[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#427585: marked as done (spfqtool: can't parse SPF record for paypal.com)



Your message dated Sun, 13 Nov 2011 22:37:27 +0000
with message-id <E1RPig3-0003al-8N@franck.debian.org>
and subject line Bug#648510: Removed package(s) from unstable
has caused the Debian Bug report #427585,
regarding spfqtool: can't parse SPF record for paypal.com
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
427585: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=427585
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message ---
Package: spfqtool
Version: 0.999-1.0.0-p3-3
Severity: important


The libspf0 library is unable to parse the SPF record for paypal.com.  I have
classified this bug as 'important' because paypal.com is one of the Internet's
most frequently forged domains, and the "DUNNO" response from whitelister
(which uses the same libspf0 implementation of the SPF standard) opens a
serious hole for phishing attacks.

I have installed spftool and produced the same parsing problem on the command
line.  Here is the output of a query against the paypal.com SPF record using
spfqtool:

[inkblot@dorothy:~]$ spfqtool -d 255 -e 1 -i 1.2.3.4 -h mail.example.com -s service@paypal.com
SPF Query Tool v0.4 - James Couzens <jcouzens@codeshare.ca>
[DEBUG]: Debugging level:    255
[DEBUG]: RFC2821 Mail From:  service@paypal.com
[DEBUG]: RFC2821 HELO:       mail.example.com
[DEBUG]: Purported address:  1.2.3.4
[DEBUG]: SPF Explanation:    Enabled
[DEBUG]: Trusted Forwarder:  Disabled
[DEBUG]: Best Guess:         Disabled

SPF short result:   unknown
SPF verbose result: policy result: [unknown] from rule [~all]
SPF explanation:    NULL
RFC2822 header:     Received-SPF: unknown (mail.example.com: domain of service@paypal.com encountered an error while parsing (check SPF record paypal.com for errors))


-- System Information:
Debian Release: 4.0
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.20-linode28
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)

Versions of packages spfqtool depends on:
ii  libspf0                 0.999-1.0.0-p3-3 the ANSI C SPF reference library (

spfqtool recommends no packages.

-- no debconf information


--- End Message ---
--- Begin Message ---
Version: 0.999-1.0.0-p3.dfsg-3+rm

Dear submitter,

as the package libspf has just been removed from the Debian archive
unstable we hereby close the associated bug reports.  We are sorry
that we couldn't deal with your issue properly.

For details on the removal, please see http://bugs.debian.org/648510

The version of this package that was in Debian prior to this removal
can still be found using http://snapshot.debian.org/.

This message was generated automatically; if you believe that there is
a problem with it please contact the archive administrators by mailing
ftpmaster@debian.org.

Debian distribution maintenance software
pp.
Luca Falavigna (the ftpmaster behind the curtain)


--- End Message ---

Reply to: