fastmail / authentication_milter Goto Github PK
View Code? Open in Web Editor NEWEmail Authentication by SPF/DKIM/DMARC etc.
License: Other
Email Authentication by SPF/DKIM/DMARC etc.
License: Other
fastmail.com's AR headers -- generated by authentication_milter -- appear to cause problems for a Thunderbird extension, "DKIM Verifier". due to (?) the presence of 'x-bits' tag.
not clear to me where the cause of the problem lies ... with auth_milter, FM's config, of with the extension.
headers gen'd by gmail do not seem to cause the same issue.
could you spare a look at the issue report here,
and comment?
thx o/
The spec states that these headers should not be added, as they're likely to be removed by downstream MTA's.
I might've missed something, but I could not find any documented way of preventing the generation of these headers.
Hello,
if I don't specify any dns_resolvers
I get lots of DNS errors:
Oct 16 00:35:22 testmaschine01 authentication_milter[26552]: 3371A6C150D: ERROR: DNS Lookup MX domain.de error, hold set on domain.de : query timed out
Oct 16 00:35:22 testmaschine01 authentication_milter[26552]: 3371A6C150D: ERROR: DNS Lookup MX domain.de error, hold set on domain.de : query timed out
Oct 16 00:35:22 testmaschine01 authentication_milter[26552]: 3371A6C150D: ERROR: Lookup A domain.de aborted due to previous DNS Lookup timeout on domain.de
Oct 16 00:35:22 testmaschine01 authentication_milter[26552]: 3371A6C150D: ERROR: Lookup AAAA domain.de aborted due to previous DNS Lookup timeout on domain.de
Oct 16 00:35:23 testmaschine01 authentication_milter[26552]: 3371A6C150D: ERROR: Lookup TXT domain.de aborted due to previous DNS Lookup timeout on domain.de
Oct 16 00:35:23 testmaschine01 authentication_milter[26552]: 3371A6C150D: SPFHeader: Received-SPF: temperror (domain.de: Time-out on DNS 'TXT' lookup of 'domain.de') receiver=michael01.XXXXX.de; identity=pra; pra="[email protected]"; helo=out.domain.de; client-ip=11.22.33.44
Oct 16 00:35:23 testmaschine01 authentication_milter[26552]: 3371A6C150D: ERROR: Lookup TXT dkim._domainkey.domain.de aborted due to previous DNS Lookup timeout on domain.de
Oct 16 00:35:23 testmaschine01 authentication_milter[26552]: 3371A6C150D: DKIMResult: invalid (public key: DNS error: query timed out)
Oct 16 00:35:23 testmaschine01 authentication_milter[26552]: 3371A6C150D: DKIMSignatureResult: invalid (public key: DNS error: query timed out)
Oct 16 00:35:23 testmaschine01 authentication_milter[26552]: 3371A6C150D: ERROR: Lookup TXT _domainkey.domain.de aborted due to previous DNS Lookup timeout on domain.de
Oct 16 00:35:23 testmaschine01 authentication_milter[26552]: 3371A6C150D: ERROR: Lookup TXT _policy._domainkey.domain.de aborted due to previous DNS Lookup timeout on domain.de
Oct 16 00:35:23 testmaschine01 authentication_milter[26552]: 3371A6C150D: ERROR: Lookup TXT _adsp._domainkey.domain.de aborted due to previous DNS Lookup timeout on domain.de
Oct 16 00:35:23 testmaschine01 authentication_milter[26552]: 3371A6C150D: ERROR: Lookup MX domain.de aborted due to previous DNS Lookup timeout on domain.de
Oct 16 00:35:23 testmaschine01 authentication_milter[26552]: 3371A6C150D: ERROR: DKIM EOM Error DNS error: query timed out<LF>
Oct 16 00:35:23 testmaschine01 authentication_milter[26552]: 3371A6C150D: ERROR: Temp DKIM Error - DNS error: query timed out<LF>
Oct 16 00:35:23 testmaschine01 authentication_milter[26552]: 3371A6C150D: ERROR: Lookup MX domain.de aborted due to previous DNS Lookup timeout on domain.de
Oct 16 00:35:23 testmaschine01 authentication_milter[26552]: 3371A6C150D: ERROR: Lookup NS domain.de aborted due to previous DNS Lookup timeout on domain.de
Oct 16 00:35:23 testmaschine01 authentication_milter[26552]: 3371A6C150D: ERROR: Lookup A domain.de aborted due to previous DNS Lookup timeout on domain.de
Oct 16 00:35:23 testmaschine01 authentication_milter[26552]: 3371A6C150D: ERROR: Lookup AAAA domain.de aborted due to previous DNS Lookup timeout on domain.de
If I configure them, everything is fine:
"dns_resolvers" : [
"127.0.0.1",
"8.8.8.8"
],
Which resolvers are being used if I don't specify dns_resolvers
, I would have expected that the "operating system default resolvers" are being used...
After installing, I had to manually add both Net::SMTPS and NET:HTTP modules to get things working. I've checked the installation log of the 'cpanm Mail::Milter::Authentication' command but there was no mention of either of these modules.
I used this Dockerfile to test and reproduce the problem.
Running 'dmarc_view_reports' resulted in the following errors:
Can't locate Net/SMTPS.pm in @INC (you may need to install the Net::SMTPS module) (@INC contains: lib /etc/perl /usr/local/lib/x86_64-linux-gnu/perl/5.28.1 /usr/local/share/perl/5.28.1 /usr/lib/x86_64-linux-gnu/perl5/5.28 /usr/share /perl5 /usr/lib/x86_64-linux-gnu/perl/5.28 /usr/share/perl/5.28 /usr/local/lib/site_perl /usr/lib/x86_64-linux-gnu/perl-base) at /usr/local/share/perl/5.28.1/Mail/DMARC/Report/Send/SMTP.pm line 10.
BEGIN failed--compilation aborted at /usr/local/share/perl/5.28.1/Mail/DMARC/Report/Send/SMTP.pm line 10.
Compilation failed in require at /usr/local/share/perl/5.28.1/Mail/DMARC/Report/Send.pm line 8.
BEGIN failed--compilation aborted at /usr/local/share/perl/5.28.1/Mail/DMARC/Report/Send.pm line 8.
Compilation failed in require at /usr/local/share/perl/5.28.1/Mail/DMARC/Report.pm line 14.
Compilation failed in require at /usr/local/bin/dmarc_view_reports line 26.
BEGIN failed--compilation aborted at /usr/local/bin/dmarc_view_reports line 26.
Can't locate Net/HTTP.pm in @INC (you may need to install the Net::HTTP module) (@INC contains: lib /etc/perl /usr/local/lib/x86_64-linux-gnu/perl/5.28.1 /usr/local/share/perl/5.28.1 /usr/lib/x86_64-linux-gnu/perl5/5.28 /usr/share/p erl5 /usr/lib/x86_64-linux-gnu/perl/5.28 /usr/share/perl/5.28 /usr/local/lib/site_perl /usr/lib/x86_64-linux-gnu/perl-base) at /usr/local/share/perl/5.28.1/Mail/DMARC/Report/Send/HTTP.pm line 11.
BEGIN failed--compilation aborted at /usr/local/share/perl/5.28.1/Mail/DMARC/Report/Send/HTTP.pm line 11.
Compilation failed in require at /usr/local/share/perl/5.28.1/Mail/DMARC/Report/Send.pm line 9.
BEGIN failed--compilation aborted at /usr/local/share/perl/5.28.1/Mail/DMARC/Report/Send.pm line 9.
Compilation failed in require at /usr/local/share/perl/5.28.1/Mail/DMARC/Report.pm line 14.
Compilation failed in require at /usr/local/bin/dmarc_view_reports line 26.
BEGIN failed--compilation aborted at /usr/local/bin/dmarc_view_reports line 26.
The same errors can be seen in the authentication_milter log itself:
Global shut down due to fatal error: Could not load handler DMARC : Can't locate Net/SMTPS.pm in @INC (you may need to install the Net::SMTPS module) (@INC contains: /etc/perl /usr/local/lib/x86_64-linux-gnu/perl/5.28.1 /usr/local/share/perl/5.28.1 /usr/lib/x86_64-linux-gnu/perl5/5.28 /usr/share/perl5 /usr/lib/x86_64-linux-gnu/perl/5.28 /usr/share/perl/5.28 /usr/local/lib/site_perl /usr/lib/x86_64-linux-gnu/perl-base) at /usr/local/share/perl/5.28.1/Mail/DMARC/Report/Send/SMTP.pm line 10.
While going though our log file, I've discovered another reoccurring warning:
PreHeader: X-Disposition-Quarantine: Quarantined due to DMARC policy
Warning: Argument "q" isn't numeric in numeric eq (==) at /usr/local/share/perl/5.28.1/Mail/Milter/Authentication/Protocol/Milter.pm line 155.
91037142D3F: DKIMResult: No DKIM headers
91037142D3F: SenderIdCode: none
91037142D3F: ERROR: Could not parse empty address
91037142D3F: DMARCCode: fail
91037142D3F: DMARCDisposition: quarantine
91037142D3F: DMARCSubdomain: no
91037142D3F: DMARCPolicy: quarantine default
91037142D3F: DMARCReportTo: <removed>
91037142D3F: PreHeader: Received-SPF: none
(<removed>: No applicable sender policy available)
receiver=<removed>;
identity=helo;
helo=<removed>;
client-ip=<removed>
91037142D3F: PreHeader: Authentication-Results: <removed>;
dkim=none (no signatures found);
dmarc=fail policy.published-domain-policy=quarantine policy.applied-disposition=quarantine policy.evaluated-disposition=quarantine (p=quarantine,d=quarantine,d.eval=quarantine) policy.policy-from=p header.from=<removed>;
iprev=pass smtp.remote-ip=<removed> (<removed>);
spf=none smtp.mailfrom="" smtp.helo=<removed>;
x-ptr=pass smtp.helo=<removed> policy.ptr=<removed>;
x-return-mx=fail smtp.domain=localhost.localdomain policy.org_domain=localdomain policy.is_org=no policy.mx_error=NXDOMAIN policy.a_error=NXDOMAIN policy.aaaa_error=NXDOMAIN policy.org_mx_error=NOERROR policy.org_a_error=NOERROR policy.org_aaaa_error=NOERROR;
x-return-mx=pass header.domain=<removed> policy.is_org=yes (MX Records found: <removed>)
91037142D3F: PreHeader: X-Disposition-Quarantine: Quarantined due to DMARC policy
Warning: Argument "q" isn't numeric in numeric eq (==) at /usr/local/share/perl/5.28.1/Mail/Milter/Authentication/Protocol/Milter.pm line 155.
91037142D3F: SMTPQuarantine: Quarantined due to DMARC policy
the close callback is running after the queueid is cleared, and any logging has the incorrect queueid and a noqueue
Tl;dr: very long header fields are mangled by the Outlook client; when used with an IMAP server, a quiet failure occurs resulting in significant and unpredictable data loss
Severity: end-user data loss
Category: unintended consequences
Summary: The total 'unwrapped' length of the Authentication-Results header field can exceed 1,000 characters, causing data loss when certain IMAP clients are used to access/file those messages.
The output of fastmail/authentication_milter, without the use of the 'x-' experimental / unregistered method identifiers or extension result codes, appears to only use about 75% of that amount. As currently deployed, however, field lengths in excess of 1,300 characters have been observed.
Some (poorly-compliant?) e-mail clients (e.g. the current version of Microsoft Outlook for Windows and anything else using the MSFT MAPI engine) seem to be 'unwraping'/'unfolding' the header fields of internet messages for internal storage.
While RFC 5322 [1][2] limits line length in finished messages to
998 characters[3], section 2.2.3 of that RFC states that once a header field is 'unfolded' by a lexer the combination of the header name and header body may be of unlimited length.[4]
0x0a
character(0x0a)
character not paired with a matching adjacent carriage return 0x0d
character [12].Outlook appears to be broken. It has likely always been broken in this way. (That said, it was broken in a way that didn't cause this type of inadvertent data loss until extremely long Authentication-Results fields became commonplace.) Millions of people (at least) use Outlook; some percentage of them use IMAP. How many of them are now permanently losing messages without even knowing it?
Who should fix this? Probably everyone. (Internet Standards and RFCs are many and complicated, though, so I understand the struggle.)
From Appendix C of RFC 8601:
It is typically easier to change a single MUA than an MTA because the modification affects fewer users and can be pursued with less care. However, changing many MUAs is more effort than changing a smaller number of MTAs.
Thanks for reading this far. Suggestions and comments?
-Jim
Disclaimer: I don't work for @microsoft or @fastmail. Everything here is based on behavior I have personally observed during my research of this issue. I'm not a programmer; troubleshooting closed-source programs and encrypted mail transfer protocols isn't the most straightforward task; here may be dragons.
[1] As does its predecessor, Internet Message Format, RFC 2822
[2] The original ARPA INTERNET TEXT MESSAGES specification, RFC 822, mentions the 'folding' process but does not explicitly acknowledge an unlimited field length.
[3] Section 2.1.1 of RFC 5322: Not including the CRLF; each line in a finished message may be 1000 characters total
Each line of characters MUST be no more than 998 characters, and SHOULD be no more than 78 characters, excluding the CRLF.
[4] In practice, of course, many software systems are likely to have some finite limit on maximum string length. (The programmer should be capable of checking to make sure input doesn't overflow the available space, of course.)
[5] Even if Microsoft quickly releases a patch, however, those using legacy clients (e.g. Outlook 2013, like perhaps some of our parents or grandparents are) might not be able to easily apply the patch or to upgrade to a newer version (for cost or other reasons).
[6] Section 2.1 of RFC 7601:
The header field MAY appear more than once in a single message, or more than one result MAY be represented in a single header field, or a combination of these MAY be applied.
[7] Section 7.8 of RFC 8601 (substantially unchanged from RFC 7601 / 7001 / 5451)
Intentionally Malformed Header Fields
As with any other header field found in the message, it is possible for an attacker to add an Authentication-Results header field that is extraordinarily large or otherwise malformed in an attempt to discover or exploit weaknesses in header field parsing code. Implementers must thoroughly verify all such header fields received from MTAs and be robust against intentionally as well as unintentionally malformed header fields.
[8] Section 2.7.6, Extension Methods, of RFC 7601 (emphasis added):
Experimental method identifiers MUST only be used within ADMDs that
have explicitly consented to use them. These method identifiers and
the parameters associated with them are not documented in RFCs.
Therefore, they are subject to change at any time and not suitable
for production use. Any MTA, MUA, or downstream filter intended for
production use SHOULD ignore or delete any Authentication-Results
header field that includes an experimental (unknown) method
identifier.
[9] Section 2.7.7, Extension Result Codes, of RFC 7601 (emphasis added):
Experimental results MUST only be used within ADMDs that have
explicitly consented to use them. These results and the parameters
associated with them are not formally documented. Therefore, they
are subject to change at any time and not suitable for production
use. Any MTA, MUA, or downstream filter intended for production use
SHOULD ignore or delete any Authentication-Results header field that
includes an extension result.
[10] Example method identifiers that are not registered with the IANA "Email
Authentication Property Types" registry and their associated handler files:
[10.5] Technically, I don't believe this is actually Outlook. There is a Windows DLL that manages the MAPI message store for all compatible applications. Messages are not internally stored in "RFC 822/2822/5322 Internet Message Format" but in the MAPI format used by pre-internet mail Exchange. This conversion process is choking on mismatched CR/LFs generated by another part of the process (when the mail was fetched over IMAP?), as explained in the next footnote.
[11] It appears to attempt to wrap the line by inserting a new line and a tab: 0x0d0a09
, but it actually places that inside of another CRLF, resulting in something like 0x0d0d0a090a
.
0x0d0d0a0d0a090a
, then 0x0d0d0a0d0a0d0a090a
, then 0x0d0d0a0d0a0d0a0d0a090a
, then ...[12] I'll have to check with the @cyrusimap folks to see if this complies with section 4 of RFC 5322. (SMTP servers aren't supposed to accept 'naked'/unpaired newline characters, but my spouse won't let me read any more RFCs tonight to verify what the current recommendations are for IMAP servers)
[13] Messages with the subject "Synchronization Log" are created in a folder called "Sync Issues", but that folder is NOT visible by default. The user needs to open a pop-up menu, switch away from the standard 'Mail' view to this hidden 'Folder' view, and then scroll (perhaps quite far) to find this folder. Other than these messages, there is no indication of error, unless you specifically notice a message is missing from the server.
[14] The database (mailbox.ost) is considered a cache with messages assumed to always be on the server, so both the program and public documentation include deleting it as a common troubleshooting technique. (Nearly universally, the only downside listed is the time/bandwidth needed to re-download the messages. The possibility of data loss is not on the public radar here, at all.)
i've cpan installed,
Details for 'Mail::Milter::Authentication'
Author Marc Bradshaw ([email protected])
Description None given
Development Stage Unknown
Installed File /usr/local/share/perl5/5.30/Mail/Milter/Authentication.pm
Interface Style Unknown
Language Used Unknown
Package Mail-Milter-Authentication-2.20200930.2.tar.gz
Public License Unknown
Support Level Unknown
Version Installed 2.20200930.2
Version on CPAN 2.20200930002
...
auth-milter json config,,
cat /etc/auth-milter/authentication_milter.json
{
...
"runas" : "auth-milter",
"rungroup" : "postfix-milter",
...
systemd service config,
cat /etc/systemd/system/auth-milter.service
...
[Service]
...
User=auth-milter
Group=postfix-milter
...
where
id auth-milter && id postfix-milter
uid=1008(auth-milter) gid=1001(postfix-milter) groups=1001(postfix-milter),1007(auth-milter)
on startup
systemctl start auth-milter
it launches
systemctl status auth-milter
โ auth-milter.service - FastMail Authentication Milter Daemon
Loaded: loaded (/etc/systemd/system/auth-milter.service; enabled; vendor preset: disabled)
Active: active (running) since Mon 2020-10-05 09:40:01 PDT; 1min 9s ago
Main PID: 37124 (authentication_)
Tasks: 6 (limit: 9497)
Memory: 100.9M
CPU: 1.117s
CGroup: /system.slice/auth-milter.service
โโ37124 authentication_milter_testid:parent
โโ37141 authentication_milter_testid:waiting(0)
โโ37142 authentication_milter_testid:waiting(0)
โโ37143 authentication_milter_testid:waiting(0)
โโ37144 authentication_milter_testid:waiting(0)
โโ37145 authentication_milter_testid:waiting(0)
but logs
Oct 05 09:40:01 test authentication_milter_testid[37124]: Group Not Defined. Defaulting to EGID '1001 1001 1007'
Oct 05 09:40:01 test authentication_milter_testid[37124]: User Not Defined. Defaulting to EUID '1008'
Oct 05 09:40:02 test authentication_milter_testid[37124]: DMARC Preloaded PSL
Oct 05 09:40:02 test authentication_milter_testid[37141]: Child process 37141 starting up
Oct 05 09:40:02 test authentication_milter_testid[37142]: Child process 37142 starting up
Oct 05 09:40:02 test authentication_milter_testid[37143]: Child process 37143 starting up
Oct 05 09:40:02 test authentication_milter_testid[37145]: Child process 37145 starting up
Oct 05 09:40:02 test authentication_milter_testid[37144]: Child process 37144 starting up
it appears non-fatal; auth-milter operates
not clear yet if there are any operational effects
just a reporting error?
The readme has a link to a LICENSE file, but it's not there.
There is no license in this repository at all, however it implies that there should be.
Was this a mistake?
Hello Marc,
I installed your milter via
sudo cpanm Mail::Milter::Authentication
Because a test failed in "Net-DNS-Paranoid-0.08" ( tokuhirom/Net-DNS-Paranoid#4 ) I had to use "--force" to install it, then it worked fine.
But when running it with "debug:1" I get lots of these Warnings:
==> authentication_milter.err <==
Sat Oct 16 00:09:43 2021 authentication_milter[26219] Warning: Use of uninitialized value in concatenation (.) or string at /usr/local/share/perl/5.26.1/Mail/Milter/Authentication/Handler.pm line 930.
Sat Oct 16 00:09:46 2021 authentication_milter[26219] Warning: Use of uninitialized value in concatenation (.) or string at /usr/local/share/perl/5.26.1/Mail/Milter/Authentication/Handler.pm line 722.
Sat Oct 16 00:09:47 2021 authentication_milter[26219] Warning: Use of uninitialized value in concatenation (.) or string at /usr/local/share/perl/5.26.1/Mail/Milter/Authentication/Handler.pm line 722.
Sat Oct 16 00:09:49 2021 authentication_milter[26219] Warning: Use of uninitialized value in concatenation (.) or string at /usr/local/share/perl/5.26.1/Mail/Milter/Authentication/Handler.pm line 722.
authentication_milter -h
shows that I'm using version 3.20210914
On all of my FreeBSD smokers the test suite of 2.20180430 fails:
# Failed test 'Metrics authmilter_forked_children_total{ident="test_authentication_milter_test"}'
# at /home/cpansand/.cpan/build/2018050103/Mail-Milter-Authentication-2.20180430-0/blib/lib/Mail/Milter/Authentication/Tester.pm line 140.
# got: '22'
# expected: '2'
# Looks like you failed 1 test of 84.
# Failed test 'data/metrics/milter_1.json'
# at /home/cpansand/.cpan/build/2018050103/Mail-Milter-Authentication-2.20180430-0/blib/lib/Mail/Milter/Authentication/Tester.pm line 165.
... (snip more similar errors) ...
SMTP Send expected 250 received 421 4.3.2 Pipeline limit reached
when sending RSET at /home/cpansand/.cpan/build/2018050103/Mail-Milter-Authentication-2.20180430-0/blib/lib/Mail/Milter/Authentication/Tester.pm line 420, <GEN1> line 38.
# Failed test 'Metrics authmilter_forked_children_total{ident="test_authentication_milter_test"}'
# at /home/cpansand/.cpan/build/2018050103/Mail-Milter-Authentication-2.20180430-0/blib/lib/Mail/Milter/Authentication/Tester.pm line 140.
# got: '27'
# expected: '2'
# Looks like you failed 1 test of 91.
... (snip) ...
I'm using authentication_milter, and have/test @ fastmail.
I'm dual-signing my outbound, with both -rsa & -ed25519 dkim keys
rfc
A New Cryptographic Signature Method for DomainKeys Identified Mail (DKIM)
https://datatracker.ietf.org/doc/html/rfc8463
states
https://datatracker.ietf.org/doc/html/rfc8463#section-5
that
5. Choice and Strength of Keys and Algorithms
Section 3.3 of [RFC6376] describes DKIM's hash and signature
algorithms. It is updated as follows:
Signers SHOULD implement and verifiers MUST implement the Ed25519-SHA256 algorithm.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
testing @ fastmail, my rec'd mail headers report,
Authentication-Results: mx6.messagingengine.com;
dkim=invalid (unsupported algorithm ed25519-sha256, 0-bit key)
I'm working on an issue, with more detail, here,
https://bugs.launchpad.net/dkimpy-milter/+bug/1901569/comments/6
not 100% clear yet where the problem lies ...
assuming that I'm reading the rfc correctly,
DOES authentication_milter currently/correctly support Ed25519-SHA256 algorithm dkim verification?
Installation from source instructions mention Makefile.PL
but there is no file with that name.
i've set up authentication-milter in smtp mode
with this config,
authentication_milter.json
{
"connection" : "inet:[email protected]",
"protocol" : "smtp",
"smtp" : {
"server_name" : "auth-milter.mx.example.com",
"sock_type" : "inet",
"sock_host" : "127.0.0.1",
"sock_port" : "10002",
"timeout_in" : "10",
"timeout_out" : "10",
"pipeline_limit" : "50",
"queue_type" : "before",
"chunk_limit" : 1048576
},
"debug" : 0,
"dryrun" : 0,
"hide_none" : 0,
"logtoerr" : 1,
"error_log" : "/var/log/auth-milter/auth-milter.err",
"umask" : "0000",
"runas" : "auth-milter",
"rungroup" : "postfix-milter",
"chroot" : "",
"listen_backlog" : 20,
"min_children" : 1,
"max_children" : 5,
"min_spare_children" : 1,
"max_spare_children" : 2,
"max_requests_per_child" : 100,
"connect_timeout" : 30,
"command_timeout" : 30,
"content_timeout" : 300,
"dns_resolvers" : [
"127.0.0.1"
],
"dns_timeout" : 10,
"dns_retry" : 2,
"header_indent_style" : "entry",
"header_fold_at" : 77,
"header_indent_by" : 4,
"tempfail_on_error" : "1",
"tempfail_on_error_authenticated" : "0",
"tempfail_on_error_local" : "0",
"tempfail_on_error_trusted" : "0",
"handlers" : {
"SPF" : {
"hide_received-spf_header" : 0,
"hide_none" : 0,
"best_guess" : 0
},
"DKIM" : {
"hide_none" : 0,
"hide_domainkeys" : 1,
"check_adsp" : 1,
"show_default_adsp" : 0,
"adsp_hide_none" : 0,
"extra_properties" : 0,
"no_strict" : 0
},
"!ARC" : {},
"IPRev" : {},
"PTR" : {},
"DMARC" : {
"hard_reject" : 1,
"no_reject_disposition" : "quarantine",
"no_list_reject" : 0,
"arc_before_list" : 0,
"no_list_reject_disposition" : "none",
"reject_on_multifrom" : 20,
"quarantine_on_multifrom" : 15,
"skip_on_multifrom" : 10,
"whitelisted" : [],
"use_arc" : 0,
"hide_none" : 0,
"detect_list_id" : 1,
"report_skip_to" : [],
"no_report" : 1,
"hide_report_to" : 0,
"config_file" : "/usr/local/etc/auth-milter/mail-dmarc.ini"
},
"!SenderID" : {
"hide_none" : 1
},
"!Auth" : {
},
"LocalIP" : {},
"TrustedIP" : {
"trusted_ip_list" : []
},
"!TLS" : {
},
"!AddID" : {},
"ReturnOK" : {"_comment" : "no cfg"},
"Sanitize" : {
"hosts_to_remove" : [
],
"remove_headers" : "yes"
},
}
}
on launch of the milter service,
systemctl start auth-milter
i get a FATAL error,
Mon Oct 5 11:44:44 2020 authentication_milter_mx[2834] daemonize servers=1/5 spares=1/2 requests=100
Mon Oct 5 11:44:44 2020 authentication_milter_mx[2834] run as user=auth-milter group=postfix-milter
Mon Oct 5 11:44:44 2020 authentication_milter_mx[2834] Chroot to
Mon Oct 5 11:44:44 2020 authentication_milter_mx[2834] listening on inet host=127.0.0.1 port=10001 backlog=20
Mon Oct 5 11:44:44 2020 authentication_milter_mx[2834] ==========
Mon Oct 5 11:44:44 2020 authentication_milter_mx[2834] Starting server
Mon Oct 5 11:44:44 2020 authentication_milter_mx[2834] Running with perl v5.30.3
Mon Oct 5 11:44:44 2020 authentication_milter_mx[2834] ==========
Mon Oct 5 11:44:44 2020 authentication_milter_mx[2911] Child process 2911 starting up
Mon Oct 5 11:44:44 2020 authentication_milter_mx[2911] Child process 2911 signalling global shut down due to fatal error: Could not build order list
Mon Oct 5 11:44:44 2020 authentication_milter_mx[2911] Child exiting
Unrecognized signal name "Term" at /usr/local/share/perl5/5.30/Mail/Milter/Authentication.pm line 903.
...propagated at /usr/local/share/perl5/5.30/Mail/Milter/Authentication.pm line 860.
and then the process runs away, spewing endlessly
Mon Oct 5 11:44:44 2020 authentication_milter_mx[2912] Child process 2912 starting up
Mon Oct 5 11:44:44 2020 authentication_milter_mx[2912] Child process 2912 signalling global shut down due to fatal error: Could not build order list
Mon Oct 5 11:44:44 2020 authentication_milter_mx[2912] Child exiting
Unrecognized signal name "Term" at /usr/local/share/perl5/5.30/Mail/Milter/Authentication.pm line 903.
...propagated at /usr/local/share/perl5/5.30/Mail/Milter/Authentication.pm line 860.
Mon Oct 5 11:44:44 2020 authentication_milter_mx[2913] Child process 2913 starting up
Mon Oct 5 11:44:44 2020 authentication_milter_mx[2913] Child process 2913 signalling global shut down due to fatal error: Could not build order list
Mon Oct 5 11:44:44 2020 authentication_milter_mx[2913] Child exiting
Unrecognized signal name "Term" at /usr/local/share/perl5/5.30/Mail/Milter/Authentication.pm line 903.
...propagated at /usr/local/share/perl5/5.30/Mail/Milter/Authentication.pm line 860.
Mon Oct 5 11:44:44 2020 authentication_milter_mx[2914] Child process 2914 starting up
Mon Oct 5 11:44:44 2020 authentication_milter_mx[2914] Child process 2914 signalling global shut down due to fatal error: Could not build order list
Mon Oct 5 11:44:44 2020 authentication_milter_mx[2914] Child exiting
Unrecognized signal name "Term" at /usr/local/share/perl5/5.30/Mail/Milter/Authentication.pm line 903.
...propagated at /usr/local/share/perl5/5.30/Mail/Milter/Authentication.pm line 860.
Mon Oct 5 11:44:44 2020 authentication_milter_mx[2915] Child process 2915 starting up
Mon Oct 5 11:44:44 2020 authentication_milter_mx[2915] Child process 2915 signalling global shut down due to fatal error: Could not build order list
Mon Oct 5 11:44:44 2020 authentication_milter_mx[2915] Child exiting
...
& requiring a service kill to exit.
toggling to DISABLE IPRev
- "IPRev" : {},
+ "!IPRev" : {},
eliminates the runaway, launch is successful, but on mail receipt -- from Fastmail servers -- logs report,
Mon Oct 5 11:42:23 2020 authentication_milter_mx[2667] Child process 2667 starting up
Mon Oct 5 11:42:51 2020 authentication_milter_mx[2667] 618C45BCAEC: SMTP Transaction count: 1.1
!! Mon Oct 5 11:42:51 2020 authentication_milter_mx[2667] 618C45BCAEC: ERROR: PTR Config Error: IPRev is missing
Mon Oct 5 11:42:51 2020 authentication_milter_mx[2667] 618C45BCAEC: SPFCode: pass
Mon Oct 5 11:42:51 2020 authentication_milter_mx[2667] 618C45BCAEC: DKIMResult: pass
Mon Oct 5 11:42:51 2020 authentication_milter_mx[2667] 618C45BCAEC: DMARCCode: pass
Mon Oct 5 11:42:51 2020 authentication_milter_mx[2667] 618C45BCAEC: DMARCDisposition: none
Mon Oct 5 11:42:51 2020 authentication_milter_mx[2667] 618C45BCAEC: DMARCSubdomain: no
Mon Oct 5 11:42:51 2020 authentication_milter_mx[2667] 618C45BCAEC: DMARCPolicy: none default
!! Mon Oct 5 11:42:51 2020 authentication_milter_mx[2667] 618C45BCAEC: ERROR: DMARC Error Can't call method "binip" on an undefined value at /usr/share/perl5/vendor_perl/Net/IP.pm line 761.
Mon Oct 5 11:42:51 2020 authentication_milter_mx[2667] 618C45BCAEC: PreHeader: Received-SPF: pass
Mon Oct 5 11:42:51 2020 authentication_milter_mx[2667] (fastmail.fm: Sender is authorized to use '#####@fastmail.fm' in 'mfrom' identity (mechanism 'include:spf.messagingengine.com' matched))
Mon Oct 5 11:42:51 2020 authentication_milter_mx[2667] receiver=auth-milter.mx.example.com;
Mon Oct 5 11:42:51 2020 authentication_milter_mx[2667] identity=mailfrom;
Mon Oct 5 11:42:51 2020 authentication_milter_mx[2667] envelope-from="#####@fastmail.fm";
Mon Oct 5 11:42:51 2020 authentication_milter_mx[2667] helo=wout3-smtp.messagingengine.com;
Mon Oct 5 11:42:51 2020 authentication_milter_mx[2667] client-ip=64.147.123.19
Mon Oct 5 11:42:51 2020 authentication_milter_mx[2667] 618C45BCAEC: PreHeader: Authentication-Results: auth-milter.mx.example.com;
Mon Oct 5 11:42:51 2020 authentication_milter_mx[2667] dkim-adsp=pass (ADSP policy from fastmail.fm);
Mon Oct 5 11:42:51 2020 authentication_milter_mx[2667] dkim=pass (2048-bit rsa key sha256) header.d=fastmail.fm
Mon Oct 5 11:42:51 2020 authentication_milter_mx[2667] [email protected] header.b=oB8IKenq header.a=rsa-sha256
Mon Oct 5 11:42:51 2020 authentication_milter_mx[2667] header.s=fm1;
Mon Oct 5 11:42:51 2020 authentication_milter_mx[2667] dkim=pass (2048-bit rsa key sha256) header.d=messagingengine.com
Mon Oct 5 11:42:51 2020 authentication_milter_mx[2667] [email protected] header.b=MUQDcOMs header.a=rsa-sha256
Mon Oct 5 11:42:51 2020 authentication_milter_mx[2667] header.s=fm1;
Mon Oct 5 11:42:51 2020 authentication_milter_mx[2667] dmarc=temperror header.from=fastmail.fm;
Mon Oct 5 11:42:51 2020 authentication_milter_mx[2667] spf=pass smtp.mailfrom=#####@fastmail.fm
Mon Oct 5 11:42:51 2020Mon Oct 5 11:42:51 2020 authentication_milter_mx[2725] Child process 2725 starting up
Mon Oct 5 11:43:22 2020 authentication_milter_mx[2725] Child process 2725 shutting down
Mon Oct 5 11:43:32 2020 authentication_milter_mx[2754] Dequeue process 2754 starting up
Mon Oct 5 11:43:32 2020 authentication_milter_mx[2754] DEQUEUE.4CD80E81382: Dequeue process 2754 shutting down
an fyi,
dep on Crypt-OpenSSL-RSA causes fail to compile if OpenSSL iv v >=3
upstream's been made aware
Crypt-OpenSSL-RSA will not compile with OpenSSL 3.0.0 due to deprecated code
toddr/Crypt-OpenSSL-RSA#31
no fix, as yet
some distro perl modules, e.g., @ Fedora36, properly handle compat issue; FM auth milter compile is OK
Over time i'm steadily seeing the number of processes 'processing' increasing.
It appears that the client (Postfix) connecting to the authentication milter is terminating it's side of the connection. But, on the Authentication Milter server the connection remains in the established state and never times out.
e.g.
ps:
authmil+ 327438 30036 0 Nov24 ? 00:00:01 authentication_milter_am1:processing:postenvrcpt(41)
netstat:
tcp 0 0 n.n.n.n:8892 n.n.n.n:50568 ESTABLISHED 327438/authenticati
Is there an overall timeout that can be applied to resolve this situation?
As a workaround i've patched my local Authentication.pm and reduced net.ipv4.tcp_keepalive_time to 300s, which appears to resolve the issue. But, a server side timeout would probably be a better solution.
@@ -16,6 +16,7 @@
use Log::Dispatchouli;
use Net::DNS::Resolver;
use Net::IP;
+use IO::Socket;
use Proc::ProcessTable;
use base 'Mail::Milter::Authentication::Net::ServerPatches';
use vars qw(@ISA);
@@ -383,6 +384,7 @@
$PROGRAM_NAME = $Mail::Milter::Authentication::Config::IDENT . ':processing(' . $count . ')';
$self->logdebug( 'Processing request ' . $self->{'count'} );
$self->{'socket'} = $self->{'server'}->{'client'};
+ $self->{'socket'}->setsockopt(SOL_SOCKET, SO_KEEPALIVE, 1);
$self->{'tracelog'} = [];
Seeing this in the error log whenever DNS PTR query fails (SERVFAIL):
Can't call method "can" on unblessed reference at /usr/local/share/perl/5.20.2/Mail/Milter/Authentication/Handler.pm line 1235.
...propagated at /usr/local/share/perl/5.20.2/Mail/Milter/Authentication.pm line 773.
Handler.pm:1235: if ( $thischild->{'object'}->{'resolver'}->can( 'clear_error_cache' ) ) {
I am also seeing these kind of messages in the log (74 in last 30 days). Can someone explain what is causing this and if it is something that needs fixing or ignoring?
Wed Jan 1 00:41:22 2020 authentication_milter[5668] Child process 5668 shutting down due to fatal error: bad packet length 50331695
Wed Jan 1 05:57:57 2020 authentication_milter[4546] Child process 4546 shutting down due to fatal error: bad packet length 4278215680
Wed Jan 1 15:22:45 2020 authentication_milter[5680] Child process 5680 shutting down due to fatal error: bad packet length 1195725856
Wed Jan 1 15:22:45 2020 authentication_milter[5628] Child process 5628 shutting down due to fatal error: bad packet length 369295616
Wed Jan 1 23:39:54 2020 authentication_milter[4555] Child process 4555 shutting down due to fatal error: bad packet length 4278215680
Thu Jan 2 02:37:24 2020 authentication_milter[4572] Child process 4572 shutting down due to fatal error: bad packet length 50331695
Thu Jan 2 07:28:03 2020 authentication_milter[5684] Child process 5684 shutting down due to fatal error: bad packet length 50331695
Thu Jan 2 20:14:04 2020 authentication_milter[4551] Child process 4551 shutting down due to fatal error: bad packet length 1195725856
Thu Jan 2 23:12:57 2020 authentication_milter[5681] Child process 5681 shutting down due to fatal error: bad packet length 50331695
Fri Jan 3 00:06:32 2020 authentication_milter[5658] Child process 5658 shutting down due to fatal error: bad packet length 4278215680
Would it be possible to make the client work with a larger message body and avoid the error below?
the message body is too big; its length must be less than 65536 bytes at /usr/local/share/perl/5.28.1/Mail/Milter/Authentication/Net/Milter.pm line 202.
See line 55 of https://github.com/fastmail/authentication_milter/blob/master/lib/Mail/Milter/Authentication/Handler/TLS.pm. x-tls is not correct. The correct pytpe for a TLS result would be smtp because it is information acquired during the smtp session. TLS usages should also be registered as a new smtp property, but that's a separate issue.
I run Postfix 3.3.1.
I'm hoping to replace a working, but increasingly flaky, opendkim/opendmarc/policyspf setup with authentication_milter.
I've installed
module_info Mail::Milter::Authentication Mail::AuthenticationResults Mail::DMARC::PurePerl
Name: Mail::Milter::Authentication
Version: undef
Directory: /usr/lib/perl5/site_perl/5.26.1
File: /usr/lib/perl5/site_perl/5.26.1/Mail/Milter/Authentication.pm
Core module: no
Name: Mail::AuthenticationResults
Version: undef
Directory: /usr/lib/perl5/site_perl/5.26.1
File: /usr/lib/perl5/site_perl/5.26.1/Mail/AuthenticationResults.pm
Core module: no
Name: Mail::DMARC::PurePerl
Version: undef
Directory: /usr/lib/perl5/site_perl/5.26.1
File: /usr/lib/perl5/site_perl/5.26.1/Mail/DMARC/PurePerl.pm
Core module: no
I've def'd a systemd unit
/etc/systemd/system/auth-milter.service
[Unit]
Description=AuthenticationMilter
After=var-run.mount network-online.target remote-fs.target syslog.target
[Service]
Type=simple
NonBlocking=yes
PIDFile=/var/run/auth-milter/auth-milter.pid
ExecStart=/usr/bin/authentication_milter -c start \
--prefix=/usr/local/etc/auth-milter \
--pidfile=/var/run/auth-milter/auth-milter.pid \
--ident mx
ExecReload=/bin/kill -USR1 $MAINPID
ExecStop=/usr/bin/authentication_milter \
-c stop \
--prefix=/usr/local/etc/auth-milter \
--pidfile=/var/run/auth-milter/auth-milter.pid
[Install]
WantedBy=multi-user.target
I've configured for milter use,
/usr/local/etc/auth-milter/authentication_milter.json
{
"protocol" : "milter",
"debug" : 0,
"dryrun" : 0,
"logtoerr" : 0,
"error_log" : "/var/log/auth-milter/auth-milter.err",
"connection" : "unix:/var/run/auth-milter/auth-milter.sock",
"umask" : "0000",
"runas" : "authmilter",
"rungroup" : "authmilter",
"chroot" : "",
"listen_backlog" : 20,
"min_children" : 5,
"max_children" : 25,
"min_spare_children" : 2,
"max_spare_children" : 5,
"max_requests_per_child" : 100,
"connect_timeout" : 30,
"command_timeout" : 30,
"content_timeout" : 300,
"dns_resolvers" : [
"127.0.0.1"
],
"dns_timeout" : 10,
"dns_retry" : 2,
"header_indent_style" : "entry",
"header_fold_at" : 77,
"header_indent_by" : 4,
"tempfail_on_error" : "1",
"tempfail_on_error_authenticated" : "0",
"tempfail_on_error_local" : "0",
"tempfail_on_error_trusted" : "0",
"handlers" : {
"SPF" : {
"best_guess" : 0,
"hide_none" : 0,
"hide_received-spf_header" : 0
},
"DKIM" : {
"hide_none" : 0,
"hide_domainkeys" : 1,
"check_adsp" : 1,
"show_default_adsp" : 0,
"adsp_hide_none" : 0
},
"DMARC" : {
"no_report" : "1",
"config_file" : "/usr/local/etc/auth-milter/mail-dmarc.ini",
"hard_reject" : 0,
"hide_none" : 0,
"no_reject_disposition" : "quarantine",
"detect_list_id" : "1",
"no_list_reject" : 0,
"no_list_reject_disposition" : "none",
"whitelisted" : [
"dkim:bad.forwarder.com"
],
"use_arc" : 1,
"report_skip_to" : [
"[email protected]"
]
},
"PTR" : {},
"SenderID" : {
"hide_none" : 1
},
"IPRev" : {},
"Auth" : {},
"LocalIP" : {},
"TrustedIP" : {
"trusted_ip_list" : [
]
},
"!AddID" : {},
"ReturnOK" : {},
"Sanitize" : {
"hosts_to_remove" : [
"example.com",
"example.net"
],
"remove_headers" : "yes"
}
}
}
On daemon start
systemctl start auth-milter
runs
ps aux | grep -i authen
authmil+ 26304 0.1 0.9 188596 79488 ? Ss 13:14 0:00 authentication_milter_mx:master
authmil+ 26305 0.0 0.9 188728 76056 ? S 13:14 0:00 authentication_milter_mx:waiting(1)
authmil+ 26306 0.0 0.8 188596 73400 ? S 13:14 0:00 authentication_milter_mx:waiting(0)
authmil+ 26307 0.0 0.8 188596 72936 ? S 13:14 0:00 authentication_milter_mx:waiting(0)
authmil+ 26308 0.0 0.8 188596 72936 ? S 13:14 0:00 authentication_milter_mx:waiting(0)
authmil+ 26309 0.0 0.8 188596 72936 ? S 13:14 0:00 authentication_milter_mx:waiting(0)
& logs
tail -f /var/log/auth-milter/auth-milter.conf
Wed Oct 10 12:54:18 2018 authentication_milter_mx[25507] daemonize servers=5/25 spares=2/5 requests=100
Wed Oct 10 12:54:18 2018 authentication_milter_mx[25507] run as user=authmilter group=authmilter
Wed Oct 10 12:54:18 2018 authentication_milter_mx[25507] Chroot to
Wed Oct 10 12:54:18 2018 authentication_milter_mx[25507] listening on unix socket=/var/run/auth-milter/auth-milter.sock backlog=20
Wed Oct 10 12:54:18 2018 authentication_milter_mx[25507] setting umask to 0000
Wed Oct 10 12:54:18 2018 authentication_milter_mx[25507] ==========
Wed Oct 10 12:54:18 2018 authentication_milter_mx[25507] Starting server
Wed Oct 10 12:54:18 2018 authentication_milter_mx[25507] Running with perl v5.26.1
Wed Oct 10 12:54:18 2018 authentication_milter_mx[25507] ==========
test-email sent from fastmail is received/delivered with headers,
Authentication-Results: mx.example.net;
dkim=pass (2048-bit rsa key sha256) header.d=fastmail.fm
[email protected] header.b=TgO1WPCB header.a=rsa-sha256
header.s=fm1;
dkim=pass (2048-bit rsa key sha256) header.d=messagingengine.com
[email protected] header.b=VmssBcQh header.a=rsa-sha256
header.s=fm1;
x-local-ip=pass;
x-return-mx=pass header.domain=fastmail.fm policy.is_org=yes
(MX Record found);
x-return-mx=pass smtp.domain=fastmail.fm policy.is_org=yes
(MX Record found)
with NO TRACE of spf, ARC ...
I'm comparing to messages received AT fastmail, which display (e.g.),
Authentication-Results: mx5.messagingengine.com;
arc=none (no signatures found);
dkim=pass (1024-bit rsa key sha256) header.d=opayq.com
[email protected] header.b=ALCrBItS header.a=rsa-sha256
header.s=abine x-bits=1024;
dmarc=pass policy.published-domain-policy=none
policy.published-subdomain-policy=none policy.applied-disposition=none
policy.evaluated-disposition=none (p=none,sp=none,d=none,d.eval=none)
header.from=opayq.com;
iprev=pass policy.iprev=184.105.182.132
(132-he.filtered.junkemailfilter.com);
spf=pass [email protected]
smtp.helo=132-he.filtered.junkemailfilter.com;
x-aligned-from=pass (Address match);
x-cm=none score=0;
x-ptr=pass smtp.helo=132-he.filtered.junkemailfilter.com
policy.ptr=132-he.filtered.junkemailfilter.com;
x-return-mx=pass header.domain=opayq.com policy.is_org=yes
(MX Record found);
x-return-mx=pass smtp.domain=opayq.com policy.is_org=yes
(MX Record found);
x-tls=pass smtp.version=TLSv1.2 smtp.cipher=ECDHE-RSA-AES128-GCM-SHA256
smtp.bits=128/128;
x-vs=clean score=0 state=0
I'm guessing I'm missing SPF & ARC 'parts'?
I'm unclear on what's missing/misconfigured here.
Any guidance is appreciated.
Better yet, Is there a thorough example/walk-thru of setting this all up?
In the README you say this is free software and link to the LICENSE file for further details, but this file is missing.
Could you add the file?
Sorry if this is not the correct place to post this...
I'm interested in this project but it relies on Mail::SPF which appears to be abandoned. There has been no activity in the last 10 years and there are 28 outstanding issues, including this one which prevents the module from installing without manual intervention. Are you guys using a patched version of Mail::SPF or have you had contact with the author to find out what's going on over there?
Thanks in advance.
After recent merge I'm unable to install, getting this error:
==> Found dependencies: Net::IP, Net::DNS, Mail::DMARC::PurePerl, Mail::DKIM, List::MoreUtils, Mail::AuthenticationResults::Header::AuthServID, Text::Table, Mail::DKIM::KeyValueList, Mail::DKIM::ARC::Verifier, Email::Sender::Simple, Mail::BIMI, Mail::DataFeed::Abusix, Mail::SPF, Mail::AuthenticationResults::Header::Entry, Date::Manip::Date, JSON::XS, Date::Format, TOML, Log::Dispatchouli, App::Cmd::Setup, Mail::DKIM::DNS, Mail::AuthenticationResults::Header, Clone, Mail::DKIM::TextWrap, Net::DNS::Resolver, Mail::AuthenticationResults, Email::Simple::Creator, Email::Date::Format, Email::Simple, Test::File::Contents, File::Slurp, Net::DNS::Resolver::Mock, Import::Into, Prometheus::Tiny::Shared, Proc::ProcessTable, Net::Server::PreFork, Mail::DKIM::Verifier, Sereal, Mail::AuthenticationResults::Header::SubEntry, Mail::AuthenticationResults::Header::Comment, Mail::DKIM::ARC::Signer
<-- snip -->
Found Mail::DataFeed::Abusix 1.20200617001 which doesn't satisfy v1.20200617.1.
<-- snip -->
! Installing the dependencies failed: Module 'Mail::DataFeed::Abusix' is not installed
! Bailing out the installation for Mail-Milter-Authentication-2.20200930.2.
these deprecation warning are 'new' (just noticed them); afaict, no ops problems as a result - yet.
perl -v
This is perl 5, version 36, subversion 1 (v5.36.1) built for x86_64-linux-thread-multi
module_info Mail::Milter::Authentication
Name: Mail::Milter::Authentication
Version: undef
Directory: /usr/local/share/perl5/5.36
File: /usr/local/share/perl5/5.36/Mail/Milter/Authentication.pm
Core module: no
cpan -D Mail::Milter::Authentication
M/MB/MBRADSHAW/Mail-Milter-Authentication-3.20230214.tar.gz
/usr/local/share/perl5/5.36/Mail/Milter/Authentication.pm
Installed: 3.20230214
CPAN: 3.20230214 up to date
Marc Bradshaw (MBRADSHAW)
[email protected]
mail log
...
2023-05-11T07:46:39.116458-04:00 mail fm-auth-milter[9352]: Warning: deprecated method; prefer $rr->rdstring() at /usr/local/share/perl5/5.36/Mail/Milter/Authentication/Handler/IPRev.pm line 78.<LF>
...
Hi, seeing lots of warnings for this issue in the log. I contacted the author here robn/Prometheus-Tiny#10 but he then pointed out it's an authentication_milter issue
Warning: Use of uninitialized value $lv in substitution (s///) at /usr/local/lib/perl5/site_perl/Prometheus/Tiny.pm line 28.
Warning: Use of uninitialized value $lv in substitution (s///) at /usr/local/lib/perl5/site_perl/Prometheus/Tiny.pm line 29.
Warning: Use of uninitialized value $lv in concatenation (.) or string at /usr/local/lib/perl5/site_perl/Prometheus/Tiny.pm line 30.
following-up on
https://github.com/fastmail/authentication_milter/issues/85
@marcbradshaw
but yep, I'll reopen if/when I find something.
started seeing a couple of quirks with cpan release of authentication_milter.
starting to troubleshooting, attempted to build a clean instance from src @ master
'make test' fails currently
git clone https://github.com/fastmail/authentication_milter
cd authentication_milter
git checkout master
git log -n1
1 commit e68309515957e76b5682f81501829209aae53e97 (HEAD -> master, origin/master, origin/HEAD)
2 Merge: c747b85 49a29c9
3 Author: Marc Bradshaw <[email protected]>
4 Date: Wed Nov 4 11:55:39 2020 +1100
5
6 Merge pull request #88 from fastmail/DequeueErr
7
8 Dequeue err
perl -v
This is perl 5, version 30, subversion 3 (v5.30.3) built for x86_64-linux-thread-multi
(with 96 registered patches, see perl -V for more detail)
perl Makefile.PL
make
FAIL:
Skip blib/lib/auto/share/dist/Mail-Milter-Authentication/authentication_milter.json (unchanged)
Skip blib/lib/auto/share/dist/Mail-Milter-Authentication/authentication_milter.init (unchanged)
Skip blib/lib/auto/share/dist/Mail-Milter-Authentication/mail-dmarc.ini (unchanged)
PERL_DL_NONLAZY=1 "/usr/bin/perl" "-MExtUtils::Command::MM" "-MTest::Harness" "-e" "undef *Test::Harness::Switches; test_harness(0, 'blib/lib', 'blib/arch')" t/*.t
t/00-load.t ......................................... ok
t/01-func-pipeline.t ................................ ok
t/01-func-tools.t ................................... ok
t/02-unit-mail-milter-authentication-handler-rbl.t .. ok
t/02-unit-mail-milter-authentication-handler.t ...... ok
t/03-func-milter.t .................................. ok
t/03-func-smtp.t .................................... 1/42 SMTP Send expected 250 received 421 4.3.2 Pipeline limit reached
when sending RSET at /usr/local/src/authentication_milter/blib/lib/Mail/Milter/Authentication/Tester.pm line 421, <GEN1> line 38.
t/03-func-smtp.t .................................... ok
t/04-unit-handler-abusixdatafeed.t .................. ok
t/04-unit-handler-aligned-from_dmarc.t .............. ok
t/04-unit-handler-aligned-from_nodmarc.t ............ ok
t/04-unit-handler-auth.t ............................ ok
t/04-unit-handler-bimi.t ............................ ok
t/04-unit-handler-blocker.t ......................... ok
t/04-unit-handler-dkim.t ............................ ok
t/04-unit-handler-dmarc.t ........................... ok
t/04-unit-handler-localip.t ......................... ok
t/04-unit-handler-remap.t ........................... ok
t/04-unit-handler-trustedip.t ....................... ok
t/dev-boilerplate.t ................................. ok
t/dev-critic.t ...................................... skipped: Author test. Set $ENV{TEST_AUTHOR} to a true value to run.
t/dev-manifest.t .................................... skipped: Author tests not required for installation
t/dev-pod.t ......................................... 1/45
# Failed test 'POD test for blib/lib/Mail/Milter/Authentication.pm'
# at /usr/local/share/perl5/5.30/Test/Pod.pm line 184.
# blib/lib/Mail/Milter/Authentication.pm (74): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (104): Unknown directive: =func
# blib/lib/Mail/Milter/Authentication.pm (125): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (141): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (151): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (202): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (223): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (307): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (329): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (339): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (353): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (382): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (393): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (404): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (415): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (431): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (477): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (525): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (583): Unknown directive: =func
# blib/lib/Mail/Milter/Authentication.pm (634): Unknown directive: =func
# blib/lib/Mail/Milter/Authentication.pm (683): Unknown directive: =func
# blib/lib/Mail/Milter/Authentication.pm (702): Unknown directive: =func
# blib/lib/Mail/Milter/Authentication.pm (757): Unknown directive: =func
# blib/lib/Mail/Milter/Authentication.pm (1032): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (1043): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (1061): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (1079): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (1099): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (1120): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (1135): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (1149): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (1161): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (1241): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (1267): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (1288): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (1304): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (1316): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (1331): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (1346): Unknown directive: =method
t/dev-pod.t ......................................... 3/45
# Failed test 'POD test for blib/lib/Mail/Milter/Authentication/HTDocs.pm'
# at /usr/local/share/perl5/5.30/Test/Pod.pm line 184.
# blib/lib/Mail/Milter/Authentication/HTDocs.pm (15): Unknown directive: =constructor
# blib/lib/Mail/Milter/Authentication/HTDocs.pm (28): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/HTDocs.pm (55): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/HTDocs.pm (68): Unknown directive: =method
# Failed test 'POD test for blib/lib/Mail/Milter/Authentication/Config.pm'
# at /usr/local/share/perl5/5.30/Test/Pod.pm line 184.
# blib/lib/Mail/Milter/Authentication/Config.pm (41): Unknown directive: =func
# blib/lib/Mail/Milter/Authentication/Config.pm (105): Unknown directive: =func
# blib/lib/Mail/Milter/Authentication/Config.pm (157): Unknown directive: =func
# blib/lib/Mail/Milter/Authentication/Config.pm (175): Unknown directive: =func
# blib/lib/Mail/Milter/Authentication/Config.pm (213): Unknown directive: =func
# blib/lib/Mail/Milter/Authentication/Config.pm (245): Unknown directive: =func
# Failed test 'POD test for blib/lib/Mail/Milter/Authentication/Client.pm'
# at /usr/local/share/perl5/5.30/Test/Pod.pm line 184.
# blib/lib/Mail/Milter/Authentication/Client.pm (23): Unknown directive: =constructor
# blib/lib/Mail/Milter/Authentication/Client.pm (149): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Client.pm (201): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Client.pm (226): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Client.pm (265): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Client.pm (279): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Client.pm (341): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Client.pm (435): Unknown directive: =method
# Failed test 'POD test for blib/lib/Mail/Milter/Authentication/Metric.pm'
# at /usr/local/share/perl5/5.30/Test/Pod.pm line 184.
# blib/lib/Mail/Milter/Authentication/Metric.pm (21): Unknown directive: =constructor
# blib/lib/Mail/Milter/Authentication/Metric.pm (51): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Metric.pm (62): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Metric.pm (80): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Metric.pm (98): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Metric.pm (159): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Metric.pm (179): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Metric.pm (191): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Metric.pm (207): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Metric.pm (252): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Metric.pm (297): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Metric.pm (307): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Metric.pm (324): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Metric.pm (361): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Metric.pm (379): Unknown directive: =method
# Failed test 'POD test for blib/lib/Mail/Milter/Authentication/Handler.pm'
# at /usr/local/share/perl5/5.30/Test/Pod.pm line 184.
# blib/lib/Mail/Milter/Authentication/Handler.pm (28): Unknown directive: =constructor
# blib/lib/Mail/Milter/Authentication/Handler.pm (46): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (64): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (84): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (95): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (117): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (139): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (153): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (180): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (202): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (214): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (230): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (244): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (284): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (309): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (328): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (344): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (361): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (382): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (407): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (425): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (438): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (451): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (503): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (557): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (574): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (593): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (650): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (677): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (738): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (797): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (850): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (910): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (962): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (1014): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (1068): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (1092): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (1143): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (1216): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (1253): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (1275): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (1286): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (1311): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (1332): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (1344): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (1365): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (1377): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (1389): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (1401): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (1414): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (1426): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (1438): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (1451): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (1466): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (1479): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (1491): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (1504): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (1557): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (1575): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (1601): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (1619): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (1635): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (1652): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (1664): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (1681): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (1693): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (1719): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (1738): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (1758): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (1810): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (1835): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (1852): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (1868): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (1882): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (1898): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (1912): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (1930): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (1944): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (1956): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (1974): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (1996): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (2012): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (2026): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (2040): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (2060): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (2090): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (2102): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (2264): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (2282): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (2303): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (2361): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (2375): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (2412): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (2424): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (2482): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (2576): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (2595): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (2610): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (2627): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (2654): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (2664): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (2674): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (2684): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (2694): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (2706): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (2718): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (2732): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (2746): =cut found outside a pod block. Skipping to next block.
# Failed test 'POD test for blib/lib/Mail/Milter/Authentication/Exception.pm'
# at /usr/local/share/perl5/5.30/Test/Pod.pm line 184.
# blib/lib/Mail/Milter/Authentication/Exception.pm (9): Unknown directive: =constructor
# Looks like you failed 7 tests of 45.
t/dev-pod.t ......................................... Dubious, test returned 7 (wstat 1792, 0x700)
Failed 7/45 subtests
Test Summary Report
-------------------
t/dev-boilerplate.t (Wstat: 0 Tests: 2 Failed: 0)
TODO passed: 1-2
t/dev-pod.t (Wstat: 1792 Tests: 45 Failed: 7)
Failed tests: 1, 3-4, 6, 8, 10-11
Non-zero exit status: 7
Files=22, Tests=280, 243 wallclock secs ( 0.22 usr 0.04 sys + 23.23 cusr 4.19 csys = 27.68 CPU)
Result: FAIL
Failed 1/22 test programs. 7/280 subtests failed.
make: *** [Makefile:1206: test_dynamic] Error 7
in more detail for "t/dev-pod.t"
Skip blib/lib/auto/share/dist/Mail-Milter-Authentication/authentication_milter.json (unchanged)
Skip blib/lib/auto/share/dist/Mail-Milter-Authentication/authentication_milter.init (unchanged)
Skip blib/lib/auto/share/dist/Mail-Milter-Authentication/mail-dmarc.ini (unchanged)
PERL_DL_NONLAZY=1 "/usr/bin/perl" "-MExtUtils::Command::MM" "-MTest::Harness" "-e" "undef *Test::Harness::Switches; test_harness(1, 'blib/lib', 'blib/arch')" t/dev-pod.t
t/dev-pod.t ..
1..45
not ok 1 - POD test for blib/lib/Mail/Milter/Authentication.pm
# Failed test 'POD test for blib/lib/Mail/Milter/Authentication.pm'
# at /usr/local/share/perl5/5.30/Test/Pod.pm line 184.
# blib/lib/Mail/Milter/Authentication.pm (74): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (104): Unknown directive: =func
# blib/lib/Mail/Milter/Authentication.pm (125): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (141): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (151): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (202): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (223): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (307): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (329): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (339): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (353): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (382): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (393): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (404): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (415): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (431): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (477): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (525): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (583): Unknown directive: =func
# blib/lib/Mail/Milter/Authentication.pm (634): Unknown directive: =func
# blib/lib/Mail/Milter/Authentication.pm (683): Unknown directive: =func
# blib/lib/Mail/Milter/Authentication.pm (702): Unknown directive: =func
# blib/lib/Mail/Milter/Authentication.pm (757): Unknown directive: =func
# blib/lib/Mail/Milter/Authentication.pm (1032): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (1043): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (1061): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (1079): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (1099): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (1120): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (1135): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (1149): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (1161): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (1241): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (1267): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (1288): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (1304): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (1316): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (1331): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication.pm (1346): Unknown directive: =method
ok 2 - POD test for blib/lib/Mail/Milter/Authentication/Tester.pm (no pod)
not ok 3 - POD test for blib/lib/Mail/Milter/Authentication/HTDocs.pm
# Failed test 'POD test for blib/lib/Mail/Milter/Authentication/HTDocs.pm'
# at /usr/local/share/perl5/5.30/Test/Pod.pm line 184.
# blib/lib/Mail/Milter/Authentication/HTDocs.pm (15): Unknown directive: =constructor
# blib/lib/Mail/Milter/Authentication/HTDocs.pm (28): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/HTDocs.pm (55): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/HTDocs.pm (68): Unknown directive: =method
not ok 4 - POD test for blib/lib/Mail/Milter/Authentication/Config.pm
# Failed test 'POD test for blib/lib/Mail/Milter/Authentication/Config.pm'
# at /usr/local/share/perl5/5.30/Test/Pod.pm line 184.
# blib/lib/Mail/Milter/Authentication/Config.pm (41): Unknown directive: =func
# blib/lib/Mail/Milter/Authentication/Config.pm (105): Unknown directive: =func
# blib/lib/Mail/Milter/Authentication/Config.pm (157): Unknown directive: =func
# blib/lib/Mail/Milter/Authentication/Config.pm (175): Unknown directive: =func
# blib/lib/Mail/Milter/Authentication/Config.pm (213): Unknown directive: =func
# blib/lib/Mail/Milter/Authentication/Config.pm (245): Unknown directive: =func
ok 5 - POD test for blib/lib/Mail/Milter/Authentication/Constants.pm
not ok 6 - POD test for blib/lib/Mail/Milter/Authentication/Client.pm
# Failed test 'POD test for blib/lib/Mail/Milter/Authentication/Client.pm'
# at /usr/local/share/perl5/5.30/Test/Pod.pm line 184.
# blib/lib/Mail/Milter/Authentication/Client.pm (23): Unknown directive: =constructor
# blib/lib/Mail/Milter/Authentication/Client.pm (149): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Client.pm (201): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Client.pm (226): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Client.pm (265): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Client.pm (279): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Client.pm (341): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Client.pm (435): Unknown directive: =method
ok 7 - POD test for blib/lib/Mail/Milter/Authentication/Resolver.pm
not ok 8 - POD test for blib/lib/Mail/Milter/Authentication/Metric.pm
# Failed test 'POD test for blib/lib/Mail/Milter/Authentication/Metric.pm'
# at /usr/local/share/perl5/5.30/Test/Pod.pm line 184.
# blib/lib/Mail/Milter/Authentication/Metric.pm (21): Unknown directive: =constructor
# blib/lib/Mail/Milter/Authentication/Metric.pm (51): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Metric.pm (62): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Metric.pm (80): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Metric.pm (98): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Metric.pm (159): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Metric.pm (179): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Metric.pm (191): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Metric.pm (207): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Metric.pm (252): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Metric.pm (297): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Metric.pm (307): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Metric.pm (324): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Metric.pm (361): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Metric.pm (379): Unknown directive: =method
ok 9 - POD test for blib/lib/Mail/Milter/Authentication/Pragmas.pm (no pod)
not ok 10 - POD test for blib/lib/Mail/Milter/Authentication/Handler.pm
# Failed test 'POD test for blib/lib/Mail/Milter/Authentication/Handler.pm'
# at /usr/local/share/perl5/5.30/Test/Pod.pm line 184.
# blib/lib/Mail/Milter/Authentication/Handler.pm (28): Unknown directive: =constructor
# blib/lib/Mail/Milter/Authentication/Handler.pm (46): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (64): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (84): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (95): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (117): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (139): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (153): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (180): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (202): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (214): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (230): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (244): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (284): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (309): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (328): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (344): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (361): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (382): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (407): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (425): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (438): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (451): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (503): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (557): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (574): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (593): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (650): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (677): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (738): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (797): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (850): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (910): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (962): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (1014): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (1068): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (1092): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (1143): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (1216): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (1253): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (1275): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (1286): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (1311): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (1332): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (1344): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (1365): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (1377): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (1389): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (1401): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (1414): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (1426): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (1438): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (1451): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (1466): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (1479): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (1491): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (1504): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (1557): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (1575): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (1601): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (1619): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (1635): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (1652): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (1664): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (1681): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (1693): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (1719): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (1738): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (1758): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (1810): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (1835): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (1852): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (1868): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (1882): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (1898): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (1912): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (1930): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (1944): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (1956): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (1974): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (1996): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (2012): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (2026): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (2040): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (2060): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (2090): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (2102): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (2264): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (2282): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (2303): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (2361): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (2375): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (2412): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (2424): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (2482): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (2576): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (2595): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (2610): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (2627): Unknown directive: =method
# blib/lib/Mail/Milter/Authentication/Handler.pm (2654): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (2664): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (2674): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (2684): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (2694): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (2706): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (2718): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (2732): =cut found outside a pod block. Skipping to next block.
# blib/lib/Mail/Milter/Authentication/Handler.pm (2746): =cut found outside a pod block. Skipping to next block.
not ok 11 - POD test for blib/lib/Mail/Milter/Authentication/Exception.pm
# Failed test 'POD test for blib/lib/Mail/Milter/Authentication/Exception.pm'
# at /usr/local/share/perl5/5.30/Test/Pod.pm line 184.
# blib/lib/Mail/Milter/Authentication/Exception.pm (9): Unknown directive: =constructor
ok 12 - POD test for blib/lib/Mail/Milter/Authentication/App/Blocker/App.pm (no pod)
ok 13 - POD test for blib/lib/Mail/Milter/Authentication/App/Blocker/App/Command/add.pm (no pod)
ok 14 - POD test for blib/lib/Mail/Milter/Authentication/App/Blocker/App/Command/list.pm (no pod)
ok 15 - POD test for blib/lib/Mail/Milter/Authentication/App/Blocker/App/Command/delete.pm (no pod)
ok 16 - POD test for blib/lib/Mail/Milter/Authentication/Metric/Grafana.pm
ok 17 - POD test for blib/lib/Mail/Milter/Authentication/Handler/TrustedIP.pm
ok 18 - POD test for blib/lib/Mail/Milter/Authentication/Handler/TLS.pm
ok 19 - POD test for blib/lib/Mail/Milter/Authentication/Handler/LocalIP.pm
ok 20 - POD test for blib/lib/Mail/Milter/Authentication/Handler/AbusixDataFeed.pm
ok 21 - POD test for blib/lib/Mail/Milter/Authentication/Handler/Logger.pm
ok 22 - POD test for blib/lib/Mail/Milter/Authentication/Handler/PTR.pm
ok 23 - POD test for blib/lib/Mail/Milter/Authentication/Handler/Auth.pm
ok 24 - POD test for blib/lib/Mail/Milter/Authentication/Handler/Blocker.pm
ok 25 - POD test for blib/lib/Mail/Milter/Authentication/Handler/ReturnOK.pm
ok 26 - POD test for blib/lib/Mail/Milter/Authentication/Handler/DMARC.pm
ok 27 - POD test for blib/lib/Mail/Milter/Authentication/Handler/BIMI.pm
ok 28 - POD test for blib/lib/Mail/Milter/Authentication/Handler/Sanitize.pm
ok 29 - POD test for blib/lib/Mail/Milter/Authentication/Handler/Size.pm
ok 30 - POD test for blib/lib/Mail/Milter/Authentication/Handler/ARC.pm
ok 31 - POD test for blib/lib/Mail/Milter/Authentication/Handler/AlignedFrom.pm
ok 32 - POD test for blib/lib/Mail/Milter/Authentication/Handler/DKIM.pm
ok 33 - POD test for blib/lib/Mail/Milter/Authentication/Handler/TestTimeout.pm (no pod)
ok 34 - POD test for blib/lib/Mail/Milter/Authentication/Handler/SenderID.pm
ok 35 - POD test for blib/lib/Mail/Milter/Authentication/Handler/AddID.pm
ok 36 - POD test for blib/lib/Mail/Milter/Authentication/Handler/XGoogleDKIM.pm
ok 37 - POD test for blib/lib/Mail/Milter/Authentication/Handler/IPRev.pm
ok 38 - POD test for blib/lib/Mail/Milter/Authentication/Handler/SPF.pm
ok 39 - POD test for blib/lib/Mail/Milter/Authentication/Protocol/SMTP.pm
ok 40 - POD test for blib/lib/Mail/Milter/Authentication/Protocol/Milter.pm
ok 41 - POD test for blib/lib/Mail/Milter/Authentication/Tester/HandlerTester.pm
ok 42 - POD test for blib/lib/Mail/Milter/Authentication/Net/Milter.pm
ok 43 - POD test for blib/script/authentication_milter_client
ok 44 - POD test for blib/script/authentication_milter_blocker (no pod)
ok 45 - POD test for blib/script/authentication_milter
# Looks like you failed 7 tests of 45.
Dubious, test returned 7 (wstat 1792, 0x700)
Failed 7/45 subtests
Test Summary Report
-------------------
t/dev-pod.t (Wstat: 1792 Tests: 45 Failed: 7)
Failed tests: 1, 3-4, 6, 8, 10-11
Non-zero exit status: 7
Files=1, Tests=45, 0 wallclock secs ( 0.02 usr 0.01 sys + 0.32 cusr 0.01 csys = 0.36 CPU)
Result: FAIL
Failed 1/1 test programs. 7/45 subtests failed.
make: *** [Makefile:1206: test_dynamic] Error 7
IP is not always parsed, improve this.
I think I've might stumbled upon a bug when the 'v=' tag is missing in a DKIM record. The DKIM record below does not have a 'v=' tag. This tag is RECOMMENDED but not REQUIRED in the key record but the absence seems to result in a 'temperror' with a human_result blaming an unsupported algorithm.
Example:
20160525114544pm._domainkey.paddle.com descriptive text "k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCJ6rcSjbkJ/G7dApE4FynJ6jTYI2pKgE9QVDAf0OLpg6WdvtwqyKaayHcqrIljorgs9jZjhQbdF14e1DGcTXPJF8m0tfeQeeNgP5PaHel0plhLJDpT964zfZaUEr5NLeE0fkMZ16CiAyB8ZpH4y4m8FK5O5HGvkAuTgmfF4bVYhwIDAQAB"
DMARC report:
<dkim>
<domain>paddle.com</domain>
<selector>20160525114544pm</selector>
<result>temperror</result>
<human_result>invalid (unsupported algorithm rsa-sha1)</human_result>
</dkim>
running,
postconf mail_version
mail_version = 3.7.3
perldoc Mail::Milter::Authentication | grep version
version 3.20221006
perldoc Mail::AuthenticationResults | grep version
version 2.20210915
where authentication_milter runs in SMTP mode,
...
"connection" : "inet:[email protected]",
"protocol" : "smtp",
"smtp" : {
"sock_type" : "inet",
"sock_host" : "127.0.0.1",
"sock_port" : "13002",
...
i notice in logs lots of these "unexpected token" errors,
xzegrep "Error parsing existing Authentication-Results" /var/log/postfix/*
/var/log/postfix/postfix.log:2022-10-31T16:34:48.894462-04:00 mx auth-milter[17515]: 68EC8710EE0: ERROR: Error parsing existing Authentication-Results header: unexpected token at /usr/local/share/perl5/5.34/Mail/Milter/Authentication/Handler/Sanitize.pm line 129.<LF>
/var/log/postfix/postfix.log:2022-11-03T10:16:26.149537-04:00 mx auth-milter[57659]: 5089DFF7AF5: ERROR: Error parsing existing Authentication-Results header: unexpected token at /usr/local/share/perl5/5.34/Mail/Milter/Authentication/Handler/Sanitize.pm line 129.<LF>
/var/log/postfix/postfix.log.2022-08-28.1661659229.xz:2022-08-22T08:41:53.537327-04:00 mx auth-milter[21209]: 90CFEF582D9: ERROR: Error parsing existing Authentication-Results header: unexpected token at /usr/local/share/perl5/5.34/Mail/Milter/Authentication/Handler/Sanitize.pm line 129.<LF>
/var/log/postfix/postfix.log.2022-08-28.1661659229.xz:2022-08-22T10:04:50.698366-04:00 mx auth-milter[21709]: 96EDC557783: ERROR: Error parsing existing Authentication-Results header: unexpected token at /usr/local/share/perl5/5.34/Mail/Milter/Authentication/Handler/Sanitize.pm line 129.<LF>
/var/log/postfix/postfix.log.2022-08-28.1661659229.xz:2022-08-22T10:08:16.097963-04:00 mx auth-milter[21709]: 07408B1E56F: ERROR: Error parsing existing Authentication-Results header: unexpected token at /usr/local/share/perl5/5.34/Mail/Milter/Authentication/Handler/Sanitize.pm line 129.<LF>
/var/log/postfix/postfix.log.2022-08-28.1661659229.xz:2022-08-22T10:08:48.869560-04:00 mx auth-milter[21709]: 9553A2A7568: ERROR: Error parsing existing Authentication-Results header: unexpected token at /usr/local/share/perl5/5.34/Mail/Milter/Authentication/Handler/Sanitize.pm line 129.<LF>
/var/log/postfix/postfix.log.2022-08-28.1661659229.xz:2022-08-22T13:02:21.074580-04:00 mx auth-milter[24515]: DC02033FB0B: ERROR: Error parsing existing Authentication-Results header: unexpected token at /usr/local/share/perl5/5.34/Mail/Milter/Authentication/Handler/Sanitize.pm line 129.<LF>
/var/log/postfix/postfix.log.2022-08-28.1661659229.xz:2022-08-22T13:03:56.212376-04:00 mx auth-milter[24515]: 24558D0D89B: ERROR: Error parsing existing Authentication-Results header: unexpected token at /usr/local/share/perl5/5.34/Mail/Milter/Authentication/Handler/Sanitize.pm line 129.<LF>
/var/log/postfix/postfix.log.2022-08-28.1661659229.xz:2022-08-22T13:04:20.029124-04:00 mx auth-milter[25961]: CBB0493C955: ERROR: Error parsing existing Authentication-Results header: unexpected token at /usr/local/share/perl5/5.34/Mail/Milter/Authentication/Handler/Sanitize.pm line 129.<LF>
/var/log/postfix/postfix.log.2022-08-28.1661659229.xz:2022-08-22T13:08:22.718071-04:00 mx auth-milter[25961]: D7F3D12C3E0: ERROR: Error parsing existing Authentication-Results header: unexpected token at /usr/local/share/perl5/5.34/Mail/Milter/Authentication/Handler/Sanitize.pm line 129.<LF>
/var/log/postfix/postfix.log.2022-08-28.1661659229.xz:2022-08-23T12:23:42.528556-04:00 mx auth-milter[42222]: 56ECEF86232: ERROR: Error parsing existing Authentication-Results header: unexpected token at /usr/local/share/perl5/5.34/Mail/Milter/Authentication/Handler/Sanitize.pm line 129.<LF>
/var/log/postfix/postfix.log.2022-08-28.1661659229.xz:2022-08-25T13:16:34.563293-04:00 mx auth-milter[20060]: 07E0FEF2967: ERROR: Error parsing existing Authentication-Results header: unexpected token at /usr/local/share/perl5/5.34/Mail/Milter/Authentication/Handler/Sanitize.pm line 129.<LF>
/var/log/postfix/postfix.log.2022-08-28.1661659229.xz:2022-08-26T14:10:47.090196-04:00 mx auth-milter[36469]: A2B0FED3556: ERROR: Error parsing existing Authentication-Results header: unexpected token at /usr/local/share/perl5/5.34/Mail/Milter/Authentication/Handler/Sanitize.pm line 129.<LF>
/var/log/postfix/postfix.log.2022-09-04.1662264028.xz:2022-08-29T10:58:08.670426-04:00 mx auth-milter[7061]: 2F703348A8D: ERROR: Error parsing existing Authentication-Results header: unexpected token at /usr/local/share/perl5/5.34/Mail/Milter/Authentication/Handler/Sanitize.pm line 129.<LF>
/var/log/postfix/postfix.log.2022-09-04.1662264028.xz:2022-08-29T14:22:20.887090-04:00 mx auth-milter[7061]: C70F657EE35: ERROR: Error parsing existing Authentication-Results header: unexpected token at /usr/local/share/perl5/5.34/Mail/Milter/Authentication/Handler/Sanitize.pm line 129.<LF>
/var/log/postfix/postfix.log.2022-09-04.1662264028.xz:2022-08-29T14:24:38.084955-04:00 mx auth-milter[7061]: 244B3E717CB: ERROR: Error parsing existing Authentication-Results header: unexpected token at /usr/local/share/perl5/5.34/Mail/Milter/Authentication/Handler/Sanitize.pm line 129.<LF>
/var/log/postfix/postfix.log.2022-09-04.1662264028.xz:2022-08-31T10:51:47.477692-04:00 mx auth-milter[1275]: AA9ACB33A29: ERROR: Error parsing existing Authentication-Results header: unexpected token at /usr/local/share/perl5/5.34/Mail/Milter/Authentication/Handler/Sanitize.pm line 129.<LF>
/var/log/postfix/postfix.log.2022-09-11.1662868813.xz:2022-09-09T10:53:16.548924-04:00 mx auth-milter[2068]: FF31F81A1D4: ERROR: Error parsing existing Authentication-Results header: unexpected token at /usr/local/share/perl5/5.34/Mail/Milter/Authentication/Handler/Sanitize.pm line 129.<LF>
/var/log/postfix/postfix.log.2022-09-11.1662868813.xz:2022-09-09T11:59:02.169721-04:00 mx auth-milter[27548]: 06066B42B10: ERROR: Error parsing existing Authentication-Results header: unexpected token at /usr/local/share/perl5/5.34/Mail/Milter/Authentication/Handler/Sanitize.pm line 129.<LF>
/var/log/postfix/postfix.log.2022-09-11.1662868813.xz:2022-09-09T11:59:06.094647-04:00 mx auth-milter[32072]: 2CDEDBC5531: ERROR: Error parsing existing Authentication-Results header: unexpected token at /usr/local/share/perl5/5.34/Mail/Milter/Authentication/Handler/Sanitize.pm line 129.<LF>
/var/log/postfix/postfix.log.2022-09-11.1662868813.xz:2022-09-09T12:48:59.767220-04:00 mx auth-milter[36194]: 212AFE13BCA: ERROR: Error parsing existing Authentication-Results header: unexpected token at /usr/local/share/perl5/5.34/Mail/Milter/Authentication/Handler/Sanitize.pm line 129.<LF>
/var/log/postfix/postfix.log.2022-09-11.1662868813.xz:2022-09-09T13:25:27.724977-04:00 mx auth-milter[38529]: 60C59646413: ERROR: Error parsing existing Authentication-Results header: unexpected token at /usr/local/share/perl5/5.34/Mail/Milter/Authentication/Handler/Sanitize.pm line 129.<LF>
/var/log/postfix/postfix.log.2022-09-11.1662868813.xz:2022-09-09T14:36:18.746841-04:00 mx auth-milter[38529]: 351DA73B73D: ERROR: Error parsing existing Authentication-Results header: unexpected token at /usr/local/share/perl5/5.34/Mail/Milter/Authentication/Handler/Sanitize.pm line 129.<LF>
/var/log/postfix/postfix.log.2022-09-18.1663473614.xz:2022-09-12T12:44:13.928952-04:00 mx auth-milter[7648]: BBD8CFC25A9: ERROR: Error parsing existing Authentication-Results header: unexpected token at /usr/local/share/perl5/5.34/Mail/Milter/Authentication/Handler/Sanitize.pm line 129.<LF>
/var/log/postfix/postfix.log.2022-09-18.1663473614.xz:2022-09-12T12:44:16.298193-04:00 mx auth-milter[15580]: 0A7536F682C: ERROR: Error parsing existing Authentication-Results header: unexpected token at /usr/local/share/perl5/5.34/Mail/Milter/Authentication/Handler/Sanitize.pm line 129.<LF>
/var/log/postfix/postfix.log.2022-09-18.1663473614.xz:2022-09-13T18:34:48.752871-04:00 mx auth-milter[27275]: 9E444AD5858: ERROR: Error parsing existing Authentication-Results header: unexpected token at /usr/local/share/perl5/5.34/Mail/Milter/Authentication/Handler/Sanitize.pm line 129.<LF>
/var/log/postfix/postfix.log.2022-09-18.1663473614.xz:2022-09-14T11:54:18.638117-04:00 mx auth-milter[16240]: 7A9D1925063: ERROR: Error parsing existing Authentication-Results header: unexpected token at /usr/local/share/perl5/5.34/Mail/Milter/Authentication/Handler/Sanitize.pm line 129.<LF>
/var/log/postfix/postfix.log.2022-09-18.1663473614.xz:2022-09-14T19:19:45.233662-04:00 mx auth-milter[43719]: B5968D954A9: ERROR: Error parsing existing Authentication-Results header: unexpected token at /usr/local/share/perl5/5.34/Mail/Milter/Authentication/Handler/Sanitize.pm line 129.<LF>
/var/log/postfix/postfix.log.2022-09-18.1663473614.xz:2022-09-14T19:20:02.774937-04:00 mx auth-milter[54070]: AE24EAA8B75: ERROR: Error parsing existing Authentication-Results header: unexpected token at /usr/local/share/perl5/5.34/Mail/Milter/Authentication/Handler/Sanitize.pm line 129.<LF>
/var/log/postfix/postfix.log.2022-09-18.1663473614.xz:2022-09-16T13:39:12.846368-04:00 mx auth-milter[16230]: 2257A38FCE7: ERROR: Error parsing existing Authentication-Results header: unexpected token at /usr/local/share/perl5/5.34/Mail/Milter/Authentication/Handler/Sanitize.pm line 129.<LF>
/var/log/postfix/postfix.log.2022-09-25.1664078417.xz:2022-09-18T17:29:18.834628-04:00 mx auth-milter[9177]: 0FE2A87143D: ERROR: Error parsing existing Authentication-Results header: unexpected token at /usr/local/share/perl5/5.34/Mail/Milter/Authentication/Handler/Sanitize.pm line 129.<LF>
/var/log/postfix/postfix.log.2022-09-25.1664078417.xz:2022-09-23T14:47:41.737315-04:00 mx auth-milter[17873]: A569D1FC448: ERROR: Error parsing existing Authentication-Results header: unexpected token at /usr/local/share/perl5/5.34/Mail/Milter/Authentication/Handler/Sanitize.pm line 129.<LF>
/var/log/postfix/postfix.log.2022-10-02.1664683222.xz:2022-09-27T11:35:59.071332-04:00 mx auth-milter[1267]: 8269C9F3A02: ERROR: Error parsing existing Authentication-Results header: unexpected token at /usr/local/share/perl5/5.34/Mail/Milter/Authentication/Handler/Sanitize.pm line 129.<LF>
/var/log/postfix/postfix.log.2022-10-16.1665892800.xz:2022-10-12T16:49:15.949376-04:00 mx auth-milter[55103]: 941068380E5: ERROR: Error parsing existing Authentication-Results header: unexpected token at /usr/local/share/perl5/5.34/Mail/Milter/Authentication/Handler/Sanitize.pm line 129.<LF>
/var/log/postfix/postfix.log.2022-10-16.1665892800.xz:2022-10-14T15:21:47.241173-04:00 mx auth-milter[50437]: F17C7B363F8: ERROR: Error parsing existing Authentication-Results header: unexpected token at /usr/local/share/perl5/5.34/Mail/Milter/Authentication/Handler/Sanitize.pm line 129.<LF>
/var/log/postfix/postfix.log.2022-10-23.1666497627.xz:2022-10-19T16:15:55.156844-04:00 mx auth-milter[1257]: 05E88460520: ERROR: Error parsing existing Authentication-Results header: unexpected token at /usr/local/share/perl5/5.34/Mail/Milter/Authentication/Handler/Sanitize.pm line 129.<LF>
/var/log/postfix/postfix.log.2022-10-23.1666497627.xz:2022-10-20T10:58:28.040895-04:00 mx auth-milter[54766]: 3D6854E253F: ERROR: Error parsing existing Authentication-Results header: unexpected token at /usr/local/share/perl5/5.34/Mail/Milter/Authentication/Handler/Sanitize.pm line 129.<LF>
/var/log/postfix/postfix.log.2022-10-30.1667102429:2022-10-24T12:44:26.502992-04:00 mx auth-milter[55576]: B543C16ABAD: ERROR: Error parsing existing Authentication-Results header: unexpected token at /usr/local/share/perl5/5.34/Mail/Milter/Authentication/Handler/Sanitize.pm line 129.<LF>
/var/log/postfix/postfix.log.2022-10-30.1667102429:2022-10-24T12:45:30.407654-04:00 mx auth-milter[57304]: FB2B62C80F6: ERROR: Error parsing existing Authentication-Results header: unexpected token at /usr/local/share/perl5/5.34/Mail/Milter/Authentication/Handler/Sanitize.pm line 129.<LF>
/var/log/postfix/postfix.log.2022-10-30.1667102429:2022-10-24T12:58:11.491135-04:00 mx auth-milter[57325]: C14B60A68ED: ERROR: Error parsing existing Authentication-Results header: unexpected token at /usr/local/share/perl5/5.34/Mail/Milter/Authentication/Handler/Sanitize.pm line 129.<LF>
/var/log/postfix/postfix.log.2022-10-30.1667102429:2022-10-26T07:40:11.421695-04:00 mx auth-milter[19755]: 0FD2282B1A3: ERROR: Error parsing existing Authentication-Results header: unexpected token at /usr/local/share/perl5/5.34/Mail/Milter/Authentication/Handler/Sanitize.pm line 129.<LF>
/var/log/postfix/postfix.log.2022-10-30.1667102429:2022-10-26T07:40:20.095785-04:00 mx auth-milter[25725]: 260060E06CB: ERROR: Error parsing existing Authentication-Results header: unexpected token at /usr/local/share/perl5/5.34/Mail/Milter/Authentication/Handler/Sanitize.pm line 129.<LF>
/var/log/postfix/postfix.log.2022-10-30.1667102429:2022-10-26T10:44:56.512599-04:00 mx auth-milter[25776]: 7E1E37D8E28: ERROR: Error parsing existing Authentication-Results header: unexpected token at /usr/local/share/perl5/5.34/Mail/Milter/Authentication/Handler/Sanitize.pm line 129.<LF>
/var/log/postfix/postfix.log.2022-10-30.1667102429:2022-10-27T14:18:27.747462-04:00 mx auth-milter[39932]: 790DB91AE64: ERROR: Error parsing existing Authentication-Results header: unexpected token at /usr/local/share/perl5/5.34/Mail/Milter/Authentication/Handler/Sanitize.pm line 129.<LF>
/var/log/postfix/postfix.log.2022-10-30.1667102429:2022-10-27T14:18:27.975851-04:00 mx auth-milter[46515]: 92324DF1886: ERROR: Error parsing existing Authentication-Results header: unexpected token at /usr/local/share/perl5/5.34/Mail/Milter/Authentication/Handler/Sanitize.pm line 129.<LF>
/var/log/postfix/postfix.log.2022-10-30.1667102429:2022-10-27T14:18:28.721956-04:00 mx auth-milter[46516]: 6D2AFA9A65E: ERROR: Error parsing existing Authentication-Results header: unexpected token at /usr/local/share/perl5/5.34/Mail/Milter/Authentication/Handler/Sanitize.pm line 129.<LF>
/var/log/postfix/postfix.log.2022-10-30.1667102429:2022-10-27T14:18:29.183217-04:00 mx auth-milter[46529]: E0171B37D5C: ERROR: Error parsing existing Authentication-Results header: unexpected token at /usr/local/share/perl5/5.34/Mail/Milter/Authentication/Handler/Sanitize.pm line 129.<LF>
where,
https://github.com/fastmail/authentication_milter/blob/master/lib/Mail/Milter/Authentication/Handler/Sanitize.pm#L129
seems to be involved.
Known issue?
Or, what add'l info/tests are needed here to track it down?
The test suite fails with perl 5.8.x:
# Failed test 'use Mail::Milter::Authentication::Tester::HandlerTester;'
# at t/00-load.t line 43.
# Tried to use 'Mail::Milter::Authentication::Tester::HandlerTester'.
# Error: Global symbol "$protocol" requires explicit package name at lib/Mail/Milter/Authentication/Tester/HandlerTester.pm line 105.
# Global symbol "$config" requires explicit package name at lib/Mail/Milter/Authentication/Tester/HandlerTester.pm line 105.
...
# Compilation failed in require at t/00-load.t line 43.
# BEGIN failed--compilation aborted at t/00-load.t line 43.
Bailout called. Further testing stopped: # Looks like you failed 1 test of 28.
FAILED--Further testing stopped: *** [test_dynamic] Error code 1
Maybe the minimum perl version needs to be adjusted?
Well this thing looks just bloody brilliant :) There seems to really be just one thing missing; a plugin to hook directly into qpsmtpd. It might very well be that it will work satisfactorily against the qpsmtpd milter plugin (I haven't yet tried), but on the surface this sounds like a bit of a silly detour for an MTA that is pure Perl. Or I guess you could set it up as an after-queue and then use qpsmtpd's smtp-forward queue plugin to pass through it.. But that approach (or anything post-conversation) would certainly be inferior to proper integration (plus does any MTA but Postfix support XFORWARD?). The ideal scenario seems to me would be a qpsmtpd plugin wrapper which could hook its particular stages directly, and map those appropriately.
Any chance of something like that magically materializing? O:)
https://wiki.qpsmtpd.org/doku.php?id=pod:plugins
See for instance the existing DKIM, DMARC and SPF plugins, which respectively interface Mail::DKIM, Mail::DMARC (which started its life as this plugin) and MAIL::SPF directly.
Being able to replace all of these (and a good handful more, including several that don't yet exist within the qpsmtpd ecosystem) with an all-in-one like auth-milter, instead of having to piece things together and try to have them feed (off) eachother in a meaningful way, would be fantastic.
BTW, on an entirely unrelated note, say hi to Richard, Bron, Neil and the Robs from me! I still miss lovely Melbs every day, and those delicious CBD noodle lunches. Hope you guys appreciate how lucky you are to be living there!
DKIM keeps returning 'invalid' due to 'unsupported algorithm rsa-sha1'. Is there DKIM rsa-sha1 support in the milter or is something else missing?
i like to use Mail::DMARC from this milter, if its possible to do it :=)
i mean merge thing so it will be possible to not make so big denpendice in gentoo cpan builder
i now have it working on gentoo but i like to merge ::Extra modules, since it create unneeded dependice for spamassassin on gentoo aswell, sorry i know i should make this as a features to Mail::Milter::Authentication::Extra and possible not here, but i see code as a big mess, so i dream :=)
if already possible let me know
Some of my smoker systems report test failures in the
Mail-Milter-Authentication-v1.1.5 test suite. A sample report: http://www.cpantesters.org/cpan/report/88c7bd0c-e2ab-11e7-b222-88ae21bd3ef7
Statistical analysis suggests that failures happen with older Net::DNS. 1.06 and later seems to be fine.
****************************************************************
Regression 'mod:Net::DNS'
****************************************************************
Name Theta StdErr T-stat
[0='const'] -0.0000 0.0000 -0.48
[1='eq_0.83'] -0.0000 0.0000 -2.24
[2='eq_1.05'] 0.0000 0.0000 3.50
[3='eq_1.06'] 1.0000 0.0000 7718567285497487.00
[4='eq_1.07'] 1.0000 0.0000 7718567285497485.00
[5='eq_1.10'] 1.0000 0.0000 7473470638328288.00
[6='eq_1.11'] 1.0000 0.0000 7877729747836621.00
[7='eq_1.12'] 1.0000 0.0000 8072270887361718.00
[8='eq_1.13'] 1.0000 0.0000 8386483735388949.00
[9='eq_1.14'] 1.0000 0.0000 8521067562021882.00
R^2= 1.000, N= 92, K= 10
****************************************************************
Suspect this is to do with the internal dns cache, considering dropping the cache completely as this should be done in the local resolver anyway, this will require some tests to be rewritten as they rely on the cache.
ERROR: Connect callback error *** FATAL PROGRAM ERROR!! Unknown method 'defined'
*** which the program has attempted to call for the object:
***
;; EDNS version 0
;; flags: 0000
;; rcode: NOERROR
;; size: 1240
;; option:
***
*** The 1388 Net::DNS::RR::OPT object has no method 'defined'
*** THIS IS A BUG IN THE CALLING SOFTWARE, which incorrectly assumes
*** that the object would be of a particular type. The type of an
*** object should be checked before calling any of its methods.
at /usr/local/share/perl/5.20.2/Net/DNS/Packet.pm line 197.
Net::DNS::Packet::encode called at /usr/local/share/perl/5.20.2/Net/DNS/Packet.pm line 187
Net::DNS::Packet::data(Net::DNS::Packet=HASH(0x6d2e880)) called at /usr/local/share/perl/5.20.2/Net/DNS/Resolver/Base.pm line 495
Net::DNS::Resolver::Base::send(Net::DNS::Resolver=HASH(0x6d37970), "2607:f8b0:4001:0c05:0000:0000:0000:0232", "PTR") called at /usr/local/share/perl/5.20.2/Mail/Milter/Authentication/DNSCache.pm line 123
Net::DNS::Resolver::cache_lookup(Net::DNS::Resolver=HASH(0x6d37970), "send", "2607:f8b0:4001:0c05:0000:0000:0000:0232", "PTR") called at /usr/local/share/perl/5.20.2/Mail/Milter/Authentication/DNSCache.pm line 42
Net::DNS::Resolver::send(Net::DNS::Resolver=HASH(0x6d37970), "2607:f8b0:4001:0c05:0000:0000:0000:0232", "PTR") called at /usr/local/share/perl/5.20.2/Net/DNS/Resolver/Base.pm line 485
Net::DNS::Resolver::Base::query(Net::DNS::Resolver=HASH(0x6d37970), "2607:f8b0:4001:0c05:0000:0000:0000:0232", "PTR") called at /usr/local/share/perl/5.20.2/Mail/Milter/Authentication/DNSCache.pm line 126
Net::DNS::Resolver::cache_lookup(Net::DNS::Resolver=HASH(0x6d37970), "query", "2607:f8b0:4001:0c05:0000:0000:0000:0232", "PTR") called at /usr/local/share/perl/5.20.2/Mail/Milter/Authentication/DNSCache.pm line 48
Net::DNS::Resolver::query(Net::DNS::Resolver=HASH(0x6d37970), "2607:f8b0:4001:0c05:0000:0000:0000:0232", "PTR") called at /usr/local/share/perl/5.20.2/Mail/Milter/Authentication/Handler/IPRev.pm line 54
Mail::Milter::Authentication::Handler::IPRev::connect_callback(Mail::Milter::Authentication::Handler::IPRev=HASH(0x6d90078), "mail-ig0-x232.google.com", Net::IP=HASH(0x6d54660)) called at /usr/local/share/perl/5.20.2/Mail/Milter/Authentication/Handler.pm line 62
eval {...} called at /usr/local/share/perl/5.20.2/Mail/Milter/Authentication/Handler.pm line 50
Mail::Milter::Authentication::Handler::top_connect_callback(Mail::Milter::Authentication::Handler=HASH(0x6d48048), "mail-ig0-x232.google.com", Net::IP=HASH(0x6d54660)) called at /usr/local/share/perl/5.20.2/Mail/Milter/Authentication/Protocol/Milter.pm line 52
Mail::Milter::Authentication::Protocol::Milter::milter_process_command(Mail::Milter::Authentication=HASH(0x43ef7e8), "C", "mail-ig0-x232.google.com\x{0}6\x{86}\x{7f}2607:f8b0:4001:c05::232\x{0}") called at /usr/local/share/perl/5.20.2/Mail/Milter/Authentication/Protocol/Milter.pm line 35
Mail::Milter::Authentication::Protocol::Milter::protocol_process_request(Mail::Milter::Authentication=HASH(0x43ef7e8)) called at /usr/local/share/perl/5.20.2/Mail/Milter/Authentication.pm line 236
Mail::Milter::Authentication::process_request(Mail::Milter::Authentication=HASH(0x43ef7e8), Net::Server::Proto::TCP=GLOB(0x6d23c88)) called at /usr/local/share/perl/5.20.2/Net/Server.pm line 74
Net::Server::run_client_connection(Mail::Milter::Authentication=HASH(0x43ef7e8)) called at /usr/local/share/perl/5.20.2/Net/Server/PreFork.pm line 229
eval {...} called at /usr/local/share/perl/5.20.2/Net/Server/PreFork.pm line 229
Net::Server::PreFork::run_child(Mail::Milter::Authentication=HASH(0x43ef7e8)) called at /usr/local/share/perl/5.20.2/Net/Server/PreFork.pm line 187
Net::Server::PreFork::run_n_children(Mail::Milter::Authentication=HASH(0x43ef7e8), 1) called at /usr/local/share/perl/5.20.2/Net/Server/PreFork.pm line 375
Net::Server::PreFork::coordinate_children(Mail::Milter::Authentication=HASH(0x43ef7e8)) called at /usr/local/share/perl/5.20.2/Net/Server/PreFork.pm line 331
Net::Server::PreFork::run_parent(Mail::Milter::Authentication=HASH(0x43ef7e8)) called at /usr/local/share/perl/5.20.2/Net/Server/PreFork.pm line 113
Net::Server::PreFork::loop(Mail::Milter::Authentication=HASH(0x43ef7e8)) called at /usr/local/share/perl/5.20.2/Net/Server.pm line 60
Net::Server::run("Mail::Milter::Authentication", "user", "nobody", "group", "nogroup", "syslog_facility", 16, "port", ARRAY(0x2556408), ...) called at /usr/local/share/perl/5.20.2/Mail/Milter/Authentication.pm line 417
Mail::Milter::Authentication::start(HASH(0x2395e78)) called at /usr/local/bin/authentication_milter line 51
Oct 1 02:56:09 mithrim authentication_milter[22060]: --: ERROR: TempFail set
I was wondering if it's possible to configure authentication_milter to reject email when there is an SPF hard fail (the domain's SPF record is -a)? I see that DMARC can be configured with "hard_reject": 1
but I don't see any similar settings for the SPF handler.
Thanks for your work on this project.
Building with cpanm results in the following error:
Can't call method "set" on an undefined value at /usr/local/share/perl/5.28.1/Mail/Milter/Authentication/Metric.pm line 50. ...propagated at /usr/local/share/perl/5.28.1/Mail/Milter/Authentication.pm line 774.
Break out LMTP into a separate protocol module and improve it.
The auth-milter AuthServID Class appears to exist,
https://metacpan.org/pod/Mail::AuthenticationResults::Header::AuthServID
How do you specify/config AuthServID for an auth-milter instance, so that the header is added as:
Authentication-Results: instance-name.mx.example.net;
instead of, as currently
Authentication-Results: mx.example.net;
?
Other milters' examples include:
(1) clamav-milter
with config,
ReportHostname clamav-milter.mx.example.net
header's added as
X-Virus-Scanned: clamav-milter 0.101.0 at clamav-milter.mx.example.net
(2) opendkim
with config
AuthservIDWithJobId yes
AuthservID opendkim.mx.example.net
header's added as
DKIM-Filter: OpenDKIM Filter v2.7.5 some.domain.com w8OEBfva024786
Authentication-Results: opendkim.mx.example.net/42JmNK1pJ4z12wc; ...
(3) opendmarc
with config
AuthservIDWithJobID true
AuthservID opendmarc.mx.example.net
header's added as
DMARC-Filter: OpenDMARC Filter v1.4.0 mx.example.net 42JmNK1pJ4z12wc
Authentication-Results: opendmarc.mx.example.net/42JmNK1pJ4z12wc; ...
It appears me to that child processes seems keep crashing without any trace.
May 11 11:46:29 mx1-2019 postfix/cleanup[5395]: warning: milter unix:/unixsock/dmarc_milter.sock: can't read SMFIC_BODYEOB reply packet header: Success
Enabling debug log doesn't give me more insight either.
[root@mx1-2019 mx-deployment]# egrep 'CCB958002F' maildebug
May 11 11:46:27 mx1-2019 postfix/smtpd[5577]: CCB958002F: client=uspmta173210.emarsys.net[195.54.173.210]
May 11 11:46:28 mx1-2019 postfix/cleanup[5395]: CCB958002F: hold: header Received: from uspmta173210.emarsys.net (uspmta173210.emarsys.net [195.54.173.210])??by mail.example.com (Postfix) with ESMTPS id CCB958002F??for <[email protected]>; Tue, 11 May 2021 11 from uspmta173210.emarsys.net[195.54.173.210]; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<uspmta173210.emarsys.net>
May 11 11:46:28 mx1-2019 postfix/cleanup[5395]: CCB958002F: message-id=<[email protected]>
May 11 11:46:28 mx1-2019 authentication_milter[131]: BAE278002B: SetSymbol: L: i: CCB958002F
May 11 11:46:28 mx1-2019 authentication_milter[131]: BAE278002B: SetSymbol: L: i: CCB958002F
May 11 11:46:28 mx1-2019 authentication_milter[131]: BAE278002B: SetSymbol: L: i: CCB958002F
May 11 11:46:28 mx1-2019 authentication_milter[131]: BAE278002B: SetSymbol: L: i: CCB958002F
May 11 11:46:28 mx1-2019 authentication_milter[131]: BAE278002B: SetSymbol: L: i: CCB958002F
May 11 11:46:28 mx1-2019 authentication_milter[131]: BAE278002B: SetSymbol: L: i: CCB958002F
May 11 11:46:28 mx1-2019 authentication_milter[131]: BAE278002B: SetSymbol: L: i: CCB958002F
May 11 11:46:28 mx1-2019 authentication_milter[131]: BAE278002B: SetSymbol: L: i: CCB958002F
May 11 11:46:28 mx1-2019 authentication_milter[131]: BAE278002B: SetSymbol: L: i: CCB958002F
May 11 11:46:28 mx1-2019 authentication_milter[131]: BAE278002B: SetSymbol: L: i: CCB958002F
May 11 11:46:28 mx1-2019 authentication_milter[131]: BAE278002B: SetSymbol: L: i: CCB958002F
May 11 11:46:28 mx1-2019 authentication_milter[131]: BAE278002B: SetSymbol: L: i: CCB958002F
May 11 11:46:28 mx1-2019 authentication_milter[131]: BAE278002B: SetSymbol: L: i: CCB958002F
May 11 11:46:28 mx1-2019 authentication_milter[131]: BAE278002B: SetSymbol: L: i: CCB958002F
May 11 11:46:28 mx1-2019 authentication_milter[131]: BAE278002B: SetSymbol: L: i: CCB958002F
May 11 11:46:28 mx1-2019 authentication_milter[131]: BAE278002B: SetSymbol: L: i: CCB958002F
May 11 11:46:28 mx1-2019 authentication_milter[131]: BAE278002B: SetSymbol: L: i: CCB958002F
May 11 11:46:28 mx1-2019 authentication_milter[131]: BAE278002B: SetSymbol: N: i: CCB958002F
May 11 11:46:28 mx1-2019 authentication_milter[131]: BAE278002B: SetSymbol: B: i: CCB958002F
May 11 11:46:28 mx1-2019 authentication_milter[131]: CCB958002F: receive command B
May 11 11:46:28 mx1-2019 authentication_milter[131]: CCB958002F: process command B
May 11 11:46:28 mx1-2019 authentication_milter[131]: CCB958002F: CALLBACK: Body
May 11 11:46:28 mx1-2019 authentication_milter[131]: CCB958002F: Timeout set: Type: content, Section: 300000000, Effective: 300000000
May 11 11:46:28 mx1-2019 authentication_milter[131]: CCB958002F: Timeout set: 300000000
May 11 11:46:28 mx1-2019 authentication_milter[131]: CCB958002F: CALLBACK: Body DKIM
May 11 11:46:28 mx1-2019 authentication_milter[131]: CCB958002F: Timeout set:
May 11 11:46:28 mx1-2019 authentication_milter[131]: CCB958002F: send command c
May 11 11:46:28 mx1-2019 authentication_milter[131]: CCB958002F: receive command D
May 11 11:46:28 mx1-2019 authentication_milter[131]: CCB958002F: process command D
May 11 11:46:28 mx1-2019 authentication_milter[131]: CCB958002F: SetSymbol: E: i: CCB958002F
May 11 11:46:28 mx1-2019 authentication_milter[131]: CCB958002F: receive command E
May 11 11:46:28 mx1-2019 authentication_milter[131]: CCB958002F: process command E
May 11 11:46:28 mx1-2019 authentication_milter[131]: CCB958002F: CALLBACK: EOM
May 11 11:46:28 mx1-2019 authentication_milter[131]: CCB958002F: Timeout set: Type: content, Section: 300000000, Effective: 300000000
May 11 11:46:28 mx1-2019 authentication_milter[131]: CCB958002F: Timeout set: 300000000
May 11 11:46:28 mx1-2019 authentication_milter[131]: CCB958002F: CALLBACK: EOM DKIM
May 11 11:46:28 mx1-2019 authentication_milter[131]: CCB958002F: Handler timeout set: 10100000
May 11 11:46:28 mx1-2019 authentication_milter[131]: CCB958002F: Timeout reset: 299991444
May 11 11:46:28 mx1-2019 authentication_milter[131]: CCB958002F: Handler timeout set: 10100000
May 11 11:46:28 mx1-2019 authentication_milter[131]: CCB958002F: Timeout reset: 299979984
May 11 11:46:28 mx1-2019 authentication_milter[131]: CCB958002F: DKIMResult: pass
May 11 11:46:28 mx1-2019 authentication_milter[131]: CCB958002F: DKIMSignatureType: dkim
May 11 11:46:28 mx1-2019 authentication_milter[131]: CCB958002F: DKIMSignatureDomain: ctgoodjobsnews.hk
May 11 11:46:28 mx1-2019 authentication_milter[131]: CCB958002F: DKIMSignatureIdentity: [email protected]
May 11 11:46:29 mx1-2019 authentication_milter[131]: CCB958002F: DKIMSignatureResult: pass
May 11 11:46:29 mx1-2019 authentication_milter[131]: CCB958002F: DKIMSignatureType: dkim
May 11 11:46:29 mx1-2019 authentication_milter[131]: CCB958002F: DKIMSignatureDomain: emarsys.net
May 11 11:46:29 mx1-2019 authentication_milter[131]: CCB958002F: DKIMSignatureIdentity: @emarsys.net
May 11 11:46:29 mx1-2019 authentication_milter[131]: CCB958002F: DKIMSignatureResult: pass
May 11 11:46:29 mx1-2019 authentication_milter[131]: CCB958002F: Handler timeout set: 10100000
May 11 11:46:29 mx1-2019 authentication_milter[131]: CCB958002F: Timeout reset: 299889884
May 11 11:46:29 mx1-2019 authentication_milter[131]: CCB958002F: Handler timeout set: 10100000
May 11 11:46:29 mx1-2019 authentication_milter[131]: CCB958002F: Timeout reset: 299882977
May 11 11:46:29 mx1-2019 authentication_milter[131]: CCB958002F: Handler timeout set: 10100000
May 11 11:46:29 mx1-2019 authentication_milter[131]: CCB958002F: Timeout reset: 299876568
May 11 11:46:29 mx1-2019 authentication_milter[131]: CCB958002F: Handler timeout set: 10100000
May 11 11:46:29 mx1-2019 authentication_milter[131]: CCB958002F: Timeout reset: 299870341
May 11 11:46:29 mx1-2019 authentication_milter[131]: CCB958002F: DKIMPolicy: accept
May 11 11:46:29 mx1-2019 authentication_milter[131]: CCB958002F: DKIMPolicyString: o=~; n=http://www.ctgoodjobs.hk/english/terms/privacy.asp
May 11 11:46:29 mx1-2019 authentication_milter[131]: CCB958002F: DKIMPolicyLocation: ctgoodjobsnews.hk
May 11 11:46:29 mx1-2019 authentication_milter[131]: CCB958002F: DKIMPolicyName: sender
May 11 11:46:29 mx1-2019 authentication_milter[131]: CCB958002F: DKIMPolicyDefault: no
May 11 11:46:29 mx1-2019 authentication_milter[131]: CCB958002F: DKIMPolicy: accept
May 11 11:46:29 mx1-2019 authentication_milter[131]: CCB958002F: DKIMPolicyString: o=~
May 11 11:46:29 mx1-2019 authentication_milter[131]: CCB958002F: DKIMPolicyLocation:
May 11 11:46:29 mx1-2019 authentication_milter[131]: CCB958002F: DKIMPolicyName: author
May 11 11:46:29 mx1-2019 authentication_milter[131]: CCB958002F: DKIMPolicyDefault: yes
May 11 11:46:29 mx1-2019 authentication_milter[131]: CCB958002F: DKIMPolicy: accept
May 11 11:46:29 mx1-2019 authentication_milter[131]: CCB958002F: DKIMPolicyString:
May 11 11:46:29 mx1-2019 authentication_milter[131]: CCB958002F: DKIMPolicyLocation:
May 11 11:46:29 mx1-2019 authentication_milter[131]: CCB958002F: DKIMPolicyName: ADSP
May 11 11:46:29 mx1-2019 authentication_milter[131]: CCB958002F: DKIMPolicyDefault: yes
May 11 11:46:29 mx1-2019 authentication_milter[131]: CCB958002F: CALLBACK: EOM DMARC
May 11 11:46:29 mx1-2019 authentication_milter[131]: CCB958002F: Object destroyed: dmarc
May 11 11:46:29 mx1-2019 authentication_milter[131]: CCB958002F: Object set: dmarc
May 11 11:46:29 mx1-2019 authentication_milter[131]: CCB958002F: Object set: dmarc
May 11 11:46:29 mx1-2019 authentication_milter[131]: CCB958002F: Handler timeout set: 10100000
May 11 11:46:29 mx1-2019 authentication_milter[131]: CCB958002F: Handler timeout set: 10100000
May 11 11:46:29 mx1-2019 authentication_milter[131]: CCB958002F: Timeout reset: 299829172
May 11 11:46:29 mx1-2019 authentication_milter[131]: CCB958002F: Timeout reset: 299827781
May 11 11:46:29 mx1-2019 authentication_milter[131]: CCB958002F: Handler timeout set: 10100000
May 11 11:46:29 mx1-2019 authentication_milter[131]: CCB958002F: Handler timeout set: 10100000
May 11 11:46:29 mx1-2019 authentication_milter[131]: CCB958002F: Timeout reset: 299820351
May 11 11:46:29 mx1-2019 authentication_milter[131]: CCB958002F: Timeout reset: 299819150
May 11 11:46:29 mx1-2019 authentication_milter[131]: CCB958002F: Handler timeout set: 10100000
May 11 11:46:29 mx1-2019 authentication_milter[131]: CCB958002F: Timeout reset: 299812994
May 11 11:46:29 mx1-2019 authentication_milter[131]: CCB958002F: Object set: dmarc_result
May 11 11:46:29 mx1-2019 authentication_milter[131]: CCB958002F: Object set: dmarc_results
May 11 11:46:29 mx1-2019 authentication_milter[131]: CCB958002F: DMARCCode: pass
May 11 11:46:29 mx1-2019 authentication_milter[131]: CCB958002F: DMARCDisposition: none
May 11 11:46:29 mx1-2019 authentication_milter[131]: CCB958002F: DMARCSubdomain: no
May 11 11:46:29 mx1-2019 authentication_milter[131]: CCB958002F: DMARCPolicy: reject default
May 11 11:46:29 mx1-2019 authentication_milter[131]: CCB958002F: CALLBACK: EOM ReturnOK
May 11 11:46:29 mx1-2019 authentication_milter[131]: CCB958002F: CALLBACK: EOM Sanitize
May 11 11:46:29 mx1-2019 authentication_milter[131]: CCB958002F: Timeout set:
May 11 11:46:29 mx1-2019 postfix/cleanup[5395]: warning: milter unix:/unixsock/dmarc_milter.sock: can't read SMFIC_BODYEOB reply packet header: Success
May 11 11:46:29 mx1-2019 postfix/cleanup[5395]: CCB958002F: milter-reject: END-OF-MESSAGE from uspmta173210.emarsys.net[195.54.173.210]: 4.7.1 Service unavailable - try again later; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<uspmta173210.emarsys.net>
i'm attempting to dial DOWN the verbosity of auth-milter output, logging only to systemd's journald at a specified loglevel.
if my auth-milter config includes
{
"debug" : 0,
"dryrun" : 0,
"logtoerr" : 0,
"error_log" : "/var/log/fm-auth-milter/fm-auth-milter.err",
"errors_headers" : {},
"log_dispatchouli" : {
"ident" : "fm-auth-milter",
"facility" : "mail",
"priority" : "emergency",
},
with that^, journal still contains verbose output, e.g.
...
Nov 03 08:41:41 mx03 postfix/postscreen-internal/smtpd[47044]: NOQUEUE: client=mail10-1.sender01.com[111.222.111.222]
Nov 03 08:41:41 mx03 fm-auth-milter[47095]: B0665AE6539: SMTP Transaction count: 1.1
Nov 03 08:41:41 mx03 fm-auth-milter[47095]: B0665AE6539: SPFCode: pass
Nov 03 08:41:41 mx03 fm-auth-milter[47095]: B0665AE6539: EncryptedAs: TLSv1.2, ECDHE-RSA-AES256-GCM-SHA384, 256/256 bits
Nov 03 08:41:41 mx03 fm-auth-milter[47095]: B0665AE6539: ARCResult: No ARC headers
Nov 03 08:41:42 mx03 fm-auth-milter[47095]: B0665AE6539: DKIMResult: pass
Nov 03 08:41:42 mx03 fm-auth-milter[47095]: B0665AE6539: DMARCCode: pass
Nov 03 08:41:42 mx03 fm-auth-milter[47095]: B0665AE6539: DMARCDisposition: none
Nov 03 08:41:42 mx03 fm-auth-milter[47095]: B0665AE6539: DMARCSubdomain: no
Nov 03 08:41:42 mx03 fm-auth-milter[47095]: B0665AE6539: DMARCPolicy: reject default
Nov 03 08:41:42 mx03 fm-auth-milter[47095]: B0665AE6539: DMARCReportTo (skipped): mailto:[email protected]
Nov 03 08:41:42 mx03 fm-auth-milter[47095]: B0665AE6539: PreHeader: Received-SPF: pass<LF> (sender01.com: Sender is authorized to use '[email protected]' in 'mfrom' identity (mechanism 'include:_spf.sender01.com' matched))<LF> receiver=auth-milter.mx.example.com;<LF> identity=mailfrom;<LF> envelope-from="[email protected]";<LF> helo=mail10-1.sender01.com;<LF> client-ip=111.222.111.222
...
how do you turn auth-milter's log level down?
Option to fail DKIM signatures with a poor l= value
I received a DMARC email from fastmail saying:
2 records.
0 passed.
2 failed.
I looked at the attached XML and saw a comment "Policy overriden using trusted ARC chain" which led me to this repository. Please can you advise if I need to take further action?
Is this something I need to fix about my DKIM / DMARC records?
The milter API supports the ability for the milter to ask the MTA to quarantine the message.
Are there any plans to implement this in the milter protocol and (perhaps controlled by a hard-quarantine configuration option mirroring the current hard-reject option) implement support for this in the DMARC handler when the DMARC policy is p=quarantine?
thanks.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.