def test_no_policy(self):
mlist = create_list('*****@*****.**')
# Use action reject. The rule only hits on reject and discard.
mlist.dmarc_mitigate_action = DMARCMitigateAction.reject
msg = mfs("""\
From: [email protected]
To: [email protected]
""")
rule = dmarc.DMARCMitigation()
with get_dns_resolver(rdata=b'v=DMARC1; pct=100;'):
self.assertFalse(rule.check(mlist, msg, {}))
def test_org_domain_with_subdomain_policy(self):
mlist = create_list('*****@*****.**')
# Use action reject. The rule only hits on reject and discard.
mlist.dmarc_mitigate_action = DMARCMitigateAction.reject
msg = mfs("""\
From: [email protected]
To: [email protected]
""")
rule = dmarc.DMARCMitigation()
with get_dns_resolver(rdata=b'v=DMARC1; sp=quarantine;'):
self.assertTrue(rule.check(mlist, msg, {}))
def test_cname_wrong_txt_name(self):
mlist = create_list('*****@*****.**')
# Use action reject. The rule only hits on reject and discard.
mlist.dmarc_mitigate_action = DMARCMitigateAction.reject
msg = mfs("""\
From: [email protected]
To: [email protected]
""")
rule = dmarc.DMARCMitigation()
with get_dns_resolver(cmiss=True):
self.assertFalse(rule.check(mlist, msg, {}))
def test_no_at_sign_in_from_address(self):
# If there's no @ sign in the From: address, the rule can't hit.
mlist = create_list('*****@*****.**')
# Use action reject. The rule only hits on reject and discard.
mlist.dmarc_mitigate_action = DMARCMitigateAction.reject
msg = mfs("""\
From: anne
To: [email protected]
""")
rule = dmarc.DMARCMitigation()
with get_dns_resolver():
self.assertFalse(rule.check(mlist, msg, {}))
def test_non_ascii_in_from_address(self):
# Non-ascii headers with message_from_bytes can return a Header
# objest on msg.get().
mlist = create_list('*****@*****.**')
# Use action reject. The rule only hits on reject and discard.
mlist.dmarc_mitigate_action = DMARCMitigateAction.reject
msg = message_from_bytes(b"""\
From: Ann\xe9 <*****@*****.**>
To: [email protected]
""")
rule = dmarc.DMARCMitigation()
with get_dns_resolver():
self.assertFalse(rule.check(mlist, msg, {}))
def test_uppercase_in_returned_cname(self):
# Test that we can recognize an answer with case mismatch in the
# domain.
mlist = create_list('*****@*****.**')
# Use action reject. The rule only hits on reject and discard.
mlist.dmarc_mitigate_action = DMARCMitigateAction.reject
msg = mfs("""\
From: [email protected]
To: [email protected]
""")
rule = dmarc.DMARCMitigation()
with get_dns_resolver(cnuc=True):
self.assertTrue(rule.check(mlist, msg, {}))
def test_multiple_records(self):
mlist = create_list('*****@*****.**')
# Use action reject. The rule only hits on reject and discard.
mlist.dmarc_mitigate_action = DMARCMitigateAction.reject
msg = mfs("""\
From: [email protected]
To: [email protected]
""")
mark = LogFileMark('mailman.error')
rule = dmarc.DMARCMitigation()
with get_dns_resolver(rmult=True):
self.assertTrue(rule.check(mlist, msg, {}))
line = mark.readline()
self.assertEqual(
line[-85:], 'RRset of TXT records for _dmarc.example.biz has 2 '
'v=DMARC1 entries; testing them all\n')
def test_dmarc_nonameservers_exception(self):
mlist = create_list('*****@*****.**')
# Use action reject. The rule only hits on reject and discard.
mlist.dmarc_mitigate_action = DMARCMitigateAction.reject
msg = mfs("""\
From: [email protected]
To: [email protected]
""")
mark = LogFileMark('mailman.error')
rule = dmarc.DMARCMitigation()
with get_dns_resolver():
self.assertTrue(rule.check(mlist, msg, {}))
line = mark.readline()
self.assertEqual(
line[-84:], 'DNSException: No Nameservers available for '
'[email protected] (_dmarc.example.home).\n')
def test_looping_cnames(self):
mlist = create_list('*****@*****.**')
# Use action reject. The rule only hits on reject and discard.
mlist.dmarc_mitigate_action = DMARCMitigateAction.reject
msg = mfs("""\
From: [email protected]
To: [email protected]
""")
mark = LogFileMark('mailman.vette')
rule = dmarc.DMARCMitigation()
with get_dns_resolver(cloop=True):
self.assertTrue(rule.check(mlist, msg, {}))
line = mark.readline()
self.assertEqual(
line[-120:],
'ant: DMARC lookup for [email protected] (_dmarc.example.biz) '
'found p=reject in _dmarc.example.org. = v=DMARC1; p=reject;\n')
def test_dmarc_dns_exception(self):
mlist = create_list('*****@*****.**')
# Use action reject. The rule only hits on reject and discard.
mlist.dmarc_mitigate_action = DMARCMitigateAction.reject
msg = mfs("""\
From: [email protected]
To: [email protected]
""")
mark = LogFileMark('mailman.error')
rule = dmarc.DMARCMitigation()
with get_dns_resolver():
self.assertTrue(rule.check(mlist, msg, {}))
line = mark.readline()
self.assertEqual(
line[-144:], 'DNSException: Unable to query DMARC policy for '
'[email protected] (_dmarc.example.info). '
'Abstract base class shared by all dnspython exceptions.\n')
