On Fedora 42: # opendmarc -V opendmarc: OpenDMARC Filter v1.4.2 SMFI_VERSION 0x1000001 libmilter version 1.0.1 Active code options: WITH_SPF On Fedora 34: # opendmarc -V opendmarc: OpenDMARC Filter v1.4.1 SMFI_VERSION 0x1000001 libmilter version 1.0.1 Active code options: WITH_SPF WITH_SPF2 Reproducible: Always Steps to Reproduce: 1. run "strings opendmarc | grep spf2" Actual Results: # strings opendmarc | grep spf2 Expected Results: # strings /usr/sbin/opendmarc | grep spf2 opendmarc_spf2_test Additional Information: Sometime between Fedora 34 and Fedora 42, the build somehow excludes libspf2. This is important because WITH_SPF2 includes support for IPv6 whereas the built in SPF library does not. IMHO not having IPv6 support is a bad thing.
Upon further testing, I found that the last version to include SPF2 is this: Name : opendmarc Version : 1.4.2 Release : 22.fc41 Architecture: x86_64 Install Date: Fri 03 Jan 2025 05:19:21 PM
Looks like first version that excludes WITH_SPF2 is 1.4.2-25 in Fedora 42
Binary and library are linked against libspf2: # rpm -qa |grep opendma libopendmarc-1.4.2-32.fc43.x86_64 opendmarc-1.4.2-32.fc43.x86_64 # ldd /usr/bin/opendmarc linux-vdso.so.1 (0x00007fcfde7a6000) libopendmarc.so.2 => /lib64/libopendmarc.so.2 (0x00007fcfde76f000) libmilter.so.1.0 => /lib64/libmilter.so.1.0 (0x00007fcfde75e000) libc.so.6 => /lib64/libc.so.6 (0x00007fcfde56a000) libm.so.6 => /lib64/libm.so.6 (0x00007fcfde476000) libspf2.so.2 => /lib64/libspf2.so.2 (0x00007fcfde459000) <-- /lib64/ld-linux-x86-64.so.2 (0x00007fcfde7a8000) libresolv.so.2 => /lib64/libresolv.so.2 (0x00007fcfde445000) # ldd /usr/lib64/libopendmarc.so.2 linux-vdso.so.1 (0x00007f724cedd000) libm.so.6 => /lib64/libm.so.6 (0x00007f724cdc9000) libspf2.so.2 => /lib64/libspf2.so.2 (0x00007f724cdac000) <-- libc.so.6 => /lib64/libc.so.6 (0x00007f724cbb8000) /lib64/ld-linux-x86-64.so.2 (0x00007f724cedf000) libresolv.so.2 => /lib64/libresolv.so.2 (0x00007f724cba6000) I'll check why it doesn't show with "-V"
yes, I can confirm the libspf2 library is linked in for all versions between 1.4.2-24 and 1.4.2-25. The configure run looks ok, but in the opendmarc/opendmarc.c there's this: # if HAVE_SPF2_H spf_result = opendmarc_spf2_test( # else /* HAVE_SPF2_H */ spf_result = opendmarc_spf_test( # endif /* HAVE_SPF2_H */ and near as I can tell, it is somehow failing HAVE_SPF2_H (verified using "strings | grep spf2" on both old and new binaries ) Arguably opendmarc_spf_test should be deprecated in favor of opendmarc_spf2_test as it's missing even IPv6 compatibility for A and MX records, which is the symptom that led me down this rabbit hole.
I think I found the issue. After gcc15 was introduced opendmarc started to fail and I introduced this patch https://src.fedoraproject.org/rpms/opendmarc/c/c8a9332c3cc0fddd78adc3af06eb542e1050e627?branch=rawhide that doesn't work as it should. It allows the package to be built... but just fails to detect spf.h and thus HAVE_SPF2_H is not enabled. I think the correct fix would be this new patch https://src.fedoraproject.org/fork/mikelo2/rpms/opendmarc/c/40551d875966146048a8f9f9458fb3e8dd26aee3?branch=drop-gcc15-patch Can you verify the fix using the builds in this COPR? https://copr.fedorainfracloud.org/coprs/mikelo2/opendmarc-bz2399960/build/9630470/ Once confirmed I'll polish it and submit the patch upstream and I'll close previous patch PR https://github.com/trusteddomainproject/OpenDMARC/pull/281
# rpm -Uvh *33* warning: libopendmarc-1.4.2-33.fc42.x86_64.rpm: Header V4 RSA/SHA256 Signature, key ID 81455310: NOKEY Verifying... ################################# [100%] Preparing... ################################# [100%] Updating / installing... 1:libopendmarc-1.4.2-33.fc42 ################################# [ 25%] 2:opendmarc-1.4.2-33.fc42 ################################# [ 50%] Cleaning up / removing... 3:opendmarc-1.4.2-22.fc41 ################################# [ 75%] 4:libopendmarc-1.4.2-22.fc41 ################################# [100%] root@frodo:~# opendmarc -V opendmarc: OpenDMARC Filter v1.4.2 SMFI_VERSION 0x1000001 libmilter version 1.0.1 Active code options: WITH_SPF WITH_SPF2 testing w IPv6 also works a charm! Thank you so much - I managed to revert to 1.4.2-22 from F41, but definitely much prefer this path.
FEDORA-2025-1aa75bd11c (opendmarc-1.4.2-33.fc44) has been submitted as an update to Fedora 44. https://bodhi.fedoraproject.org/updates/FEDORA-2025-1aa75bd11c
FEDORA-EPEL-2025-31cde20181 (opendmarc-1.4.2-33.el10_1) has been submitted as an update to Fedora EPEL 10.1. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-31cde20181
FEDORA-2025-a393c2585d (opendmarc-1.4.2-33.fc43) has been submitted as an update to Fedora 43. https://bodhi.fedoraproject.org/updates/FEDORA-2025-a393c2585d
FEDORA-EPEL-2025-883e1c0734 (opendmarc-1.4.2-33.el10_0) has been submitted as an update to Fedora EPEL 10.0. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-883e1c0734
FEDORA-EPEL-2025-60fd9282ce (opendmarc-1.4.2-33.el10_2) has been submitted as an update to Fedora EPEL 10.2. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-60fd9282ce
FEDORA-EPEL-2025-aaa6df7fdb (opendmarc-1.4.2-33.el9) has been submitted as an update to Fedora EPEL 9. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-aaa6df7fdb
FEDORA-2025-88ba9c2bfa (opendmarc-1.4.2-33.fc41) has been submitted as an update to Fedora 41. https://bodhi.fedoraproject.org/updates/FEDORA-2025-88ba9c2bfa
FEDORA-2025-1aa75bd11c (opendmarc-1.4.2-33.fc44) has been pushed to the Fedora 44 stable repository. If problem still persists, please make note of it in this bug report.
FEDORA-2025-5f200d6f25 has been pushed to the Fedora 42 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2025-5f200d6f25` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2025-5f200d6f25 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-EPEL-2025-31cde20181 has been pushed to the Fedora EPEL 10.1 testing repository. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-31cde20181 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-EPEL-2025-60fd9282ce has been pushed to the Fedora EPEL 10.2 testing repository. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-60fd9282ce See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-EPEL-2025-883e1c0734 has been pushed to the Fedora EPEL 10.0 testing repository. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-883e1c0734 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-EPEL-2025-aaa6df7fdb has been pushed to the Fedora EPEL 9 testing repository. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-aaa6df7fdb See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-2025-88ba9c2bfa has been pushed to the Fedora 41 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2025-88ba9c2bfa` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2025-88ba9c2bfa See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-2025-a393c2585d has been pushed to the Fedora 43 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2025-a393c2585d` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2025-a393c2585d See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-EPEL-2025-60fd9282ce (opendmarc-1.4.2-33.el10_2) has been pushed to the Fedora EPEL 10.2 stable repository. If problem still persists, please make note of it in this bug report.
FEDORA-EPEL-2025-31cde20181 (opendmarc-1.4.2-33.el10_1) has been pushed to the Fedora EPEL 10.1 stable repository. If problem still persists, please make note of it in this bug report.
FEDORA-EPEL-2025-aaa6df7fdb (opendmarc-1.4.2-33.el9) has been pushed to the Fedora EPEL 9 stable repository. If problem still persists, please make note of it in this bug report.
FEDORA-2025-5f200d6f25 (opendmarc-1.4.2-33.fc42) has been pushed to the Fedora 42 stable repository. If problem still persists, please make note of it in this bug report.
FEDORA-EPEL-2025-883e1c0734 (opendmarc-1.4.2-33.el10_0) has been pushed to the Fedora EPEL 10.0 stable repository. If problem still persists, please make note of it in this bug report.
FEDORA-2025-88ba9c2bfa (opendmarc-1.4.2-33.fc41) has been pushed to the Fedora 41 stable repository. If problem still persists, please make note of it in this bug report.
FEDORA-2025-a393c2585d (opendmarc-1.4.2-33.fc43) has been pushed to the Fedora 43 stable repository. If problem still persists, please make note of it in this bug report.