mirror of
https://github.com/mailcow/mailcow-dockerized.git
synced 2024-12-14 10:52:49 +02:00
Merge pull request #910 from FELDSAM-INC/feldsam/diagnostics
DNS Diagnostics enhanced
This commit is contained in:
commit
7183609bee
@ -7,7 +7,7 @@ define('state_missing', '<span class="glyphicon glyphicon-remove text-danger"></
|
||||
define('state_nomatch', "?");
|
||||
define('state_optional', " <sup>2</sup>");
|
||||
|
||||
if (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == "admin") {
|
||||
if (isset($_SESSION['mailcow_cc_role']) && ($_SESSION['mailcow_cc_role'] == "admin"|| $_SESSION['mailcow_cc_role'] == "domainadmin")) {
|
||||
|
||||
$domains = mailbox('get', 'domains');
|
||||
foreach(mailbox('get', 'domains') as $dn) {
|
||||
@ -73,108 +73,120 @@ if (!isset($autodiscover_config['sieve'])) {
|
||||
}
|
||||
|
||||
// Init records array
|
||||
$spf_link = '<a href="http://www.openspf.org/SPF_Record_Syntax" target="_blank">SPF Record Syntax</a>';
|
||||
$spf_link = '<a href="http://www.openspf.org/SPF_Record_Syntax" target="_blank">SPF Record Syntax</a><br />
|
||||
<small>' . sprintf($lang['diagnostics']['allow'], $ip) . '<br />' . sprintf($lang['diagnostics']['allow'], $ip6) . '</small>';
|
||||
$dmarc_link = '<a href="http://www.kitterman.com/dmarc/assistant.html" target="_blank">DMARC Assistant</a>';
|
||||
|
||||
$records = array();
|
||||
$records[] = array(
|
||||
$mailcow_hostname,
|
||||
'A',
|
||||
$ip
|
||||
);
|
||||
$records[] = array(
|
||||
$ptr,
|
||||
'PTR',
|
||||
$mailcow_hostname
|
||||
);
|
||||
if (!empty($ip6)) {
|
||||
if ($_SESSION['mailcow_cc_role'] == "admin") {
|
||||
$records[] = array(
|
||||
$mailcow_hostname,
|
||||
'AAAA',
|
||||
$ip6
|
||||
'A',
|
||||
$ip
|
||||
);
|
||||
$records[] = array(
|
||||
$ptr6,
|
||||
$ptr,
|
||||
'PTR',
|
||||
$mailcow_hostname
|
||||
);
|
||||
if (!empty($ip6)) {
|
||||
$records[] = array(
|
||||
$mailcow_hostname,
|
||||
'AAAA',
|
||||
$ip6
|
||||
);
|
||||
$records[] = array(
|
||||
$ptr6,
|
||||
'PTR',
|
||||
$mailcow_hostname
|
||||
);
|
||||
}
|
||||
$records[] = array(
|
||||
'_25._tcp.'.$autodiscover_config['smtp']['server'],
|
||||
'TLSA',
|
||||
generate_tlsa_digest($autodiscover_config['smtp']['server'], 25, 1)
|
||||
);
|
||||
$records[] = array(
|
||||
'_'.$https_port.
|
||||
'._tcp.'.$mailcow_hostname,
|
||||
'TLSA',
|
||||
generate_tlsa_digest($mailcow_hostname, $https_port)
|
||||
);
|
||||
$records[] = array(
|
||||
'_'.$autodiscover_config['pop3']['tlsport'].
|
||||
'._tcp.'.$autodiscover_config['pop3']['server'],
|
||||
'TLSA',
|
||||
generate_tlsa_digest($autodiscover_config['pop3']['server'], $autodiscover_config['pop3']['tlsport'], 1)
|
||||
);
|
||||
$records[] = array(
|
||||
'_'.$autodiscover_config['imap']['tlsport'].
|
||||
'._tcp.'.$autodiscover_config['imap']['server'],
|
||||
'TLSA',
|
||||
generate_tlsa_digest($autodiscover_config['imap']['server'], $autodiscover_config['imap']['tlsport'], 1)
|
||||
);
|
||||
$records[] = array(
|
||||
'_'.$autodiscover_config['smtp']['port'].
|
||||
'._tcp.'.$autodiscover_config['smtp']['server'],
|
||||
'TLSA',
|
||||
generate_tlsa_digest($autodiscover_config['smtp']['server'], $autodiscover_config['smtp']['port'])
|
||||
);
|
||||
$records[] = array(
|
||||
'_'.$autodiscover_config['smtp']['tlsport'].
|
||||
'._tcp.'.$autodiscover_config['smtp']['server'],
|
||||
'TLSA',
|
||||
generate_tlsa_digest($autodiscover_config['smtp']['server'], $autodiscover_config['smtp']['tlsport'], 1)
|
||||
);
|
||||
$records[] = array(
|
||||
'_'.$autodiscover_config['imap']['port'].
|
||||
'._tcp.'.$autodiscover_config['imap']['server'],
|
||||
'TLSA',
|
||||
generate_tlsa_digest($autodiscover_config['imap']['server'], $autodiscover_config['imap']['port'])
|
||||
);
|
||||
$records[] = array(
|
||||
'_'.$autodiscover_config['pop3']['port'].
|
||||
'._tcp.'.$autodiscover_config['pop3']['server'],
|
||||
'TLSA',
|
||||
generate_tlsa_digest($autodiscover_config['pop3']['server'], $autodiscover_config['pop3']['port'])
|
||||
);
|
||||
$records[] = array(
|
||||
'_'.$autodiscover_config['sieve']['port'].
|
||||
'._tcp.'.$autodiscover_config['sieve']['server'],
|
||||
'TLSA',
|
||||
generate_tlsa_digest($autodiscover_config['sieve']['server'], $autodiscover_config['sieve']['port'], 1)
|
||||
);
|
||||
}
|
||||
$records[] = array(
|
||||
'_25._tcp.' . $autodiscover_config['smtp']['server'],
|
||||
'TLSA',
|
||||
generate_tlsa_digest($autodiscover_config['smtp']['server'], 25, 1)
|
||||
$domain,
|
||||
'MX',
|
||||
$mailcow_hostname
|
||||
);
|
||||
$records[] = array(
|
||||
'_' . $https_port . '._tcp.' . $mailcow_hostname,
|
||||
'TLSA',
|
||||
generate_tlsa_digest($mailcow_hostname, $https_port)
|
||||
'autodiscover.'.$domain,
|
||||
'CNAME',
|
||||
$mailcow_hostname
|
||||
);
|
||||
$records[] = array(
|
||||
'_' . $autodiscover_config['pop3']['tlsport'] . '._tcp.' . $autodiscover_config['pop3']['server'],
|
||||
'TLSA',
|
||||
generate_tlsa_digest($autodiscover_config['pop3']['server'], $autodiscover_config['pop3']['tlsport'], 1)
|
||||
'_autodiscover._tcp.'.$domain,
|
||||
'SRV',
|
||||
$mailcow_hostname.
|
||||
' '.$https_port
|
||||
);
|
||||
$records[] = array(
|
||||
'_' . $autodiscover_config['imap']['tlsport'] . '._tcp.' . $autodiscover_config['imap']['server'],
|
||||
'TLSA',
|
||||
generate_tlsa_digest($autodiscover_config['imap']['server'], $autodiscover_config['imap']['tlsport'], 1)
|
||||
'autoconfig.'.$domain,
|
||||
'CNAME',
|
||||
$mailcow_hostname
|
||||
);
|
||||
$records[] = array(
|
||||
'_' . $autodiscover_config['smtp']['port'] . '._tcp.' . $autodiscover_config['smtp']['server'],
|
||||
'TLSA',
|
||||
generate_tlsa_digest($autodiscover_config['smtp']['server'], $autodiscover_config['smtp']['port'])
|
||||
$domain,
|
||||
'TXT',
|
||||
$spf_link,
|
||||
state_optional
|
||||
);
|
||||
$records[] = array(
|
||||
'_' . $autodiscover_config['smtp']['tlsport'] . '._tcp.' . $autodiscover_config['smtp']['server'],
|
||||
'TLSA',
|
||||
generate_tlsa_digest($autodiscover_config['smtp']['server'], $autodiscover_config['smtp']['tlsport'], 1)
|
||||
);
|
||||
$records[] = array(
|
||||
'_' . $autodiscover_config['imap']['port'] . '._tcp.' . $autodiscover_config['imap']['server'],
|
||||
'TLSA',
|
||||
generate_tlsa_digest($autodiscover_config['imap']['server'], $autodiscover_config['imap']['port'])
|
||||
);
|
||||
$records[] = array(
|
||||
'_' . $autodiscover_config['pop3']['port'] . '._tcp.' . $autodiscover_config['pop3']['server'],
|
||||
'TLSA',
|
||||
generate_tlsa_digest($autodiscover_config['pop3']['server'], $autodiscover_config['pop3']['port'])
|
||||
);
|
||||
$records[] = array(
|
||||
'_' . $autodiscover_config['sieve']['port'] . '._tcp.' . $autodiscover_config['sieve']['server'],
|
||||
'TLSA',
|
||||
generate_tlsa_digest($autodiscover_config['sieve']['server'], $autodiscover_config['sieve']['port'], 1)
|
||||
);
|
||||
$records[] = array(
|
||||
$domain,
|
||||
'MX',
|
||||
$mailcow_hostname
|
||||
);
|
||||
$records[] = array(
|
||||
'autodiscover.' . $domain,
|
||||
'CNAME',
|
||||
$mailcow_hostname
|
||||
);
|
||||
$records[] = array(
|
||||
'_autodiscover._tcp.' . $domain,
|
||||
'SRV',
|
||||
$mailcow_hostname . ' ' . $https_port
|
||||
);
|
||||
$records[] = array(
|
||||
'autoconfig.' . $domain,
|
||||
'CNAME',
|
||||
$mailcow_hostname
|
||||
);
|
||||
$records[] = array(
|
||||
$domain,
|
||||
'TXT',
|
||||
$spf_link,
|
||||
state_optional
|
||||
);
|
||||
$records[] = array(
|
||||
'_dmarc.' . $domain,
|
||||
'TXT',
|
||||
$dmarc_link,
|
||||
state_optional
|
||||
'_dmarc.'.$domain,
|
||||
'TXT',
|
||||
$dmarc_link,
|
||||
state_optional
|
||||
);
|
||||
|
||||
if (!empty($dkim = dkim('details', $domain))) {
|
||||
@ -345,9 +357,14 @@ foreach ($records as $record) {
|
||||
$state = $current[$data_field[$current['type']]] . state_optional;
|
||||
}
|
||||
elseif ($current['type'] == 'TXT' &&
|
||||
stripos($current['txt'], 'v=spf' &&
|
||||
$record[2] == $spf_link) === 0) {
|
||||
$state = $current[$data_field[$current['type']]] . state_optional;
|
||||
stripos($current['txt'], 'v=spf') === 0 &&
|
||||
$record[2] == $spf_link) {
|
||||
$state = state_nomatch;
|
||||
$rslt = get_spf_allowed_hosts($record[0]);
|
||||
if(in_array($ip, $rslt) && in_array($ip6, $rslt)){
|
||||
$state = state_good;
|
||||
}
|
||||
$state .= '<br />' . $current[$data_field[$current['type']]].state_optional;
|
||||
}
|
||||
elseif ($current['type'] == 'TXT' &&
|
||||
stripos($current['txt'], 'v=dkim') === 0 &&
|
||||
|
@ -556,6 +556,7 @@ $lang['diagnostics']['dns_records_data'] = 'Correct Data';
|
||||
$lang['diagnostics']['dns_records_status'] = 'Current State';
|
||||
$lang['diagnostics']['optional'] = 'This record is optional.';
|
||||
$lang['diagnostics']['cname_from_a'] = 'Value derived from A/AAAA record. This is supported as long as the record points to the correct resource.';
|
||||
$lang['diagnostics']['allow'] = 'Allow %s';
|
||||
|
||||
$lang['admin']['relay_from'] = '"From:" address';
|
||||
$lang['admin']['api_allow_from'] = "Allow API access from these IPs";
|
||||
|
Loading…
Reference in New Issue
Block a user