From 5a53e7bc97460a7d9c48e93946b39d98df90d2c4 Mon Sep 17 00:00:00 2001 From: Pierre-Olivier Mercier Date: Mon, 27 Apr 2026 00:46:36 +0700 Subject: [PATCH 1/4] Rename module to checker-email-autoconfig --- go.mod | 2 +- main.go | 2 +- plugin/plugin.go | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index b42daba..1dd213a 100644 --- a/go.mod +++ b/go.mod @@ -1,4 +1,4 @@ -module git.happydns.org/checker-autoconfig +module git.happydns.org/checker-email-autoconfig go 1.25.0 diff --git a/main.go b/main.go index 42419ed..1e8ef10 100644 --- a/main.go +++ b/main.go @@ -4,7 +4,7 @@ import ( "flag" "log" - autoconfig "git.happydns.org/checker-autoconfig/checker" + autoconfig "git.happydns.org/checker-email-autoconfig/checker" "git.happydns.org/checker-sdk-go/checker/server" ) diff --git a/plugin/plugin.go b/plugin/plugin.go index dc7f370..b86b545 100644 --- a/plugin/plugin.go +++ b/plugin/plugin.go @@ -5,7 +5,7 @@ package main import ( - autoconfig "git.happydns.org/checker-autoconfig/checker" + autoconfig "git.happydns.org/checker-email-autoconfig/checker" sdk "git.happydns.org/checker-sdk-go/checker" ) From 75bd1e9986c042aaebe20d5867189380ae5f64b8 Mon Sep 17 00:00:00 2001 From: Pierre-Olivier Mercier Date: Thu, 30 Apr 2026 09:17:56 +0700 Subject: [PATCH 2/4] Update rules section --- README.md | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/README.md b/README.md index 1c37f7d..2a1bfb6 100644 --- a/README.md +++ b/README.md @@ -20,17 +20,17 @@ The checker parses every response, cross-checks the servers advertised by the different sources, and produces a rich HTML report with **paste-ready remediation snippets** for the most common failure modes. -## Rules produced +## Rules -| Rule | What it checks | -|---------------------------------------|----------------------------------------------------------------------| -| `autoconfig_presence` | At least one discovery method serves a valid clientConfig. | -| `autoconfig_preferred_endpoint` | `autoconfig.` (Thunderbird's first try) is reachable. | -| `autoconfig_tls` | HTTPS is mandatory and certificates validate. | -| `autoconfig_server_encryption` | Advertised IMAP/SMTP servers use SSL/STARTTLS, not plaintext. | -| `autoconfig_consistency` | clientConfig claims the queried domain and agrees with SRV. | -| `autoconfig_srv_records` | RFC 6186 SRV records cover incoming + submission. | -| `autoconfig_autodiscover` | Microsoft Autodiscover responds (informational). | +| Code | Description | Severity | +|-----------------------------------|--------------------------------------------------------------------------------------------------------------|---------------------| +| `autoconfig_presence` | Checks that at least one email-autoconfiguration discovery method answers for the domain. | CRITICAL | +| `autoconfig_preferred_endpoint` | Checks that `https://autoconfig./mail/config-v1.1.xml` is reachable and serves a valid clientConfig. | WARNING | +| `autoconfig_tls` | Checks that autoconfig endpoints are served over HTTPS with a valid TLS certificate. | CRITICAL | +| `autoconfig_server_encryption` | Checks that servers advertised by autoconfig use SSL or STARTTLS and a non-cleartext auth method. | CRITICAL | +| `autoconfig_consistency` | Cross-checks hostnames and ports reported by autoconfig, Autodiscover and SRV records. | WARNING | +| `autoconfig_srv_records` | Checks that RFC 6186 SRV records (`_imaps._tcp`, `_submissions._tcp`, ...) complement the autoconfig XML. | WARNING | +| `autoconfig_autodiscover` | Reports whether Microsoft Autodiscover (POX) responds on the domain. | WARNING | ## Common failure modes the HTML report addresses From a3ac9c4497dd01fc3e76407c27033ab61f742705 Mon Sep 17 00:00:00 2001 From: Pierre-Olivier Mercier Date: Sun, 10 May 2026 19:01:37 +0800 Subject: [PATCH 3/4] Add CI/CD pipeline --- .drone-manifest.yml | 22 ++++++ .drone.yml | 187 ++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 209 insertions(+) create mode 100644 .drone-manifest.yml create mode 100644 .drone.yml diff --git a/.drone-manifest.yml b/.drone-manifest.yml new file mode 100644 index 0000000..280a8f9 --- /dev/null +++ b/.drone-manifest.yml @@ -0,0 +1,22 @@ +image: happydomain/checker-email-autoconfig:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}latest{{/if}} +{{#if build.tags}} +tags: +{{#each build.tags}} + - {{this}} +{{/each}} +{{/if}} +manifests: + - image: happydomain/checker-email-autoconfig:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-amd64 + platform: + architecture: amd64 + os: linux + - image: happydomain/checker-email-autoconfig:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-arm64 + platform: + architecture: arm64 + os: linux + variant: v8 + - image: happydomain/checker-email-autoconfig:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-arm + platform: + architecture: arm + os: linux + variant: v7 diff --git a/.drone.yml b/.drone.yml new file mode 100644 index 0000000..ef120e3 --- /dev/null +++ b/.drone.yml @@ -0,0 +1,187 @@ +--- +kind: pipeline +type: docker +name: build-amd64 + +platform: + os: linux + arch: amd64 + +steps: + - name: checker build + image: golang:1-alpine + commands: + - apk add --no-cache git make + - make + environment: + CHECKER_VERSION: "${DRONE_BRANCH}-${DRONE_COMMIT}" + CGO_ENABLED: 0 + when: + event: + exclude: + - tag + + - name: checker build tag + image: golang:1-alpine + commands: + - apk add --no-cache git make + - make + environment: + CHECKER_VERSION: "${DRONE_SEMVER}" + CGO_ENABLED: 0 + when: + event: + - tag + + - name: publish on Docker Hub + image: plugins/docker + settings: + repo: happydomain/checker-email-autoconfig + auto_tag: true + auto_tag_suffix: ${DRONE_STAGE_OS}-${DRONE_STAGE_ARCH} + dockerfile: Dockerfile + build_args: + - CHECKER_VERSION=${DRONE_BRANCH}-${DRONE_COMMIT} + username: + from_secret: docker_username + password: + from_secret: docker_password + when: + event: + exclude: + - tag + + - name: publish on Docker Hub (tag) + image: plugins/docker + settings: + repo: happydomain/checker-email-autoconfig + auto_tag: true + auto_tag_suffix: ${DRONE_STAGE_OS}-${DRONE_STAGE_ARCH} + dockerfile: Dockerfile + build_args: + - CHECKER_VERSION=${DRONE_SEMVER} + username: + from_secret: docker_username + password: + from_secret: docker_password + when: + event: + - tag + +trigger: + branch: + exclude: + - renovate/* + event: + - cron + - push + - tag + +--- +kind: pipeline +type: docker +name: build-arm64 + +platform: + os: linux + arch: arm64 + +steps: + - name: checker build + image: golang:1-alpine + commands: + - apk add --no-cache git make + - make + environment: + CHECKER_VERSION: "${DRONE_BRANCH}-${DRONE_COMMIT}" + CGO_ENABLED: 0 + when: + event: + exclude: + - tag + + - name: checker build tag + image: golang:1-alpine + commands: + - apk add --no-cache git make + - make + environment: + CHECKER_VERSION: "${DRONE_SEMVER}" + CGO_ENABLED: 0 + when: + event: + - tag + + - name: publish on Docker Hub + image: plugins/docker + settings: + repo: happydomain/checker-email-autoconfig + auto_tag: true + auto_tag_suffix: ${DRONE_STAGE_OS}-${DRONE_STAGE_ARCH} + dockerfile: Dockerfile + build_args: + - CHECKER_VERSION=${DRONE_BRANCH}-${DRONE_COMMIT} + username: + from_secret: docker_username + password: + from_secret: docker_password + when: + event: + exclude: + - tag + + - name: publish on Docker Hub (tag) + image: plugins/docker + settings: + repo: happydomain/checker-email-autoconfig + auto_tag: true + auto_tag_suffix: ${DRONE_STAGE_OS}-${DRONE_STAGE_ARCH} + dockerfile: Dockerfile + build_args: + - CHECKER_VERSION=${DRONE_SEMVER} + username: + from_secret: docker_username + password: + from_secret: docker_password + when: + event: + - tag + +trigger: + event: + - cron + - push + - tag + +--- +kind: pipeline +name: docker-manifest + +platform: + os: linux + arch: arm64 + +steps: + - name: publish on Docker Hub + image: plugins/manifest + settings: + auto_tag: true + ignore_missing: true + spec: .drone-manifest.yml + username: + from_secret: docker_username + password: + from_secret: docker_password + +trigger: + branch: + exclude: + - renovate/* + event: + - cron + - push + - tag + +depends_on: + - build-amd64 + - build-arm64 From 3b6875dfd616b00007b2614d45de2974f4a27864 Mon Sep 17 00:00:00 2001 From: Pierre-Olivier Mercier Date: Thu, 14 May 2026 20:40:56 +0800 Subject: [PATCH 4/4] Apply to services abstract.EmailAutoConfig and abstract.RFC6186 --- checker/definition.go | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/checker/definition.go b/checker/definition.go index 06094aa..81ada06 100644 --- a/checker/definition.go +++ b/checker/definition.go @@ -15,7 +15,11 @@ func (p *autoconfigProvider) Definition() *sdk.CheckerDefinition { Name: "Email Autoconfiguration", Version: Version, Availability: sdk.CheckerAvailability{ - ApplyToDomain: true, + ApplyToService: true, + LimitToServices: []string{ + "abstract.EmailAutoConfig", + "abstract.RFC6186", + }, }, ObservationKeys: []sdk.ObservationKey{ObservationKeyAutoconfig}, HasHTMLReport: true,