2020-05-09 11:14:29 +00:00
|
|
|
|
// Copyright or © or Copr. happyDNS (2020)
|
|
|
|
|
//
|
2022-01-10 13:06:19 +00:00
|
|
|
|
// contact@happydomain.org
|
2020-05-09 11:14:29 +00:00
|
|
|
|
//
|
|
|
|
|
// This software is a computer program whose purpose is to provide a modern
|
|
|
|
|
// interface to interact with DNS systems.
|
|
|
|
|
//
|
|
|
|
|
// This software is governed by the CeCILL license under French law and abiding
|
|
|
|
|
// by the rules of distribution of free software. You can use, modify and/or
|
|
|
|
|
// redistribute the software under the terms of the CeCILL license as
|
|
|
|
|
// circulated by CEA, CNRS and INRIA at the following URL
|
|
|
|
|
// "http://www.cecill.info".
|
|
|
|
|
//
|
|
|
|
|
// As a counterpart to the access to the source code and rights to copy, modify
|
|
|
|
|
// and redistribute granted by the license, users are provided only with a
|
|
|
|
|
// limited warranty and the software's author, the holder of the economic
|
|
|
|
|
// rights, and the successive licensors have only limited liability.
|
|
|
|
|
//
|
|
|
|
|
// In this respect, the user's attention is drawn to the risks associated with
|
|
|
|
|
// loading, using, modifying and/or developing or reproducing the software by
|
|
|
|
|
// the user in light of its specific status of free software, that may mean
|
|
|
|
|
// that it is complicated to manipulate, and that also therefore means that it
|
|
|
|
|
// is reserved for developers and experienced professionals having in-depth
|
|
|
|
|
// computer knowledge. Users are therefore encouraged to load and test the
|
|
|
|
|
// software's suitability as regards their requirements in conditions enabling
|
|
|
|
|
// the security of their systems and/or data to be ensured and, more generally,
|
|
|
|
|
// to use and operate it in the same conditions as regards security.
|
|
|
|
|
//
|
|
|
|
|
// The fact that you are presently reading this means that you have had
|
|
|
|
|
// knowledge of the CeCILL license and that you accept its terms.
|
|
|
|
|
|
2020-10-10 16:44:17 +00:00
|
|
|
|
package abstract
|
2020-05-09 11:14:29 +00:00
|
|
|
|
|
|
|
|
|
import (
|
2020-05-10 09:23:55 +00:00
|
|
|
|
"bytes"
|
|
|
|
|
"fmt"
|
2020-05-09 11:14:29 +00:00
|
|
|
|
"strings"
|
|
|
|
|
|
2023-09-15 18:25:31 +00:00
|
|
|
|
"github.com/StackExchange/dnscontrol/v4/models"
|
|
|
|
|
"github.com/StackExchange/dnscontrol/v4/pkg/spflib"
|
2020-05-09 11:14:29 +00:00
|
|
|
|
"github.com/miekg/dns"
|
|
|
|
|
|
2023-09-07 09:37:18 +00:00
|
|
|
|
"git.happydns.org/happyDomain/model"
|
|
|
|
|
"git.happydns.org/happyDomain/services"
|
|
|
|
|
"git.happydns.org/happyDomain/utils"
|
2020-05-09 11:14:29 +00:00
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
type EMail struct {
|
2022-01-10 13:06:19 +00:00
|
|
|
|
MX []svcs.MX `json:"mx,omitempty" happydomain:"label=EMail Servers"`
|
|
|
|
|
SPF *svcs.SPF `json:"spf,omitempty" happydomain:"label=Sender Policy Framework"`
|
|
|
|
|
DKIM map[string]*svcs.DKIM `json:"dkim,omitempty" happydomain:"label=Domain Keys"`
|
|
|
|
|
DMARC *svcs.DMARC `json:"dmarc,omitempty" happydomain:"label=DMARC"`
|
|
|
|
|
MTA_STS *svcs.MTA_STS `json:"mta_sts,omitempty" happydomain:"label=Strict Transport Security"`
|
|
|
|
|
TLS_RPT *svcs.TLS_RPT `json:"tls_rpt,omitempty" happydomain:"label=TLS Reporting"`
|
2020-05-09 11:14:29 +00:00
|
|
|
|
}
|
|
|
|
|
|
2020-05-10 09:23:55 +00:00
|
|
|
|
func (s *EMail) GetNbResources() int {
|
|
|
|
|
return len(s.MX)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (s *EMail) GenComment(origin string) string {
|
|
|
|
|
poolMX := map[string]int{}
|
|
|
|
|
|
|
|
|
|
for _, mx := range s.MX {
|
|
|
|
|
labels := dns.SplitDomainName(mx.Target)
|
|
|
|
|
nbLabel := len(labels)
|
|
|
|
|
|
|
|
|
|
var dn string
|
2020-10-07 16:51:42 +00:00
|
|
|
|
if nbLabel <= 2 {
|
|
|
|
|
dn = mx.Target
|
|
|
|
|
} else if len(labels[nbLabel-2]) < 4 {
|
2020-05-10 09:23:55 +00:00
|
|
|
|
dn = strings.Join(labels[nbLabel-3:], ".") + "."
|
|
|
|
|
} else {
|
|
|
|
|
dn = strings.Join(labels[nbLabel-2:], ".") + "."
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
poolMX[dn] += 1
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
var buffer bytes.Buffer
|
|
|
|
|
first := true
|
|
|
|
|
|
|
|
|
|
for dn, nb := range poolMX {
|
|
|
|
|
if !first {
|
|
|
|
|
buffer.WriteString("; ")
|
|
|
|
|
} else {
|
|
|
|
|
first = !first
|
|
|
|
|
}
|
|
|
|
|
buffer.WriteString(strings.TrimSuffix(dn, "."+origin))
|
|
|
|
|
if nb > 1 {
|
|
|
|
|
buffer.WriteString(fmt.Sprintf(" ×%d", nb))
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if s.SPF != nil {
|
|
|
|
|
buffer.WriteString(" + SPF")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if s.DKIM != nil {
|
|
|
|
|
buffer.WriteString(" + DKIM")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if s.DMARC != nil {
|
|
|
|
|
buffer.WriteString(" + DMARC")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if s.MTA_STS != nil {
|
|
|
|
|
buffer.WriteString(" + MTA-STS")
|
|
|
|
|
}
|
|
|
|
|
|
2020-05-10 12:00:58 +00:00
|
|
|
|
if s.TLS_RPT != nil {
|
|
|
|
|
buffer.WriteString(" + TLS Reporting")
|
|
|
|
|
}
|
|
|
|
|
|
2020-05-10 09:23:55 +00:00
|
|
|
|
return buffer.String()
|
|
|
|
|
}
|
|
|
|
|
|
2023-09-15 18:25:31 +00:00
|
|
|
|
func (s *EMail) GenRRs(domain string, ttl uint32, origin string) (rrs models.Records) {
|
2020-05-09 11:14:29 +00:00
|
|
|
|
if len(s.MX) > 0 {
|
|
|
|
|
for _, mx := range s.MX {
|
2023-09-15 18:25:31 +00:00
|
|
|
|
rc := utils.NewRecordConfig(domain, "MX", ttl, origin)
|
|
|
|
|
rc.MxPreference = mx.Preference
|
|
|
|
|
rc.SetTarget(utils.DomainFQDN(mx.Target, origin))
|
|
|
|
|
|
|
|
|
|
rrs = append(rrs, rc)
|
2020-05-09 11:14:29 +00:00
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if s.SPF != nil {
|
2023-09-15 18:25:31 +00:00
|
|
|
|
rc := utils.NewRecordConfig(domain, "TXT", ttl, origin)
|
|
|
|
|
rc.SetTargetTXT(s.SPF.String())
|
|
|
|
|
|
|
|
|
|
rrs = append(rrs, rc)
|
2020-05-09 11:14:29 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
for selector, d := range s.DKIM {
|
2023-09-15 18:25:31 +00:00
|
|
|
|
rc := utils.NewRecordConfig(utils.DomainJoin(selector+"._domainkey", domain), "TXT", ttl, origin)
|
|
|
|
|
rc.SetTargetTXT(d.String())
|
|
|
|
|
|
|
|
|
|
rrs = append(rrs, rc)
|
2020-05-09 11:14:29 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if s.DMARC != nil {
|
2023-09-15 18:25:31 +00:00
|
|
|
|
rc := utils.NewRecordConfig(utils.DomainJoin("_dmarc", domain), "TXT", ttl, origin)
|
|
|
|
|
rc.SetTargetTXT(s.DMARC.String())
|
|
|
|
|
|
|
|
|
|
rrs = append(rrs, rc)
|
2020-05-09 11:14:29 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if s.MTA_STS != nil {
|
2023-09-15 18:25:31 +00:00
|
|
|
|
rc := utils.NewRecordConfig(utils.DomainJoin("_mta-sts", domain), "TXT", ttl, origin)
|
|
|
|
|
rc.SetTargetTXT(s.MTA_STS.String())
|
|
|
|
|
|
|
|
|
|
rrs = append(rrs, rc)
|
2020-05-09 11:14:29 +00:00
|
|
|
|
}
|
2020-05-10 12:00:58 +00:00
|
|
|
|
|
|
|
|
|
if s.TLS_RPT != nil {
|
2023-09-15 18:25:31 +00:00
|
|
|
|
rc := utils.NewRecordConfig(utils.DomainJoin("_smtp._tls", domain), "TXT", ttl, origin)
|
|
|
|
|
rc.SetTargetTXT(s.TLS_RPT.String())
|
|
|
|
|
|
|
|
|
|
rrs = append(rrs, rc)
|
2020-05-10 12:00:58 +00:00
|
|
|
|
}
|
2020-05-09 11:14:29 +00:00
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2020-10-10 16:44:17 +00:00
|
|
|
|
func email_analyze(a *svcs.Analyzer) (err error) {
|
2020-05-09 11:14:29 +00:00
|
|
|
|
services := map[string]*EMail{}
|
|
|
|
|
|
|
|
|
|
// Handle only MX records
|
2020-10-10 16:44:17 +00:00
|
|
|
|
for _, record := range a.SearchRR(svcs.AnalyzerRecordFilter{Type: dns.TypeMX}) {
|
2023-09-15 18:25:31 +00:00
|
|
|
|
if record.Type == "MX" {
|
|
|
|
|
dn := record.NameFQDN
|
2020-05-09 11:14:29 +00:00
|
|
|
|
|
|
|
|
|
if _, ok := services[dn]; !ok {
|
|
|
|
|
services[dn] = &EMail{}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
services[dn].MX = append(
|
|
|
|
|
services[dn].MX,
|
2020-10-10 16:44:17 +00:00
|
|
|
|
svcs.MX{
|
2023-09-15 18:25:31 +00:00
|
|
|
|
Target: record.GetTargetField(),
|
|
|
|
|
Preference: record.MxPreference,
|
2020-05-09 11:14:29 +00:00
|
|
|
|
},
|
|
|
|
|
)
|
|
|
|
|
|
2020-10-06 14:45:41 +00:00
|
|
|
|
err = a.UseRR(
|
2020-05-09 11:14:29 +00:00
|
|
|
|
record,
|
|
|
|
|
dn,
|
|
|
|
|
services[dn],
|
|
|
|
|
)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
for domain, service := range services {
|
|
|
|
|
// Is there SPF record?
|
2020-10-10 16:44:17 +00:00
|
|
|
|
for _, record := range a.SearchRR(svcs.AnalyzerRecordFilter{Type: dns.TypeTXT, Domain: domain, Contains: "v=spf1"}) {
|
2023-09-15 18:25:31 +00:00
|
|
|
|
if record.Type == "TXT" || record.Type == "SPF" {
|
|
|
|
|
_, err := spflib.Parse(record.GetTargetTXTJoined(), nil)
|
|
|
|
|
if err != nil {
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if service.SPF == nil {
|
|
|
|
|
service.SPF = &svcs.SPF{}
|
|
|
|
|
}
|
2020-05-09 11:14:29 +00:00
|
|
|
|
|
2023-09-15 18:25:31 +00:00
|
|
|
|
fields := strings.Fields(service.SPF.Content + " " + strings.TrimPrefix(strings.TrimSpace(record.GetTargetTXTJoined()), "v=spf1"))
|
2020-07-06 13:40:52 +00:00
|
|
|
|
|
|
|
|
|
for i := 0; i < len(fields); i += 1 {
|
|
|
|
|
for j := i + 1; j < len(fields); j += 1 {
|
|
|
|
|
if fields[i] == fields[j] {
|
|
|
|
|
fields = append(fields[:j], fields[j+1:]...)
|
|
|
|
|
j -= 1
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
service.SPF.Content = strings.Join(fields, " ")
|
2020-05-09 11:14:29 +00:00
|
|
|
|
}
|
|
|
|
|
|
2020-10-06 14:45:41 +00:00
|
|
|
|
err = a.UseRR(record, domain, service)
|
2020-05-09 11:14:29 +00:00
|
|
|
|
if err != nil {
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2020-10-10 16:44:17 +00:00
|
|
|
|
service.DKIM = map[string]*svcs.DKIM{}
|
2020-05-09 11:14:29 +00:00
|
|
|
|
// Is there DKIM record?
|
2020-10-10 16:44:17 +00:00
|
|
|
|
for _, record := range a.SearchRR(svcs.AnalyzerRecordFilter{Type: dns.TypeTXT, SubdomainsOf: "_domainkey." + domain}) {
|
2023-09-15 18:25:31 +00:00
|
|
|
|
selector := strings.TrimSuffix(record.NameFQDN, "._domainkey."+domain)
|
2020-05-09 11:14:29 +00:00
|
|
|
|
|
|
|
|
|
if _, ok := service.DKIM[selector]; !ok {
|
2020-10-10 16:44:17 +00:00
|
|
|
|
service.DKIM[selector] = &svcs.DKIM{}
|
2020-05-09 11:14:29 +00:00
|
|
|
|
}
|
|
|
|
|
|
2023-09-15 18:25:31 +00:00
|
|
|
|
if record.Type == "TXT" {
|
|
|
|
|
service.DKIM[selector].Fields = append(service.DKIM[selector].Fields, strings.Split(record.GetTargetTXTJoined(), ";")...)
|
2020-05-09 11:14:29 +00:00
|
|
|
|
}
|
|
|
|
|
|
2020-10-06 14:45:41 +00:00
|
|
|
|
err = a.UseRR(record, domain, service)
|
2020-05-09 11:14:29 +00:00
|
|
|
|
if err != nil {
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Is there DMARC record?
|
2020-10-10 16:44:17 +00:00
|
|
|
|
for _, record := range a.SearchRR(svcs.AnalyzerRecordFilter{Type: dns.TypeTXT, Domain: "_dmarc." + domain}) {
|
2020-05-09 11:14:29 +00:00
|
|
|
|
if service.DMARC == nil {
|
2020-10-10 16:44:17 +00:00
|
|
|
|
service.DMARC = &svcs.DMARC{}
|
2020-05-09 11:14:29 +00:00
|
|
|
|
}
|
|
|
|
|
|
2023-09-15 18:25:31 +00:00
|
|
|
|
if record.Type == "TXT" {
|
|
|
|
|
service.DMARC.Fields = append(service.DMARC.Fields, strings.Split(strings.TrimPrefix(record.GetTargetTXTJoined(), "v=DMARC1;"), ";")...)
|
2020-05-09 11:14:29 +00:00
|
|
|
|
}
|
|
|
|
|
|
2020-10-06 14:45:41 +00:00
|
|
|
|
err = a.UseRR(record, domain, service)
|
2020-05-09 11:14:29 +00:00
|
|
|
|
if err != nil {
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Is there MTA-STS record?
|
2020-10-10 16:44:17 +00:00
|
|
|
|
for _, record := range a.SearchRR(svcs.AnalyzerRecordFilter{Type: dns.TypeTXT, Domain: "_mta-sts." + domain}) {
|
2020-05-09 11:14:29 +00:00
|
|
|
|
if service.MTA_STS == nil {
|
2020-10-10 16:44:17 +00:00
|
|
|
|
service.MTA_STS = &svcs.MTA_STS{}
|
2020-05-09 11:14:29 +00:00
|
|
|
|
}
|
|
|
|
|
|
2023-09-15 18:25:31 +00:00
|
|
|
|
if record.Type == "TXT" {
|
|
|
|
|
service.MTA_STS.Fields = append(service.MTA_STS.Fields, strings.Split(record.GetTargetTXTJoined(), ";")...)
|
2020-05-09 11:14:29 +00:00
|
|
|
|
}
|
|
|
|
|
|
2020-10-06 14:45:41 +00:00
|
|
|
|
err = a.UseRR(record, domain, service)
|
2020-05-09 11:14:29 +00:00
|
|
|
|
if err != nil {
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
}
|
2020-05-10 12:00:58 +00:00
|
|
|
|
|
|
|
|
|
// Is there MTA-STS record?
|
2020-10-10 16:44:17 +00:00
|
|
|
|
for _, record := range a.SearchRR(svcs.AnalyzerRecordFilter{Type: dns.TypeTXT, Domain: "_smtp._tls." + domain}) {
|
2020-05-10 12:00:58 +00:00
|
|
|
|
if service.TLS_RPT == nil {
|
2020-10-10 16:44:17 +00:00
|
|
|
|
service.TLS_RPT = &svcs.TLS_RPT{}
|
2020-05-10 12:00:58 +00:00
|
|
|
|
}
|
|
|
|
|
|
2023-09-15 18:25:31 +00:00
|
|
|
|
if record.Type == "TXT" {
|
|
|
|
|
service.TLS_RPT.Fields = append(service.TLS_RPT.Fields, strings.Split(record.GetTargetTXTJoined(), ";")...)
|
2020-05-10 12:00:58 +00:00
|
|
|
|
}
|
|
|
|
|
|
2020-10-06 14:45:41 +00:00
|
|
|
|
err = a.UseRR(record, domain, service)
|
2020-05-10 12:00:58 +00:00
|
|
|
|
if err != nil {
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
}
|
2020-05-09 11:14:29 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func init() {
|
2020-10-10 16:44:17 +00:00
|
|
|
|
svcs.RegisterService(
|
2020-05-09 11:14:29 +00:00
|
|
|
|
func() happydns.Service {
|
|
|
|
|
return &EMail{}
|
|
|
|
|
},
|
|
|
|
|
email_analyze,
|
2020-10-10 16:44:17 +00:00
|
|
|
|
svcs.ServiceInfos{
|
2020-05-09 11:14:29 +00:00
|
|
|
|
Name: "E-Mail",
|
2020-07-05 19:39:17 +00:00
|
|
|
|
Description: "Send and receive e-mail with this domain.",
|
2020-10-10 16:44:17 +00:00
|
|
|
|
Family: svcs.Abstract,
|
2020-05-09 11:14:29 +00:00
|
|
|
|
Categories: []string{
|
|
|
|
|
"email",
|
|
|
|
|
},
|
2020-06-07 23:23:09 +00:00
|
|
|
|
Tabs: true,
|
2020-10-10 16:44:17 +00:00
|
|
|
|
Restrictions: svcs.ServiceRestrictions{
|
2020-07-06 09:07:37 +00:00
|
|
|
|
Single: true,
|
2020-07-26 18:54:53 +00:00
|
|
|
|
NeedTypes: []uint16{
|
|
|
|
|
dns.TypeMX,
|
|
|
|
|
},
|
2020-07-06 09:07:37 +00:00
|
|
|
|
},
|
2020-05-09 11:14:29 +00:00
|
|
|
|
},
|
2020-05-10 22:13:16 +00:00
|
|
|
|
1,
|
2020-05-09 11:14:29 +00:00
|
|
|
|
)
|
|
|
|
|
}
|