def signal_button_clicked_verify_spf(self, button):
sender_email = self.gobjects['entry_source_email_smtp'].get_text()
if not utilities.is_valid_email_address(sender_email):
gui_utilities.show_dialog_warning('Warning', self.parent, 'Can not check SPF records for an invalid source email address.\n')
return True
spf_test_ip = mailer.guess_smtp_server_address(self.config['smtp_server'], (self.config['ssh_server'] if self.config['smtp_ssh_enable'] else None))
if not spf_test_ip:
gui_utilities.show_dialog_warning('Warning', self.parent, 'Skipping spf policy check because the smtp server address could not be reliably detected')
return True
spf_test_sender, spf_test_domain = sender_email.split('@')
try:
spf_test = spf.SenderPolicyFramework(spf_test_ip, spf_test_domain, spf_test_sender)
spf_result = spf_test.check_host()
except spf.SPFError as error:
gui_utilities.show_dialog_warning('Warning', self.parent, "Done, encountered exception: {0}.\n".format(error.__class__.__name__))
return True
if not spf_result:
gui_utilities.show_dialog_info('SPF Check Results', self.parent, 'No SPF records found.')
else:
if spf_result is 'fail':
gui_utilities.show_dialog_info('SPF Check Results:', self.parent, 'SPF exists with a hard fail. Your messages will probably be blocked.')
elif spf_result is 'softfail':
gui_utilities.show_dialog_info('SPF Check Results', self.parent, 'SPF Exists with a soft fail. Your messages have strong possiblity of being blocked. Check your logs.')
return True
return True
def signal_button_clicked_verify_spf(self, button):
sender_email = self.gobjects['entry_source_email_smtp'].get_text()
if not utilities.is_valid_email_address(sender_email):
gui_utilities.show_dialog_warning('Warning', self.parent, 'Can not check SPF records for an invalid source email address.\n')
return True
spf_test_ip = mailer.guess_smtp_server_address(self.config['smtp_server'], (self.config['ssh_server'] if self.config['smtp_ssh_enable'] else None))
if not spf_test_ip:
gui_utilities.show_dialog_warning('Warning', self.parent, 'Skipping spf policy check because the smtp server address could not be reliably detected')
return True
spf_test_sender, spf_test_domain = sender_email.split('@')
try:
spf_test = spf.SenderPolicyFramework(spf_test_ip, spf_test_domain, spf_test_sender)
spf_result = spf_test.check_host()
except spf.SPFError as error:
gui_utilities.show_dialog_warning('Warning', self.parent, "Done, encountered exception: {0}.\n".format(error.__class__.__name__))
return True
if not spf_result:
gui_utilities.show_dialog_info('SPF Check Results', self.parent, 'No SPF records found.')
else:
if spf_result is 'fail':
gui_utilities.show_dialog_info('SPF Check Results:', self.parent, 'SPF exists with a hard fail. Your messages will probably be blocked.')
elif spf_result is 'softfail':
gui_utilities.show_dialog_info('SPF Check Results', self.parent, 'SPF Exists with a soft fail. Your messages have strong possiblity of being blocked. Check your logs.')
return True
return True
def signal_send_precheck(self, mailer_tab):
test_ip = mailer.guess_smtp_server_address(
self.application.config['smtp_server'],
(self.application.config['ssh_server'] if self.application.config['smtp_ssh_enable'] else None)
)
if not test_ip:
self.logger.info('skipping dmarc policy check because the smtp server address could not be resolved')
return True
test_sender, test_domain = self.application.config['mailer.source_email_smtp'].split('@')
self.logger.debug('checking the dmarc policy for domain: ' + test_domain)
text_insert = mailer_tab.tabs['send_messages'].text_insert
text_insert("Checking the DMARC policy of target domain '{0}'... ".format(test_domain))
try:
spf_result = spf.check_host(test_ip, test_domain, sender=test_sender)
except spf.SPFError as error:
text_insert("done, encountered exception: {0}.\n".format(error.__class__.__name__))
return True
try:
dmarc_policy = DMARCPolicy.from_domain(test_domain)
except DMARCNoRecordError:
self.logger.debug('no dmarc policy found for domain: ' + test_domain)
text_insert('done, no policy found.\n')
return True
except DMARCError as error:
self.logger.warning('dmarc error: ' + error.message)
text_insert("done, encountered exception: {0}.\n".format(error.__class__.__name__))
return False
text_insert('done.\n')
self.logger.debug("dmarc policy set to {0!r} for domain: {1}".format(dmarc_policy.policy, test_domain))
text_insert('Found DMARC policy:\n')
text_insert(' Policy: ' + dmarc_policy.policy + '\n')
text_insert(' Percent: ' + dmarc_policy.get('pct') + '\n')
if dmarc_policy.get('rua'):
text_insert(' RUA URI: ' + dmarc_policy.get('rua') + '\n')
if dmarc_policy.get('ruf'):
text_insert(' RUF URI: ' + dmarc_policy.get('ruf') + '\n')
if spf_result == constants.SPFResult.PASS:
return True
if dmarc_policy.policy == 'none' or dmarc_policy.get('pct') == '0':
return True
if dmarc_policy.policy == 'quarantine':
message = 'The DMARC policy results in these messages being quarantined.'
elif dmarc_policy.policy == 'reject':
message = 'The DMARC policy results in these messages being rejected.'
text_insert('WARNING: ' + message + '\n')
ignore = gui_utilities.show_dialog_yes_no(
'DMARC Policy Failure',
self.application.get_active_window(),
message + '\nContinue sending messages anyways?'
)
return ignore
def signal_send_precheck(self, mailer_tab):
test_ip = mailer.guess_smtp_server_address(
self.application.config['smtp_server'],
(self.application.config['ssh_server'] if self.application.config['smtp_ssh_enable'] else None)
)
if not test_ip:
self.logger.info('skipping dmarc policy check because the smtp server address could not be resolved')
return True
test_sender, test_domain = self.application.config['mailer.source_email_smtp'].split('@')
self.logger.debug('checking the dmarc policy for domain: ' + test_domain)
text_insert = mailer_tab.tabs['send_messages'].text_insert
text_insert("Checking the DMARC policy of target domain '{0}'... ".format(test_domain))
try:
spf_result = spf.check_host(test_ip, test_domain, sender=test_sender)
except spf.SPFError as error:
text_insert("done, encountered exception: {0}.\n".format(error.__class__.__name__))
return True
try:
dmarc_policy = DMARCPolicy.from_domain(test_domain)
except DMARCNoRecordError:
self.logger.debug('no dmarc policy found for domain: ' + test_domain)
text_insert('done, no policy found.\n')
return True
except DMARCError as error:
self.logger.warning('dmarc error: ' + error.message)
text_insert("done, encountered exception: {0}.\n".format(error.__class__.__name__))
return False
text_insert('done.\n')
self.logger.debug("dmarc policy set to {0!r} for domain: {1}".format(dmarc_policy.policy, test_domain))
text_insert('Found DMARC policy:\n')
text_insert(' Policy: ' + dmarc_policy.policy + '\n')
text_insert(' Percent: ' + dmarc_policy.get('pct') + '\n')
if dmarc_policy.get('rua'):
text_insert(' RUA URI: ' + dmarc_policy.get('rua') + '\n')
if dmarc_policy.get('ruf'):
text_insert(' RUF URI: ' + dmarc_policy.get('ruf') + '\n')
if spf_result == constants.SPFResult.PASS:
return True
if dmarc_policy.policy == 'none' or dmarc_policy.get('pct') == '0':
return True
if dmarc_policy.policy == 'quarantine':
message = 'The DMARC policy results in these messages being quarantined.'
elif dmarc_policy.policy == 'reject':
message = 'The DMARC policy results in these messages being rejected.'
text_insert('WARNING: ' + message + '\n')
ignore = gui_utilities.show_dialog_yes_no(
'DMARC Policy Failure',
self.application.get_active_window(),
message + '\nContinue sending messages anyways?'
)
return ignore
def _sender_precheck_spf(self):
spf_check_level = self.config["spf_check_level"]
if not spf_check_level:
return True
if not utilities.is_valid_email_address(self.config["mailer.source_email_smtp"]):
self.text_insert("WARNING: Can not check SPF records for an invalid source email address.\n")
return True
spf_test_ip = mailer.guess_smtp_server_address(
self.config["smtp_server"], (self.config["ssh_server"] if self.config["smtp_ssh_enable"] else None)
)
if not spf_test_ip:
self.text_insert("Skipped checking the SPF policy because the SMTP server address could not be detected.\n")
self.logger.warning(
"skipping spf policy check because the smtp server address could not be reliably detected"
)
return True
self.logger.debug("detected the smtp server address as " + str(spf_test_ip))
spf_test_sender, spf_test_domain = self.config["mailer.source_email_smtp"].split("@")
self.text_insert("Checking the SPF policy of target domain '{0}'... ".format(spf_test_domain))
try:
spf_test = spf.SenderPolicyFramework(spf_test_ip, spf_test_domain, spf_test_sender)
spf_result = spf_test.check_host()
except spf.SPFError as error:
self.text_insert("done, encountered exception: {0}.\n".format(error.__class__.__name__))
return True
if not spf_result:
self.text_insert("done, no policy was found.\n")
else:
self.text_insert("done.\n")
dialog_title = "Sender Policy Framework Failure"
dialog_message = None
if spf_check_level == 1 and spf_result in [SPFResult.FAIL, SPFResult.SOFT_FAIL]:
dialog_message = "The configuration fails the domains SPF policy.\nMessages may be marked as forged."
elif spf_check_level == 2 and not spf_result in [SPFResult.NEUTRAL, SPFResult.PASS]:
dialog_message = "The configuration does not pass the domains SPF policy."
spf_result = spf_result or "N/A (No policy found)"
self.text_insert(
"{0}SPF policy result: {1}\n".format(("WARNING: " if spf_result.endswith("fail") else ""), spf_result)
)
if dialog_message:
dialog_message += "\n\nContinue sending messages anyways?"
if not gui_utilities.show_dialog_yes_no(dialog_title, self.parent, dialog_message):
self.text_insert("Sending aborted due to the SPF policy.\n")
return False
return True
def _sender_precheck_spf(self):
spf_check_level = self.config['spf_check_level']
if not spf_check_level:
return True
if not utilities.is_valid_email_address(self.config['mailer.source_email_smtp']):
self.text_insert('WARNING: Can not check SPF records for an invalid source email address.\n')
return True
spf_test_ip = mailer.guess_smtp_server_address(self.config['smtp_server'], (self.config['ssh_server'] if self.config['smtp_ssh_enable'] else None))
if not spf_test_ip:
self.text_insert('Skipped checking the SPF policy because the SMTP server address could not be detected.\n')
self.logger.warning('skipping spf policy check because the smtp server address could not be reliably detected')
return True
self.logger.debug('detected the smtp server address as ' + str(spf_test_ip))
spf_test_sender, spf_test_domain = self.config['mailer.source_email_smtp'].split('@')
self.text_insert("Checking the SPF policy of target domain '{0}'... ".format(spf_test_domain))
try:
spf_test = spf.SenderPolicyFramework(spf_test_ip, spf_test_domain, spf_test_sender)
spf_result = spf_test.check_host()
except spf.SPFError as error:
self.text_insert("done, encountered exception: {0}.\n".format(error.__class__.__name__))
return True
if not spf_result:
self.text_insert('done, no policy was found.\n')
else:
self.text_insert('done.\n')
dialog_title = 'Sender Policy Framework Failure'
dialog_message = None
if spf_check_level == 1 and spf_result in [SPFResult.FAIL, SPFResult.SOFT_FAIL]:
dialog_message = 'The configuration fails the domains SPF policy.\nMessages may be marked as forged.'
elif spf_check_level == 2 and not spf_result in [SPFResult.NEUTRAL, SPFResult.PASS]:
dialog_message = 'The configuration does not pass the domains SPF policy.'
spf_result = spf_result or 'N/A (No policy found)'
self.text_insert("{0}SPF policy result: {1}\n".format(('WARNING: ' if spf_result.endswith('fail') else ''), spf_result))
if dialog_message:
dialog_message += '\n\nContinue sending messages anyways?'
if not gui_utilities.show_dialog_yes_no(dialog_title, self.parent, dialog_message):
self.text_insert('Sending aborted due to the SPF policy.\n')
return False
return True
def signal_button_clicked_sender_start(self, button):
required_settings = {
'mailer.webserver_url': 'Web Server URL',
'mailer.company_name': 'Company Name',
'mailer.source_email': 'Source Email',
'mailer.subject': 'Subject',
'mailer.html_file': 'Message HTML File',
'mailer.target_file': 'Target CSV File'
}
for setting, setting_name in required_settings.items():
if not self.config.get(setting):
gui_utilities.show_dialog_warning(
"Missing Required Option: '{0}'".format(setting_name),
self.parent,
'Return to the Config tab and set all required options')
return
if not setting.endswith('_file'):
continue
file_path = self.config[setting]
if not (os.path.isfile(file_path)
and os.access(file_path, os.R_OK)):
gui_utilities.show_dialog_warning(
'Invalid Option Configuration', self.parent,
"Setting: '{0}'\nReason: the file could not be read.".
format(setting_name))
return
if not utilities.is_valid_email_address(
self.config['mailer.source_email']):
gui_utilities.show_dialog_warning(
'Invalid Option Configuration', self.parent,
'Setting: \'mailer.source_email\'\nReason: the email address is invalid.'
)
return
if not self.config.get('smtp_server'):
gui_utilities.show_dialog_warning(
'Missing SMTP Server Setting', self.parent,
'Please configure the SMTP server')
return
self.text_insert('Checking the target URL... ')
try:
test_webserver_url(
self.config['mailer.webserver_url'],
self.config['server_config']['server.secret_id'])
except Exception:
self.text_insert('failed')
if not gui_utilities.show_dialog_yes_no(
'Unable To Open The Web Server URL', self.parent,
'The URL may be invalid, continue sending messages anyways?'
):
self.text_insert(', sending aborted.\n')
return
self.text_insert(', error ignored.\n')
else:
self.text_insert('success, done.\n')
if self.config['autocheck_spf']:
spf_test_ip = mailer.guess_smtp_server_address(
self.config['smtp_server'],
(self.config['ssh_server']
if self.config['smtp_ssh_enable'] else None))
if not spf_test_ip:
self.text_insert(
'Skipped checking the SPF policy because the SMTP server address could not be detected.\n'
)
self.logger.warning(
'skipping spf policy check because the smtp server address could not be reliably detected'
)
else:
self.logger.debug('detected the smtp server address as ' +
str(spf_test_ip))
spf_test_sender, spf_test_domain = self.config[
'mailer.source_email'].split('@')
self.text_insert(
"Checking the SPF policy of target domain '{0}'... ".
format(spf_test_domain))
try:
spf_test = spf.SenderPolicyFramework(
spf_test_ip, spf_test_domain, spf_test_sender)
spf_result = spf_test.check_host()
except spf.SPFError as error:
spf_result = None
self.text_insert(
"done, encountered exception: {0}.\n".format(
error.__class__.__name__))
else:
if spf_result:
self.text_insert('done.\n')
self.text_insert("{0}SPF policy result: {1}\n".format(
('WARNING: ' if spf_result.endswith('fail') else
''), spf_result))
if spf_result == 'fail' and not gui_utilities.show_dialog_yes_no(
'Sender Policy Framework Failure', self.parent,
'The configuration fails the domains SPF policy.\nContinue sending messages anyways?'
):
self.text_insert(
'Sending aborted due to a failed SPF policy.\n'
)
return
else:
self.text_insert('done, no policy was found.\n')
# after this the operation needs to call self.sender_start_failure to quit
if self.sender_thread:
return
self.parent.save_config()
self.gobjects['button_mail_sender_start'].set_sensitive(False)
self.gobjects['button_mail_sender_stop'].set_sensitive(True)
self.progressbar.set_fraction(0)
self.sender_thread = mailer.MailSenderThread(
self.config, self.config['mailer.target_file'], self.parent.rpc,
self)
# verify settings
missing_files = self.sender_thread.missing_files()
if missing_files:
text = ''.join(
map(lambda f: "Missing required file: '{0}'\n".format(f),
missing_files))
self.sender_start_failure('Missing required files', text)
return
# connect to the smtp server
if self.config['smtp_ssh_enable']:
while True:
self.text_insert('Connecting to SSH... ')
login_dialog = dialogs.KingPhisherClientSSHLoginDialog(
self.config, self.parent)
login_dialog.objects_load_from_config()
response = login_dialog.interact()
if response == Gtk.ResponseType.CANCEL:
self.sender_start_failure(text='canceled.\n')
return
if self.sender_thread.server_ssh_connect():
self.text_insert('done.\n')
break
self.sender_start_failure(
('Connection Failed',
'Failed to connect to the SSH server.'),
'failed.\n',
retry=True)
self.text_insert('Connecting to SMTP server... ')
if not self.sender_thread.server_smtp_connect():
self.sender_start_failure(
('Connection Failed', 'Failed to connect to the SMTP server.'),
'failed.\n')
return
self.text_insert('done.\n')
parsed_target_url = urllib.parse.urlparse(
self.config['mailer.webserver_url'])
landing_page_hostname = parsed_target_url.netloc
landing_page = parsed_target_url.path
landing_page = landing_page.lstrip('/')
self.parent.rpc('campaign/landing_page/new',
self.config['campaign_id'], landing_page_hostname,
landing_page)
self.sender_thread.start()
self.gobjects['togglebutton_mail_sender_pause'].set_sensitive(True)