1
0
mirror of https://github.com/mailcow/mailcow-dockerized.git synced 2024-12-12 10:45:14 +02:00

DNS Diagnostics - Ehnaced SPF record check

Signed-off-by: Kristián Feldsam <feldsam@gmail.com>
This commit is contained in:
Kristián Feldsam 2018-01-16 00:06:21 +01:00
parent 9f258df883
commit 2a8bdc8dea
2 changed files with 10 additions and 4 deletions

View File

@ -73,7 +73,7 @@ if (!isset($autodiscover_config['sieve'])) {
}
// Init records array
$spf_link = '<a href="http://www.openspf.org/SPF_Record_Syntax" target="_blank">SPF Record Syntax</a>';
$spf_link = '<a href="http://www.openspf.org/SPF_Record_Syntax" target="_blank">SPF Record Syntax</a><br /><small>'.$lang['diagnostics']['allow'].' '.$ip.'<br />'.$lang['diagnostics']['allow'].' '.$ip6.'</small>';
$dmarc_link = '<a href="http://www.kitterman.com/dmarc/assistant.html" target="_blank">DMARC Assistant</a>';
$records = array();
@ -348,9 +348,14 @@ foreach ($records as $record) {
$state = $current[$data_field[$current['type']]] . state_optional;
}
elseif ($current['type'] == 'TXT' &&
stripos($current['txt'], 'v=spf' &&
$record[2] == $spf_link) === 0) {
$state = $current[$data_field[$current['type']]] . state_optional;
stripos($current['txt'], 'v=spf') === 0 &&
$record[2] == $spf_link) {
$state = state_nomatch;
$rslt = get_spf_allowed_hosts($record[0]);
if(in_array($ip, $rslt) && in_array($ip6, $rslt)){
$state = state_good;
}
$state .= '<br />' . $current[$data_field[$current['type']]].state_optional;
}
elseif ($current['type'] == 'TXT' &&
stripos($current['txt'], 'v=dkim') === 0 &&

View File

@ -556,6 +556,7 @@ $lang['diagnostics']['dns_records_data'] = 'Correct Data';
$lang['diagnostics']['dns_records_status'] = 'Current State';
$lang['diagnostics']['optional'] = 'This record is optional.';
$lang['diagnostics']['cname_from_a'] = 'Value derived from A/AAAA record. This is supported as long as the record points to the correct resource.';
$lang['diagnostics']['allow'] = 'Allow';
$lang['admin']['relay_from'] = '"From:" address';
$lang['admin']['api_allow_from'] = "Allow API access from these IPs";