Bug#606000: libmail-spf-query-perl: Incorrect query results with IPv6 addresses; should warn about missing IPv6 support and/or fail graciously
Torsten Jerzembeck
toje at nightingale.ms.sub.org
Sun Dec 5 12:37:19 UTC 2010
Package: libmail-spf-query-perl
Version: 1:1.999.1-3
Severity: grave
Justification: renders package unusable
Using Mail::SPF::Query with an IPv6 enabled mailserver (increasingly
common today, and bound to get even more common due to the shortage of
IPv4 addresses) leads to mail being blocked incorrectly.
The "spfquery" helper script used in the example configuration for exim4
interprets any supplied IPv6 address as an IPv4 address and tries to
match it against the "ip4" part of SPF information. This obviously fails
and leads to incorrectly blocked/rejected mail if the SPF policy uses "fail"
instead of "softfail".
The missing IPv6 support is documented in the "BUGS" section of the
Mail::SPF::Query manpage, but not in any documentation for "spfquery"
itself. In addition, "spfquery" or Mail::SPF::Query do not report any
error when being supplied with an IPv6 address. As IPv6 deployments are
getting increasingly common, the script and/or the module should display
an error message in this case or should at least fail graciously. In
addition, a prominent warning should be displayed about the inability
to deal with IPv6 addresses.
Greetings from Stuttgart,
=ToJe=
-- System Information:
Debian Release: 5.0.7
APT prefers stable
APT policy: (900, 'stable')
Architecture: i386 (i686)
Kernel: Linux 2.6.26-2-686 (SMP w/1 CPU core)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages libmail-spf-query-perl depends on:
ii libnet-cidr-lite-perl 0.20-2 Merge IPv4 or IPv6 CIDR address ra
ii libnet-dns-perl 0.63-2 Perform DNS queries from a Perl sc
ii libsys-hostname-long-per 1.4-2 Figure out the long (fully-qualifi
ii liburi-perl 1.35.dfsg.1-1 Manipulates and accesses URI strin
ii perl 5.10.0-19lenny2 Larry Wall's Practical Extraction
libmail-spf-query-perl recommends no packages.
libmail-spf-query-perl suggests no packages.
-- no debconf information
More information about the pkg-perl-maintainers
mailing list