Wednesday, November 08, 2017

freebsd postfix python policyd-spf ip addres validation error

The solution to my Problem was (for now) to add the following lines to the function _cidrmatch in /usr/local/bin/policyd-spf
def _cidrmatch(ip, netwrk)
  netwrk = unicode(netwrk)
  ip = unicode(ip)
  try:
    address = ipaddress.ip_address(ip)
This is done so that the python module ipaddr only has to deal with unicode string (as requested by the error message)
switching to python3 as suggested by other posts on the web did not work for me (maybe some missing dependencies?)

 Stolen from here, but it worked:
https://superuser.com/questions/1253657/freebsd-postfix-python-policyd-spf-ip-addres-validation-error/1253658
By - No comments:

CIDR.pm 

So for whatever reason the CIDR.pm file uses on my FreeBSD setup doesn't work for MailScanner.
II had to comment out these croak lines and now it works just fine
 
diff  /root/CIDR.pm /usr/local/lib/perl5/site_perl/Net/CIDR.pm
218c218
< The result is a two-element array: 
---
> The result is a two-element array:
437c437
<     
---
> 
596,597c596,597
<           #croak "Invalid netblock range: $r[$i]"
<               #unless $isipv6_1 && $isipv6_2;
---
>           croak "Invalid netblock range: $r[$i]"
>               unless $isipv6_1 && $isipv6_2;
794c794
<     my $mismatch = shift;
---
> 
801c801
<     if (!$isipv6_1 != !$isipv6_2)
---
>     if ($isipv6_1 || $isipv6_2)
803,805c803,805
<       return $mismatch if defined $mismatch;
<       #croak "Invalid netblock: $aa-$bb";
<    }
---
>       croak "Invalid netblock: $aa-$bb"
>           unless $isipv6_1 && $isipv6_2;
>     }
810c810
<     #croak "Different number of octets in IP addresses" unless $#a == $#b;
---
>     croak "Different number of octets in IP addresses" unless $#a == $#b;
979c979
<                                 
---
> 
1014,1015c1014,1015
<       next if _ipcmp($b[$i], $lo, -1) < 0;
<       next if _ipcmp($hi, $a[$i], -1) < 0;
---
>       next if _ipcmp($b[$i], $lo) < 0;
>       next if _ipcmp($hi, $a[$i]) < 0;
1284a1285,1286
>     $v =~ s/([0-9A-Fa-f]+)/_triml0($1)/ge;
> 
1291a1294,1299
> sub _triml0 {
>     my ($a) = @_;
> 
>     $a =~ s/^0+//g;
>     return $a
> }
By - No comments:
Subscribe to: Comments (Atom)

I don't have a clue

I'm so very tired. It's almost all the time now. 

  • Pass the blame around
    It's funny sometimes, you think that you did something good by figuring out why something isn't working, but instead people assume y...
  • Breakfast
    I think I eat too much for breakfast.  I had a Yoplait French Vanilla, which is really good.  I also had a cheddar cheese and mayo sandwich....
  • Yup
    I am watching Grey's Anatomy right now. I watched Fox before that, except that stupid show between the Simpons and Family Guy. Either wa...