Add support for looking up DMARC records for a domain.
Review Request #8396 — Created Sept. 13, 2016 and submitted
DMARC is a mechanism used by mail servers and other mail software to
decide what to do with e-mails if the sender fails a verification test
(such as if an e-mail address in the From header is spoofed). Many
companies set this to quarantine (e.g., mark as spam) or outright reject
e-mail. Since many of our projects attempt to e-mail on behalf of users
when they interact with our services, this leads to a very bad
experience.This new support will later allow our e-mail code to be smarter so that
it can decide whether to spoof or not based on the sender domain's DMARC
settings.There's one public function available for use:
get_dmarc_record()
.
This will fetch the DMARC record for the specified hostname (or the
organizational domain, if not available on that hostname) and return
a parsed version. This data is cached by default, preventing unnecessary
subsequent requests to DNS.In order to fetch the organization domain, we have to consult the Public
Suffix List from publicsuffix.org. This is a set of rules that match an
arbitrary subdomain (like foo.bar.example.com) to an organization domain
(such as example.com). Since not all organizational domains are that
easy to figure out, the DMARC RFC states that this list must be
consulted. We rebuild the list when packaging or installing, shipping it
with Djblets, and we use a third-party module to parse it.
Unit tests pass.
Tested the functions manually with a handful of domains, each containing
various DMARC configurations (or not), and with and without having to fall
back on organizational domains.
- Change Summary:
-
- Removed auto-fetching of the public suffix list at build times.
- Moved the policy mapping dictionary into class attribute in
DmarcPolicy
. - Included the public suffix list in the packages.
- Commit:
-
5156029f638a89eb202dc5013a1d97051eb05bdcb57add50dd7cac82866ada3562578917c890387d
-
Tool: PEP8 Style Checker Processed Files: djblets/mail/tests.py setup.py djblets/mail/dmarc.py Ignored Files: MANIFEST.in djblets/mail/public_suffix_list.dat Tool: Pyflakes Processed Files: djblets/mail/tests.py setup.py djblets/mail/dmarc.py Ignored Files: MANIFEST.in djblets/mail/public_suffix_list.dat