Mirrors/chatmail-core
1
0
Fork 0
mirror of https://github.com/chatmail/core.git synced 2026-05-24 17:26:30 +03:00
Code Issues Packages Projects Releases Wiki Activity

Check DKIM Authentication-Results (#3583)

Browse Source 
Fix #3507

Note that this is not intended for a release at this point! We first have to test whether it runs stable enough. If we want to make a release while we are not confident enough in authres-checking, then we have to disable it.

BTW, most of the 3000 new lines are in `test_data/messages/dkimchecks...`, not the actual code

da3a4b94 adds the results to the Message info. It currently does this by adding them to `hop_info`. Maybe we should rename `hop_info` to `extra_info` or something; this has the disadvantage that we can't rename the sql column name though.

Follow-ups for this could be:
- In `update_authservid_candidates()`: Implement the rest of the algorithm @hpk42 and me thought about. What's missing is remembering how sure we are that these are the right authserv-ids. Esp., when receiving a message sent from another account at the same domain, we can be quite sure that the authserv-ids in there are the ones of our email server. This will make authres-checking work with buzon.uy, disroot.org, yandex.ru, mailo.com, and riseup.net.
- Think about how we present this to the user - e.g. currently the only change is that we don't accept key changes, which will mean that the small lock on the message is not shown.
- And it will mean that we can fully enable AEAP, after revisiting the security implications of this, and assuming everyone (esp. @link2xt who pointed out the problems in the first place) feels comfortable with it.
This commit is contained in:
Hocuri
2022-10-28 12:15:37 +02:00
committed by GitHub
parent d8bc3769a5
commit b1c6c40fa7
326 changed files with 3304 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
test-data/message/dkimchecks-2022-09-28/alice@zohomail.eu/alice@aol.com Normal file
View File

@@ -0,0 +1,10 @@
Authentication-Results: mx.zohomail.eu;
dkim=pass;
spf=pass (zohomail.eu: domain of aol.com designates 77.238.177.146 as permitted sender) smtp.mailfrom=alice@aol.com;
dmarc=pass(p=reject dis=none) header.from=aol.com
ARC-Authentication-Results: i=1; mx.zohomail.eu;
dkim=pass;
spf=pass (zohomail.eu: domain of aol.com designates 77.238.177.146 as permitted sender) smtp.mailfrom=alice@aol.com;
dmarc=pass header.from=<alice@aol.com> (p=reject dis=none)
From: <alice@aol.com>
To: <alice@zohomail.eu>

10
test-data/message/dkimchecks-2022-09-28/alice@zohomail.eu/alice@buzon.uy Normal file
View File

@@ -0,0 +1,10 @@
Authentication-Results: mx.zohomail.eu;
dkim=pass;
spf=pass (zohomail.eu: domain of buzon.uy designates 185.101.93.79 as permitted sender) smtp.mailfrom=alice@buzon.uy;
dmarc=pass(p=reject dis=none) header.from=buzon.uy
ARC-Authentication-Results: i=1; mx.zohomail.eu;
dkim=pass;
spf=pass (zohomail.eu: domain of buzon.uy designates 185.101.93.79 as permitted sender) smtp.mailfrom=alice@buzon.uy;
dmarc=pass header.from=<alice@buzon.uy> (p=reject dis=none)
From: <alice@buzon.uy>
To: <alice@zohomail.eu>

5
test-data/message/dkimchecks-2022-09-28/alice@zohomail.eu/alice@delta.blinzeln.de Normal file
View File

@@ -0,0 +1,5 @@
Authentication-Results: mx.zohomail.eu;
spf=none (zohomail.eu: 192.162.87.206 is neither permitted nor denied by domain of delta.blinzeln.de) smtp.mailfrom=alice@delta.blinzeln.de
From: <alice@delta.blinzeln.de>
To: <alice@zohomail.eu>
Authentication-Results: secure-mailgate.com; auth=pass smtp.auth=91.203.111.88@webbox222.server-home.org

10
test-data/message/dkimchecks-2022-09-28/alice@zohomail.eu/alice@disroot.org Normal file
View File

@@ -0,0 +1,10 @@
Authentication-Results: mx.zohomail.eu;
dkim=pass;
spf=pass (zohomail.eu: domain of disroot.org designates 178.21.23.139 as permitted sender) smtp.mailfrom=alice@disroot.org;
dmarc=pass(p=quarantine dis=none) header.from=disroot.org
ARC-Authentication-Results: i=1; mx.zohomail.eu;
dkim=pass;
spf=pass (zohomail.eu: domain of disroot.org designates 178.21.23.139 as permitted sender) smtp.mailfrom=alice@disroot.org;
dmarc=pass header.from=<alice@disroot.org> (p=quarantine dis=none)
From: <alice@disroot.org>
To: <alice@zohomail.eu>

10
test-data/message/dkimchecks-2022-09-28/alice@zohomail.eu/alice@fastmail.com Normal file
View File

@@ -0,0 +1,10 @@
Authentication-Results: mx.zohomail.eu;
dkim=pass;
spf=pass (zohomail.eu: domain of fastmail.com designates 66.111.4.28 as permitted sender) smtp.mailfrom=alice@fastmail.com;
dmarc=pass(p=none dis=none) header.from=fastmail.com
ARC-Authentication-Results: i=1; mx.zohomail.eu;
dkim=pass;
spf=pass (zohomail.eu: domain of fastmail.com designates 66.111.4.28 as permitted sender) smtp.mailfrom=alice@fastmail.com;
dmarc=pass header.from=<alice@fastmail.com> (p=none dis=none)
From: <alice@fastmail.com>
To: <alice@zohomail.eu>

10
test-data/message/dkimchecks-2022-09-28/alice@zohomail.eu/alice@gmail.com Normal file
View File

@@ -0,0 +1,10 @@
Authentication-Results: mx.zohomail.eu;
dkim=pass;
spf=pass (zohomail.eu: domain of _spf.google.com designates 209.85.221.68 as permitted sender) smtp.mailfrom=alice@gmail.com;
dmarc=pass(p=none dis=none) header.from=gmail.com
ARC-Authentication-Results: i=1; mx.zohomail.eu;
dkim=pass;
spf=pass (zohomail.eu: domain of _spf.google.com designates 209.85.221.68 as permitted sender) smtp.mailfrom=alice@gmail.com;
dmarc=pass header.from=<alice@gmail.com> (p=none dis=none)
From: <alice@gmail.com>
To: <alice@zohomail.eu>

14
test-data/message/dkimchecks-2022-09-28/alice@zohomail.eu/alice@hotmail.com Normal file
View File

@@ -0,0 +1,14 @@
Authentication-Results: mx.zohomail.eu;
dkim=pass;
spf=pass (zohomail.eu: domain of hotmail.com designates 40.92.89.94 as permitted sender) smtp.mailfrom=alice@hotmail.com;
arc=pass (i=1 dmarc=pass fromdomain=hotmail.com);
dmarc=pass(p=none dis=none) header.from=hotmail.com
ARC-Authentication-Results: i=2; mx.zohomail.eu;
dkim=pass;
spf=pass (zohomail.eu: domain of hotmail.com designates 40.92.89.94 as permitted sender) smtp.mailfrom=alice@hotmail.com;
arc=pass (i=1 dmarc=pass fromdomain=hotmail.com);
dmarc=pass header.from=<alice@hotmail.com> (p=none dis=none)
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;
dkim=none; arc=none
From: <alice@hotmail.com>
To: <alice@zohomail.eu>

10
test-data/message/dkimchecks-2022-09-28/alice@zohomail.eu/alice@icloud.com Normal file
View File

@@ -0,0 +1,10 @@
Authentication-Results: mx.zohomail.eu;
dkim=pass;
spf=pass (zohomail.eu: domain of icloud.com designates 17.57.155.16 as permitted sender) smtp.mailfrom=alice@icloud.com;
dmarc=pass(p=quarantine dis=none) header.from=icloud.com
ARC-Authentication-Results: i=1; mx.zohomail.eu;
dkim=pass;
spf=pass (zohomail.eu: domain of icloud.com designates 17.57.155.16 as permitted sender) smtp.mailfrom=alice@icloud.com;
dmarc=pass header.from=<alice@icloud.com> (p=quarantine dis=none)
From: <alice@icloud.com>
To: <alice@zohomail.eu>

10
test-data/message/dkimchecks-2022-09-28/alice@zohomail.eu/alice@ik.me Normal file
View File

@@ -0,0 +1,10 @@
Authentication-Results: mx.zohomail.eu;
dkim=pass;
spf=pass (zohomail.eu: domain of ik.me designates 84.16.66.168 as permitted sender) smtp.mailfrom=alice@ik.me;
dmarc=pass(p=reject dis=none) header.from=ik.me
ARC-Authentication-Results: i=1; mx.zohomail.eu;
dkim=pass;
spf=pass (zohomail.eu: domain of ik.me designates 84.16.66.168 as permitted sender) smtp.mailfrom=alice@ik.me;
dmarc=pass header.from=<alice@ik.me> (p=reject dis=none)
From: <alice@ik.me>
To: <alice@zohomail.eu>

10
test-data/message/dkimchecks-2022-09-28/alice@zohomail.eu/alice@mail.de Normal file
View File

@@ -0,0 +1,10 @@
Authentication-Results: mx.zohomail.eu;
dkim=pass;
spf=pass (zohomail.eu: domain of mail.de designates 62.201.172.25 as permitted sender) smtp.mailfrom=alice@mail.de;
dmarc=pass(p=none dis=none) header.from=mail.de
ARC-Authentication-Results: i=1; mx.zohomail.eu;
dkim=pass;
spf=pass (zohomail.eu: domain of mail.de designates 62.201.172.25 as permitted sender) smtp.mailfrom=alice@mail.de;
dmarc=pass header.from=<alice@mail.de> (p=none dis=none)
From: <alice@mail.de>
To: <alice@zohomail.eu>

11
test-data/message/dkimchecks-2022-09-28/alice@zohomail.eu/alice@mail.ru Normal file
View File

@@ -0,0 +1,11 @@
Authentication-Results: mx.zohomail.eu;
dkim=pass;
spf=pass (zohomail.eu: domain of _spf.mail.ru designates 94.100.181.251 as permitted sender) smtp.mailfrom=alice@mail.ru;
dmarc=pass(p=reject dis=none) header.from=mail.ru
ARC-Authentication-Results: i=1; mx.zohomail.eu;
dkim=pass;
spf=pass (zohomail.eu: domain of _spf.mail.ru designates 94.100.181.251 as permitted sender) smtp.mailfrom=alice@mail.ru;
dmarc=pass header.from=<alice@mail.ru> (p=reject dis=none)
From: <alice@mail.ru>
To: <alice@zohomail.eu>
Authentication-Results: smtpng1.m.smailru.net; auth=pass smtp.auth=alice@mail.ru smtp.mailfrom=alice@mail.ru

10
test-data/message/dkimchecks-2022-09-28/alice@zohomail.eu/alice@mailo.com Normal file
View File

@@ -0,0 +1,10 @@
Authentication-Results: mx.zohomail.eu;
dkim=pass;
spf=pass (zohomail.eu: domain of mailo.com designates 213.182.54.11 as permitted sender) smtp.mailfrom=alice@mailo.com;
dmarc=pass(p=none dis=none) header.from=mailo.com
ARC-Authentication-Results: i=1; mx.zohomail.eu;
dkim=pass;
spf=pass (zohomail.eu: domain of mailo.com designates 213.182.54.11 as permitted sender) smtp.mailfrom=alice@mailo.com;
dmarc=pass header.from=<alice@mailo.com> (p=none dis=none)
From: <alice@mailo.com>
To: <alice@zohomail.eu>

14
test-data/message/dkimchecks-2022-09-28/alice@zohomail.eu/alice@outlook.com Normal file
View File

@@ -0,0 +1,14 @@
Authentication-Results: mx.zohomail.eu;
dkim=pass;
spf=pass (zohomail.eu: domain of outlook.com designates 40.92.58.104 as permitted sender) smtp.mailfrom=alice@outlook.com;
arc=pass (i=1 dmarc=pass fromdomain=outlook.com);
dmarc=pass(p=none dis=none) header.from=outlook.com
ARC-Authentication-Results: i=2; mx.zohomail.eu;
dkim=pass;
spf=pass (zohomail.eu: domain of outlook.com designates 40.92.58.104 as permitted sender) smtp.mailfrom=alice@outlook.com;
arc=pass (i=1 dmarc=pass fromdomain=outlook.com);
dmarc=pass header.from=<alice@outlook.com> (p=none dis=none)
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;
dkim=none; arc=none
From: <alice@outlook.com>
To: <alice@zohomail.eu>

10
test-data/message/dkimchecks-2022-09-28/alice@zohomail.eu/alice@posteo.de Normal file
View File

@@ -0,0 +1,10 @@
Authentication-Results: mx.zohomail.eu;
dkim=pass;
spf=pass (zohomail.eu: domain of posteo.de designates 185.67.36.65 as permitted sender) smtp.mailfrom=alice@posteo.de;
dmarc=pass(p=none dis=none) header.from=posteo.de
ARC-Authentication-Results: i=1; mx.zohomail.eu;
dkim=pass;
spf=pass (zohomail.eu: domain of posteo.de designates 185.67.36.65 as permitted sender) smtp.mailfrom=alice@posteo.de;
dmarc=pass header.from=<alice@posteo.de> (p=none dis=none)
From: <alice@posteo.de>
To: <alice@zohomail.eu>

10
test-data/message/dkimchecks-2022-09-28/alice@zohomail.eu/alice@riseup.net Normal file
View File

@@ -0,0 +1,10 @@
Authentication-Results: mx.zohomail.eu;
dkim=pass;
spf=pass (zohomail.eu: domain of riseup.net designates 198.252.153.129 as permitted sender) smtp.mailfrom=alice@riseup.net;
dmarc=pass(p=none dis=none) header.from=riseup.net
ARC-Authentication-Results: i=1; mx.zohomail.eu;
dkim=pass;
spf=pass (zohomail.eu: domain of riseup.net designates 198.252.153.129 as permitted sender) smtp.mailfrom=alice@riseup.net;
dmarc=pass header.from=<alice@riseup.net> (p=none dis=none)
From: <alice@riseup.net>
To: <alice@zohomail.eu>

10
test-data/message/dkimchecks-2022-09-28/alice@zohomail.eu/alice@yahoo.com Normal file
View File

@@ -0,0 +1,10 @@
Authentication-Results: mx.zohomail.eu;
dkim=pass;
spf=pass (zohomail.eu: domain of _spf.mail.yahoo.com designates 77.238.177.32 as permitted sender) smtp.mailfrom=alice@yahoo.com;
dmarc=pass(p=reject dis=none) header.from=yahoo.com
ARC-Authentication-Results: i=1; mx.zohomail.eu;
dkim=pass;
spf=pass (zohomail.eu: domain of _spf.mail.yahoo.com designates 77.238.177.32 as permitted sender) smtp.mailfrom=alice@yahoo.com;
dmarc=pass header.from=<alice@yahoo.com> (p=reject dis=none)
From: <alice@yahoo.com>
To: <alice@zohomail.eu>

11
test-data/message/dkimchecks-2022-09-28/alice@zohomail.eu/alice@yandex.ru Normal file
View File

@@ -0,0 +1,11 @@
Authentication-Results: mx.zohomail.eu;
dkim=pass;
spf=pass (zohomail.eu: domain of _spf.yandex.ru designates 37.140.190.195 as permitted sender) smtp.mailfrom=alice@yandex.ru;
dmarc=pass(p=none dis=none) header.from=yandex.ru
ARC-Authentication-Results: i=1; mx.zohomail.eu;
dkim=pass;
spf=pass (zohomail.eu: domain of _spf.yandex.ru designates 37.140.190.195 as permitted sender) smtp.mailfrom=alice@yandex.ru;
dmarc=pass header.from=<alice@yandex.ru> (p=none dis=none)
Authentication-Results: vla1-b7b6154c4cfd.qloud-c.yandex.net; dkim=pass header.i=@yandex.ru
From: <alice@yandex.ru>
To: <alice@zohomail.eu>

4
test-data/message/dkimchecks-2022-09-28/alice@zohomail.eu/forged-authres-added@example.com Normal file
View File

@@ -0,0 +1,4 @@
Authentication-Results: mx.zohomail.eu;
From: forged-authres-added@example.com
Authentication-Results: aaa.com; dkim=pass header.i=@example.com
Authentication-Results: aaa.com; dkim=pass header.i=@example.com