Align no DMARC authentication with on DMARC DNS record: grade C

2025-10-24 10:50:49 +07:00 · 2025-10-24 10:50:49 +07:00 · aa35ab223d
commit aa35ab223d
parent 29cb2cf1f9
2 changed files with 10 additions and 10 deletions
--- a/pkg/analyzer/authentication.go
+++ b/pkg/analyzer/authentication.go
@ -532,7 +532,7 @@ func (a *AuthenticationAnalyzer) CalculateAuthenticationScore(results *api.Authe
 		}
 	}

-	// DKIM (20 points) - at least one passing signature
+	// DKIM (25 points) - at least one passing signature
 	if results.Dkim != nil && len(*results.Dkim) > 0 {
 		hasPass := false
 		for _, dkim := range *results.Dkim {
@ -542,18 +542,18 @@ func (a *AuthenticationAnalyzer) CalculateAuthenticationScore(results *api.Authe
 			}
 		}
 		if hasPass {
-			score += 20
+			score += 25
 		} else {
 			// Has DKIM signatures but none passed
-			score += 7
+			score += 10
 		}
 	}

-	// DMARC (30 points)
+	// DMARC (25 points)
 	if results.Dmarc != nil {
 		switch results.Dmarc.Result {
 		case api.AuthResultResultPass:
-			score += 30
+			score += 25
 		case api.AuthResultResultNone:
 			score += 10
 		default: // fail
--- a/pkg/analyzer/authentication_test.go
+++ b/pkg/analyzer/authentication_test.go
@ -265,7 +265,7 @@ func TestGetAuthenticationScore(t *testing.T) {
 					Result: api.AuthResultResultPass,
 				},
 			},
-			expectedScore: 90, // SPF=30 + DKIM=30 + DMARC=30
+			expectedScore: 75, // SPF=25 + DKIM=25 + DMARC=25
 		},
 		{
 			name: "SPF and DKIM only",
@ -277,7 +277,7 @@ func TestGetAuthenticationScore(t *testing.T) {
 					{Result: api.AuthResultResultPass},
 				},
 			},
-			expectedScore: 60, // SPF=30 + DKIM=30
+			expectedScore: 50, // SPF=25 + DKIM=25
 		},
 		{
 			name: "SPF fail, DKIM pass",
@ -289,7 +289,7 @@ func TestGetAuthenticationScore(t *testing.T) {
 					{Result: api.AuthResultResultPass},
 				},
 			},
-			expectedScore: 30, // SPF=0 + DKIM=30
+			expectedScore: 25, // SPF=0 + DKIM=25
 		},
 		{
 			name: "SPF softfail",
@ -298,7 +298,7 @@ func TestGetAuthenticationScore(t *testing.T) {
 					Result: api.AuthResultResultSoftfail,
 				},
 			},
-			expectedScore: 5,
+			expectedScore: 4,
 		},
 		{
 			name:          "No authentication",
@ -315,7 +315,7 @@ func TestGetAuthenticationScore(t *testing.T) {
 					Result: api.AuthResultResultPass,
 				},
 			},
-			expectedScore: 40, // SPF (30) + BIMI (10)
+			expectedScore: 35, // SPF (25) + BIMI (10)
 		},
 	}