From 776bfacdf5a19676e15aa13801e823cbd67a2545 Mon Sep 17 00:00:00 2001
From: Shane Frasier <jeremy.frasier@beta.dhs.gov>
Date: Thu, 22 Mar 2018 14:40:59 -0400
Subject: [PATCH 1/2] Making the PSL cache read-only when running in AWS Lambda

---
 scanners/trustymail.py | 21 ++++++++++++++++-----
 1 file changed, 16 insertions(+), 5 deletions(-)

diff --git a/scanners/trustymail.py b/scanners/trustymail.py
index 38dbd407..afe68847 100644
--- a/scanners/trustymail.py
+++ b/scanners/trustymail.py
@@ -1,12 +1,8 @@
 import logging
 
-import trustymail.trustymail as tmail
-import trustymail
-# Monkey patching trustymail to make it cache the PSL where we want
-trustymail.PublicSuffixListFilename = 'cache/public-suffix-list.txt'
-
 ###
 # Inspect a site's DNS Mail configuration using DHS NCATS' trustymail tool.
+###
 
 # default to a long timeout
 default_timeout = 30
@@ -60,6 +56,21 @@ def scan(domain, environment, options):
         'dmarc': options.get('dmarc', False)
     }
 
+    import trustymail.trustymail as tmail
+    import trustymail
+    if environment['scan_method'] == 'local':
+        # Local scanning
+        #
+        # Monkey patching trustymail to make it cache the PSL where we want
+        trustymail.PublicSuffixListFilename = 'cache/public-suffix-list.txt'
+    else:
+        # Lambda scanning
+        #
+        # Monkey patching trustymail to make it cache the PSL where we want
+        trustymail.PublicSuffixListFilename = './public-suffix-list.txt'
+        # Monkey patching trustymail to make the PSL cache read-only
+        trustymail.PublicSuffixListReadOnly = True
+
     data = tmail.scan(domain, timeout, smtp_timeout, smtp_localhost, smtp_ports, smtp_cache, scan_types, dns_hostnames).generate_results()
 
     if not data:

From 37687cf4d17e4e16c2eed39f884876cecaacf94f Mon Sep 17 00:00:00 2001
From: Shane Frasier <jeremy.frasier@beta.dhs.gov>
Date: Thu, 22 Mar 2018 16:17:50 -0400
Subject: [PATCH 2/2] Changing the order of the trustymail imports.

The changes to trustymail don't take effect they are made after
trustymail.trustymail is imported.
---
 scanners/trustymail.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/scanners/trustymail.py b/scanners/trustymail.py
index afe68847..11375200 100644
--- a/scanners/trustymail.py
+++ b/scanners/trustymail.py
@@ -56,7 +56,6 @@ def scan(domain, environment, options):
         'dmarc': options.get('dmarc', False)
     }
 
-    import trustymail.trustymail as tmail
     import trustymail
     if environment['scan_method'] == 'local':
         # Local scanning
@@ -70,6 +69,7 @@ def scan(domain, environment, options):
         trustymail.PublicSuffixListFilename = './public-suffix-list.txt'
         # Monkey patching trustymail to make the PSL cache read-only
         trustymail.PublicSuffixListReadOnly = True
+    import trustymail.trustymail as tmail
 
     data = tmail.scan(domain, timeout, smtp_timeout, smtp_localhost, smtp_ports, smtp_cache, scan_types, dns_hostnames).generate_results()