Add support for looking up DMARC records for a domain.

Review Request #8396 — Created Sept. 13, 2016 and submitted

Information

Djblets
release-0.9.x
b57add5...

Reviewers

DMARC is a mechanism used by mail servers and other mail software to
decide what to do with e-mails if the sender fails a verification test
(such as if an e-mail address in the From header is spoofed). Many
companies set this to quarantine (e.g., mark as spam) or outright reject
e-mail. Since many of our projects attempt to e-mail on behalf of users
when they interact with our services, this leads to a very bad
experience.

This new support will later allow our e-mail code to be smarter so that
it can decide whether to spoof or not based on the sender domain's DMARC
settings.

There's one public function available for use: get_dmarc_record().
This will fetch the DMARC record for the specified hostname (or the
organizational domain, if not available on that hostname) and return
a parsed version. This data is cached by default, preventing unnecessary
subsequent requests to DNS.

In order to fetch the organization domain, we have to consult the Public
Suffix List from publicsuffix.org. This is a set of rules that match an
arbitrary subdomain (like foo.bar.example.com) to an organization domain
(such as example.com). Since not all organizational domains are that
easy to figure out, the DMARC RFC states that this list must be
consulted. We rebuild the list when packaging or installing, shipping it
with Djblets, and we use a third-party module to parse it.

Unit tests pass.

Tested the functions manually with a handful of domains, each containing
various DMARC configurations (or not), and with and without having to fall
back on organizational domains.

Description From Last Updated

Can we make this dictionary a class variable?

daviddavid

Is this something you wanted to have committed, since it's fetched during the build process?

daviddavid
david
  1. 
      
  2. djblets/mail/dmarc.py (Diff revision 1)
     
     
     
     
     
     
    Show all issues

    Can we make this dictionary a class variable?

  3. djblets/mail/public_suffix_list.dat (Diff revision 1)
     
     
    Show all issues

    Is this something you wanted to have committed, since it's fetched during the build process?

    1. I was trying to decide that... What I kind of opted for was having this as a sane default so that people don't have to re-run setup.py develop (which I actually need to add support for.. didn't do that) for this to work the first time. I can be convinced otherwise.

    2. I'm actually going to go the opposite route and not build this automatically. We'll update it periodically instead, eventually letting CI do it. The reason being that auto-generating when setting up the package requires we have the publicsuffix module installed, but dependencies are installed after we'd be able to run this, creating a problem.

  4. 
      
chipx86
reviewbot
  1. Tool: PEP8 Style Checker
    Processed Files:
        djblets/mail/tests.py
        setup.py
        djblets/mail/dmarc.py
    
    Ignored Files:
        MANIFEST.in
        djblets/mail/public_suffix_list.dat
    
    
    
    Tool: Pyflakes
    Processed Files:
        djblets/mail/tests.py
        setup.py
        djblets/mail/dmarc.py
    
    Ignored Files:
        MANIFEST.in
        djblets/mail/public_suffix_list.dat
    
    
  2. 
      
david
  1. Ship It!
  2. 
      
chipx86
Review request changed
Status:
Completed
Change Summary:
Pushed to release-0.9.x (9554810)