mirror of
https://github.com/mjl-/mox.git
synced 2024-12-26 16:33:47 +03:00
43 lines
1.2 KiB
Go
43 lines
1.2 KiB
Go
|
package smtpserver
|
||
|
|
||
|
import (
|
||
|
"context"
|
||
|
|
||
|
"github.com/mjl-/mox/dkim"
|
||
|
"github.com/mjl-/mox/dns"
|
||
|
"github.com/mjl-/mox/publicsuffix"
|
||
|
"github.com/mjl-/mox/spf"
|
||
|
"github.com/mjl-/mox/store"
|
||
|
)
|
||
|
|
||
|
// Alignment compares the msgFromDomain with the dkim and spf results, and returns
|
||
|
// a validation, one of: Strict, Relaxed, None.
|
||
|
func alignment(ctx context.Context, msgFromDomain dns.Domain, dkimResults []dkim.Result, spfStatus spf.Status, spfIdentity *dns.Domain) store.Validation {
|
||
|
var strict, relaxed bool
|
||
|
msgFromOrgDomain := publicsuffix.Lookup(ctx, msgFromDomain)
|
||
|
|
||
|
// todo: should take temperror and permerror into account.
|
||
|
for _, dr := range dkimResults {
|
||
|
if dr.Status != dkim.StatusPass || dr.Sig == nil {
|
||
|
continue
|
||
|
}
|
||
|
if dr.Sig.Domain == msgFromDomain {
|
||
|
strict = true
|
||
|
break
|
||
|
} else {
|
||
|
relaxed = relaxed || msgFromOrgDomain == publicsuffix.Lookup(ctx, dr.Sig.Domain)
|
||
|
}
|
||
|
}
|
||
|
if !strict && spfStatus == spf.StatusPass {
|
||
|
strict = msgFromDomain == *spfIdentity
|
||
|
relaxed = relaxed || msgFromOrgDomain == publicsuffix.Lookup(ctx, *spfIdentity)
|
||
|
}
|
||
|
if strict {
|
||
|
return store.ValidationStrict
|
||
|
}
|
||
|
if relaxed {
|
||
|
return store.ValidationRelaxed
|
||
|
}
|
||
|
return store.ValidationNone
|
||
|
}
|