示例#1
0
def is_spf_record_strong(domain):
    strong_spf_record = True
    spf_record = spflib.SpfRecord.from_domain(domain)
    if spf_record is not None and spf_record.record is not None:
        output_info("Found SPF record:")
        output_info(str(spf_record.record))

        strong_all_string = check_spf_all_string(spf_record)
        if strong_all_string is False:

            redirect_strength = check_spf_redirect_mechanisms(spf_record)
            include_strength = check_spf_include_mechanisms(spf_record)

            strong_spf_record = False

            if redirect_strength is True:
                strong_spf_record = True

            if include_strength is True:
                strong_spf_record = True
    else:
        output_good(domain + " has no SPF record!")
        strong_spf_record = False

    return strong_spf_record
示例#2
0
def is_spf_record_strong(domain):
    strong_spf_record = True
    spf_record = spflib.SpfRecord.from_domain(domain)
    if spf_record is not None and spf_record.record is not None:
        output_info("Found SPF record:")
        output_info(str(spf_record.record))

        strong_all_string = check_spf_all_string(spf_record)
        if strong_all_string is False:

            redirect_strength = check_spf_redirect_mechanisms(spf_record)
            include_strength = check_spf_include_mechanisms(spf_record)

            strong_spf_record = False

            if redirect_strength is True:
                strong_spf_record = True

            if include_strength is True:
                strong_spf_record = True
    else:
        output_good(domain + " has no SPF record!")
        strong_spf_record = False

    return strong_spf_record
示例#3
0
def check_spf_redirect_mechanisms(spf_record):
    redirect_domain = spf_record.get_redirect_domain()

    if redirect_domain:
        output_info(f"Processing an SPF redirect domain: {redirect_domain}")
        return is_spf_record_strong(redirect_domain)
    else:
        return False
示例#4
0
def is_spf_redirect_record_strong(spf_record):
    output_info("Checking SPF redirect domian: %(domain)s" % {"domain": spf_record.get_redirect_domain})
    redirect_strong = spf_record._is_redirect_mechanism_strong()
    if redirect_strong:
        output_bad("Redirect mechanism is strong.")
    else:
        output_indifferent("Redirect mechanism is not strong.")

    return redirect_strong
示例#5
0
def are_spf_include_mechanisms_strong(spf_record):
    output_info("Checking SPF include mechanisms")
    include_strong = spf_record._are_include_mechanisms_strong()
    if include_strong:
        output_bad("Include mechanisms include a strong record")
    else:
        output_indifferent("Include mechanisms are not strong")

    return include_strong
示例#6
0
def are_spf_include_mechanisms_strong(spf_record):
    output_info("Checking SPF include mechanisms")
    include_strong = spf_record._are_include_mechanisms_strong()
    if include_strong:
        output_bad("Include mechanisms include a strong record")
    else:
        output_indifferent("Include mechanisms are not strong")

    return include_strong
示例#7
0
def is_spf_redirect_record_strong(spf_record):
    output_info("Checking SPF redirect domian: %(domain)s" % {"domain": spf_record.get_redirect_domain})
    redirect_strong = spf_record._is_redirect_mechanism_strong()
    if redirect_strong:
        output_bad("Redirect mechanism is strong.")
    else:
        output_indifferent("Redirect mechanism is not strong.")

    return redirect_strong
示例#8
0
def check_spf_redirect_mechanisms(spf_record):
    redirect_domain = spf_record.get_redirect_domain()

    if redirect_domain is not None:
        output_info("Processing an SPF redirect domain: %s" % redirect_domain)

        return is_spf_record_strong(redirect_domain)

    else:
        return False
示例#9
0
def check_spf_include_mechanisms(spf_record):
    include_domain_list = spf_record.get_include_domains()

    for include_domain in include_domain_list:
        output_info(f"Processing an SPF include domain: {include_domain}")
        strong_all_string = is_spf_record_strong(include_domain)

        if strong_all_string:
            return True

    return False
示例#10
0
def check_spf_include_mechanisms(spf_record):
    include_domain_list = spf_record.get_include_domains()

    for include_domain in include_domain_list:
        output_info("Processing an SPF include domain: %s" % include_domain)

        strong_all_string = is_spf_record_strong(include_domain)

        if strong_all_string:
            return True

    return False
示例#11
0
def get_dmarc_record(domain):
    dmarc = dmarclib.DmarcRecord.from_domain(domain)
    if dmarc is not None and dmarc.record is not None:
        output_info("Found DMARC record:")
        output_info(str(dmarc.record))
        return dmarc
    else:
        org_domain = dmarc.get_org_domain()
        if org_domain is not None and org_domain != domain:
            output_info("Record is a subdomain of %(org)s" % {"org": org_domain})
            org_record = dmarclib.DmarcRecord.from_domain(org_domain)
            if org_record.record is not None:
                output_info("Found subdomain DMARC record for %(org)s:" % {"org": org_domain})
                output_info(str(org_record.record))
                return org_record
示例#12
0
def is_spf_record_strong(domain):
    strong_spf_record = True
    try:
        spf_record = spflib.SpfRecord.from_domain(domain)
        output_info("Found SPF record:")
        output_info(str(spf_record.record))

        all_string_weak = check_spf_all_string(spf_record)
        if all_string_weak is True:
            strong_spf_record = False

    except spflib.NoSpfRecordException:
        output_good(domain + " has no SPF record!")
        strong_spf_record = False

    return strong_spf_record
示例#13
0
def is_spf_record_strong(domain):
    strong_spf_record = True
    try:
        spf_record = spflib.SpfRecord.from_domain(domain)
        output_info("Found SPF record:")
        output_info(str(spf_record.record))

        all_string_weak = check_spf_all_string(spf_record)
        if all_string_weak is True:
            strong_spf_record = False

    except spflib.NoSpfRecordException:
        output_good(domain + " has no SPF record!")
        strong_spf_record = False

    return strong_spf_record
示例#14
0
def is_dmarc_record_strong(domain):
    dmarc_record_strong = False

    dmarc = get_dmarc_record(domain)

    if dmarc is not None and dmarc.record is not None:
        dmarc_record_strong = check_dmarc_policy(dmarc)

        check_dmarc_extras(dmarc)
    elif dmarc.get_org_domain() is not None:
        output_info("No DMARC record found. Looking for organizational record")
        dmarc_record_strong = check_dmarc_org_policy(dmarc)
    else:
        output_good(domain + " has no DMARC record!")

    return dmarc_record_strong
示例#15
0
def is_dmarc_record_strong(domain):
    dmarc_record_strong = False

    dmarc = get_dmarc_record(domain)

    if dmarc is not None and dmarc.record is not None:
        dmarc_record_strong = check_dmarc_policy(dmarc)

        check_dmarc_extras(dmarc)
    elif dmarc.get_org_domain() is not None:
        output_info("No DMARC record found. Looking for organizational record")
        dmarc_record_strong = check_dmarc_org_policy(dmarc)
    else:
        output_good(domain + " has no DMARC record!")

    return dmarc_record_strong
示例#16
0
def menu():
    parser = argparse.ArgumentParser()
    parser.add_argument("--input",
                        "-i",
                        help="List of domains to perform checking")
    parser.add_argument("--domain",
                        "-d",
                        help="Single domain to perform checking")
    args = parser.parse_args()

    if args.domain:
        single_domain(args.domain.rstrip())
    elif args.input:
        with open(args.input, 'r') as f:
            for domain in f:
                domain = domain.rstrip()
                output_info("Checking " + domain)
                single_domain(domain)
                print("")
    else:
        parser.print_help()
示例#17
0
def check_dmarc_org_policy(base_record):
    policy_strong = False

    try:
        org_record = base_record.get_org_record()
        if org_record is not None and org_record.record is not None:
            output_info("Found organizational DMARC record:")
            output_info(str(org_record.record))

            if org_record.subdomain_policy is not None:
                if org_record.subdomain_policy == "none":
                    output_good(
                        "Organizational subdomain policy set to %(sp)s" %
                        {"sp": org_record.subdomain_policy})
                elif org_record.subdomain_policy == "quarantine" or org_record.subdomain_policy == "reject":
                    output_bad(
                        "Organizational subdomain policy explicitly set to %(sp)s"
                        % {"sp": org_record.subdomain_policy})
                    policy_strong = True
            else:
                output_info(
                    "No explicit organizational subdomain policy. Defaulting to organizational policy"
                )
                policy_strong = check_dmarc_policy(org_record)
        else:
            output_good("No organizational DMARC record")

    except dmarclib.OrgDomainException:
        output_good("No organizational DMARC record")

    except Exception as e:
        logging.exception(e)

    return policy_strong
示例#18
0
def check_dmarc_org_policy(base_record):
    policy_strong = False

    try:
        org_record = base_record.get_org_record()
        if org_record is not None and org_record.record is not None:
            output_info("Found organizational DMARC record:")
            output_info(str(org_record.record))

            if org_record.subdomain_policy is not None:
                if org_record.subdomain_policy == "none":
                    output_good("Organizational subdomain policy set to %(sp)s" % {"sp": org_record.subdomain_policy})
                elif org_record.subdomain_policy == "quarantine" or org_record.subdomain_policy == "reject":
                    output_bad("Organizational subdomain policy explicitly set to %(sp)s" % {"sp": org_record.subdomain_policy})
                    policy_strong = True
            else:
                output_info("No explicit organizational subdomain policy. Defaulting to organizational policy")
                policy_strong = check_dmarc_policy(org_record)
        else:
            output_good("No organizational DMARC record")

    except dmarclib.OrgDomainException:
        output_good("No organizational DMARC record")

    except Exception as e:
        logging.exception(e)

    return policy_strong
示例#19
0
def is_spf_record_strong(domain):
    strong_spf_record = True

    spf_record = spflib.SpfRecord.from_domain(domain)
    if spf_record and spf_record.record:
        output_info("Found SPF record:")
        output_info(str(spf_record.record))

        strong_all_string = check_spf_all_string(spf_record)
        if not strong_all_string:

            redirect_strength = check_spf_redirect_mechanisms(spf_record)
            include_strength = check_spf_include_mechanisms(spf_record)

            strong_spf_record = False

            if redirect_strength or include_strength:
                strong_spf_record = True
    else:
        output_good(f"{domain} has no SPF record!")
        strong_spf_record = False

    return strong_spf_record
示例#20
0
def get_dmarc_org_record(base_record):
    org_record = base_record.get_org_record()
    if org_record is not None:
        output_info("Found DMARC Organizational record:")
        output_info(str(org_record.record))
    return org_record
示例#21
0
def get_dmarc_record(domain):
    dmarc = dmarclib.DmarcRecord.from_domain(domain)
    if dmarc is not None and dmarc.record is not None:
        output_info("Found DMARC record:")
        output_info(str(dmarc.record))
    return dmarc
示例#22
0
def get_dmarc_record(domain):
    dmarc = dmarclib.DmarcRecord.from_domain(domain)
    if dmarc is not None and dmarc.record is not None:
        output_info("Found DMARC record:")
        output_info(str(dmarc.record))
    return dmarc
示例#23
0
def get_dmarc_org_record(base_record):
    org_record = base_record.get_org_record()
    if org_record is not None:
        output_info("Found DMARC Organizational record:")
        output_info(str(org_record.record))
    return org_record