diff --git a/.drone-manifest.yml b/.drone-manifest.yml deleted file mode 100644 index 280a8f9..0000000 --- a/.drone-manifest.yml +++ /dev/null @@ -1,22 +0,0 @@ -image: happydomain/checker-email-autoconfig:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}latest{{/if}} -{{#if build.tags}} -tags: -{{#each build.tags}} - - {{this}} -{{/each}} -{{/if}} -manifests: - - image: happydomain/checker-email-autoconfig:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-amd64 - platform: - architecture: amd64 - os: linux - - image: happydomain/checker-email-autoconfig:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-arm64 - platform: - architecture: arm64 - os: linux - variant: v8 - - image: happydomain/checker-email-autoconfig:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-arm - platform: - architecture: arm - os: linux - variant: v7 diff --git a/.drone.yml b/.drone.yml deleted file mode 100644 index ef120e3..0000000 --- a/.drone.yml +++ /dev/null @@ -1,187 +0,0 @@ ---- -kind: pipeline -type: docker -name: build-amd64 - -platform: - os: linux - arch: amd64 - -steps: - - name: checker build - image: golang:1-alpine - commands: - - apk add --no-cache git make - - make - environment: - CHECKER_VERSION: "${DRONE_BRANCH}-${DRONE_COMMIT}" - CGO_ENABLED: 0 - when: - event: - exclude: - - tag - - - name: checker build tag - image: golang:1-alpine - commands: - - apk add --no-cache git make - - make - environment: - CHECKER_VERSION: "${DRONE_SEMVER}" - CGO_ENABLED: 0 - when: - event: - - tag - - - name: publish on Docker Hub - image: plugins/docker - settings: - repo: happydomain/checker-email-autoconfig - auto_tag: true - auto_tag_suffix: ${DRONE_STAGE_OS}-${DRONE_STAGE_ARCH} - dockerfile: Dockerfile - build_args: - - CHECKER_VERSION=${DRONE_BRANCH}-${DRONE_COMMIT} - username: - from_secret: docker_username - password: - from_secret: docker_password - when: - event: - exclude: - - tag - - - name: publish on Docker Hub (tag) - image: plugins/docker - settings: - repo: happydomain/checker-email-autoconfig - auto_tag: true - auto_tag_suffix: ${DRONE_STAGE_OS}-${DRONE_STAGE_ARCH} - dockerfile: Dockerfile - build_args: - - CHECKER_VERSION=${DRONE_SEMVER} - username: - from_secret: docker_username - password: - from_secret: docker_password - when: - event: - - tag - -trigger: - branch: - exclude: - - renovate/* - event: - - cron - - push - - tag - ---- -kind: pipeline -type: docker -name: build-arm64 - -platform: - os: linux - arch: arm64 - -steps: - - name: checker build - image: golang:1-alpine - commands: - - apk add --no-cache git make - - make - environment: - CHECKER_VERSION: "${DRONE_BRANCH}-${DRONE_COMMIT}" - CGO_ENABLED: 0 - when: - event: - exclude: - - tag - - - name: checker build tag - image: golang:1-alpine - commands: - - apk add --no-cache git make - - make - environment: - CHECKER_VERSION: "${DRONE_SEMVER}" - CGO_ENABLED: 0 - when: - event: - - tag - - - name: publish on Docker Hub - image: plugins/docker - settings: - repo: happydomain/checker-email-autoconfig - auto_tag: true - auto_tag_suffix: ${DRONE_STAGE_OS}-${DRONE_STAGE_ARCH} - dockerfile: Dockerfile - build_args: - - CHECKER_VERSION=${DRONE_BRANCH}-${DRONE_COMMIT} - username: - from_secret: docker_username - password: - from_secret: docker_password - when: - event: - exclude: - - tag - - - name: publish on Docker Hub (tag) - image: plugins/docker - settings: - repo: happydomain/checker-email-autoconfig - auto_tag: true - auto_tag_suffix: ${DRONE_STAGE_OS}-${DRONE_STAGE_ARCH} - dockerfile: Dockerfile - build_args: - - CHECKER_VERSION=${DRONE_SEMVER} - username: - from_secret: docker_username - password: - from_secret: docker_password - when: - event: - - tag - -trigger: - event: - - cron - - push - - tag - ---- -kind: pipeline -name: docker-manifest - -platform: - os: linux - arch: arm64 - -steps: - - name: publish on Docker Hub - image: plugins/manifest - settings: - auto_tag: true - ignore_missing: true - spec: .drone-manifest.yml - username: - from_secret: docker_username - password: - from_secret: docker_password - -trigger: - branch: - exclude: - - renovate/* - event: - - cron - - push - - tag - -depends_on: - - build-amd64 - - build-arm64 diff --git a/README.md b/README.md index 2a1bfb6..1c37f7d 100644 --- a/README.md +++ b/README.md @@ -20,17 +20,17 @@ The checker parses every response, cross-checks the servers advertised by the different sources, and produces a rich HTML report with **paste-ready remediation snippets** for the most common failure modes. -## Rules +## Rules produced -| Code | Description | Severity | -|-----------------------------------|--------------------------------------------------------------------------------------------------------------|---------------------| -| `autoconfig_presence` | Checks that at least one email-autoconfiguration discovery method answers for the domain. | CRITICAL | -| `autoconfig_preferred_endpoint` | Checks that `https://autoconfig./mail/config-v1.1.xml` is reachable and serves a valid clientConfig. | WARNING | -| `autoconfig_tls` | Checks that autoconfig endpoints are served over HTTPS with a valid TLS certificate. | CRITICAL | -| `autoconfig_server_encryption` | Checks that servers advertised by autoconfig use SSL or STARTTLS and a non-cleartext auth method. | CRITICAL | -| `autoconfig_consistency` | Cross-checks hostnames and ports reported by autoconfig, Autodiscover and SRV records. | WARNING | -| `autoconfig_srv_records` | Checks that RFC 6186 SRV records (`_imaps._tcp`, `_submissions._tcp`, ...) complement the autoconfig XML. | WARNING | -| `autoconfig_autodiscover` | Reports whether Microsoft Autodiscover (POX) responds on the domain. | WARNING | +| Rule | What it checks | +|---------------------------------------|----------------------------------------------------------------------| +| `autoconfig_presence` | At least one discovery method serves a valid clientConfig. | +| `autoconfig_preferred_endpoint` | `autoconfig.` (Thunderbird's first try) is reachable. | +| `autoconfig_tls` | HTTPS is mandatory and certificates validate. | +| `autoconfig_server_encryption` | Advertised IMAP/SMTP servers use SSL/STARTTLS, not plaintext. | +| `autoconfig_consistency` | clientConfig claims the queried domain and agrees with SRV. | +| `autoconfig_srv_records` | RFC 6186 SRV records cover incoming + submission. | +| `autoconfig_autodiscover` | Microsoft Autodiscover responds (informational). | ## Common failure modes the HTML report addresses diff --git a/checker/definition.go b/checker/definition.go index 81ada06..06094aa 100644 --- a/checker/definition.go +++ b/checker/definition.go @@ -15,11 +15,7 @@ func (p *autoconfigProvider) Definition() *sdk.CheckerDefinition { Name: "Email Autoconfiguration", Version: Version, Availability: sdk.CheckerAvailability{ - ApplyToService: true, - LimitToServices: []string{ - "abstract.EmailAutoConfig", - "abstract.RFC6186", - }, + ApplyToDomain: true, }, ObservationKeys: []sdk.ObservationKey{ObservationKeyAutoconfig}, HasHTMLReport: true, diff --git a/go.mod b/go.mod index 1dd213a..b42daba 100644 --- a/go.mod +++ b/go.mod @@ -1,4 +1,4 @@ -module git.happydns.org/checker-email-autoconfig +module git.happydns.org/checker-autoconfig go 1.25.0 diff --git a/main.go b/main.go index 1e8ef10..42419ed 100644 --- a/main.go +++ b/main.go @@ -4,7 +4,7 @@ import ( "flag" "log" - autoconfig "git.happydns.org/checker-email-autoconfig/checker" + autoconfig "git.happydns.org/checker-autoconfig/checker" "git.happydns.org/checker-sdk-go/checker/server" ) diff --git a/plugin/plugin.go b/plugin/plugin.go index b86b545..dc7f370 100644 --- a/plugin/plugin.go +++ b/plugin/plugin.go @@ -5,7 +5,7 @@ package main import ( - autoconfig "git.happydns.org/checker-email-autoconfig/checker" + autoconfig "git.happydns.org/checker-autoconfig/checker" sdk "git.happydns.org/checker-sdk-go/checker" )