Authentication-Results-Python

SyntaxError when parsing header set by Microsoft

Bug #1984112 reported by lukn
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Authentication-Results-Python
Won't Fix
Undecided
Unassigned

Bug Description

AuthenticationResultsHeader.parse('Authentication-Results: spf=pass (sender IP is 0.0.0.0) smtp.mailfrom=example.com; dkim=pass (signature was verified) header.d=example.com;dmarc=pass action=none header.from=example.com;compauth=pass reason=100')

results in

Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/home/xxx/venv/fuglu/lib/python3.9/site-packages/authres/__init__.py", line 206, in parse
    return authres.core.AuthenticationResultsHeader.parse(core_features(), string)
  File "/home/xxx/venv/fuglu/lib/python3.9/site-packages/authres/core.py", line 442, in parse
    return self.parse_value(feature_context, string)
  File "/home/xxx/venv/fuglu/lib/python3.9/site-packages/authres/core.py", line 454, in parse_value
    header._parse()
  File "/home/xxx/venv/fuglu/lib/python3.9/site-packages/authres/core.py", line 523, in _parse
    raise SyntaxError('Expected "none" or at least one resinfo', self._parse_text)
authres.core.SyntaxError: Syntax error: Expected "none" or at least one resinfo at: smtp.mailfrom=example.com; dkim=pass (si...

Obviously the world market leader is unable to create a header according to spec (we're all surprised, yes?). I guess once again it's easier if we bend and adjust to embrace, extend, extinguish rather than wasting our energy trying to get them to do things right.

Revision history for this message
Scott Kitterman (kitterman) wrote :

The error message isn't very helpful, but what's missing is the authserv-id. My recommendation would be to catch the error and discard the header field since it's not useful as is. Have a look at RFC 8601, Section 2.5 for an explanation of why it's required.

Changed in authentication-results-python:
status: New → Won't Fix
Revision history for this message
lukn (lukn) wrote :

Thank you for the quick response. In the end we needed to apply a bunch of tricks and patch the broken header to create a valid ARC signature that was accepted by Microsoft again:
https://gitlab.com/fumail/fuglu/-/blob/2b3412caf0c811d0d33186487cd8761b9830901c/fuglu/src/fuglu/plugins/domainauth.py#L302

-> problem solved!

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.