Bug 205910

Summary: mail/py-pyspf: py27-pyspf-2.0.12_3 breaks ability to receive mail
Product: Ports & Packages Reporter: Joseph Mulloy <freebsd-bugs>
Component: Individual Port(s)Assignee: Po-Chuan Hsieh <sunpoet>
Status: Closed FIXED    
Severity: Affects Some People CC: contact, freebsd-bugs, sunpoet, verm, yasu, zerg2000-bugs.freebsd.org
Priority: --- Keywords: needs-qa
Version: LatestFlags: bugzilla: maintainer-feedback? (sunpoet)
Hardware: Any   
OS: Any   
See Also: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=205789

Description Joseph Mulloy 2016-01-05 01:30:02 UTC 
Revision 404778 changed postfix-policyd-spf-python to always depend on dns/py-py3dns which causes postfix-policyd-spf-python to crash, which returns a non-zero exit status which causes Postfix to reject all mail. Undoing the change in the Makefile fixes the crashing, but the underlying parsing issue still exists. With the temporary fix postfix-policyd-spf-python doesn't crash but it doesn't seem like it will be able to filter either. This port should probably be updated or forked to support Python 3 as that seems to be the recommendation from upstream and the next version will by Python 3 only.

https://svnweb.freebsd.org/ports?view=revision&revision=404778

Related bug reports:
https://bugs.launchpad.net/pypolicyd-spf/+bug/1495159 (Upstream)

Linux Distro Bugs:
https://bugs.gentoo.org/show_bug.cgi?id=559364
https://bugzilla.redhat.com/show_bug.cgi?id=1230373
https://bugzilla.redhat.com/show_bug.cgi?id=1232595

Before:
RUN_DEPENDS=    ${PYTHON_PKGNAMEPREFIX}py3dns>=0:${PORTSDIR}/dns/py-py3dns

maillog:
Jan  5 00:51:39 mail policyd-spf[5314]: Config: {'Mail_From_reject': 'Fail', 'Void_Limit': 2, 'Lookup_Time': 20, 'H
ELO_reject': 'SPF_Not_Pass', 'Header_Type': 'SPF', 'defaultSeedOnly': 1, 'PermError_reject': 'True', 'debugLevel':
5, 'skip_addresses': '127.0.0.0/8,::ffff:127.0.0.0/104,::1', 'TempError_Defer': 'True'}
Jan  5 00:51:39 mail policyd-spf[5314]: Cached data for this instance: []
Jan  5 00:51:39 mail policyd-spf[5314]: ERROR: 127.0.0.0/8 in skip_addresses not IP network.  Message: '209.85.223.
174' does not appear to be an IPv4 or IPv6 address. Did you pass in a bytes (str in Python 2) instead of a unicode
object?. Aborting whitelist processing.
Jan  5 00:51:39 mail policyd-spf[5314]: Traceback (most recent call last):
Jan  5 00:51:39 mail policyd-spf[5314]:   File "/usr/local/bin/policyd-spf", line 700, in <module>
Jan  5 00:51:39 mail policyd-spf[5314]:     instance_dict, configData, peruser)
Jan  5 00:51:39 mail policyd-spf[5314]:   File "/usr/local/bin/policyd-spf", line 412, in _spfcheck
Jan  5 00:51:39 mail policyd-spf[5314]:     res = spf.check2(ip, helo_fake_sender, helo, querytime=configData.get('
Lookup_Time'))
Jan  5 00:51:39 mail policyd-spf[5314]:   File "/usr/local/bin/spf.py", line 315, in check2
Jan  5 00:51:39 mail policyd-spf[5314]:     receiver=receiver,timeout=timeout,verbose=verbose,querytime=querytime).
check()
Jan  5 00:51:39 mail policyd-spf[5314]:   File "/usr/local/bin/spf.py", line 572, in check
Jan  5 00:51:39 mail policyd-spf[5314]:     spf = self.dns_spf(self.d)
Jan  5 00:51:39 mail policyd-spf[5314]:   File "/usr/local/bin/spf.py", line 1141, in dns_spf
Jan  5 00:51:39 mail policyd-spf[5314]:     a = [t for t in self.dns_txt(domain) if RE_SPF.match(t)]
Jan  5 00:51:39 mail policyd-spf[5314]:   File "/usr/local/bin/spf.py", line 1190, in dns_txt
Jan  5 00:51:39 mail policyd-spf[5314]:     dns_list = self.dns(domainname, rr,ignore_void=ignore_void)
Jan  5 00:51:39 mail policyd-spf[5314]:   File "/usr/local/bin/spf.py", line 1318, in dns
Jan  5 00:51:39 mail policyd-spf[5314]:     for k, v in DNSLookup(name, qtype, self.strict, timeout):
Jan  5 00:51:39 mail policyd-spf[5314]:   File "/usr/local/bin/spf.py", line 138, in DNSLookup
Jan  5 00:51:39 mail policyd-spf[5314]:     resp = req.req()
Jan  5 00:51:39 mail policyd-spf[5314]:   File "/usr/local/lib/python2.7/site-packages/DNS/Base.py", line 315, in r
eq
Jan  5 00:51:39 mail policyd-spf[5314]:     m = Lib.Mpacker()
Jan  5 00:51:39 mail policyd-spf[5314]:   File "/usr/local/lib/python2.7/site-packages/DNS/Lib.py", line 341, in __
init__
Jan  5 00:51:39 mail policyd-spf[5314]:     Packer.__init__(self)
Jan  5 00:51:39 mail policyd-spf[5314]:   File "/usr/local/lib/python2.7/site-packages/DNS/Lib.py", line 114, in __
init__
Jan  5 00:51:39 mail policyd-spf[5314]:     self.buf = bytes('', enc)
Jan  5 00:51:39 mail policyd-spf[5314]: TypeError: str() takes at most 1 argument (2 given)
Jan  5 00:51:39 mail postfix/spawn[5312]: warning: command /usr/local/bin/policyd-spf exit status 1
Jan  5 00:51:39 mail postfix/smtpd[5310]: warning: premature end-of-input on private/policyd-spf while reading inpu
t attribute name
Jan  5 00:51:39 mail postfix/smtpd[5310]: warning: problem talking to server private/policyd-spf: No error: 0
Jan  5 00:51:39 mail postfix/smtpd[5310]: NOQUEUE: reject: RCPT from mail-io0-f174.google.com[209.85.223.174]: 451
4.3.5 Server configuration problem; from=<example@gmail.com> to=<joe@example.com> proto=ESMTP helo=<mail-io0-f174.go
ogle.com>

After:
RUN_DEPENDS=    ${PYTHON_PKGNAMEPREFIX}dns>=0:${PORTSDIR}/dns/py-dns

maillog:
Jan  5 01:15:12 mail policyd-spf[6423]: Config: {'Mail_From_reject': 'Fail', 'Void_Limit': 2, 'Lookup_Time': 20, 'HELO_reject': 'SPF_Not_Pass', 'Header_Type': 'SPF', 'defaultSeedOnly': 1, 'PermError_reject': 'True', 'debugLevel': 5, 'skip_addresses': '127.0.0.0/8,::ffff:127.0.0.0/104,::1', 'TempError_Defer': 'True'}
Jan  5 01:15:12 mail policyd-spf[6423]: Cached data for this instance: []
Jan  5 01:15:12 mail policyd-spf[6423]: ERROR: 127.0.0.0/8 in skip_addresses not IP network.  Message: '209.85.213.170' does not appear to be an IPv4 or IPv6 address. Did you pass in a bytes (str in Python 2) instead of a unicode object?. Aborting whitelist processing.
Jan  5 01:15:12 mail policyd-spf[6423]: spfcheck: pyspf result: "['None', '', 'helo']"
Jan  5 01:15:12 mail policyd-spf[6423]: None; identity=helo; client-ip=209.85.213.170; helo=mail-ig0-f170.google.com; envelope-from=example@gmail.com; receiver=joseph@example.com
Jan  5 01:15:12 mail policyd-spf[6423]: Header type: SPF; Authres ID (for AR): None
Jan  5 01:15:12 mail policyd-spf[6423]: spfcheck: pyspf result: "['Pass', 'sender SPF authorized', 'mailfrom']"
Jan  5 01:15:12 mail policyd-spf[6423]: Pass; identity=mailfrom; client-ip=209.85.213.170; helo=mail-ig0-f170.google.com; envelope-from=example@gmail.com; receiver=joseph@example.com
Jan  5 01:15:12 mail policyd-spf[6423]: Header type: SPF; Authres ID (for AR): None
Jan  5 01:15:12 mail policyd-spf[6423]: Action: prepend: Text: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=209.85.213.170; helo=mail-ig0-f170.google.com; envelope-from=example@gmail.com; receiver=joseph@example.com
Jan  5 01:15:12 mail postfix/smtpd[6419]: 86DB4254: client=mail-ig0-f170.google.com[209.85.213.170]
Jan  5 01:15:12 mail postfix/cleanup[6424]: 86DB4254: message-id=<CABYAtyVFKFrmG8F6xB64C=BHzKs2m0-wg7uWM1i_3MtCFbB6fw@mail.gmail.com>
Jan  5 01:15:12 mail postfix/qmgr[6391]: 86DB4254: from=<example@gmail.com>, size=1814, nrcpt=1 (queue active)
Jan  5 01:15:12 mail postfix/smtpd[6419]: disconnect from mail-ig0-f170.google.com[209.85.213.170]
Comment 1 Mark Linimon freebsd_committer freebsd_triage 2016-01-05 03:08:39 UTC 
Fix Summary and notify committer of 404778.
Comment 2 Amar Takhar 2016-01-22 16:14:06 UTC 
Adding PYTHON_VERSION=3.4 to postfix-policyd-spf-python/Makefile and removing (*.pyc|*.pyc) from pkg-plist fixed the problem for me.

This port should be Python 3 only it won't work properly in 2.x using the combination of FreeBSD ports available.

I don't think there is any reason to keep a 2.x version around as going forward the software will remove support for Python 2.x
Comment 3 Amar Takhar 2016-01-22 16:20:31 UTC 
The priority of this should be bumped as anyone upgrading will have all their mail rejected.
Comment 4 Po-Chuan Hsieh freebsd_committer freebsd_triage 2016-12-04 14:25:33 UTC 
That should be fixed a long time ago.