Exception in DMARC check
Hi,
We discovered a message was shunted with the following error:
16/Nov/2023:22:03:30 (26) ACCEPT: <FD52D4D6-8861-431F-B535-7B976AF563E4@domain.tld>
16/Nov/2023:22:03:31 (29) Uncaught runner exception: list index out of range
16/Nov/2023:22:03:31 (29) Traceback (most recent call last):
File "/usr/lib/python3.11/site-packages/mailman/core/runner.py", line 179, in _one_iteration
self._process_one_file(msg, msgdata)
File "/usr/lib/python3.11/site-packages/mailman/core/runner.py", line 272, in _process_one_file
keepqueued = self._dispose(mlist, msg, msgdata)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.11/site-packages/mailman/runners/pipeline.py", line 37, in _dispose
process(mlist, msg, msgdata, pipeline)
File "/usr/lib/python3.11/site-packages/mailman/core/pipelines.py", line 53, in process
handler.process(mlist, msg, msgdata)
File "/usr/lib/python3.11/site-packages/mailman/handlers/validate_authenticity.py", line 125, in process
authenticate(msg, msgdata)
File "/usr/lib/python3.11/site-packages/mailman/utilities/retry.py", line 44, in f_retry
return f(*args, **kwargs)
^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.11/site-packages/mailman/handlers/validate_authenticity.py", line 93, in authenticate
auth_result = authenticate_message(
^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.11/site-packages/authheaders/__init__.py", line 396, in authenticate_message
dmarc_result = check_dmarc(msg, spf_result, dkim_result, dnsfunc=dnsfunc, psddmarc=psddmarc)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.11/site-packages/authheaders/__init__.py", line 344, in check_dmarc
result, result_comment, from_domain, policy = dmarc_per_from(from_domain, spf_result, dkim_result, dnsfunc, psddmarc)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.11/site-packages/authheaders/__init__.py", line 91, in dmarc_per_from
record, orgdomain = receiver_record(from_domain)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.11/site-packages/authheaders/dmarc_lookup.py", line 117, in receiver_record
retval = lookup_receiver_record(hostSansDmarc, dnsfunc)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.11/site-packages/authheaders/dmarc_lookup.py", line 92, in lookup_receiver_record
tags = answer_to_dict(str(result))
^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.11/site-packages/authheaders/dmarc_lookup.py", line 42, in answer_to_dict
retval = {t[0].strip().lower(): t[1].strip().lower() for t in rawTags}
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.11/site-packages/authheaders/dmarc_lookup.py", line 42, in <dictcomp>
retval = {t[0].strip().lower(): t[1].strip().lower() for t in rawTags}
~^^^
IndexError: list index out of range
16/Nov/2023:22:03:31 (29) SHUNTING: 1700172211.0404482+bbf26055e8b483bc7eec78ce061efc5357040e7d
It looks like the DMARC DNS record caused the exception, but if checking with online tools the record is reported valid.
I will send the shunted message to @msapiro privately.