averello/mailgoose-mirror
1
0
Fork 0
mirror of https://github.com/CERT-Polska/mailgoose.git synced 2025-12-12 20:35:41 +01:00
Code Issues Packages Projects Releases Wiki Activity

Message on nonexistent domain (#162)

Browse Source
This commit is contained in:
kazet
2025-10-18 21:28:41 +02:00
committed by GitHub
parent 4693bbf56c
commit 9dca732e8f
10 changed files with 326 additions and 264 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
app/src/check_results.py
View File

@@ -71,6 +71,9 @@ def load_check_results(token: str) -> Optional[Dict[str, Any]]:
result["result"]["message_timestamp"] = datetime.datetime.fromisoformat(
result["result"]["message_timestamp"]
)
if not result["result"]["domain"].get("domain_does_not_exist"):
result["result"]["domain"]["domain_does_not_exist"] = False
try:
dacite.from_dict(
data_class=ScanResult,

307
app/templates/check_results.html
View File

@@ -117,91 +117,139 @@
</div>
</div>
</div>
<div class="card mb-3">
<div class="card-body">
{% if result.num_correct_mechanisms == result.num_checked_mechanisms %}
<span class="text-success"><i class="bi bi-check-circle"></i>
{% elif result.has_not_valid_mechanisms %}
<span class="text-danger"><i class="bi bi-x-square"></i>
{% else %}
<span class="text-warning-dark"><i class="bi bi-exclamation-triangle"></i>
{% endif %}
{% trans %}Check summary{% endtrans %}:
{{ result.num_correct_mechanisms }}
{% if result.num_correct_mechanisms == 0 %}
{{ pgettext("zero", "mechanisms") }}
{% elif result.num_correct_mechanisms == 1 %}
{% trans %}mechanism{% endtrans %}
{% else %}
{% trans %}mechanisms{% endtrans %}
{% endif %}
{% trans %}out of{% endtrans %}
{{ result.num_checked_mechanisms }}
{% if result.num_correct_mechanisms == 0 %}
{{ pgettext("zero", "configured") }}
{% elif result.num_correct_mechanisms == 1 %}
{{ pgettext("singular", "configured") }}
{% else %}
{{ pgettext("plural", "configured") }}
{% endif %}
{% trans %}without issues.{% endtrans %}
</span>
</div>
</div>
{% if result.domain %}
{% for warning in result.domain.warnings %}
<div class="card mb-3">
<div class="card-body text-warning-dark">
⚠️ {{ warning }}
</div>
{% if result.domain.domain_does_not_exist %}
<div class="card mb-3">
<div class="card-body">
{% trans %}Domain does not exist.{% endtrans %}
</div>
{% endfor %}
</div>
{% else %}
<div class="card mb-3">
<div class="card-body">
{% if result.num_correct_mechanisms == result.num_checked_mechanisms %}
<span class="text-success"><i class="bi bi-check-circle"></i>
{% elif result.has_not_valid_mechanisms %}
<span class="text-danger"><i class="bi bi-x-square"></i>
{% else %}
<span class="text-warning-dark"><i class="bi bi-exclamation-triangle"></i>
{% endif %}
{% trans %}Check summary{% endtrans %}:
<div class="card p-1 bg-light border rounded-3 mb-3">
{% if result.domain.spf_not_required_because_of_correct_dmarc %}
<div class="card-header text-disabled">
{% trans %}SPF: the record is optional{% endtrans %}
{{ result.num_correct_mechanisms }}
{% if result.num_correct_mechanisms == 0 %}
{{ pgettext("zero", "mechanisms") }}
{% elif result.num_correct_mechanisms == 1 %}
{% trans %}mechanism{% endtrans %}
{% else %}
{% trans %}mechanisms{% endtrans %}
{% endif %}
{% trans %}out of{% endtrans %}
{{ result.num_checked_mechanisms }}
{% if result.num_correct_mechanisms == 0 %}
{{ pgettext("zero", "configured") }}
{% elif result.num_correct_mechanisms == 1 %}
{{ pgettext("singular", "configured") }}
{% else %}
{{ pgettext("plural", "configured") }}
{% endif %}
{% trans %}without issues.{% endtrans %}
</span>
</div>
</div>
{% if result.domain %}
{% for warning in result.domain.warnings %}
<div class="card mb-3">
<div class="card-body text-warning-dark">
⚠️ {{ warning }}
</div>
</div>
<div class="card-body">
<p>
{% trans trimmed %}
Because the DMARC record is configured correctly, the SPF record is not required. Sending e-mail
messages from this domain without using the SPF mechanism is still possible - in that case, the messages
need to have correct DKIM signatures.
{% endtrans %}
</p>
<p>
{% trans trimmed %}
However, we recommend configuring an SPF record if possible (even if the domain is not used
to send e-mails), because older mail servers may not support DMARC and use SPF for verification.
The combination of all protection mechanisms - SPF, DKIM and DMARC allows all servers to properly
verify e-mail message authenticity.
{% endtrans %}
</p>
</div>
{% else %}
{{ card_header("SPF", result.domain.spf) }}
{% endfor %}
<div class="card p-1 bg-light border rounded-3 mb-3">
{% if result.domain.spf_not_required_because_of_correct_dmarc %}
<div class="card-header text-disabled">
{% trans %}SPF: the record is optional{% endtrans %}
</div>
<div class="card-body">
<p>
{% trans trimmed %}
Because the DMARC record is configured correctly, the SPF record is not required. Sending e-mail
messages from this domain without using the SPF mechanism is still possible - in that case, the messages
need to have correct DKIM signatures.
{% endtrans %}
</p>
<p>
{% trans trimmed %}
However, we recommend configuring an SPF record if possible (even if the domain is not used
to send e-mails), because older mail servers may not support DMARC and use SPF for verification.
The combination of all protection mechanisms - SPF, DKIM and DMARC allows all servers to properly
verify e-mail message authenticity.
{% endtrans %}
</p>
</div>
{% else %}
{{ card_header("SPF", result.domain.spf) }}
<div class="card-body">
<table class="table">
<tbody>
{% if envelope_domain %}
<tr>
<td class="label">{% trans %}Domain{% endtrans %}</td>
<td><code>{{ envelope_domain }}</code></td>
</tr>
{% endif %}
{% if result.domain.spf.record %}
<tr>
<td class="label">{% trans %}Record{% endtrans %}</td>
<td><code>{{ result.domain.spf.record }}</code></td>
</tr>
{% elif result.domain.spf.record_candidates %}
<tr>
<td class="label">{% if result.domain.spf.record_candidates|length > 1 %}{% trans %}Records{% endtrans %}{% else %}{% trans %}Record{% endtrans %}{% endif %}</td>
<td class="text-danger">
{% for record in result.domain.spf.record_candidates %}
<code class="text-danger">{{ record }}</code></br>
{% endfor %}
</td>
</tr>
{% endif %}
<tr>
<td class="label">{% trans %}Warnings{% endtrans %}</td>
<td>{% if result.domain.spf.warnings %}{{ render_problems(result.domain.spf.warnings) }}{% else %}{% trans %}none{% endtrans %}{% endif %}</td>
</tr>
<tr>
<td class="label">{% trans %}Errors{% endtrans %}</td>
<td>{% if result.domain.spf.errors %}{{ render_problems(result.domain.spf.errors) }}{% else %}{% trans %}none{% endtrans %}{% endif %}</td>
</tr>
</tbody>
</table>
</div>
{% endif %}
</div>
<div class="card p-1 bg-light border rounded-3 mb-3">
{{ card_header("DMARC", result.domain.dmarc) }}
<div class="card-body">
<table class="table">
<tbody>
{% if envelope_domain %}
{% if from_domain %}
<tr>
<td class="label">{% trans %}Domain{% endtrans %}</td>
<td><code>{{ envelope_domain }}</code></td>
<td><code>{{ from_domain }}</code></td>
</tr>
{% endif %}
{% if result.domain.spf.record %}
{% if result.domain.dmarc.record %}
<tr>
<td class="label">{% trans %}Record{% endtrans %}</td>
<td><code>{{ result.domain.spf.record }}</code></td>
<td><code>{{ result.domain.dmarc.record }}</code></td>
</tr>
{% elif result.domain.spf.record_candidates %}
{% elif result.domain.dmarc.record_candidates %}
<tr>
<td class="label">{% if result.domain.spf.record_candidates|length > 1 %}{% trans %}Records{% endtrans %}{% else %}{% trans %}Record{% endtrans %}{% endif %}</td>
<td class="label">{% if result.domain.dmarc.record_candidates|length > 1 %}{% trans %}Records{% endtrans %}{% else %}{% trans %}Record{% endtrans %}{% endif %}</td>
<td class="text-danger">
{% for record in result.domain.spf.record_candidates %}
{% for record in result.domain.dmarc.record_candidates %}
<code class="text-danger">{{ record }}</code></br>
{% endfor %}
</td>
@@ -209,101 +257,62 @@
{% endif %}
<tr>
<td class="label">{% trans %}Warnings{% endtrans %}</td>
<td>{% if result.domain.spf.warnings %}{{ render_problems(result.domain.spf.warnings) }}{% else %}{% trans %}none{% endtrans %}{% endif %}</td>
<td>{% if result.domain.dmarc.warnings %}{{ render_problems(result.domain.dmarc.warnings) }}{% else %}{% trans %}none{% endtrans %}{% endif %}</td>
</tr>
<tr>
<td class="label">{% trans %}Errors{% endtrans %}</td>
<td>{% if result.domain.spf.errors %}{{ render_problems(result.domain.spf.errors) }}{% else %}{% trans %}none{% endtrans %}{% endif %}</td>
<td>{% if result.domain.dmarc.errors %}{{ render_problems(result.domain.dmarc.errors) }}{% else %}{% trans %}none{% endtrans %}{% endif %}</td>
</tr>
</tbody>
</table>
</div>
{% endif %}
</div>
<div class="card p-1 bg-light border rounded-3 mb-3">
{{ card_header("DMARC", result.domain.dmarc) }}
<div class="card-body">
<table class="table">
<tbody>
{% if from_domain %}
<tr>
<td class="label">{% trans %}Domain{% endtrans %}</td>
<td><code>{{ from_domain }}</code></td>
</tr>
{% endif %}
{% if result.domain.dmarc.record %}
<tr>
<td class="label">{% trans %}Record{% endtrans %}</td>
<td><code>{{ result.domain.dmarc.record }}</code></td>
</tr>
{% elif result.domain.dmarc.record_candidates %}
<tr>
<td class="label">{% if result.domain.dmarc.record_candidates|length > 1 %}{% trans %}Records{% endtrans %}{% else %}{% trans %}Record{% endtrans %}{% endif %}</td>
<td class="text-danger">
{% for record in result.domain.dmarc.record_candidates %}
<code class="text-danger">{{ record }}</code></br>
{% endfor %}
</td>
</tr>
{% endif %}
<tr>
<td class="label">{% trans %}Warnings{% endtrans %}</td>
<td>{% if result.domain.dmarc.warnings %}{{ render_problems(result.domain.dmarc.warnings) }}{% else %}{% trans %}none{% endtrans %}{% endif %}</td>
</tr>
<tr>
<td class="label">{% trans %}Errors{% endtrans %}</td>
<td>{% if result.domain.dmarc.errors %}{{ render_problems(result.domain.dmarc.errors) }}{% else %}{% trans %}none{% endtrans %}{% endif %}</td>
</tr>
</tbody>
</table>
</div>
</div>
{% endif %}
{% endif %}
{% if result.dkim %}
<div class="card p-1 bg-light border rounded-3 mb-3">
{{ card_header("DKIM", result.dkim) }}
<div class="card-body">
<table class="table">
<tbody>
{% if dkim_domain %}
{% if result.dkim %}
<div class="card p-1 bg-light border rounded-3 mb-3">
{{ card_header("DKIM", result.dkim) }}
<div class="card-body">
<table class="table">
<tbody>
{% if dkim_domain %}
<tr>
<td class="label">{% trans %}Domain{% endtrans %}</td>
<td><code>{{ dkim_domain }}</code></td>
</tr>
{% endif %}
<tr>
<td class="label">{% trans %}Domain{% endtrans %}</td>
<td><code>{{ dkim_domain }}</code></td>
<td class="label">{% trans %}Warnings{% endtrans %}</td>
<td>{% if result.dkim.warnings %}{{ render_problems(result.dkim.warnings) }}{% else %}{% trans %}none{% endtrans %}{% endif %}</td>
</tr>
{% endif %}
<tr>
<td class="label">{% trans %}Warnings{% endtrans %}</td>
<td>{% if result.dkim.warnings %}{{ render_problems(result.dkim.warnings) }}{% else %}{% trans %}none{% endtrans %}{% endif %}</td>
</tr>
<tr>
<td class="label">{% trans %}Errors{% endtrans %}</td>
<td>{% if result.dkim.errors %}{{ render_problems(result.dkim.errors) }}{% else %}{% trans %}none{% endtrans %}{% endif %}</td>
</tbody>
</table>
<tr>
<td class="label">{% trans %}Errors{% endtrans %}</td>
<td>{% if result.dkim.errors %}{{ render_problems(result.dkim.errors) }}{% else %}{% trans %}none{% endtrans %}{% endif %}</td>
</tbody>
</table>
</div>
</div>
</div>
{% endif %}
{% endif %}
{% if result.domain.spf.warnings or result.domain.spf.errors or result.domain.dmarc.warnings or result.domain.dmarc.errors or result.dkim.warnings or result.dkim.errors %}
<div class="card border rounded-3 mb-3">
<div class="card-body">
{% if result.domain.spf.warnings or result.domain.dmarc.warnings or result.dkim.warnings %}
<p>
{% trans trimmed %}
To increase the chance that your configuration is interpreted by all e-mail servers correctly,
we recommend fixing all errors and warnings.
{% endtrans %}
{% if result.domain.spf.warnings or result.domain.spf.errors or result.domain.dmarc.warnings or result.domain.dmarc.errors or result.dkim.warnings or result.dkim.errors %}
<div class="card border rounded-3 mb-3">
<div class="card-body">
{% if result.domain.spf.warnings or result.domain.dmarc.warnings or result.dkim.warnings %}
<p>
{% trans trimmed %}
To increase the chance that your configuration is interpreted by all e-mail servers correctly,
we recommend fixing all errors and warnings.
{% endtrans %}
</p>
{% endif %}
<p class="mb-0">
{% trans %}After fixing the issues, please rerun the scan - some problems can be detected only if earlier checks complete successfully.{% endtrans %}
</p>
{% endif %}
<p class="mb-0">
{% trans %}After fixing the issues, please rerun the scan - some problems can be detected only if earlier checks complete successfully.{% endtrans %}
</p>
{% include "custom_failed_check_results_hints.html" %}
{% include "custom_failed_check_results_hints.html" %}
</div>
</div>
</div>
{% endif %}
{% endif %}
{% endif %}
</div>

56
app/translations/en_US/LC_MESSAGES/messages.po
View File

@@ -21,8 +21,8 @@ msgstr ""
#: app/templates/check_domain.html:12 app/templates/check_results.html:74
#: app/templates/check_results.html:76 app/templates/check_results.html:78
#: app/templates/check_results.html:191 app/templates/check_results.html:231
#: app/templates/check_results.html:272
#: app/templates/check_results.html:199 app/templates/check_results.html:239
#: app/templates/check_results.html:280
msgid "Domain"
msgstr ""
@@ -146,51 +146,55 @@ msgstr ""
msgid "To share check results, copy the following link:"
msgstr ""
#: app/templates/check_results.html:129
#: app/templates/check_results.html:124
msgid "Domain does not exist."
msgstr ""
#: app/templates/check_results.html:137
msgid "Check summary"
msgstr ""
#: app/templates/check_results.html:133
#: app/templates/check_results.html:141
msgctxt "zero"
msgid "mechanisms"
msgstr ""
#: app/templates/check_results.html:135
#: app/templates/check_results.html:143
msgid "mechanism"
msgstr ""
#: app/templates/check_results.html:137
#: app/templates/check_results.html:145
msgid "mechanisms"
msgstr ""
#: app/templates/check_results.html:139
#: app/templates/check_results.html:147
msgid "out of"
msgstr ""
#: app/templates/check_results.html:142
#: app/templates/check_results.html:150
msgctxt "zero"
msgid "configured"
msgstr ""
#: app/templates/check_results.html:144
#: app/templates/check_results.html:152
msgctxt "singular"
msgid "configured"
msgstr ""
#: app/templates/check_results.html:146
#: app/templates/check_results.html:154
msgctxt "plural"
msgid "configured"
msgstr ""
#: app/templates/check_results.html:148
#: app/templates/check_results.html:156
msgid "without issues."
msgstr ""
#: app/templates/check_results.html:165
#: app/templates/check_results.html:173
msgid "SPF: the record is optional"
msgstr ""
#: app/templates/check_results.html:169
#: app/templates/check_results.html:177
msgid ""
"Because the DMARC record is configured correctly, the SPF record is not "
"required. Sending e-mail messages from this domain without using the SPF "
@@ -198,7 +202,7 @@ msgid ""
"correct DKIM signatures."
msgstr ""
#: app/templates/check_results.html:176
#: app/templates/check_results.html:184
msgid ""
"However, we recommend configuring an SPF record if possible (even if the "
"domain is not used to send e-mails), because older mail servers may not "
@@ -207,38 +211,38 @@ msgid ""
"properly verify e-mail message authenticity."
msgstr ""
#: app/templates/check_results.html:197 app/templates/check_results.html:202
#: app/templates/check_results.html:237 app/templates/check_results.html:242
#: app/templates/check_results.html:205 app/templates/check_results.html:210
#: app/templates/check_results.html:245 app/templates/check_results.html:250
msgid "Record"
msgstr ""
#: app/templates/check_results.html:202 app/templates/check_results.html:242
#: app/templates/check_results.html:210 app/templates/check_results.html:250
msgid "Records"
msgstr ""
#: app/templates/check_results.html:211 app/templates/check_results.html:251
#: app/templates/check_results.html:277
#: app/templates/check_results.html:219 app/templates/check_results.html:259
#: app/templates/check_results.html:285
msgid "Warnings"
msgstr ""
#: app/templates/check_results.html:212 app/templates/check_results.html:216
#: app/templates/check_results.html:252 app/templates/check_results.html:256
#: app/templates/check_results.html:278 app/templates/check_results.html:282
#: app/templates/check_results.html:220 app/templates/check_results.html:224
#: app/templates/check_results.html:260 app/templates/check_results.html:264
#: app/templates/check_results.html:286 app/templates/check_results.html:290
msgid "none"
msgstr ""
#: app/templates/check_results.html:215 app/templates/check_results.html:255
#: app/templates/check_results.html:281
#: app/templates/check_results.html:223 app/templates/check_results.html:263
#: app/templates/check_results.html:289
msgid "Errors"
msgstr ""
#: app/templates/check_results.html:294
#: app/templates/check_results.html:302
msgid ""
"To increase the chance that your configuration is interpreted by all "
"e-mail servers correctly, we recommend fixing all errors and warnings."
msgstr ""
#: app/templates/check_results.html:302
#: app/templates/check_results.html:310
msgid ""
"After fixing the issues, please rerun the scan - some problems can be "
"detected only if earlier checks complete successfully."

56
app/translations/lt_LT/LC_MESSAGES/messages.po
View File

@@ -21,8 +21,8 @@ msgstr "Tikrinti domeną"
#: app/templates/check_domain.html:12 app/templates/check_results.html:74
#: app/templates/check_results.html:76 app/templates/check_results.html:78
#: app/templates/check_results.html:191 app/templates/check_results.html:231
#: app/templates/check_results.html:272
#: app/templates/check_results.html:199 app/templates/check_results.html:239
#: app/templates/check_results.html:280
msgid "Domain"
msgstr "Domenas"
@@ -156,52 +156,56 @@ msgstr "(el-laiškas žinutė iš %(date_str)s)"
msgid "To share check results, copy the following link:"
msgstr "Jei norite pasidalinti patikrinimo rezultatais, nukopijuokite šią nuorodą:"
#: app/templates/check_results.html:124
msgid "Domain does not exist."
msgstr ""
# "link:"
#: app/templates/check_results.html:129
#: app/templates/check_results.html:137
msgid "Check summary"
msgstr "Patikrinimo rezultatai"
#: app/templates/check_results.html:133
#: app/templates/check_results.html:141
msgctxt "zero"
msgid "mechanisms"
msgstr "mechanizmai"
#: app/templates/check_results.html:135
#: app/templates/check_results.html:143
msgid "mechanism"
msgstr "mechanizmas"
#: app/templates/check_results.html:137
#: app/templates/check_results.html:145
msgid "mechanisms"
msgstr "mechanizmai"
#: app/templates/check_results.html:139
#: app/templates/check_results.html:147
msgid "out of"
msgstr "iš"
#: app/templates/check_results.html:142
#: app/templates/check_results.html:150
msgctxt "zero"
msgid "configured"
msgstr "sukonfigūruotas"
#: app/templates/check_results.html:144
#: app/templates/check_results.html:152
msgctxt "singular"
msgid "configured"
msgstr "sukonfigūruotas"
#: app/templates/check_results.html:146
#: app/templates/check_results.html:154
msgctxt "plural"
msgid "configured"
msgstr "sukonfigūruoti"
#: app/templates/check_results.html:148
#: app/templates/check_results.html:156
msgid "without issues."
msgstr "be klaidų."
#: app/templates/check_results.html:165
#: app/templates/check_results.html:173
msgid "SPF: the record is optional"
msgstr "SPF: įrašas neprivalomas"
#: app/templates/check_results.html:169
#: app/templates/check_results.html:177
msgid ""
"Because the DMARC record is configured correctly, the SPF record is not "
"required. Sending e-mail messages from this domain without using the SPF "
@@ -212,7 +216,7 @@ msgstr ""
"privalomas. Siunčiami pranešimai iš šio domeno nenaudojant SPF mechanizmą"
" yra įmanomi - tokiu atveju žinutė turi turėti teisingą DKIM parašą."
#: app/templates/check_results.html:176
#: app/templates/check_results.html:184
msgid ""
"However, we recommend configuring an SPF record if possible (even if the "
"domain is not used to send e-mails), because older mail servers may not "
@@ -226,32 +230,32 @@ msgstr ""
" mechanizmų SPF, DKIM ir DMARC - kombinacija leidžia visiems serveriams "
"tinkamai patikrinti el. pašto žinučių autentiškumą."
#: app/templates/check_results.html:197 app/templates/check_results.html:202
#: app/templates/check_results.html:237 app/templates/check_results.html:242
#: app/templates/check_results.html:205 app/templates/check_results.html:210
#: app/templates/check_results.html:245 app/templates/check_results.html:250
msgid "Record"
msgstr "Įrašas"
#: app/templates/check_results.html:202 app/templates/check_results.html:242
#: app/templates/check_results.html:210 app/templates/check_results.html:250
msgid "Records"
msgstr "Įrašai"
#: app/templates/check_results.html:211 app/templates/check_results.html:251
#: app/templates/check_results.html:277
#: app/templates/check_results.html:219 app/templates/check_results.html:259
#: app/templates/check_results.html:285
msgid "Warnings"
msgstr "Įspėjimai"
#: app/templates/check_results.html:212 app/templates/check_results.html:216
#: app/templates/check_results.html:252 app/templates/check_results.html:256
#: app/templates/check_results.html:278 app/templates/check_results.html:282
#: app/templates/check_results.html:220 app/templates/check_results.html:224
#: app/templates/check_results.html:260 app/templates/check_results.html:264
#: app/templates/check_results.html:286 app/templates/check_results.html:290
msgid "none"
msgstr "nėra"
#: app/templates/check_results.html:215 app/templates/check_results.html:255
#: app/templates/check_results.html:281
#: app/templates/check_results.html:223 app/templates/check_results.html:263
#: app/templates/check_results.html:289
msgid "Errors"
msgstr "Klaidos"
#: app/templates/check_results.html:294
#: app/templates/check_results.html:302
msgid ""
"To increase the chance that your configuration is interpreted by all "
"e-mail servers correctly, we recommend fixing all errors and warnings."
@@ -260,7 +264,7 @@ msgstr ""
"interpretuojama visų el. pašto serverių, mes rekomenduojame ištaisyti "
"visas klaidas ir perspėjimus. "
#: app/templates/check_results.html:302
#: app/templates/check_results.html:310
msgid ""
"After fixing the issues, please rerun the scan - some problems can be "
"detected only if earlier checks complete successfully."

56
app/translations/messages.pot
View File

@@ -21,8 +21,8 @@ msgstr ""
#: app/templates/check_domain.html:12 app/templates/check_results.html:74
#: app/templates/check_results.html:76 app/templates/check_results.html:78
#: app/templates/check_results.html:191 app/templates/check_results.html:231
#: app/templates/check_results.html:272
#: app/templates/check_results.html:199 app/templates/check_results.html:239
#: app/templates/check_results.html:280
msgid "Domain"
msgstr ""
@@ -146,51 +146,55 @@ msgstr ""
msgid "To share check results, copy the following link:"
msgstr ""
#: app/templates/check_results.html:129
#: app/templates/check_results.html:124
msgid "Domain does not exist."
msgstr ""
#: app/templates/check_results.html:137
msgid "Check summary"
msgstr ""
#: app/templates/check_results.html:133
#: app/templates/check_results.html:141
msgctxt "zero"
msgid "mechanisms"
msgstr ""
#: app/templates/check_results.html:135
#: app/templates/check_results.html:143
msgid "mechanism"
msgstr ""
#: app/templates/check_results.html:137
#: app/templates/check_results.html:145
msgid "mechanisms"
msgstr ""
#: app/templates/check_results.html:139
#: app/templates/check_results.html:147
msgid "out of"
msgstr ""
#: app/templates/check_results.html:142
#: app/templates/check_results.html:150
msgctxt "zero"
msgid "configured"
msgstr ""
#: app/templates/check_results.html:144
#: app/templates/check_results.html:152
msgctxt "singular"
msgid "configured"
msgstr ""
#: app/templates/check_results.html:146
#: app/templates/check_results.html:154
msgctxt "plural"
msgid "configured"
msgstr ""
#: app/templates/check_results.html:148
#: app/templates/check_results.html:156
msgid "without issues."
msgstr ""
#: app/templates/check_results.html:165
#: app/templates/check_results.html:173
msgid "SPF: the record is optional"
msgstr ""
#: app/templates/check_results.html:169
#: app/templates/check_results.html:177
msgid ""
"Because the DMARC record is configured correctly, the SPF record is not "
"required. Sending e-mail messages from this domain without using the SPF "
@@ -198,7 +202,7 @@ msgid ""
"correct DKIM signatures."
msgstr ""
#: app/templates/check_results.html:176
#: app/templates/check_results.html:184
msgid ""
"However, we recommend configuring an SPF record if possible (even if the "
"domain is not used to send e-mails), because older mail servers may not "
@@ -207,38 +211,38 @@ msgid ""
"properly verify e-mail message authenticity."
msgstr ""
#: app/templates/check_results.html:197 app/templates/check_results.html:202
#: app/templates/check_results.html:237 app/templates/check_results.html:242
#: app/templates/check_results.html:205 app/templates/check_results.html:210
#: app/templates/check_results.html:245 app/templates/check_results.html:250
msgid "Record"
msgstr ""
#: app/templates/check_results.html:202 app/templates/check_results.html:242
#: app/templates/check_results.html:210 app/templates/check_results.html:250
msgid "Records"
msgstr ""
#: app/templates/check_results.html:211 app/templates/check_results.html:251
#: app/templates/check_results.html:277
#: app/templates/check_results.html:219 app/templates/check_results.html:259
#: app/templates/check_results.html:285
msgid "Warnings"
msgstr ""
#: app/templates/check_results.html:212 app/templates/check_results.html:216
#: app/templates/check_results.html:252 app/templates/check_results.html:256
#: app/templates/check_results.html:278 app/templates/check_results.html:282
#: app/templates/check_results.html:220 app/templates/check_results.html:224
#: app/templates/check_results.html:260 app/templates/check_results.html:264
#: app/templates/check_results.html:286 app/templates/check_results.html:290
msgid "none"
msgstr ""
#: app/templates/check_results.html:215 app/templates/check_results.html:255
#: app/templates/check_results.html:281
#: app/templates/check_results.html:223 app/templates/check_results.html:263
#: app/templates/check_results.html:289
msgid "Errors"
msgstr ""
#: app/templates/check_results.html:294
#: app/templates/check_results.html:302
msgid ""
"To increase the chance that your configuration is interpreted by all "
"e-mail servers correctly, we recommend fixing all errors and warnings."
msgstr ""
#: app/templates/check_results.html:302
#: app/templates/check_results.html:310
msgid ""
"After fixing the issues, please rerun the scan - some problems can be "
"detected only if earlier checks complete successfully."

56
app/translations/pl_PL/LC_MESSAGES/messages.po
View File

@@ -21,8 +21,8 @@ msgstr "Sprawdź domenę"
#: app/templates/check_domain.html:12 app/templates/check_results.html:74
#: app/templates/check_results.html:76 app/templates/check_results.html:78
#: app/templates/check_results.html:191 app/templates/check_results.html:231
#: app/templates/check_results.html:272
#: app/templates/check_results.html:199 app/templates/check_results.html:239
#: app/templates/check_results.html:280
msgid "Domain"
msgstr "Domena"
@@ -158,51 +158,55 @@ msgstr ""
"Jeśli chcą Państwo udostępnić wyniki sprawdzenia, prosimy skopiować ten "
"link:"
#: app/templates/check_results.html:129
#: app/templates/check_results.html:124
msgid "Domain does not exist."
msgstr "Domena nie istnieje."
#: app/templates/check_results.html:137
msgid "Check summary"
msgstr "Podsumowanie sprawdzenia"
#: app/templates/check_results.html:133
#: app/templates/check_results.html:141
msgctxt "zero"
msgid "mechanisms"
msgstr "mechanizmów"
#: app/templates/check_results.html:135
#: app/templates/check_results.html:143
msgid "mechanism"
msgstr "mechanizm"
#: app/templates/check_results.html:137
#: app/templates/check_results.html:145
msgid "mechanisms"
msgstr "mechanizmy"
#: app/templates/check_results.html:139
#: app/templates/check_results.html:147
msgid "out of"
msgstr "z"
#: app/templates/check_results.html:142
#: app/templates/check_results.html:150
msgctxt "zero"
msgid "configured"
msgstr "skonfigurowanych"
#: app/templates/check_results.html:144
#: app/templates/check_results.html:152
msgctxt "singular"
msgid "configured"
msgstr "skonfigurowany"
#: app/templates/check_results.html:146
#: app/templates/check_results.html:154
msgctxt "plural"
msgid "configured"
msgstr "skonfigurowane"
#: app/templates/check_results.html:148
#: app/templates/check_results.html:156
msgid "without issues."
msgstr "bez zastrzeżeń."
#: app/templates/check_results.html:165
#: app/templates/check_results.html:173
msgid "SPF: the record is optional"
msgstr "SPF: rekord opcjonalny"
#: app/templates/check_results.html:169
#: app/templates/check_results.html:177
msgid ""
"Because the DMARC record is configured correctly, the SPF record is not "
"required. Sending e-mail messages from this domain without using the SPF "
@@ -214,7 +218,7 @@ msgstr ""
"mechanizmu SPF nadal jest możliwe - w takiej sytuacji wiadomości muszą "
"posiadać poprawny podpis DKIM."
#: app/templates/check_results.html:176
#: app/templates/check_results.html:184
msgid ""
"However, we recommend configuring an SPF record if possible (even if the "
"domain is not used to send e-mails), because older mail servers may not "
@@ -229,32 +233,32 @@ msgstr ""
"DMARC umożliwi innym serwerom na poprawne zweryfikowanie wiadomości we "
"wszystkich przypadkach."
#: app/templates/check_results.html:197 app/templates/check_results.html:202
#: app/templates/check_results.html:237 app/templates/check_results.html:242
#: app/templates/check_results.html:205 app/templates/check_results.html:210
#: app/templates/check_results.html:245 app/templates/check_results.html:250
msgid "Record"
msgstr "Rekord"
#: app/templates/check_results.html:202 app/templates/check_results.html:242
#: app/templates/check_results.html:210 app/templates/check_results.html:250
msgid "Records"
msgstr "Rekordy"
#: app/templates/check_results.html:211 app/templates/check_results.html:251
#: app/templates/check_results.html:277
#: app/templates/check_results.html:219 app/templates/check_results.html:259
#: app/templates/check_results.html:285
msgid "Warnings"
msgstr "Ostrzeżenia"
#: app/templates/check_results.html:212 app/templates/check_results.html:216
#: app/templates/check_results.html:252 app/templates/check_results.html:256
#: app/templates/check_results.html:278 app/templates/check_results.html:282
#: app/templates/check_results.html:220 app/templates/check_results.html:224
#: app/templates/check_results.html:260 app/templates/check_results.html:264
#: app/templates/check_results.html:286 app/templates/check_results.html:290
msgid "none"
msgstr "brak"
#: app/templates/check_results.html:215 app/templates/check_results.html:255
#: app/templates/check_results.html:281
#: app/templates/check_results.html:223 app/templates/check_results.html:263
#: app/templates/check_results.html:289
msgid "Errors"
msgstr "Błędy"
#: app/templates/check_results.html:294
#: app/templates/check_results.html:302
msgid ""
"To increase the chance that your configuration is interpreted by all "
"e-mail servers correctly, we recommend fixing all errors and warnings."
@@ -263,7 +267,7 @@ msgstr ""
"zinterpretowana przez wszystkie serwery, rekomendujemy poprawę zarówno "
"błędów, jak i ostrzeżeń."
#: app/templates/check_results.html:302
#: app/templates/check_results.html:310
msgid ""
"After fixing the issues, please rerun the scan - some problems can be "
"detected only if earlier checks complete successfully."

26
scan/libmailgoose/scan.py
View File

@@ -18,6 +18,7 @@ import dns.resolver
import publicsuffixlist
import spf
import validators
from checkdmarc.utils import query_dns
from . import lax_record_query
from .logging import build_logger
@@ -31,6 +32,25 @@ psl = publicsuffixlist.PublicSuffixList()
LOGGER = build_logger(__name__)
def check_domain_exists(domain: str) -> bool:
"""
Check if a domain exists by looking up its DNS records.
"""
if domain.lower().endswith(".test.mailgoose.cert.pl"):
# Let's treat test domain as existing, even if they don't have any interesting records.
return True
for record_type in ["A", "AAAA", "MX", "TXT", "SPF"]:
try:
records = query_dns(domain, record_type)
if records:
return True
except (dns.resolver.NXDOMAIN, dns.resolver.NoAnswer):
pass
return False
@dataclass
class SPFScanResult:
record: Optional[str]
@@ -65,6 +85,7 @@ class DomainScanResult:
domain: str
base_domain: str
warnings: List[str]
domain_does_not_exist: bool
spf_not_required_because_of_correct_dmarc: bool = False
@@ -251,9 +272,14 @@ def scan_domain(
),
domain=domain,
base_domain=checkdmarc.get_base_domain(domain),
domain_does_not_exist=False,
warnings=warnings,
)
if not any([check_domain_exists(domain) for domain in domains_to_check]):
domain_result.domain_does_not_exist = True
return domain_result
try:
spf_query = checkdmarc.spf.query_spf_record(envelope_domain, nameservers=nameservers, timeout=timeout)

1
test/test_api.py
View File

@@ -11,6 +11,7 @@ class APITestCase(BaseTestCase):
{
"result": {
"domain": {
"domain_does_not_exist": False,
"spf": {
"valid": False,
"errors": [

18
test/test_common.py Normal file
View File

@@ -0,0 +1,18 @@
import binascii
import os
import re
from base import BaseTestCase
CONFIG_WITH_WARNINGS_REGEX = r"DMARC:\s*configuration warnings"
INCORRECT_CONFIG_REGEX = r"DMARC:\s*incorrect configuration"
CORRECT_CONFIG_REGEX = r"DMARC:\s*correct configuration"
WARNING_REGEX = "bi bi-exclamation-triangle"
class NonexistentDomainTestCase(BaseTestCase):
def test_nonexistent_domain(self) -> None:
result = self.check_domain(binascii.hexlify(os.urandom(16)).decode("ascii") + ".com")
assert not re.search(CORRECT_CONFIG_REGEX, result)
assert not re.search(INCORRECT_CONFIG_REGEX, result)
assert "Domain does not exist" in result

11
test/test_dmarc.py
View File

@@ -1,5 +1,3 @@
import binascii
import os
import re
from base import BaseTestCase
@@ -17,15 +15,6 @@ class DMARCTestCase(BaseTestCase):
assert re.search(CORRECT_CONFIG_REGEX, result)
assert not re.search(INCORRECT_CONFIG_REGEX, result)
def test_nonexistent_dmarc(self) -> None:
result = self.check_domain(binascii.hexlify(os.urandom(20)).decode("ascii") + ".com")
assert re.search(INCORRECT_CONFIG_REGEX, result)
assert not re.search(CORRECT_CONFIG_REGEX, result)
assert (
"Valid DMARC record not found. We recommend using all three mechanisms: SPF, DKIM and DMARC "
"to decrease the possibility of successful e-mail message spoofing."
) in result
def test_starts_with_whitespace(self) -> None:
result = self.check_domain("starts-with-whitespace.dmarc." + TEST_DOMAIN)
assert not re.search(CORRECT_CONFIG_REGEX, result)