--- opendmarc-1.2.0+dfsg.orig/debian/README.Debian +++ opendmarc-1.2.0+dfsg/debian/README.Debian @@ -0,0 +1,48 @@ +opendmarc for Debian +------------------- + +Configuration Notes for Debian systes +-------------------------------------------- + +The DMARC protocol is built on top of SPF and DKIM. OpenDMARC needs SPF and +DKIM verification results as an input. OpenDMARC uses RFC 5451 Authentication +Results header fields to get those results. OpenDMARC will use header fields +with an AuthservID that matches either the one specified in +/etc/opendmarc.conf or the system hostname. It is important to verify that +the AuthservID provided by SPF and DKIM verifiers matches the one that +opendmarc expects. + +In Debian, postfix-policyd-spf-python and opendkim have been tested to +generate appropriate A-R header fields. For postfix-policyd-spf-python, +however, it is not the default configuration. See man 5 policyd-spf.conf for +information on how to configure it to generate A-R header fields. + +To generate aggregate feedback reports a MySQL database is needed. See the +man pages for opendmarc-expire, opendmarc-import, opendmarc-params, and +opendmarc-reports for details on how the aggregate report data collection and +report generation works. The database schema, setup script, and README.schema +files can be found in /usr/share/doc/opendmarc. + +Notes for Postfix users +----------------------- + +Postfix users who wish to access the opendmarc service via UNIX socket +may need to add the postfix user to the opendmarc group and ensure that +UMask is set to 002 in /etc/opendkim.conf, in order to make the socket + readable by Posfix. + +Users may also need to move the socket into a directory accessible by the +Postfix chroot; this can be accomplished by setting the SOCKET variable +in /etc/default/opendmarc. + +The default is to connect to the filter over TCP. The filter can be bound to +localhost to prevent other hosts from accessing it. For example, to bind to +port 8892, specify "inet:8892@localhost". + +Changing group ownership of socket +---------------------------------- + +The group ID of the UNIX socket created by opendkim can be changed by +changing the primary GID of the opendmarc user, e.g.: +$ usermod -g mail opendmarc + --- opendmarc-1.2.0+dfsg.orig/debian/README.source +++ opendmarc-1.2.0+dfsg/debian/README.source @@ -0,0 +1,58 @@ +This package uses quilt to manage all modifications to the upstream +source. Changes are stored in the source package as diffs in +debian/patches and applied during the build. + +To configure quilt to use debian/patches instead of patches, you want +either to export QUILT_PATCHES=debian/patches in your environment +or use this snippet in your ~/.quiltrc: + + for where in ./ ../ ../../ ../../../ ../../../../ ../../../../../; do + if [ -e ${where}debian/rules -a -d ${where}debian/patches ]; then + export QUILT_PATCHES=debian/patches + break + fi + done + +To get the fully patched source after unpacking the source package, cd to +the root level of the source package and run: + + quilt push -a + +The last patch listed in debian/patches/series will become the current +patch. + +To add a new set of changes, first run quilt push -a, and then run: + + quilt new + +where is a descriptive name for the patch, used as the filename in +debian/patches. Then, for every file that will be modified by this patch, +run: + + quilt add + +before editing those files. You must tell quilt with quilt add what files +will be part of the patch before making changes or quilt will not work +properly. After editing the files, run: + + quilt refresh + +to save the results as a patch. + +Alternately, if you already have an external patch and you just want to +add it to the build system, run quilt push -a and then: + + quilt import -P /path/to/patch + quilt push -a + +(add -p 0 to quilt import if needed). as above is the filename to +use in debian/patches. The last quilt push -a will apply the patch to +make sure it works properly. + +To remove an existing patch from the list of patches that will be applied, +run: + + quilt delete + +You may need to run quilt pop -a to unapply patches first before running +this command. --- opendmarc-1.2.0+dfsg.orig/debian/changelog +++ opendmarc-1.2.0+dfsg/debian/changelog @@ -0,0 +1,114 @@ +opendmarc (1.2.0+dfsg-1) unstable; urgency=medium + + * Upload to Unstable + * New upstream release + - Repacked tarball to remove non-free internet draft + - Fixes hard coded parameters in dmarcfail (Closes: #720392) + + -- Scott Kitterman Mon, 17 Mar 2014 20:38:42 -0400 + +opendmarc (1.2.0~beta3+dfsg-1) experimental; urgency=low + + * New upstream beta release + - Repack upstream tarball to remove non-free IETF draft + - Add libbsd-dev to build-depends to use system strlcat/strlcpy + - Update libopendkim1.symbols + - Fixes hard coded parameters in dmarcfail (Closes: #720392) + * Move dmarcfail and rddmarc to /usr/share/doc as suggested by upstream + * Update package descriptions + + -- Scott Kitterman Thu, 13 Mar 2014 00:27:01 -0400 + +opendmarc (1.1.3-1) unstable; urgency=low + + * New upstream release + - Update draft-dmarc-base version number in opendmarc.docs + + -- Scott Kitterman Sun, 14 Apr 2013 18:34:00 -0400 + +opendmarc (1.1.2-1) unstable; urgency=low + + * New upstream release + + -- Scott Kitterman Mon, 01 Apr 2013 10:58:46 -0400 + +opendmarc (1.1.1-1) unstable; urgency=low + + * New upstream release + * Update debian/watch now that we don't mangle the version anymore + + -- Scott Kitterman Mon, 18 Mar 2013 22:04:19 -0400 + +opendmarc (1.1.0-1) unstable; urgency=low + + * Uploading to unstable + * New upstream final release + + -- Scott Kitterman Fri, 08 Mar 2013 13:40:54 -0500 + +opendmarc (1.1.0~beta2-1) experimental; urgency=low + + * New upstream beta release + - Drop debian/patches/warnings_fix.patch since it is included upstream + - Update debian/copyright + - Update for new library SO name libopendmarc0* -> libopendmarc1 + - Update symbols file + + -- Scott Kitterman Thu, 28 Feb 2013 03:24:00 -0500 + +opendmarc (1.1.0~beta1-2) experimental; urgency=low + + * Fix borked dh_autoreconf change in debian/rules in the last upload + + -- Scott Kitterman Tue, 12 Feb 2013 00:21:10 -0500 + +opendmarc (1.1.0~beta1-1) experimental; urgency=low + + * New upstream beta release + - Update symbols file + - Update debian/copyright + * Add debian/patches/warnings_fix.patch for upstream changes made post- + release to address compiler warnings + * Update debian/rules for better cross-building support, based on changes + from Adam Conrad for opendkim + - Add dh-autoreconf to build-depends + + -- Scott Kitterman Mon, 11 Feb 2013 15:27:52 -0500 + +opendmarc (1.1.0~beta0-1) experimental; urgency=low + + * New upstream beta release + - Repacking on longer required because DMARC specification license is now + included in the upstream tarball + - Update symbols file + - Re-enable tests since they no longer require network access + - Added new reports/mkdb.mysql setup script to debian/opendmarc.docs + * Include MySQL schema files and readme in /usr/share/doc/opendmarc to + support DMARC aggregate reporting + * Update debian/README.Debian + * Set umask in opendmarc.conf so Unix socket has proper permissions + * Fix libopendmarc-dev package description to be about opendmarc and not + opendkim (Closes: #699278) + + -- Scott Kitterman Wed, 06 Feb 2013 10:24:23 -0500 + +opendmarc (1.0.1+dfsg-3) unstable; urgency=low + + * Upload to unstable + * Correct option for using installed configuration file in + debian/opendmarc.init + + -- Scott Kitterman Wed, 12 Dec 2012 18:48:33 -0500 + +opendmarc (1.0.1+dfsg-2) experimental; urgency=low + + * Disable opendmarc tests since they require network access + + -- Scott Kitterman Wed, 12 Dec 2012 00:49:42 -0500 + +opendmarc (1.0.1+dfsg-1) experimental; urgency=low + + * Initial release (Closes: #692940) + * Repacked upstream tarball to add license for DMARC specification + + -- Scott Kitterman Mon, 23 Jul 2012 18:17:11 -0400 --- opendmarc-1.2.0+dfsg.orig/debian/compat +++ opendmarc-1.2.0+dfsg/debian/compat @@ -0,0 +1 @@ +9 --- opendmarc-1.2.0+dfsg.orig/debian/control +++ opendmarc-1.2.0+dfsg/debian/control @@ -0,0 +1,78 @@ +Source: opendmarc +Section: mail +Priority: extra +Maintainer: Scott Kitterman +Build-Depends: debhelper (>= 9), libmilter-dev, pkg-config, opendkim-tools, + libbsd-dev, autotools-dev, automake, dh-autoreconf, quilt +Standards-Version: 3.9.4 +Homepage: http://www.trusteddomain.org/opendmarc + +Package: opendmarc +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends}, adduser, lsb-base +Recommends: libopendbx1, libopendbx1-mysql, perl, libswitch-perl, libdbi-perl, + libdbd-mysql-perl, libhttp-message-perl, ${perl:Depends} +Description: Milter implementation of DMARC + Domain-based Message Authentication, Reporting and Conformance (DMARC), + builds on the successes of technologies such as DomainKeys Identified Mail + (DKIM) and the Sender Policy Framework (SPF) to create an infrastructure that + enforces policy on domain names that are visible to end users, and creates a + feedback framework for identifying and tracking fraudulent use of domain + names in email. It uses OpenDBX as an interface layer to various SQL back + ends. + . + It provides the following new capabilities: + . + A binding between the domain name seen in the From: field of a message and + one or both of the domain names verified by DKIM and SPF; + . + The capability to request that receivers enforce strict message + authentication policy published by the author; and Comprehensive reporting, + both forensic and aggregate, regarding suspect messages. + . + This package contains the OpenDMARC mail filter (Milter) for plugging into + Milter-aware MTAs. It implements support for both message reject and DMARC + failure reporting. + + +Package: libopendmarc1 +Section: libs +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends} +Description: Library for DMARC validation and reporting + Domain-based Message Authentication, Reporting and Conformance (DMARC), + builds on the successes of technologies such as DomainKeys Identified Mail + (DKIM) and the Sender Policy Framework (SPF) to create an infrastructure that + enforces policy on domain names that are visible to end users, and creates a + feedback framework for identifying and tracking fraudulent use of domain + names in email. + . + This package provides library for implementing mail validation and reporting + for the experimental DMARC standard. + +Package: libopendmarc-dev +Section: libdevel +Architecture: any +Depends: libopendmarc1 (= ${binary:Version}), ${misc:Depends} +Description: Headers and development libraries for the OpenDMARC library + Domain-based Message Authentication, Reporting and Conformance (DMARC), + builds on the successes of technologies such as DomainKeys Identified Mail + (DKIM) and the Sender Policy Framework (SPF) to create an infrastructure that + enforces policy on domain names that are visible to end users, and creates a + feedback framework for identifying and tracking fraudulent use of domain + names in email. + . + This package provides the required header files and development libraries for + developing against the OpenDMARC library. + +Package: rddmarc +Architecture: all +Depends: python, python-mysqldb, perl, libdbi-perl, libxml-simple-perl, + libmime-tools-perl, ${perl:Depends}, ${misc:Depends} +Description: DMARC report processing scripts collection + There are currently three relevant files provided: + . + - rddmarc: Perl the script to parse DMARC summary reports + - mkdmarc - SQL to create the tables + - dmarcfail: Parses DMARC forensic reports from Netease and adds them to a + MySQL database to assist in further analysis. --- opendmarc-1.2.0+dfsg.orig/debian/copyright +++ opendmarc-1.2.0+dfsg/debian/copyright @@ -0,0 +1,437 @@ +This package was debianized by Scott Kitterman on +Tue, 30 Oct 2012 14:46:53 +0100. + +It was downloaded from http://sourceforge.net/projects/opendkim + +Copyright Holder: The OpenDKIM Project. + +Based on code from DKIM Milter, copyright Sendmail Inc. + +Copyright: +Copyright (c) 2009, 2010, 2012, 2013, The Trusted Domain Project. +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are met: + * Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + * Neither the name of The Trusted Domain Project nor the names of its + contributors may be used to endorse or promote products derived from + this software without specific prior written permission. + +Portions of this project are also covered by the Sendmail Open Source +License, available in this distribution in the file "LICENSE.Sendmail". +See the copyright notice(s) in each file to determine whether it is covered +by either or both of the licenses. For example: + + Copyright (c) Sendmail, Inc. and its suppliers. + All rights reserved. + +Files bearing the banner above are covered under the Sendmail Open Source +License (see LICENSE.Sendmail). + + Copyright (c) , The Trusted Domain Project. + All rights reserved. + +Files bearing the banner above are covered under the Trusted Domain Project +License (above). + +Files bearing both banners are covered under both sets of license terms. + +THIS SOFTWARE IS PROVIDED BY THE TRUSTED DOMAIN PROJECT ''AS IS'' AND ANY +EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED +WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE +DISCLAIMED. IN NO EVENT SHALL THE TRUSTED DOMAIN PROJECT BE LIABLE FOR ANY +DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES +(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND +ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS +SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +For files: +opendmarc/parse.h Copyright (c) 2004 Sendmail, Inc. and its suppliers. +opendmarc/opendmarc-ar.c Copyright (c) 2007-2009 Sendmail, Inc. and its suppliers. +opendmarc/opendmarc-dstring.c Copyright (c) 2005-2009 Sendmail, Inc. and its suppliers. +opendmarc/opendmarc-dstring.h Copyright (c) 2004, 2005, 2007-2009 Sendmail, Inc. and its suppliers. +opendmarc/opendmarc-ar.h Copyright (c) 2007-2009 Sendmail, Inc. and its suppliers. +opendmarc/config.c Copyright (c) 2006-2009 Sendmail, Inc. and its suppliers. +opendmarc/parse.c Copyright (c) 2005, 2007, 2008 Sendmail, Inc. and its suppliers. +opendmarc/config.h Copyright (c) 2006-2008 Sendmail, Inc. and its suppliers + + SENDMAIL OPEN SOURCE LICENSE + +The following license terms and conditions apply to this open source +software ("Software"), unless a different license is obtained directly +from Sendmail, Inc. ("Sendmail") located at 6475 Christie Ave, Suite 350, +Emeryville, CA 94608, USA. + +Use, modification and redistribution (including distribution of any +modified or derived work) of the Software in source and binary forms is +permitted only if each of the following conditions of 1-6 are met: + +1. Redistributions of the Software qualify as "freeware" or "open + source software" under one of the following terms: + + (a) Redistributions are made at no charge beyond the reasonable + cost of materials and delivery; or + + (b) Redistributions are accompanied by a copy of the modified + Source Code (on an acceptable machine-readable medium) or by an + irrevocable offer to provide a copy of the modified Source Code + (on an acceptable machine-readable medium) for up to three years + at the cost of materials and delivery. Such redistributions must + allow further use, modification, and redistribution of the Source + Code under substantially the same terms as this license. For + the purposes of redistribution "Source Code" means the complete + human-readable, compilable, linkable, and operational source + code of the redistributed module(s) including all modifications. + +2. Redistributions of the Software Source Code must retain the + copyright notices as they appear in each Source Code file, these + license terms and conditions, and the disclaimer/limitation of + liability set forth in paragraph 6 below. Redistributions of the + Software Source Code must also comply with the copyright notices + and/or license terms and conditions imposed by contributors on + embedded code. The contributors' license terms and conditions + and/or copyright notices are contained in the Source Code + distribution. + +3. Redistributions of the Software in binary form must reproduce the + Copyright Notice described below, these license terms and conditions, + and the disclaimer/limitation of liability set forth in paragraph + 6 below, in the documentation and/or other materials provided with + the binary distribution. For the purposes of binary distribution, + "Copyright Notice" refers to the following language: "Copyright (c) + 1998-2009 Sendmail, Inc. All rights reserved." + +4. Neither the name, trademark or logo of Sendmail, Inc. (including + without limitation its subsidiaries or affiliates) or its contributors + may be used to endorse or promote products, or software or services + derived from this Software without specific prior written permission. + The name "sendmail" is a registered trademark and service mark of + Sendmail, Inc. + +5. We reserve the right to cancel this license if you do not comply with + the terms. This license is governed by California law and both of us + agree that for any dispute arising out of or relating to this Software, + that jurisdiction and venue is proper in San Francisco or Alameda + counties. These license terms and conditions reflect the complete + agreement for the license of the Software (which means this supercedes + prior or contemporaneous agreements or representations). If any term + or condition under this license is found to be invalid, the remaining + terms and conditions still apply. + +6. Disclaimer/Limitation of Liability: THIS SOFTWARE IS PROVIDED BY + SENDMAIL AND ITS CONTRIBUTORS "AS IS" WITHOUT WARRANTY OF ANY KIND + AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT AND FITNESS FOR A + PARTICULAR PURPOSE ARE EXPRESSLY DISCLAIMED. IN NO EVENT SHALL SENDMAIL + OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED + TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, + OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY + OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + WITHOUT LIMITATION NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE + USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. + +$Revision: 1.1 $ $Date: 2009/07/16 18:43:18 $ + + +For docs/draft-dmarc-base-00-02.txt: + +Open Web Foundation + +Final Specification Agreement (OWFa 1.0) + +(Patent and Copyright Grants) + +1. The Purpose of this Agreement. + +This Agreement sets forth the terms under which I make certain copyright and +patent rights available to you for your Permitted Uses of the Specification. +Capitalized terms are defined in the Agreement's last section. + +2. Copyrights. + +2.1. Copyright Grant. + +I grant to you a perpetual (for the duration of the applicable copyright), +worldwide, non-exclusive, no-charge, royalty-free, copyright license, without +any obligation for accounting to me, to reproduce, prepare derivative works +of, publicly display, publicly perform, sublicense, distribute, and implement +the Specification to the full extent of my copyright interest in the +Specification. + +2.2. Attribution. + +As a condition of the copyright grant, you must include an attribution to +the Specification in any derivative work you make based on the Specification. +That attribution must include, at minimum, the Specification name and +version number. + +3. Patents. + +3.1. Patent Non-Assert. + +3.1.1. The Promise. + +I, on behalf of myself and my successors in interest and assigns, irrevocably +promise not to assert my Granted Claims against you for your Permitted Uses, +subject to the terms and conditions of Section 3.1. This is a personal +promise directly from me to you, and you acknowledge as a condition of +benefiting from it that no rights from me are received from suppliers, +distributors, or otherwise in connection with this promise. This promise +also applies to your Permitted Uses of any other specifications incorporating +all required portions of the Specification. + +3.1.2. Termination. + +3.1.2.1. As a Result of Claims by You. + +All rights, grants, and promises made by me to you under this Agreement are +terminated if you file, maintain, or voluntarily participate in a lawsuit +against me or any person or entity asserting that its Permitted Uses infringe +any Granted Claims you would have had the right to enforce had you signed +this Agreement, unless that suit was in response to a corresponding suit +first brought against you. + +3.1.2.2. As a Result of Claims by a Related Entity of Mine. + +If a Related Entity of mine files, maintains, or voluntarily participates in +a lawsuit asserting that a Permitted Use infringes any Granted Claims it +would have had the right to enforce had it signed this Agreement, then I +relinquish any rights, grants, and promises I have received for the +Specification from other signatories of this Agreement, unless a) my +promise to you was terminated pursuant to section 3.1.2.1, or b) that suit +was in response to a corresponding suit first brought by you against the +Related Entity. + +3.1.3. Additional Conditions. + +This promise is not an assurance (i) that any of my copyrights or issued +patent claims cover an implementation of the Specification or are enforceable +or (ii) that an implementation of the Specification would not infringe +intellectual property rights of any third party. Notwithstanding the +personal nature of my promise, this promise is intended to be binding on +any future owner, assignee or exclusive licensee to whom has been given +the right to enforce any Granted Claims against third parties. + +3.1.4. Bankruptcy. + +Solely for purposes of Section 365(n) of Title 11, United States Bankruptcy +Code and any equivalent law in any foreign jurisdiction, this promise will +be treated as if it were a license and you may elect to retain your rights +under this promise if I (or any owner of any patents or patent applications +referenced herein), as a debtor in possession, or a bankruptcy trustee, +reject this non-assert. + +3.2. Patent License Commitment. + +In addition to rights granted in 3.1, on behalf of me and my successors in +interest and assigns, I agree to grant to you a no charge, royalty free +license to my Granted Claims on reasonable and non-discriminatory terms, +where such license applies only to those Granted Claims infringed by +the implementation of the Specification, solely for your Permitted Uses. + +4. No Other Rights. + +Except as specifically set forth in this Agreement, no other express or +implied patent, trademark, copyright, or other property rights are granted +under this Agreement, including by implication, waiver, or estoppel. + +5. Antitrust Compliance. + +I acknowledge that I may compete with other participants, that I am under +no obligation to implement the Specification, that each participant is free +to develop competing technologies and standards, and that each party is +free to license its patent rights to third parties, including for the +purpose of enabling competing technologies and standards. + +6. Non-Circumvention. + +I agree that I will not intentionally take or willfully assist any third +party to take any action for the purpose of circumventing my obligations +under this Agreement. + +7. Representations, Warranties and Disclaimers. + +I represent and warrant that I am legally entitled to grant the rights and +promises set forth in this Agreement. IN ALL OTHER RESPECTS THE SPECIFICATION +IS PROVIDED "AS IS." The entire risk as to implementing or otherwise using +the Specification is assumed by the implementer and user. Except as stated +herein, I expressly disclaim any warranties (express, implied, or otherwise), +including implied warranties of merchantability, non-infringement, fitness +for a particular purpose, or title, related to the Specification. IN NO +EVENT WILL ANY PARTY BE LIABLE TO ANY OTHER PARTY FOR LOST PROFITS OR ANY +FORM OF INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES OF ANY +CHARACTER FROM ANY CAUSES OF ACTION OF ANY KIND WITH RESPECT TO THIS +AGREEMENT, WHETHER BASED ON BREACH OF CONTRACT, TORT (INCLUDING NEGLIGENCE), +OR OTHERWISE, AND WHETHER OR NOT THE OTHER PARTY HAS BEEN ADVISED OF THE +POSSIBILITY OF SUCH DAMAGE. All of my obligations under Section 3 regarding +the transfer, successors in interest, or assignment of Granted Claims will +be satisfied if I notify the transferee or assignee of any patent that I +know contains Granted Claims of the obligations under Section 3. Nothing in +this Agreement requires me to undertake a patent search. + +8. Definitions. + +8.1. Agreement. + +"Agreement" means this OWFa document, which sets forth the rights, grants, +promises, limitations, conditions, obligations, and disclaimers made available +for the particular Specification. + +8.2. Bound Entities. + +"Bound Entities" means the entity listed below and any entities that the +Bound Entity Controls. + +8.3. Control. + +"Control" means direct or indirect control of more than 50% of the voting +power to elect directors of that corporation, or for any other entity, the +power to direct management of such entity. + +8.4. Granted Claims. + +"Granted Claims" are those patent claims that I own or control, including +those patent claims I acquire or control after the Date below, that are +infringed by Permitted Uses. Granted Claims include only those patent +claims that are infringed by the implementation of any portions of the +Specification where the Specification describes the functionality causing +the infringement in detail and does not merely reference the functionality +causing the infringement. + +8.5. I, Me, or My. + +"I," "me," or "my" refers to the signatory below and its Bound Entities, if +applicable. + +8.6. Permitted Uses. + +"Permitted Uses" means making, using, selling, offering for sale, importing +or distributing any implementation of the Specification 1) only to the +extent it implements the Specification and 2) so long as all required +portions of the Specification are implemented. Permitted Uses do not +extend to any portion of an implementation that is not included in +the Specification. + +8.7. Related Entities. + +"Related Entities" means 1) any entity that Controls the Bound Entity +("Upstream Entity"), and 2) any other entity that is Controlled by an +Upstream Entity that is not itself a Bound Entity. + +8.8. Specification. + +"Specification" means the Specification identified below. + +8.9. You or Your. + +"You," "you," or "your" means any person or entity who exercises copyright or +patent rights granted under this Agreement, and any person or entity you +Control. + + +Identify the Specification and version number here: + +draft-dmarc-base-00-02 + + +If signing this OWFa as an individual: + +I acknowledge that, depending upon local law or contractual agreements, +when I am employed by or acting on behalf of another entity, the promises +I make relating to this Specification may actually be obligations of that +other entity. In such a situation, I represent that + +I have been authorized by that entity to make these promises. I also +understand that certain Specification projects may require additional private +identifying information or certifications from me before they accept this +Agreement. + +______________________________ + +Signed name + +______________________________ + +Print name + +______________________________ + +Email address + +______________________________ + +Date + + +If signing this OWFa as a Bound Entity: + +I certify that I am authorized to execute this Agreement on behalf of +the Bound Entity named below, and that all promises made herein relating to +this Specification are commitments of the Bound Entity. + + + +_______________________________ + +Signed name + +_______________________________ + +Print name + +_______________________________ + +Email address + +_______________________________ + +Date + +_______________________________ + +Title + +_______________________________ + +Bound Entity + +_______________________________ + +Address + +For file contrib/rddmarc/dmarcfail.py: + +# Copyright 2012, Taughannock Networks. All rights reserved. + +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: + +# Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. + +# Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. + +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +# HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS +# OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED +# AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY +# WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. + --- opendmarc-1.2.0+dfsg.orig/debian/libopendmarc-dev.docs +++ opendmarc-1.2.0+dfsg/debian/libopendmarc-dev.docs @@ -0,0 +1 @@ +libopendmarc/docs --- opendmarc-1.2.0+dfsg.orig/debian/libopendmarc-dev.install +++ opendmarc-1.2.0+dfsg/debian/libopendmarc-dev.install @@ -0,0 +1,3 @@ +usr/include/opendmarc +usr/lib/libopendmarc*.a +usr/lib/libopendmarc*.so --- opendmarc-1.2.0+dfsg.orig/debian/libopendmarc1.install +++ opendmarc-1.2.0+dfsg/debian/libopendmarc1.install @@ -0,0 +1 @@ +usr/lib/libopendmarc.so.1* --- opendmarc-1.2.0+dfsg.orig/debian/libopendmarc1.symbols +++ opendmarc-1.2.0+dfsg/debian/libopendmarc1.symbols @@ -0,0 +1,51 @@ +libopendmarc.so.1 libopendmarc1 #MINVER# + dmarc_dns_get_record@Base 1.1.0~beta2 + dmarc_strlcat@Base 1.1.0~beta2 + dmarc_strlcpy@Base 1.1.0~beta2 + opendmarc_dns_fake_record@Base 1.1.0~beta2 + opendmarc_get_policy_to_enforce@Base 1.1.0~beta2 + opendmarc_get_tld@Base 1.1.0~beta2 + opendmarc_hash_drop@Base 1.1.0~beta2 + opendmarc_hash_expire@Base 1.1.0~beta2 + opendmarc_hash_init@Base 1.1.0~beta2 + opendmarc_hash_lookup@Base 1.1.0~beta2 + opendmarc_hash_set_callback@Base 1.1.0~beta2 + opendmarc_hash_shutdown@Base 1.1.0~beta2 + opendmarc_policy_check_alignment@Base 1.1.0~beta2 + opendmarc_policy_connect_clear@Base 1.1.0~beta2 + opendmarc_policy_connect_init@Base 1.1.0~beta2 + opendmarc_policy_connect_rset@Base 1.1.0~beta2 + opendmarc_policy_connect_shutdown@Base 1.1.0~beta2 + opendmarc_policy_fetch_adkim@Base 1.1.0~beta2 + opendmarc_policy_fetch_alignment@Base 1.1.0~beta2 + opendmarc_policy_fetch_aspf@Base 1.1.0~beta2 + opendmarc_policy_fetch_fo@Base 1.1.0~beta2 + opendmarc_policy_fetch_p@Base 1.1.0~beta2 + opendmarc_policy_fetch_pct@Base 1.1.0~beta2 + opendmarc_policy_fetch_rf@Base 1.1.0~beta2 + opendmarc_policy_fetch_rua@Base 1.1.0~beta2 + opendmarc_policy_fetch_ruf@Base 1.1.0~beta2 + opendmarc_policy_fetch_sp@Base 1.1.0~beta2 + opendmarc_policy_fetch_utilized_domain@Base 1.1.0~beta2 + opendmarc_policy_library_dns_hook@Base 1.1.0~beta2 + opendmarc_policy_library_init@Base 1.1.0~beta2 + opendmarc_policy_library_shutdown@Base 1.1.0~beta2 + opendmarc_policy_parse_dmarc@Base 1.1.0~beta2 + opendmarc_policy_query_dmarc@Base 1.1.0~beta2 + opendmarc_policy_query_dmarc_xdomain@Base 1.2.0~beta3+dfsg + opendmarc_policy_status_to_str@Base 1.1.0~beta2 + opendmarc_policy_store_dkim@Base 1.1.0~beta2 + opendmarc_policy_store_dmarc@Base 1.1.0~beta2 + opendmarc_policy_store_from_domain@Base 1.1.0~beta2 + opendmarc_policy_store_spf@Base 1.1.0~beta2 + opendmarc_policy_to_buf@Base 1.1.0~beta2 + opendmarc_reverse_domain@Base 1.1.0~beta2 + opendmarc_tld_read_file@Base 1.1.0~beta2 + opendmarc_tld_shutdown@Base 1.1.0~beta2 + opendmarc_util_cleanup@Base 1.1.0~beta2 + opendmarc_util_clearargv@Base 1.1.0~beta2 + opendmarc_util_dupe_argv@Base 1.1.0~beta2 + opendmarc_util_finddomain@Base 1.1.0~beta2 + opendmarc_util_pushargv@Base 1.1.0~beta2 + opendmarc_xml@Base 1.1.0~beta2 + opendmarc_xml_parse@Base 1.1.0~beta2 --- opendmarc-1.2.0+dfsg.orig/debian/opendmarc.conf +++ opendmarc-1.2.0+dfsg/debian/opendmarc.conf @@ -0,0 +1,138 @@ +# This is a basic configuration that can easily be adapted to suit a standard +# installation. For more advanced options, see opendkim.conf(5) and/or +# /usr/share/doc/opendmarc/examples/opendmarc.conf.sample. + +## AuthservID (string) +## defaults to MTA name +# +# AuthservID name + +## BaseDirectory (string) +## default (none) +## +## If set, instructs the filter to change to the specified directory using +## chdir(2) before doing anything else. This means any files referenced +## elsewhere in the configuration file can be specified relative to this +## directory. It's also useful for arranging that any crash dumps will be +## saved to a specific location. +# +# BaseDirectory /var/run/opendmarc + +## ChangeRootDirectory (string) +## default (none) +## +## Requests that the operating system change the effective root directory of +## the process to the one specified here prior to beginning execution. +## chroot(2) requires superuser access. A warning will be generated if +## UserID is not also set. +# +# ChangeRootDirectory /var/chroot/opendmarc + +## ForensicReports { true | false } +## default "false" +## +# ForensicReports false + +## IgnoreHosts path +## default (internal) +## +# IgnoreHosts /usr/local/etc/opendmarc/ignore.hosts + +## IgnoreMailFrom domain[,...] +## default (none) +## +# IgnoreMailFrom example.com + +## PidFile path +## default (none) +## +## Specifies the path to a file that should be created at process start +## containing the process ID. +## +# +PidFile /var/run/opendmarc.pid + +## RejectFailures { true | false } +## default "false" +## +RejectFailures false + +## Socket socketspec +## default (none) +## +## Specifies the socket that should be established by the filter to receive +## connections from sendmail(8) in order to provide service. socketspec is +## in one of two forms: local:path, which creates a UNIX domain socket at +## the specified path, or inet:port[@host] or inet6:port[@host] which creates +## a TCP socket on the specified port for the appropriate protocol family. +## If the host is not given as either a hostname or an IP address, the +## socket will be listening on all interfaces. This option is mandatory +## either in the configuration file or on the command line. If an IP +## address is used, it must be enclosed in square brackets. +# +# Socket inet:8893@localhost + +## SoftwareHeader { true | false } +## default "false" +## +## Causes the filter to add a "DMARC-Filter" header field indicating the +## presence of this filter in the path of the message from injection to +## delivery. The product's name, version, and the job ID are included in +## the header field's contents. +# +# SoftwareHeader false + +## Syslog { true | false } +## default "false" +## +## Log via calls to syslog(3) any interesting activity. +# +# Syslog false + +## SyslogFacility facility-name +## default "mail" +## +## Log via calls to syslog(3) using the named facility. The facility names +## are the same as the ones allowed in syslog.conf(5). +# +# SyslogFacility mail + +## TemporaryDirectory path +## default /var/tmp +## +## Specifies the directory in which temporary files should be written. +# +# TemporaryDirectory /var/tmp + +## TrustedAuthservIDs string +## default HOSTNAME +## +## Specifies one or more "authserv-id" values to trust as relaying true +## upstream DKIM and SPF results. The default is to use the name of +## the MTA processing the message. To specify a list, separate each entry +## with a comma. The key word "HOSTNAME" will be replaced by the name of +## the host running the filter as reported by the gethostname(3) function. +# +# TrustedAuthservIDs HOSTNAME + + +## UMask mask +## default (none) +## +## Requests a specific permissions mask to be used for file creation. This +## only really applies to creation of the socket when Socket specifies a +## UNIX domain socket, and to the HistoryFile and PidFile (if any); temporary +## files are normally created by the mkstemp(3) function that enforces a +## specific file mode on creation regardless of the process umask. See +## umask(2) for more information. +# +UMask 0002 + +## UserID user[:group] +## default (none) +## +## Attempts to become the specified userid before starting operations. +## The process will be assigned all of the groups and primary group ID of +## the named userid unless an alternate group is specified. +# +# UserID opendmarc --- opendmarc-1.2.0+dfsg.orig/debian/opendmarc.default +++ opendmarc-1.2.0+dfsg/debian/opendmarc.default @@ -0,0 +1,10 @@ +# Command-line options specified here will override the contents of +# /etc/opendmarc.conf. See opendmarc(8) for a complete list of options. +#DAEMON_OPTS="" +# +# Uncomment to specify an alternate socket +# Note that setting this will override any Socket value in opendkim.conf +#SOCKET="local:/var/run/opendmarc/opendmarc.sock" # default +#SOCKET="inet:54321" # listen on all interfaces on port 54321 +#SOCKET="inet:12345@localhost" # listen on loopback on port 12345 +#SOCKET="inet:12345@192.0.2.1" # listen on 192.0.2.1 on port 12345 --- opendmarc-1.2.0+dfsg.orig/debian/opendmarc.docs +++ opendmarc-1.2.0+dfsg/debian/opendmarc.docs @@ -0,0 +1,5 @@ +README +opendmarc/opendmarc.conf.sample +reports/mkdb.mysql +db/README.schema +db/schema.mysql --- opendmarc-1.2.0+dfsg.orig/debian/opendmarc.init +++ opendmarc-1.2.0+dfsg/debian/opendmarc.init @@ -0,0 +1,151 @@ +#! /bin/sh +# +### BEGIN INIT INFO +# Provides: opendmarc +# Required-Start: $syslog $time $local_fs $remote_fs $named $network +# Required-Stop: $syslog $time $local_fs $remote_fs +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Short-Description: Start the OpenDMARC service +# Description: Enable DMAR verification and reporting provided by OpenDMARC +### END INIT INFO + +PATH=/sbin:/bin:/usr/sbin:/usr/bin +DAEMON=/usr/sbin/opendmarc +NAME=opendmarc +DESC="OpenDMARC" +RUNDIR=/var/run/$NAME +USER=opendmarc +GROUP=opendmarc +SOCKET=local:$RUNDIR/$NAME.sock +PIDFILE=$RUNDIR/$NAME.pid + +# How long to wait for the process to die on stop/restart +stoptimeout=5 + +test -x $DAEMON || exit 0 + +# Include LSB provided init functions +. /lib/lsb/init-functions + +# Include opendkim defaults if available +if [ -f /etc/default/opendmarc ] ; then + . /etc/default/opendmarc +fi + +if [ -f /etc/opendmarc.conf ]; then + CONFIG_SOCKET=`awk '$1 == "Socket" { print $2 }' /etc/opendmarc.conf` +fi + +# This can be set via Socket option in config file, so it's not required +if [ -n "$SOCKET" -a -z "$CONFIG_SOCKET" ]; then + DAEMON_OPTS="-p $SOCKET $DAEMON_OPTS" +fi + +DAEMON_OPTS="-c /etc/opendmarc.conf -u $USER -P $PIDFILE $DAEMON_OPTS" + +start() { + # Create the run directory if it doesn't exist + if [ ! -d "$RUNDIR" ]; then + install -o "$USER" -g "$GROUP" -m 755 -d "$RUNDIR" || return 2 + [ -x /sbin/restorecon ] && /sbin/restorecon "$RUNDIR" + fi + # Clean up stale sockets + if [ -f "$PIDFILE" ]; then + pid=`cat $PIDFILE` + if ! ps -C "$DAEMON" -s "$pid" >/dev/null; then + rm "$PIDFILE" + TMPSOCKET="" + if [ -n "$SOCKET" ]; then + TMPSOCKET="$SOCKET" + elif [ -n "$CONFIG_SOCKET" ]; then + TMPSOCKET="$CONFIG_SOCKET" + fi + if [ -n "$TMPSOCKET" ]; then + # UNIX sockets may be specified with or without the + # local: prefix; handle both + t=`echo $SOCKET | cut -d: -f1` + s=`echo $SOCKET | cut -d: -f2` + if [ -e "$s" -a -S "$s" ]; then + if [ "$t" = "$s" -o "$t" = "local" ]; then + rm "$s" + fi + fi + fi + fi + fi + start-stop-daemon --start --quiet --pidfile "$PIDFILE" --exec "$DAEMON" --test -- $DAEMON_OPTS || return 1 + start-stop-daemon --start --quiet --pidfile "$PIDFILE" --exec "$DAEMON" -- $DAEMON_OPTS || return 2 +} + +stop() { + start-stop-daemon --stop --retry "$stoptimeout" --exec "$DAEMON" + [ "$?" = 2 ] && return 2 +} + +reload() { + start-stop-daemon --stop --signal USR1 --exec "$DAEMON" +} + +status() { + local pidfile daemon name status + + pidfile= + OPTIND=1 + while getopts p: opt ; do + case "$opt" in + p) pidfile="$OPTARG";; + esac + done + shift $(($OPTIND - 1)) + + if [ -n "$pidfile" ]; then + pidfile="-p $pidfile" + fi + daemon="$1" + name="$2" + + status="0" + pidofproc $pidfile $daemon >/dev/null || status="$?" + if [ "$status" = 0 ]; then + log_success_msg "$name is running" + return 0 + else + log_failure_msg "$name is not running" + return $status + fi +} + +case "$1" in + start) + echo -n "Starting $DESC: " + start + echo "$NAME." + ;; + stop) + echo -n "Stopping $DESC: " + stop + echo "$NAME." + ;; + restart) + echo -n "Restarting $DESC: " + stop + start + echo "$NAME." + ;; + reload|force-reload) + echo -n "Restarting $DESC: " + reload + echo "$NAME." + ;; + status) + status $DAEMON $NAME + ;; + *) + N=/etc/init.d/$NAME + echo "Usage: $N {start|stop|restart|reload|force-reload|status}" >&2 + exit 1 + ;; +esac + +exit 0 --- opendmarc-1.2.0+dfsg.orig/debian/opendmarc.install +++ opendmarc-1.2.0+dfsg/debian/opendmarc.install @@ -0,0 +1,2 @@ +debian/tmp/usr/sbin/opendmarc* usr/sbin +debian/opendmarc.conf etc --- opendmarc-1.2.0+dfsg.orig/debian/opendmarc.manpages +++ opendmarc-1.2.0+dfsg/debian/opendmarc.manpages @@ -0,0 +1,2 @@ +debian/tmp/usr/share/man/man5/* +debian/tmp/usr/share/man/man8/* --- opendmarc-1.2.0+dfsg.orig/debian/opendmarc.postinst +++ opendmarc-1.2.0+dfsg/debian/opendmarc.postinst @@ -0,0 +1,18 @@ +#!/bin/sh + +set -e + +if [ "$1" = "configure" ]; then + if ! id -u opendmarc >/dev/null 2>&1; then + adduser --quiet --system --group --home /var/run/opendmarc opendmarc + fi + + # Set ownership if the admin has not overriden it. + if ! dpkg-statoverride --list /var/run/opendmarc >/dev/null; then + chown opendmarc:opendmarc /var/run/opendmarc + fi +fi + +#DEBHELPER# + +exit 0 --- opendmarc-1.2.0+dfsg.orig/debian/patches/fix-python-interpreter.diff +++ opendmarc-1.2.0+dfsg/debian/patches/fix-python-interpreter.diff @@ -0,0 +1,11 @@ +Does not need to be forwarded. Upstream uses FreeBSD. +Index: opendmarc-1.0.1+dfsg/contrib/rddmarc/dmarcfail.py +=================================================================== +--- opendmarc-1.0.1+dfsg.orig/contrib/rddmarc/dmarcfail.py 2012-11-18 00:08:28.105858463 -0500 ++++ opendmarc-1.0.1+dfsg/contrib/rddmarc/dmarcfail.py 2012-11-18 00:09:10.041857224 -0500 +@@ -1,4 +1,4 @@ +-#!/usr/local/bin/python ++#!/usr/bin/python + # $Header: /home/johnl/hack/dmarc/RCS/dmarcfail.py,v 1.1 2012/07/12 03:59:29 johnl Exp $ + # parse DMARC failure reports, add it to the mysql database + # optional arguments are names of files containing ARF messages, --- opendmarc-1.2.0+dfsg.orig/debian/patches/series +++ opendmarc-1.2.0+dfsg/debian/patches/series @@ -0,0 +1 @@ +fix-python-interpreter.diff --- opendmarc-1.2.0+dfsg.orig/debian/rddmarc.docs +++ opendmarc-1.2.0+dfsg/debian/rddmarc.docs @@ -0,0 +1,4 @@ +contrib/rddmarc/README.rddmarc +contrib/rddmarc/mkdmarc +contrib/rddmarc/rddmarc +contrib/rddmarc/dmarcfail.py --- opendmarc-1.2.0+dfsg.orig/debian/rules +++ opendmarc-1.2.0+dfsg/debian/rules @@ -0,0 +1,28 @@ +#!/usr/bin/make -f + +%: + dh $@ --with quilt, --with autoreconf --parallel + +# These are used for cross-compiling and for saving the configure script +# from having to guess our platform (since we know it already) +DEB_HOST_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_HOST_GNU_TYPE) +DEB_BUILD_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_BUILD_GNU_TYPE) +CROSS= --build $(DEB_BUILD_GNU_TYPE) --host $(DEB_HOST_GNU_TYPE) + +override_dh_auto_configure: + dh_testdir + ./configure $(CROSS) --prefix=/usr --mandir=\$${prefix}/share/man --infodir=\$${prefix}/share/info \ + --sysconfdir=/etc \ + CFLAGS="$(CFLAGS) $(CPPFLAGS)" \ + LDFLAGS="$(LDFLAGS) -lresolv -Wl,-z,defs -L/usr/lib/libmilter" \ + --enable-filter-tests \ + --with-sql-backend + +override_dh_installchangelogs: + dh_installchangelogs RELEASE_NOTES + +override_dh_installdocs: + dh_installdocs + mkdir -p $(CURDIR)/debian/opendmarc/usr/share/doc/opendmarc + cp opendmarc/README $(CURDIR)/debian/opendmarc/usr/share/doc/opendmarc/README.opendmarc + --- opendmarc-1.2.0+dfsg.orig/debian/watch +++ opendmarc-1.2.0+dfsg/debian/watch @@ -0,0 +1,4 @@ +version=3 +opts=uversionmangle=s/(\d+)(rc)/$1~$2/,dversionmangle=s/\+dfsg// \ +http://sf.net/opendmarc/opendmarc-(.*).tar.gz debian uupdate +