[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#564576: libspf0: fails with IPv6

Package: libspf0
Version: 0.999-1.0.0-p3.dfsg-2
Severity: important


It seems that libspf0 has a problem with validation of IPv6 addresses. I
discovered this problem with spfmilter, and I could reproduce it with
spfqtool. Here is the transcript of a test, with spfquery (libspf2) and
spfqtool (libspf0):
    % spfquery -i 2a01:e34:ee8f:150:201:c0ff:fe04:d58b -s foobar@listes.ortolo.eu
    spfquery: domain of listes.ortolo.eu designates 2a01:e34:ee8f:150:201:c0ff:fe04:d58b as permitted sender
    Received-SPF: pass (spfquery: domain of listes.ortolo.eu designates 2a01:e34:ee8f:150:201:c0ff:fe04:d58b as permitted sender) client-ip=2a01:e34:ee8f:150:201:c0ff:fe04:d58b; envelope-from=foobar@listes.ortolo.eu;

    % spfqtool -h vanvogt.ortolo.eu -i 2a01:e34:ee8f:150:201:c0ff:fe04:d58b -s foobar@listes.ortolo.eu
    SPF short result:   fail                                                                             
    SPF verbose result: policy result: [fail] from rule [-all]
    RFC2822 header:     Received-SPF: fail (vanvogt.ortolo.eu: domain of foobar@listes.ortolo.eu does not designate 2a01:e34:ee8f:15 as permitted sender) receiver=vanvogt.ortolo.eu; client_ip=2a01:e34:ee8f:15; envelope-from=foobar@listes.ortolo.eu;

Here, spfquery is right and spfqtool is wrong, because:
    listes.ortolo.eu.   86400   IN  SPF     "v=spf1 +a:mx1.ortolo.eu +a:mx2.ortolo.eu -all"
    mx2.ortolo.eu.      86400   IN  AAAA    2a01:e34:ee8f:150:201:c0ff:fe04:d58b
(yes, the RFC for SPF defines the “a:” mechanism with A or AAAA lookups,
depending on the IP address family).


Tanguy Ortolo

-- System Information:
Debian Release: 5.0.3
  APT prefers stable
  APT policy: (990, 'stable'), (500, 'testing'), (1, 'experimental')
Architecture: i386 (i686)

Kernel: Linux (SMP w/1 CPU core)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages libspf0 depends on:
ii  libc6                         2.7-18     GNU C Library: Shared libraries

libspf0 recommends no packages.

libspf0 suggests no packages.

-- no debconf information

Reply to: