dmarc

package
v0.5.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 9, 2021 License: GPL-3.0 Imports: 14 Imported by: 0

Documentation

Index

Constants

View Source
const (
	PolicyNone       = dmarc.PolicyNone
	PolicyReject     = dmarc.PolicyReject
	PolicyQuarantine = dmarc.PolicyQuarantine
)

Variables

This section is empty.

Functions

func ExtractFromDomain

func ExtractFromDomain(hdr textproto.Header) (string, error)

Types

type AlignmentMode

type AlignmentMode = dmarc.AlignmentMode

type EvalResult

type EvalResult struct {
	// The Authentication-Results field generated as a result of the DMARC
	// check.
	Authres authres.DMARCResult

	// The Authentication-Results field for SPF that was considered during
	// alignment check. May be empty.
	SPFResult authres.SPFResult

	// Whether HELO or MAIL FROM match the RFC5322.From domain.
	SPFAligned bool

	// The Authentication-Results field for the DKIM signature that is aligned,
	// if no signatures are aligned - this field contains the result for the
	// first signature. May be empty.
	DKIMResult authres.DKIMResult

	// Whether there is a DKIM signature with the d= field matching the
	// RFC5322.From domain.
	DKIMAligned bool
}

func EvaluateAlignment

func EvaluateAlignment(fromDomain string, record *Record, results []authres.Result) EvalResult

EvaluateAlignment checks whether identifiers authenticated by SPF and DKIM are in alignment with the RFC5322.Domain.

It returns EvalResult which contains the Authres field with the actual check result and a bunch of other trace information that can be useful for troubleshooting (and also report generation).

type FailureOptions

type FailureOptions = dmarc.FailureOptions

type Policy

type Policy = dmarc.Policy

type Record

type Record = dmarc.Record

func FetchRecord

func FetchRecord(ctx context.Context, r Resolver, fromDomain string) (policyDomain string, rec *Record, err error)

FetchRecord looks up the DMARC record relevant for the RFC5322.From domain. It returns the record and the domain it was found with (may not be equal to the RFC5322.From domain).

type Resolver

type Resolver interface {
	LookupTXT(context.Context, string) ([]string, error)
}

type Verifier

type Verifier struct {
	// contains filtered or unexported fields
}

Verifier is the structure that wraps all state necessary to verify a single message using DMARC checks.

It cannot be reused.

func NewVerifier

func NewVerifier(r Resolver) *Verifier

func (*Verifier) Apply

func (v *Verifier) Apply(authRes []authres.Result) (EvalResult, Policy)

Apply actually performs all actions necessary to apply a DMARC policy to the message.

The authRes slice should contain results for DKIM and SPF checks. FetchRecord should be caled before calling this function.

It returns the Authentication-Result field to be included in the message (as a part of the EvalResult struct) and the appropriate action that should be taken by the MTA. In case of PolicyReject, caller should inspect the Result.Value to determine whether to use a temporary or permanent error code as Apply implements the 'fail closed' strategy for handling of temporary errors.

Additionally, it relies on the math/rand default source to be initialized to determine whether to apply a policy with the pct key.

func (*Verifier) Close

func (v *Verifier) Close() error

func (*Verifier) FetchRecord

func (v *Verifier) FetchRecord(ctx context.Context, header textproto.Header)

FetchRecord prepares the Verifier by starting the policy lookup. Lookup is performed asynchronously to improve performance.

If panic occurs in the lookup goroutine - call to Apply will panic.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL