def test_authenticate_dmarc(self): msg = b"""DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=valimail.com; s=google2048; h=mime-version:from:date:message-id:subject:to; bh=3VWGQGY+cSNYd1MGM+X6hRXU0stl8JCaQtl4mbX/j2I=; b=gntRk4rCVYIGkpO09ROkbs3n4YSIcp/Pi7tUnSIgs8uS+uZ2a77dG+/qlSvnk+mWET IBrkt1YpDzev/0ITTDy/zgTHjPiQIFcg9Q+3hn3sTz8ExCyM8/YYgoPqSs3oUXn3jwXk N/wpMuF29LTVp1gpkYzaoCDNPGd1Wag6Vh2lw65S7ruECCAdBm5XeSnvTOzIC0E/jmEt 3hvaPiKAohCAsC5JAN89EATPOjnYJL4Q6X6p2qUsusz/8tkHuYvReHmxQkjQ0/N3fPP0 6VfkIrPOHympq6qDUizbjiBmgiMWKnarrptblJvyt66/aIHx+QamP6LUA+/RUFY1q7TG MSDg== MIME-Version: 1.0 From: Gene Shuman <*****@*****.**> Date: Wed, 25 Jan 2017 16:13:31 -0800 Message-ID: <CANtLugNVcUMfjVH22FN=+A6Y_Ss+QX_=GnJ3xGfDY1iuEbbuRA@mail.gmail.com> Subject: Test To: [email protected] Content-Type: text/plain; charset=UTF-8 This is a test! """ res = authenticate_message(msg, "example.com", spf=False, dnsfunc=self.dnsfunc) self.assertEqual( res, "Authentication-Results: example.com; dkim=pass header.d=valimail.com; dmarc=pass header.from=valimail.com" )
def test_authenticate_dmarc(self): res = authenticate_message(self.message2, "example.com", spf=False, dnsfunc=self.dnsfunc) self.assertEqual( res, "Authentication-Results: example.com; dkim=pass header.d=example.com [email protected]; dmarc=pass (Used From Domain Record) header.from=example.com policy.dmarc=reject" )
def test_authenticate_dkim(self): from authheaders import authenticate_message res = authenticate_message(self.message2, "example.com", spf=False, dmarc=False, dnsfunc=self.dnsfunc) self.assertEqual( res, "Authentication-Results: example.com; dkim=pass header.d=example.com [email protected]" )
def test_prev(self): prev = "Authentication-Results: example.com; spf=pass smtp.mailfrom=gmail.com" res = authenticate_message(self.message2, "example.com", prev=prev, spf=False, dmarc=False, dnsfunc=self.dnsfunc) self.assertEqual( res, "Authentication-Results: example.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass header.d=example.com [email protected]" )
def test_chain_validation_fail(self): msg = b"""MIME-Version: 1.0 Return-Path: <*****@*****.**> ARC-Seal: a=rsa-sha256; b=dOdFEyhrk/tw5wl3vMIogoxhaVsKJkrkEhnAcq2XqOLSQhPpGzhGBJzR7k1sWGokon3TmQ 7TX9zQLO6ikRpwd/pUswiRW5DBupy58fefuclXJAhErsrebfvfiueGyhHXV7C1LyJTztywzn QGG4SCciU/FTlsJ0QANrnLRoadfps=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass [email protected]; dkim=pass (1024-bit key) [email protected]; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for <*****@*****.**>; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from [email protected]) Authentication-Results: lists.example.org; spf=pass [email protected]; dkim=pass (1024-bit key) [email protected]; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <*****@*****.**> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe <*****@*****.**> To: [email protected] Subject: Example 1 ey gang, This is a test message. --J. """ prev = "Authentication-Results: example.com; spf=pass smtp.mailfrom=gmail.com" res = authenticate_message(msg, "example.com", prev=prev, arc=True, dkim=False, spf=False, dmarc=False, dnsfunc=self.dnsfunc) self.assertEqual( res, "Authentication-Results: example.com; spf=pass smtp.mailfrom=gmail.com; arc=fail header.d=example.org" )
def test_authenticate_dmarc_np2(self): self.maxDiff = None res = authenticate_message( self.message7, "example.com", prev= 'Authentication-Results: example.com; dkim=fail header.d=sub2.example.biz [email protected]', spf=False, dkim=False, dnsfunc=self.dnsfunc) self.assertEqual( res, "Authentication-Results: example.com; dkim=fail header.d=sub2.example.biz [email protected]; dmarc=fail (Used Org Domain Record) header.from=sub2.example.biz policy.dmarc=quarantine" )
def test_authenticate_dmarc_sub(self): self.maxDiff = None res = authenticate_message( self.message5, "example.com", prev= 'Authentication-Results: example.com; dkim=fail header.d=sub.example.net [email protected]', spf=False, dkim=False, dnsfunc=self.dnsfunc) self.assertEqual( res, "Authentication-Results: example.com; dkim=fail header.d=sub.example.net [email protected]; dmarc=fail (Used Org Domain Record) header.from=sub.example.net policy.dmarc=reject" )
def test_authenticate_dmarc_mult_from2(self): self.maxDiff = None res = authenticate_message( self.message4, "example.com", prev= 'Authentication-Results: example.com; dkim=fail header.d=example.com [email protected]; dkim=pass header.d=example.org [email protected]', spf=False, dkim=False, dnsfunc=self.dnsfunc) self.assertEqual( res, "Authentication-Results: example.com; dkim=fail header.d=example.com [email protected]; dkim=pass header.d=example.org [email protected]; dmarc=fail (Used From Domain Record) header.from=example.com policy.dmarc=reject" )
def test_authenticate_dmarc_no_p(self): self.maxDiff = None res = authenticate_message( self.message9, "example.com", prev= 'Authentication-Results: example.com; dkim=fail header.d=nop.example.org [email protected]', spf=False, dkim=False, dnsfunc=self.dnsfunc) self.assertEqual( res, "Authentication-Results: example.com; dkim=fail header.d=nop.example.org [email protected]; dmarc=none" )
def main(): if len(sys.argv) < 3: print("Usage: authenticate-message.py authservId ip mailFrom helo", file=sys.stderr) sys.exit(1) if sys.version_info[0] >= 3: # Make sys.stdin and stdout binary streams. sys.stdin = sys.stdin.detach() sys.stdout = sys.stdout.detach() authservId = sys.argv[1] ip = sys.argv[2] mailFrom = sys.argv[3] message = sys.stdin.read() #try: if len(sys.argv) == 5: helo = sys.argv[4] header = authheaders.authenticate_message(msg=message, authserv_id=authservId, ip=ip, mail_from=mailFrom, helo=helo, spf=True, dkim=True, arc=True) else: header = authheaders.authenticate_message(msg=message, authserv_id=authservId, ip=ip, mail_from=mailFrom, spf=True, dkim=True, arc=True) sys.stdout.write(header.encode('utf8'))
def authenticate(msg, msgdata): """ARC verify a message and update the Authentication-Results header. If there is a previous Authentication-Results, remove that and add a new one. """ prev = trusted_auth_res(msg) auth_result = authenticate_message( msg.as_bytes(), config.arc.authserv_id, prev=prev, spf=False, # cant spf check in mailman dkim=config.arc.dkim_enabled, dmarc=config.arc.dmarc_enabled, arc=True, dnsfunc=dnsfunc) if AUTH_RESULT_HEADER in msg: del msg[AUTH_RESULT_HEADER] auth_result = auth_result.split(':', 1)[1].strip() prepend_headers(msg, [(AUTH_RESULT_HEADER, auth_result)])
# 1. The origin of this software must not be misrepresented; you must not # claim that you wrote the original software. If you use this software # in a product, an acknowledgment in the product documentation would be # appreciated but is not required. # 2. Altered source versions must be plainly marked as such, and must not be # misrepresented as being the original software. # 3. This notice may not be removed or altered from any source distribution. # # Copyright (c) 2017 Valimail Inc # Contact: Gene Shuman <*****@*****.**> # import sys from authheaders import authenticate_message if len(sys.argv) != 5: print("Usage: authenticate_message.py authserv_id ip mail_from helo") sys.exit(1) if sys.version_info[0] >= 3: # Make sys.stdin a binary stream. sys.stdin = sys.stdin.detach() message = sys.stdin.read() res = authenticate_message(message, sys.argv[1], ip=sys.argv[2], mail_from=sys.argv[3], helo=sys.argv[4]) for line in res: sys.stdout.write(line) sys.stdout.write("\n")