GWHAYWOOD
commented
3 months ago - A 'neutral-by-default' exception (Default neutral result due to no mechanism matches) is thrown for all records which contain a redirect. Is this intentional?
Open GWHAYWOOD opened 3 months ago
GWHAYWOOD
commented
3 months ago 
bigio
commented
2 months ago point n. 1 is addressed by pr #16, point 2 by pr #18
bigio
commented
2 months ago Stringification of the value reteurned from $request->record is broken for domains which have no SPF record.
It seems to work with the following code:
use Mail::SPF;
my $spf_server = Mail::SPF::Server->new();
my $request = Mail::SPF::Request->new(
versions => [1, 2], # optional
scope => 'mfrom', # or 'helo', 'pra'
identity => 'fred@pippo.it',
ip_address => '1.2.3.4',
);
my $result = $spf_server->process($request);
print $result->record->stringify;Result is: "none (No applicable sender policy available)"
GWHAYWOOD
commented
2 months ago The regression does not relate to ->stringify but to the use of the object as a string as per the documentation. Quoting perldoc mail::SPF::Record
stringify: returns *string*
Returns the record's version tag and terms (including the global
modifiers) formatted as a string. You can simply use a
Mail::SPF::Record object as a string for the same effect, see
"OVERLOADING".Until this regression I was indeed using a Record object as a string and it did indeed stringify as documented in all cases of which I'm aware. It still does stringify if there is a TXT record for the domain but it doesn't now do that if there isn't; it gives me nasty error messages in my logs instead.
bigio
commented
2 months ago The regression does not relate to ->stringify but to the use of the object as a string as per the documentation. Quoting perldoc mail::SPF::Record
stringify: returns *string* Returns the record's version tag and terms (including the global modifiers) formatted as a string. You can simply use a Mail::SPF::Record object as a string for the same effect, see "OVERLOADING".Until this regression I was indeed using a Record object as a string and it did indeed stringify as documented in all cases of which I'm aware. It still does stringify if there is a TXT record for the domain but it doesn't now do that if there isn't; it gives me nasty error messages in my logs instead.
do you have a sample code to trigger this issue ? Thanks.
GWHAYWOOD
commented
2 months ago Sample code as requested:
$ cat ./test_spf_object_2.pl
#!/usr/bin/perl
use Net::DNS;
use Mail::SPF;
sub xm_DIE_handler { print "$_[0]\n"; }
$SIG{__DIE__} = \&xm_DIE_handler;
my $spf_server_object = Mail::SPF::Server->new();
my $spf_request_object = Mail::SPF::Request->new( versions => [1], scope => 'helo', identity => 'mail1.netways.de', ip_address => '2a01:4a0:4:1002:0:0:0:146' );
my $spf_result_object = $spf_server_object->process($spf_request_object);
print $spf_request_object->record, "\n";
$ ./test_spf_object_2.pl
No applicable sender policy available (ENoAcceptableRecord) at /usr/local/share/perl/5.32.1/Mail/SPF/Server.pm line 481.
HASH(0x1583b88)
$There is no SPF TXT record for mail1.netways.de above.
If for example I query for a domain which does have an SPF TXT record:
$ ./test_spf_object_2.pl.~3~
neutral-by-default (Default neutral result due to no mechanism matches)
NetAddr::IP IPv4-mapped IPv6 address expected (EInvalidOptionValue) at /usr/local/share/perl/5.32.1/Mail/SPF/Util.pm line 128.
pass (Mechanism 'ptr:yahoo.com' matched)
pass (Mechanism 'ptr:yahoo.com' matched)
pass (Mechanism 'ptr:yahoo.com' matched)
pass (Mechanism 'ptr:yahoo.com' matched)
pass (Mechanism 'ptr:yahoo.com' matched)
v=spf1 redirect=_spf.mail.yahoo.com
$
1.
The documentation for Mail::SPF version 3.20240617 still appears to claim version 2.009.
2.
The documentation still talks about RFC4408. This (experimental) RFC was obsoleted by RFC7208 years ago.
3.
Both in the documentation and IN MESSAGES RETURNED BY THE CODE the module still refers to the Website at openspf.org. This Website has been abandoned for many years. I recommend the Debian patches.
4.
Stringification of the value reteurned from $request->record is broken for domains which have no SPF record.