mirror of
https://github.com/chatmail/core.git
synced 2026-04-18 05:56:31 +03:00
b1c6c40fa7
Fix #3507 Note that this is not intended for a release at this point! We first have to test whether it runs stable enough. If we want to make a release while we are not confident enough in authres-checking, then we have to disable it. BTW, most of the 3000 new lines are in `test_data/messages/dkimchecks...`, not the actual code da3a4b94 adds the results to the Message info. It currently does this by adding them to `hop_info`. Maybe we should rename `hop_info` to `extra_info` or something; this has the disadvantage that we can't rename the sql column name though. Follow-ups for this could be: - In `update_authservid_candidates()`: Implement the rest of the algorithm @hpk42 and me thought about. What's missing is remembering how sure we are that these are the right authserv-ids. Esp., when receiving a message sent from another account at the same domain, we can be quite sure that the authserv-ids in there are the ones of our email server. This will make authres-checking work with buzon.uy, disroot.org, yandex.ru, mailo.com, and riseup.net. - Think about how we present this to the user - e.g. currently the only change is that we don't accept key changes, which will mean that the small lock on the message is not shown. - And it will mean that we can fully enable AEAP, after revisiting the security implications of this, and assuming everyone (esp. @link2xt who pointed out the problems in the first place) feels comfortable with it.
48 lines
2.3 KiB
Plaintext
48 lines
2.3 KiB
Plaintext
ARC-Authentication-Results: i=2; mx3.messagingengine.com;
|
|
x-csa=none;
|
|
x-me-sender=none;
|
|
x-ptr=fail smtp.helo=EUR01-VE1-obe.outbound.protection.outlook.com
|
|
policy.ptr=mail-oln040092066024.outbound.protection.outlook.com;
|
|
bimi=skipped (DMARC Policy is not at enforcement);
|
|
arc=pass (as.1.microsoft.com=pass, ams.1.microsoft.com=pass)
|
|
smtp.remote-ip=40.92.66.24;
|
|
dkim=pass (2048-bit rsa key sha256) header.d=outlook.com
|
|
header.i=@outlook.com header.b=Qx1vn7vt header.a=rsa-sha256
|
|
header.s=selector1 x-bits=2048;
|
|
dmarc=pass policy.published-domain-policy=none
|
|
policy.published-subdomain-policy=quarantine
|
|
policy.applied-disposition=none policy.evaluated-disposition=none
|
|
(p=none,sp=quarantine,d=none,d.eval=none) policy.policy-from=p
|
|
header.from=outlook.com;
|
|
iprev=pass smtp.remote-ip=40.92.66.24
|
|
(mail-oln040092066024.outbound.protection.outlook.com);
|
|
spf=pass smtp.mailfrom=alice@outlook.com
|
|
smtp.helo=EUR01-VE1-obe.outbound.protection.outlook.com
|
|
Authentication-Results: mx3.messagingengine.com;
|
|
x-csa=none;
|
|
x-me-sender=none;
|
|
x-ptr=fail smtp.helo=EUR01-VE1-obe.outbound.protection.outlook.com
|
|
policy.ptr=mail-oln040092066024.outbound.protection.outlook.com
|
|
Authentication-Results: mx3.messagingengine.com;
|
|
bimi=skipped (DMARC Policy is not at enforcement)
|
|
Authentication-Results: mx3.messagingengine.com;
|
|
arc=pass (as.1.microsoft.com=pass, ams.1.microsoft.com=pass)
|
|
smtp.remote-ip=40.92.66.24
|
|
Authentication-Results: mx3.messagingengine.com;
|
|
dkim=pass (2048-bit rsa key sha256) header.d=outlook.com
|
|
header.i=@outlook.com header.b=Qx1vn7vt header.a=rsa-sha256
|
|
header.s=selector1 x-bits=2048;
|
|
dmarc=pass policy.published-domain-policy=none
|
|
policy.published-subdomain-policy=quarantine
|
|
policy.applied-disposition=none policy.evaluated-disposition=none
|
|
(p=none,sp=quarantine,d=none,d.eval=none) policy.policy-from=p
|
|
header.from=outlook.com;
|
|
iprev=pass smtp.remote-ip=40.92.66.24
|
|
(mail-oln040092066024.outbound.protection.outlook.com);
|
|
spf=pass smtp.mailfrom=alice@outlook.com
|
|
smtp.helo=EUR01-VE1-obe.outbound.protection.outlook.com
|
|
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;
|
|
dkim=none; arc=none
|
|
From: <alice@outlook.com>
|
|
To: <alice@fastmail.com>
|