SPF / DMARC case sensitivity #1400

bwbroersma · 2024-04-23T12:33:22Z

These are case sensitive regular expressions:

Lines 5 to 7 in f18cb79

    
           DMARC_NON_SENDING_POLICY = re.compile(r"^v=DMARC1;\ *p=reject;?") 
        
           DMARC_NON_SENDING_POLICY_ORG = re.compile(r"v=DMARC1;(?:.*sp=reject|\ *p=reject(?!.*sp=))") 
        
           SPF_NON_SENDING_POLICY = re.compile(r"^v=spf1\ +(?:exp=[^ ]+\ +)?-all;?(?:\ +exp=[^ ]+)?$")

While the only case sensitive part is DMARC1, the rest is case insensitive according to the ABNF grammar and the related RFC 5234 - Augmented BNF for Syntax Specifications: ABNF - page 5.

gthess · 2024-04-23T14:32:10Z

They are but they are used on already parsed records IIRC, so case sensitivity does not matter at that point.

gthess · 2024-04-23T14:33:39Z

I mean if they turn into case insensitive regular expressions it should work.

bwbroersma · 2024-04-23T17:18:44Z

Could indeed be converted to case insensitive regular expressions to fix this part of the regex parsing.

bwbroersma added the bug Unexpected or unwanted behaviour of current implementations label Apr 23, 2024

bwbroersma added this to the backlog milestone Apr 23, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

SPF / DMARC case sensitivity #1400

SPF / DMARC case sensitivity #1400

bwbroersma commented Apr 23, 2024

gthess commented Apr 23, 2024

gthess commented Apr 23, 2024

bwbroersma commented Apr 23, 2024

SPF / DMARC case sensitivity #1400

SPF / DMARC case sensitivity #1400

Comments

bwbroersma commented Apr 23, 2024

gthess commented Apr 23, 2024

gthess commented Apr 23, 2024

bwbroersma commented Apr 23, 2024