Koozali.org: home of the SME Server

Possible issue with DMARC?

Offline Michail Pappas

  • *
  • 339
  • +1/-0
Possible issue with DMARC?
« on: December 02, 2021, 07:56:47 AM »
I've been watching my qpsmtpd log after the upgrade to v10, just in case I run into any special upgrade issues. Noticed the following dmarc-related error during an email reception:

Code: [Select]
3427 Accepted connection 0/40 from 40.92.70.40 / mail-oln040092070040.outbound.protection.outlook.com
3427 Connection from mail-oln040092070040.outbound.protection.outlook.com [40.92.70.40]
3427 (connect) earlytalker: pass, not spontaneous
3427 (connect) relay: skip, no match
3427 (connect) dnsbl: pass
3427 220 myserver.gr ESMTP
3427 dispatching EHLO EUR03-AM5-obe.outbound.protection.outlook.com
3427 (ehlo) helo: reverse domain match
3427 (ehlo) helo: pass
3427 250-myserver.gr Hi mail-oln040092070040.outbound.protection.outlook.com [40.92.70.40]
3427 250-PIPELINING
3427 250-8BITMIME
3427 250-SIZE 30000000
3427 250-STARTTLS
3427 250 AUTH PLAIN LOGIN
3427 dispatching STARTTLS
3427 220 Go ahead with TLS
3427 (unrecognized_command) tls: TLS setup returning
3427 dispatching EHLO EUR03-AM5-obe.outbound.protection.outlook.com
3427 (ehlo) helo: reverse domain match
3427 (ehlo) helo: pass
3427 250-mydomain.gr Hi mail-oln040092070040.outbound.protection.outlook.com [40.92.70.40]
3427 250-PIPELINING
3427 250-8BITMIME
3427 250-SIZE 30000000
3427 250 AUTH PLAIN LOGIN
3427 dispatching MAIL FROM:<> SIZE=362424
3427 (mail) resolvable_fromhost: pass, null sender
3427 (mail) sender_permitted_from: skip, null sender
3427 (mail) naughty: pass
3427 250 <>, sender OK - how exciting to get mail from you!
3427 dispatching RCPT TO:<somebox@mydomain.gr>
3427 (rcpt) badrcptto: pass
3427 (rcpt) check_goodrcptto: stripping '-' extensions
3427 (rcpt) rcpt_ok: pass: mydomain.gr in rcpthosts
3427 250 <somebox@mydomain.gr>, recipient ok
3427 dispatching DATA
3427 354 go ahead
3427 spooling message to disk
3427 (data_post_headers) dkim: pass, no signature, neutral policy
      new record at /usr/share/perl5/vendor_perl/Mail/DMARC/Report.pm line 77.
DBI error: report_record_spf.domain_id may not be NULL at /usr/share/perl5/vendor_perl/Mail/DMARC/Report/Store/SQL.pm line 684.
3427 (data_post_headers) dmarc: query called by Mail::DMARC::Report::Store::SQL, 546
      INSERT INTO report_record_spf (report_record_id, scope,result) VALUES(??)
      1948, helo, none at /usr/share/perl5/vendor_perl/Mail/DMARC/Report.pm line 77.
3427 (data_post_headers) dmarc: fail, tolerated
3427 (data_post) bogus_bounce: pass, single recipient, empty Return-Path
3427 (data_post) headers: pass
3427 (data_post) naughty: pass
3427 (data_post) spamassassin: error, reject disabled (Ham, 1.1, learn=no)
3427 (data_post) virus::clamdscan: pass, clean
3427 (queue) logging::logterse: ` 40.92.70.40 mail-oln040092070040.outbound.protection.outlook.com    EUR03-AM5-obe.outbound.protection.outlook.com   <>      <somebox@myserver.gr>       queued          <11a50b9a-07f1-43c4-a760-854394690f8b@PAXPR06MB7823.eurprd06.prod.outlook.com>  No, score=1.1 required=6.0 autolearn=no autolearn_force=n
3433 (queue) queue::qmail_2dqueue: (for 3427) Queuing to /var/qmail/bin/qmail-queue
3427 250 Queued! 1638427631 qp 3433 <11a50b9a-07f1-43c4-a760-854394690f8b@PAXPR06MB7823.eurprd06.prod.outlook.com>
3427 dispatching QUIT
3427 Lost connection to client, cannot send response.
3427 click, disconnecting
16806 cleaning up after 3427
« Last Edit: December 02, 2021, 12:41:02 PM by Michail Pappas »

Offline ReetP

  • *
  • 3,722
  • +5/-0
Re: Possible issue with DMARC?
« Reply #1 on: December 02, 2021, 11:13:47 AM »
So a quick scan round and we can see that we run perl-Mail-DMARC-1.20141206-2.el7.sme.noarch

Latest code is here https://metacpan.org/release/MBRADSHAW/Mail-DMARC-1.20210927/source

Looks like the bit that is the problem is here around Line 546 or just before in SQL.pm

Code: [Select]
sub insert_rr_spf {
....
INSERT INTO report_record_spf (report_record_id, scope,result) VALUES(??)

blah

Looks like the subroutine has been update - I guess it clears up null values (in a perfect world they should not exist I guess)

This is a bug I believe. Put it against qpsmtpd for now and we may have to move it. We'll need to build updated packages - but there will probably be dependency hell in there somewhere.

...
1. Read the Manual
2. Read the Wiki
3. Don't ask for support on Unsupported versions of software
4. I have a job, wife, and kids and do this in my spare time. If you want something fixed, please help.

Bugs are easier than you think: http://wiki.contribs.org/Bugzilla_Help

If you love SME and don't want to lose it, join in: http://wiki.contribs.org/Koozali_Foundation

Offline Michail Pappas

  • *
  • 339
  • +1/-0
Re: Possible issue with DMARC?
« Reply #2 on: December 02, 2021, 12:45:12 PM »

Offline ReetP

  • *
  • 3,722
  • +5/-0
Re: Possible issue with DMARC?
« Reply #3 on: December 02, 2021, 01:56:16 PM »
...
1. Read the Manual
2. Read the Wiki
3. Don't ask for support on Unsupported versions of software
4. I have a job, wife, and kids and do this in my spare time. If you want something fixed, please help.

Bugs are easier than you think: http://wiki.contribs.org/Bugzilla_Help

If you love SME and don't want to lose it, join in: http://wiki.contribs.org/Koozali_Foundation