Jump to >

djblets.mail.dmarc

Functions for looking up DMARC entries in DNS.

class DmarcPolicy[source]

Types of DMARC policies.

These policies define what happens if an e-mail fails sender verification (such as if the From address is spoofed).

UNSET = 0[source]

A policy is not set on the record.

This can be interpreted as being the same as NONE.

NONE = 1[source]

No action should be taken if verification fails.

E-mails will not be rejected or quarantined, and the DMARC signature can be ignored.

QUARANTINE = 2[source]

E-mails should be quarantined/marked as spam if verification fails.

REJECT = 3[source]

E-mails should be rejected if verification fails.

classmethod parse(policy_str)[source]

Return a policy type from a value in a DMARC record.

Parameters

policy_str (unicode) – The policy type from the record.

Returns

One of UNSET, NONE, QUARANTINE, or REJECT.

Return type

int

class DmarcRecord(hostname, policy, subdomain_policy=0, pct=100, fields={})[source]

Information on a DMARC record for a subdomain or organization domain.

This is a parsed representation of the contents of a standard DMARC TXT record. It contains information that software can use to determine what will happen if a sender spoofs a From address, or if the e-mail otherwise fails sender verification.

Senders can make use of this to determine whether they can safely spoof a From address (for legitimate reasons, such as to send an e-mail on behalf of a user when posting on a service), or whether they should fall back to an alternative means (such as using a noreply address and setting the Reply-To header).

classmethod parse(hostname, txt_record)[source]

Return a DmarcRecord from a DMARC TXT record.

Parameters
  • hostname (unicode) – The hostname owning the _dmarc. TXT record.

  • txt_record (unicode) – The TXT record contents representing the DMARC configuration.

Returns

The parsed record, if this is a valid DMARC record. If this is not valid, None will be returned instead.

Return type

DmarcRecord

get_dmarc_record(hostname, use_cache=True, cache_expiration=2592000)[source]

Return a DMARC record for a given hostname.

This will query the DNS records for a hostname, returning a parsed version of the DMARC record, if found. If a record could not be found for the hostname, the organizational domain will be used instead (which is generally example.com for foo.bar.example.com, but this depends on the domain in question).

By default, the fetched record from DNS is cached, allowing this to be called multiple times without repeated DNS queries. This is optional, as is the expiration time for the cached data (which defaults to 1 month).

Parameters
  • hostname (unicode) – The hostname to look up the DMARC information from.

  • use_cache (bool, optional) – Whether to use the cache for looking up and storing record data.

  • cache_expiration (int, optional) – The expiration time for cached data.

Returns

The DMARC record. If it could not be found, None will be returned instead.

Return type

DmarcRecord

is_email_allowed_by_dmarc(email_address)[source]

Return whether DMARC rules safely allow sending using an e-mail address.

This will take an e-mail address (which must be in the form of name@domain, ideally parsed by mail.utils.parseaddr()) and check to see if there are any DMARC rules that could prevent the e-mail from being sent/received if it were to fail sender verification.

Callers can use this to decide whether they can safely send using a user’s e-mail address, or whether they need to send using the service’s address.

Parameters

email_address (unicode) – The e-mail address for the From field.

Returns

True if the e-mail address can be safely used in a From header. False if it should not be used.

Return type

bool