Email-Valid-1.198.tar.gz Package pine: missing distfile fancy.patch.gz Package postgrey: missing distfile targrey-0.31-postgrey-1.34.patch Package qmail: missing distfile badrcptto.patch Package qmail: missing distfile outgoingip.patch Package qmail: missing distfile qmail-1.03-realrcptto-2006.12.10.patch Package qmail: missing distfile qmail-smtpd-viruscan-1.3.patch Package thunderbird24: missing distfile enigmail-1.7.2.tar.gz Package thunderbird31: missing distfile enigmail-1.7.2.tar.gz Otherwise, existing SHA1 digests verified and found to be the same on the machine holding the existing distfiles (morden). All existing SHA1 digests retained for now as an audit trail.
Revision 1.5 / (download) - annotate - [select for diffs], Sun Mar 15 22:26:34 2015 UTC (8 years, 8 months ago) by pettai
CVS Tags: pkgsrc-2015Q3-base, pkgsrc-2015Q3, pkgsrc-2015Q2-base, pkgsrc-2015Q2, pkgsrc-2015Q1-base, pkgsrc-2015Q1
Changes since 1.4: +4 -4 lines
Diff to previous 1.4 (colored)
1.3.1 2015/02/23 Fix bug #97: Add ability to change envelope sender, client IP address, client hostname, and HELO value used in test mode, via environment variables. This can be turned into something more formal in a later release. Fix bug #102: Don't lose SPF results and output the "-1" default. Fix bug #103: Fix IgnoreAuthenticatedClients by requesting the right macro value from the MTA. Fix bug #113: Remove "TemporaryDirectory" (unused). LIBOPENDMARC: Fix bug #104: Include <sys/param.h> and <resolv.h> in <opendmarc/dmarc.h> so that MAXPATHLEN and MAXNS get defined consistently. LIBOPENDMARC: Fix bug #105: Get the h_errno definition from <netdb.h> rather than declaring it. LIBOPENDMARC: Fix bug #106: Clean up issues with the types passed to opendmarc_policy_library_dns_hook(). DOCS: Fix bug #99: Update list of constraints on opendmarc_policy_fetch_alignment(). REPORTS: Fix bug #108: Handle malformed mailto URIs in DMARC records (e.g., just "mailto:"). REPORTS: Fix bug #110: Support SQL backend selection in opendmarc-expire.
Revision 1.4 / (download) - annotate - [select for diffs], Fri Dec 5 16:00:23 2014 UTC (9 years ago) by christos
CVS Tags: pkgsrc-2014Q4-base, pkgsrc-2014Q4
Changes since 1.3: +3 -1 lines
Diff to previous 1.3 (colored)
detect NetBSD's res_ninit.
Revision 1.3 / (download) - annotate - [select for diffs], Sat Sep 27 19:30:12 2014 UTC (9 years, 2 months ago) by pettai
CVS Tags: pkgsrc-2014Q3-base, pkgsrc-2014Q3
Changes since 1.2: +4 -4 lines
Diff to previous 1.2 (colored)
1.3.0 2014/07/31 Integrated SPF checking is now available through the new SPFSelfValidate and SPFIgnoreResults settings. Feature request #79: Optionally ignore clients that authenticated using SMTP AUTH. Fix bug #60, part II: Default AuthservID to the name provided by the MTA, not the local host name, which is consistent with what OpenDKIM does. Fix bug #72: Don't crash when From fields are absent. Fix bug #74: Change "Forensic" to "Failure" just about everywhere to match the language now being used in the base DMARC draft. Note that this also changes some names in the configuration file. Fix bug #75: Correct typo in MIME of forensic reports. Fix bug #76: Repair damage with respect to Authentication-Results header field selection. Fix bug #77: Request quarantine from the MTA during option negotiation. Fix bug #78: Add missing newline in forensic report header. Fix bug #90: Make "--with-sql-backend" without any value do the right thing. Fix bug #93: Honor size limits in URIs. Make "smime" and "rrvs" legal Authentication-Results methods. Provide better logging when pclose() for a forensic report returns non-zero. Add configuration support for internal SPF checks. Includes hooks in the milter to check that SPF is configured to do so. This can use a private SPF implementation or libspf2. Fix strlcat() and strlcpy() support for Debian. REPORTS: Feature request #80: Generate aggregate reports on UTC day boundaries. REPORTS: Feature request #84: Optionally expire old data from lower-growth tables. REPORTS: Fix bug #70: Fix date range generation in reports. REPORTS: Fix bug #82: Fix recording of report timestamp to avoid lost records. REPORTS: Fix bug #83: When expiring data, truncate the signatures table if all messages were expired.. REPORTS: Fix bug #85: Report subdomain policy. LIBOPENDMARC: Fix bug #71: Fix "rua" extraction from DMARC records. LIBOPENDMARC: Added support for milter to perform own spf checks. Three new files: opendmarc_spf.c, opendmard_spf_dns.c and test/test_spf.cl, allow integrated SPF support. Support for use of libspf2 is also provided.
Revision 1.2 / (download) - annotate - [select for diffs], Wed Apr 2 21:33:41 2014 UTC (9 years, 8 months ago) by pettai
CVS Tags: pkgsrc-2014Q2-base, pkgsrc-2014Q2
Changes since 1.1: +4 -4 lines
Diff to previous 1.1 (colored)
1.2.0 2014/03/14 Feature request #44: Allow override of the From: field on forensic reports. Feature request #45: Log the host portion of ignored Authentication-Results fields at "debug" level. Feature request #56: Add "RequiredHeaders" setting to enforce syntax checks against a message and reject those that don't comply. Feature request #65: Add "ForensicReportsBcc". Fix bug #46: Charitable tweak to a couple of log messages. Fix bug #55: The "SoftwareHeader" setting wasn't being set properly. Fix bug #58: The "smtp.mailfrom" part of an Authentication-Results field might contain only a domain name. Fix bug #60: Default AuthservID to the name provided by the MTA, not the local host name, which is consistent with what OpenDKIM does. Merge request #2: Validate external recipients before adding them to report recipient lists. Record all DKIM results to the history file, rather than only passing results. BUILD: Fix bug #50: Check libbsd for strlcat() and strlcpy() so we don't make our own when we don't need to. CONTRIB: Fix bug #52: Update path to draft RFC in contrib/spec. CONTRIB: Fix bug #59: Allow database name, userid and password to be specified on the command line rather than hard-coding them. DOCS: Fix bug #48: Add a libopendmarc use overview page. DOCS: Fix bug #53: Add man page for opendmarc-importstats. REPORTS: Fix bug #51: Check status after every phase of SMTP when sending reports. REPORTS: Fix DKIM status importing. LIBOPENDMARC: Fix bug #68: Fix strict/relaxed checking logic when a public suffix list is available. LIBOPENDMARC: Fixed a bug where in some instances the fetch of the orgainizational domain could wrongly return the from domain. LIBOPENDMARC: Fix call to missing function.
Revision 1.1 / (download) - annotate - [select for diffs], Thu Dec 5 16:00:19 2013 UTC (10 years ago) by pettai
CVS Tags: pkgsrc-2014Q1-base, pkgsrc-2014Q1, pkgsrc-2013Q4-base, pkgsrc-2013Q4
The OpenDMARC project is a community effort to develop and maintain an open source package for providing DMARC report generation and policy enforcement services. It includes a library for handling DMARC record parsing, a database schema and tools for aggregating and processing transaction history to produce DMARC reports, and a filter that ties it all together with an MTA using the milter protocol.
This form allows you to request diff's between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.