mirror of
https://github.com/chatmail/core.git
synced 2026-04-21 15:36:30 +03:00
Check DKIM Authentication-Results (#3583)
Fix #3507 Note that this is not intended for a release at this point! We first have to test whether it runs stable enough. If we want to make a release while we are not confident enough in authres-checking, then we have to disable it. BTW, most of the 3000 new lines are in `test_data/messages/dkimchecks...`, not the actual code da3a4b94 adds the results to the Message info. It currently does this by adding them to `hop_info`. Maybe we should rename `hop_info` to `extra_info` or something; this has the disadvantage that we can't rename the sql column name though. Follow-ups for this could be: - In `update_authservid_candidates()`: Implement the rest of the algorithm @hpk42 and me thought about. What's missing is remembering how sure we are that these are the right authserv-ids. Esp., when receiving a message sent from another account at the same domain, we can be quite sure that the authserv-ids in there are the ones of our email server. This will make authres-checking work with buzon.uy, disroot.org, yandex.ru, mailo.com, and riseup.net. - Think about how we present this to the user - e.g. currently the only change is that we don't accept key changes, which will mean that the small lock on the message is not shown. - And it will mean that we can fully enable AEAP, after revisiting the security implications of this, and assuming everyone (esp. @link2xt who pointed out the problems in the first place) feels comfortable with it.
This commit is contained in:
Hocuri
GitHub
@@ -0,0 +1,6 @@
|
||||
Authentication-Results: atlas106.aol.mail.ne1.yahoo.com;
|
||||
dkim=pass header.i=@buzon.uy header.s=2019;
|
||||
spf=pass smtp.mailfrom=buzon.uy;
|
||||
dmarc=pass(p=REJECT) header.from=buzon.uy;
|
||||
From: <alice@buzon.uy>
|
||||
To: <alice@aol.com>
|
||||
@@ -0,0 +1,6 @@
|
||||
Authentication-Results: atlas206.aol.mail.ne1.yahoo.com;
|
||||
dkim=unknown;
|
||||
spf=none smtp.mailfrom=delta.blinzeln.de;
|
||||
dmarc=unknown header.from=delta.blinzeln.de;
|
||||
From: <alice@delta.blinzeln.de>
|
||||
To: <alice@aol.com>
|
||||
@@ -0,0 +1,6 @@
|
||||
Authentication-Results: atlas210.aol.mail.bf1.yahoo.com;
|
||||
dkim=pass header.i=@disroot.org header.s=mail;
|
||||
spf=pass smtp.mailfrom=disroot.org;
|
||||
dmarc=pass(p=QUARANTINE) header.from=disroot.org;
|
||||
From: <alice@disroot.org>
|
||||
To: <alice@aol.com>
|
||||
@@ -0,0 +1,7 @@
|
||||
Authentication-Results: atlas105.aol.mail.ne1.yahoo.com;
|
||||
dkim=pass header.i=@fastmail.com header.s=fm2;
|
||||
dkim=pass header.i=@messagingengine.com header.s=fm2;
|
||||
spf=pass smtp.mailfrom=fastmail.com;
|
||||
dmarc=pass(p=NONE,sp=NONE) header.from=fastmail.com;
|
||||
From: <alice@fastmail.com>
|
||||
To: <alice@aol.com>
|
||||
@@ -0,0 +1,6 @@
|
||||
Authentication-Results: atlas-baseline-production.v2-mail-prod1-gq1.omega.yahoo.com;
|
||||
dkim=pass header.i=@gmail.com header.s=20210112;
|
||||
spf=pass smtp.mailfrom=gmail.com;
|
||||
dmarc=pass(p=NONE,sp=QUARANTINE) header.from=gmail.com;
|
||||
From: <alice@gmail.com>
|
||||
To: <alice@aol.com>
|
||||
@@ -0,0 +1,8 @@
|
||||
Authentication-Results: atlas112.aol.mail.bf1.yahoo.com;
|
||||
dkim=pass header.i=@hotmail.com header.s=selector1;
|
||||
spf=pass smtp.mailfrom=hotmail.com;
|
||||
dmarc=pass(p=NONE) header.from=hotmail.com;
|
||||
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;
|
||||
dkim=none; arc=none
|
||||
From: <alice@hotmail.com>
|
||||
To: <alice@aol.com>
|
||||
@@ -0,0 +1,6 @@
|
||||
Authentication-Results: atlas101.aol.mail.bf1.yahoo.com;
|
||||
dkim=pass header.i=@icloud.com header.s=1a1hai;
|
||||
spf=pass smtp.mailfrom=icloud.com;
|
||||
dmarc=pass(p=QUARANTINE,sp=QUARANTINE) header.from=icloud.com;
|
||||
From: <alice@icloud.com>
|
||||
To: <alice@aol.com>
|
||||
@@ -0,0 +1,6 @@
|
||||
Authentication-Results: atlas-production.v2-mail-prod1-gq1.omega.yahoo.com;
|
||||
dkim=pass header.i=@ik.me header.s=20200325;
|
||||
spf=pass smtp.mailfrom=ik.me;
|
||||
dmarc=pass(p=REJECT) header.from=ik.me;
|
||||
From: <alice@ik.me>
|
||||
To: <alice@aol.com>
|
||||
@@ -0,0 +1,6 @@
|
||||
Authentication-Results: atlas104.aol.mail.bf1.yahoo.com;
|
||||
dkim=pass header.i=@mail.ru header.s=mail4;
|
||||
spf=pass smtp.mailfrom=mail.ru;
|
||||
dmarc=pass(p=REJECT) header.from=mail.ru;
|
||||
From: <alice@mail.ru>
|
||||
To: <alice@aol.com>
|
||||
@@ -0,0 +1,6 @@
|
||||
Authentication-Results: atlas211.aol.mail.bf1.yahoo.com;
|
||||
dkim=pass header.i=@mailo.com header.s=mailo;
|
||||
spf=pass smtp.mailfrom=mailo.com;
|
||||
dmarc=pass(p=NONE) header.from=mailo.com;
|
||||
From: <alice@mailo.com>
|
||||
To: <alice@aol.com>
|
||||
@@ -0,0 +1,8 @@
|
||||
Authentication-Results: atlas-production.v2-mail-prod1-gq1.omega.yahoo.com;
|
||||
dkim=pass header.i=@outlook.com header.s=selector1;
|
||||
spf=pass smtp.mailfrom=outlook.com;
|
||||
dmarc=pass(p=NONE,sp=QUARANTINE) header.from=outlook.com;
|
||||
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;
|
||||
dkim=none; arc=none
|
||||
From: <alice@outlook.com>
|
||||
To: <alice@aol.com>
|
||||
@@ -0,0 +1,6 @@
|
||||
Authentication-Results: atlas-production.v2-mail-prod1-gq1.omega.yahoo.com;
|
||||
dkim=pass header.i=@posteo.de header.s=2017;
|
||||
spf=pass smtp.mailfrom=posteo.de;
|
||||
dmarc=pass(p=NONE) header.from=posteo.de;
|
||||
From: <alice@posteo.de>
|
||||
To: <alice@aol.com>
|
||||
@@ -0,0 +1,6 @@
|
||||
Authentication-Results: atlas114.aol.mail.bf1.yahoo.com;
|
||||
dkim=pass header.i=@yandex.ru header.s=mail;
|
||||
spf=pass smtp.mailfrom=yandex.ru;
|
||||
dmarc=pass(p=NONE) header.from=yandex.ru;
|
||||
From: <alice@yandex.ru>
|
||||
To: <alice@aol.com>
|
||||
@@ -0,0 +1,6 @@
|
||||
Authentication-Results: atlas206.aol.mail.ne1.yahoo.com;
|
||||
dkim=unknown;
|
||||
spf=none smtp.mailfrom=delta.blinzeln.de;
|
||||
dmarc=unknown header.from=delta.blinzeln.de;
|
||||
From: forged-authres-added@example.com
|
||||
Authentication-Results: aaa.com; dkim=pass header.i=@example.com
|
||||
Reference in New Issue
Block a user