Added checks to get_dmarc_status

2022-03-21 19:13:51 +01:00 · 2022-03-21 19:13:51 +01:00 · ce6ee1a105
parent 93b06fe30c
commit ce6ee1a105
5 changed files with 154 additions and 0 deletions
--- a/tests/example_emls/dmarc_allow.eml
+++ b/tests/example_emls/dmarc_allow.eml
@ -0,0 +1,27 @@
+X-SimpleLogin-Client-IP: 54.39.200.130
+Received-SPF: Softfail (mailfrom) identity=mailfrom; client-ip=34.59.200.130;
+ helo=relay.somewhere.net; envelope-from=everwaste@gmail.com;
+ receiver=<UNKNOWN>
+Received: from relay.somewhere.net (relay.somewhere.net [34.59.200.130])
+        (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
+        (No client certificate requested)
+        by mx1.sldev.ovh (Postfix) with ESMTPS id 6D8C13F069
+        for <wehrman_mannequin@sldev.ovh>; Thu, 17 Mar 2022 16:50:20 +0000 (UTC)
+Date: Thu, 17 Mar 2022 16:50:18 +0000
+To: {{ alias_email }}
+From: spoofedemailsource@gmail.com
+Subject: test Thu, 17 Mar 2022 16:50:18 +0000
+Message-Id: <20220317165018.000191@somewhere-5488dd4b6b-7crp6>
+X-Mailer: swaks v20201014.0 jetmore.org/john/code/swaks/
+X-Rspamd-Queue-Id: 6D8C13F069
+X-Rspamd-Server: staging1
+X-Spamd-Result: default: False [0.50 / 13.00];
+        MID_RHS_NOT_FQDN(0.50)[];
+        DMARC_POLICY_ALLOW(0.10);
+        MIME_GOOD(-0.10)[text/plain];
+        MIME_TRACE(0.00)[0:+];
+        TO_DN_NONE(0.00)[];
+        TO_MATCH_ENVRCPT_ALL(0.00)[];
+        ARC_NA(0.00)[]
+
+This is a test mailing
--- a/tests/example_emls/dmarc_bad_policy.eml
+++ b/tests/example_emls/dmarc_bad_policy.eml
@ -0,0 +1,27 @@
+X-SimpleLogin-Client-IP: 54.39.200.130
+Received-SPF: Softfail (mailfrom) identity=mailfrom; client-ip=34.59.200.130;
+ helo=relay.somewhere.net; envelope-from=everwaste@gmail.com;
+ receiver=<UNKNOWN>
+Received: from relay.somewhere.net (relay.somewhere.net [34.59.200.130])
+        (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
+        (No client certificate requested)
+        by mx1.sldev.ovh (Postfix) with ESMTPS id 6D8C13F069
+        for <wehrman_mannequin@sldev.ovh>; Thu, 17 Mar 2022 16:50:20 +0000 (UTC)
+Date: Thu, 17 Mar 2022 16:50:18 +0000
+To: {{ alias_email }}
+From: spoofedemailsource@gmail.com
+Subject: test Thu, 17 Mar 2022 16:50:18 +0000
+Message-Id: <20220317165018.000191@somewhere-5488dd4b6b-7crp6>
+X-Mailer: swaks v20201014.0 jetmore.org/john/code/swaks/
+X-Rspamd-Queue-Id: 6D8C13F069
+X-Rspamd-Server: staging1
+X-Spamd-Result: default: False [0.50 / 13.00];
+        MID_RHS_NOT_FQDN(0.50)[];
+        DMARC_BAD_POLICY(0.10);
+        MIME_GOOD(-0.10)[text/plain];
+        MIME_TRACE(0.00)[0:+];
+        TO_DN_NONE(0.00)[];
+        TO_MATCH_ENVRCPT_ALL(0.00)[];
+        ARC_NA(0.00)[]
+
+This is a test mailing
--- a/tests/example_emls/dmarc_na.eml
+++ b/tests/example_emls/dmarc_na.eml
@ -0,0 +1,27 @@
+X-SimpleLogin-Client-IP: 54.39.200.130
+Received-SPF: Softfail (mailfrom) identity=mailfrom; client-ip=34.59.200.130;
+ helo=relay.somewhere.net; envelope-from=everwaste@gmail.com;
+ receiver=<UNKNOWN>
+Received: from relay.somewhere.net (relay.somewhere.net [34.59.200.130])
+        (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
+        (No client certificate requested)
+        by mx1.sldev.ovh (Postfix) with ESMTPS id 6D8C13F069
+        for <wehrman_mannequin@sldev.ovh>; Thu, 17 Mar 2022 16:50:20 +0000 (UTC)
+Date: Thu, 17 Mar 2022 16:50:18 +0000
+To: {{ alias_email }}
+From: spoofedemailsource@gmail.com
+Subject: test Thu, 17 Mar 2022 16:50:18 +0000
+Message-Id: <20220317165018.000191@somewhere-5488dd4b6b-7crp6>
+X-Mailer: swaks v20201014.0 jetmore.org/john/code/swaks/
+X-Rspamd-Queue-Id: 6D8C13F069
+X-Rspamd-Server: staging1
+X-Spamd-Result: default: False [0.50 / 13.00];
+        MID_RHS_NOT_FQDN(0.50)[];
+        DMARC_NA(0.10);
+        MIME_GOOD(-0.10)[text/plain];
+        MIME_TRACE(0.00)[0:+];
+        TO_DN_NONE(0.00)[];
+        TO_MATCH_ENVRCPT_ALL(0.00)[];
+        ARC_NA(0.00)[]
+
+This is a test mailing
--- a/tests/example_emls/dmarc_reject.eml
+++ b/tests/example_emls/dmarc_reject.eml
@ -0,0 +1,41 @@
+X-SimpleLogin-Client-IP: 54.39.200.130
+Received-SPF: Softfail (mailfrom) identity=mailfrom; client-ip=34.59.200.130;
+ helo=relay.somewhere.net; envelope-from=everwaste@gmail.com;
+ receiver=<UNKNOWN>
+Received: from relay.somewhere.net (relay.somewhere.net [34.59.200.130])
+        (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
+        (No client certificate requested)
+        by mx1.sldev.ovh (Postfix) with ESMTPS id 6D8C13F069
+        for <wehrman_mannequin@sldev.ovh>; Thu, 17 Mar 2022 16:50:20 +0000 (UTC)
+Date: Thu, 17 Mar 2022 16:50:18 +0000
+To: {{ alias_email }}
+From: spoofedemailsource@gmail.com
+Subject: test Thu, 17 Mar 2022 16:50:18 +0000
+Message-Id: <20220317165018.000191@somewhere-5488dd4b6b-7crp6>
+X-Mailer: swaks v20201014.0 jetmore.org/john/code/swaks/
+X-Rspamd-Queue-Id: 6D8C13F069
+X-Rspamd-Server: staging1
+X-Spamd-Result: default: False [0.50 / 13.00];
+        MID_RHS_NOT_FQDN(0.50)[];
+        DMARC_POLICY_REJECT(0.10)[gmail.com : No valid SPF, No valid DKIM,none];
+        MIME_GOOD(-0.10)[text/plain];
+        MIME_TRACE(0.00)[0:+];
+        FROM_EQ_ENVFROM(0.00)[];
+        ASN(0.00)[asn:16276, ipnet:34.59.0.0/16, country:FR];
+        R_DKIM_NA(0.00)[];
+        RCVD_COUNT_ZERO(0.00)[0];
+        FREEMAIL_ENVFROM(0.00)[gmail.com];
+        FROM_NO_DN(0.00)[];
+        R_SPF_SOFTFAIL(0.00)[~all];
+        FORCE_ACTION_SL_SPF_FAIL_ADD_HEADER(0.00)[add header];
+        RCPT_COUNT_ONE(0.00)[1];
+        FREEMAIL_FROM(0.00)[gmail.com];
+        TO_DN_NONE(0.00)[];
+        TO_MATCH_ENVRCPT_ALL(0.00)[];
+        ARC_NA(0.00)[]
+X-Rspamd-Pre-Result: action=add header;
+        module=force_actions;
+        unknown reason
+X-Spam: Yes
+
+This is a test mailing
--- a/tests/test_email_utils.py
+++ b/tests/test_email_utils.py
@ -36,6 +36,7 @@ from app.email_utils import (
    get_orig_message_from_bounce,
    get_mailbox_bounce_info,
    is_invalid_mailbox_domain,
+    get_dmarc_status,
 )
 from app.models import (
    User,
@ -45,6 +46,7 @@ from app.models import (
    EmailLog,
    IgnoreBounceSender,
    InvalidMailboxDomain,
+    DmarcCheckResult,
 )

 # flake8: noqa: E101, W191
@ -791,3 +793,33 @@ def test_is_invalid_mailbox_domain(flask_client):
    assert is_invalid_mailbox_domain("sub1.sub2.ab.cd")

    assert not is_invalid_mailbox_domain("xy.zt")
+
+
+def test_dmarc_result_softfail():
+    msg = load_eml_file("dmarc_gmail_softfail.eml")
+    assert DmarcCheckResult.soft_fail == get_dmarc_status(msg)
+
+
+def test_dmarc_result_quarantine():
+    msg = load_eml_file("dmarc_quarantine.eml")
+    assert DmarcCheckResult.quarantine == get_dmarc_status(msg)
+
+
+def test_dmarc_result_reject():
+    msg = load_eml_file("dmarc_reject.eml")
+    assert DmarcCheckResult.reject == get_dmarc_status(msg)
+
+
+def test_dmarc_result_allow():
+    msg = load_eml_file("dmarc_allow.eml")
+    assert DmarcCheckResult.allow == get_dmarc_status(msg)
+
+
+def test_dmarc_result_na():
+    msg = load_eml_file("dmarc_na.eml")
+    assert DmarcCheckResult.not_available == get_dmarc_status(msg)
+
+
+def test_dmarc_result_bad_policy():
+    msg = load_eml_file("dmarc_bad_policy.eml")
+    assert DmarcCheckResult.bad_policy == get_dmarc_status(msg)