Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Mailman module to allow posts of DKIM-signed messages which sent from specific domains
# Copyright (C) 2019 by TSUCHIYA Masatoshi <tsuchm@gmail.com>
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
# USA.
#
"""This module implements DKIM based moderation.
USAGE:
(1) Put this file into the directory of Mailman handler modules, e.g.
/usr/lib/mailman/Mailman/Handlers/
(2) Add following codes to mm_cfg.py:
DKIMDOMAINPATTERN = "[@.]example\.jp$"
GLOBAL_PIPELINE[GLOBAL_PIPELINE.index('Moderate')] = 'DKIMModerate'
"""
import dkim
import email.utils
import re
from Mailman import mm_cfg
from Mailman.Handlers.Moderate import process as moderate_process
from Mailman.Logging.Syslog import syslog
def process(mlist, msg, msgdata):
def dkimverify(message):
if not message.get('DKIM-Signature'):
gd = message.get('X-Google-DKIM-Signature')
if gd:
message.add_header('DKIM-Signature', gd)
if dkim.verify(message.as_string()):
syslog('error', 'DKIM signature of this message is verified')
sender = (email.utils.parseaddr(message.get('From')))[1]
if sender and re.search(mm_cfg.DKIMDOMAINPATTERN, sender):
return True
else:
syslog('error', 'DKIM signature of this message is NOT verified')
return False
if mlist.generic_nonmember_action == 1 and dkimverify(msg):
return
return moderate_process(mlist, msg, msgdata)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.