paxton
/
mailcow
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[Web] Improve SPF checks

master
andryyy 2020-05-25 16:13:51 +02:00
parent 20e289ce35
commit b6933fdb96
No known key found for this signature in database
GPG Key ID: 8EC34FF2794E25EF
2 changed files with 14 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
data/web/inc/ajax/dns_diagnostics.php
View File

@ -368,7 +368,7 @@ foreach ($records as $record) {
$record[2] == $spf_link) {
$state = state_nomatch;
$rslt = get_spf_allowed_hosts($record[0]);
if(in_array($ip, $rslt) && in_array($ip6, $rslt)){
if(in_array($ip, $rslt) && in_array(expand_ipv6($ip6), $rslt)){
$state = state_good;
}
$state .= '<br />' . $current[$data_field[$current['type']]].state_optional;

14
data/web/inc/spf.inc.php
View File

@ -1,6 +1,12 @@
<?php
error_reporting(0);
function expand_ipv6($ip) {
$hex = unpack("H*hex", inet_pton($ip));
$ip = substr(preg_replace("/([A-f0-9]{4})/", "$1:", $hex['hex']), 0, -1);
return $ip;
}
function get_spf_allowed_hosts($check_domain)
{
$hosts = array();
@ -33,6 +39,8 @@ function get_spf_allowed_hosts($check_domain)
else
{
unset($cidr);
// reset domain to check_domain
$domain = $check_domain;
if (strpos($mech, ':') !== FALSE) // handle a domain specification
{
$split = explode(':', $mech);
@ -77,7 +85,11 @@ function get_spf_allowed_hosts($check_domain)
}
}
}
foreach ($hosts as &$host) {
if (filter_var($host, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) {
$host = expand_ipv6($host);
}
}
return $hosts;
}