1) { $mask = $net[1]; } $net = inet_pton($net[0]); $addr = inet_pton($addr); $length = strlen($net); // 4 for IPv4, 16 for IPv6 if (strlen($net) != strlen($addr)) { return false; } if (!isset($mask)) { $mask = $length * 8; } $addr_bin = ''; $net_bin = ''; for ($i = 0; $i < $length; ++$i) { $addr_bin .= str_pad(decbin(ord(substr($addr, $i, $i+1))), 8, '0', STR_PAD_LEFT); $net_bin .= str_pad(decbin(ord(substr($net, $i, $i+1))), 8, '0', STR_PAD_LEFT); } return substr($addr_bin, 0, $mask) == substr($net_bin, 0, $mask); } if (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == "admin") { require_once("inc/header.inc.php"); $ch = curl_init('http://ipv4.mailcow.email'); curl_setopt($ch, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4); curl_setopt($ch, CURLOPT_VERBOSE, false); curl_setopt($ch, CURLOPT_HEADER, false); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 3); $ip = curl_exec($ch); curl_close($ch); $ch = curl_init('http://ipv6.mailcow.email'); curl_setopt($ch, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V6); curl_setopt($ch, CURLOPT_VERBOSE, false); curl_setopt($ch, CURLOPT_HEADER, false); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 3); $ip6 = curl_exec($ch); curl_close($ch); $ptr = implode('.', array_reverse(explode('.', $ip))) . '.in-addr.arpa'; if (!empty($ip6)) { $ip6_full = str_replace('::', str_repeat(':', 9-substr_count($ip6, ':')), $ip6); $ip6_full = str_replace('::', ':0:', $ip6_full); $ip6_full = str_replace('::', ':0:', $ip6_full); $ptr6 = ''; foreach (explode(':', $ip6_full) as $part) { $ptr6 .= str_pad($part, 4, '0', STR_PAD_LEFT); } $ptr6 = implode('.', array_reverse(str_split($ptr6, 1))) . '.ip6.arpa'; } $https_port = strpos($_SERVER['HTTP_HOST'], ':'); if ($https_port === FALSE) { $https_port = 443; } else { $https_port = substr($_SERVER['HTTP_HOST'], $https_port+1); } $records = array(); $records[] = array($mailcow_hostname, 'A', $ip); $records[] = array($ptr, 'PTR', $mailcow_hostname); if (!empty($ip6)) { $records[] = array($mailcow_hostname, 'AAAA', $ip6); $records[] = array($ptr6, 'PTR', $mailcow_hostname); } $domains = mailbox('get', 'domains'); foreach(mailbox('get', 'domains') as $domain) { $domains = array_merge($domains, mailbox('get', 'alias_domains', $domain)); } if (!isset($autodiscover_config['sieve'])) { $autodiscover_config['sieve'] = array('server' => $mailcow_hostname, 'port' => array_pop(explode(':', getenv('SIEVE_PORT')))); } $records[] = array('_25._tcp.' . $autodiscover_config['smtp']['server'], 'TLSA', generate_tlsa_digest($autodiscover_config['smtp']['server'], 25, 1)); $records[] = array('_' . $https_port . '._tcp.' . $mailcow_hostname, 'TLSA', generate_tlsa_digest($mailcow_hostname, $https_port)); $records[] = array('_' . $autodiscover_config['pop3']['tlsport'] . '._tcp.' . $autodiscover_config['pop3']['server'], 'TLSA', generate_tlsa_digest($autodiscover_config['pop3']['server'], $autodiscover_config['pop3']['tlsport'], 1)); $records[] = array('_' . $autodiscover_config['imap']['tlsport'] . '._tcp.' . $autodiscover_config['imap']['server'], 'TLSA', generate_tlsa_digest($autodiscover_config['imap']['server'], $autodiscover_config['imap']['tlsport'], 1)); $records[] = array('_' . $autodiscover_config['smtp']['port'] . '._tcp.' . $autodiscover_config['smtp']['server'], 'TLSA', generate_tlsa_digest($autodiscover_config['smtp']['server'], $autodiscover_config['smtp']['port'])); $records[] = array('_' . $autodiscover_config['smtp']['tlsport'] . '._tcp.' . $autodiscover_config['smtp']['server'], 'TLSA', generate_tlsa_digest($autodiscover_config['smtp']['server'], $autodiscover_config['smtp']['tlsport'], 1)); $records[] = array('_' . $autodiscover_config['imap']['port'] . '._tcp.' . $autodiscover_config['imap']['server'], 'TLSA', generate_tlsa_digest($autodiscover_config['imap']['server'], $autodiscover_config['imap']['port'])); $records[] = array('_' . $autodiscover_config['pop3']['port'] . '._tcp.' . $autodiscover_config['pop3']['server'], 'TLSA', generate_tlsa_digest($autodiscover_config['pop3']['server'], $autodiscover_config['pop3']['port'])); $records[] = array('_' . $autodiscover_config['sieve']['port'] . '._tcp.' . $autodiscover_config['sieve']['server'], 'TLSA', generate_tlsa_digest($autodiscover_config['sieve']['server'], $autodiscover_config['sieve']['port'], 1)); foreach ($domains as $domain) { $records[] = array($domain, 'MX', $mailcow_hostname); $records[] = array('autodiscover.' . $domain, 'CNAME', $mailcow_hostname); $records[] = array('_autodiscover._tcp.' . $domain, 'SRV', $mailcow_hostname . ' ' . $https_port); $records[] = array('autoconfig.' . $domain, 'CNAME', $mailcow_hostname); $records[] = array($domain, 'TXT', 'v=spf1 mx -all'); $records[] = array('_dmarc.' . $domain, 'TXT', 'v=DMARC1; p=reject', 'v=DMARC1; p='); if (!empty($dkim = dkim('details', $domain))) { $records[] = array($dkim['dkim_selector'] . '._domainkey.' . $domain, 'TXT', $dkim['dkim_txt']); } $current_records = dns_get_record('_pop3._tcp.' . $domain, DNS_SRV); if (count($current_records) == 0 || $current_records[0]['target'] != '') { if ($autodiscover_config['pop3']['tlsport'] != '110') { $records[] = array('_pop3._tcp.' . $domain, 'SRV', $autodiscover_config['pop3']['server'] . ' ' . $autodiscover_config['pop3']['tlsport']); } } else { $records[] = array('_pop3._tcp.' . $domain, 'SRV', '. 0'); } $current_records = dns_get_record('_pop3s._tcp.' . $domain, DNS_SRV); if (count($current_records) == 0 || $current_records[0]['target'] != '') { if ($autodiscover_config['pop3']['port'] != '995') { $records[] = array('_pop3s._tcp.' . $domain, 'SRV', $autodiscover_config['pop3']['server'] . ' ' . $autodiscover_config['pop3']['port']); } } else { $records[] = array('_pop3s._tcp.' . $domain, 'SRV', '. 0'); } if ($autodiscover_config['imap']['tlsport'] != '143') { $records[] = array('_imap._tcp.' . $domain, 'SRV', $autodiscover_config['imap']['server'] . ' ' . $autodiscover_config['imap']['tlsport']); } if ($autodiscover_config['imap']['port'] != '993') { $records[] = array('_imaps._tcp.' . $domain, 'SRV', $autodiscover_config['imap']['server'] . ' ' . $autodiscover_config['imap']['port']); } if ($autodiscover_config['smtp']['tlsport'] != '587') { $records[] = array('_submission._tcp.' . $domain, 'SRV', $autodiscover_config['smtp']['server'] . ' ' . $autodiscover_config['smtp']['tlsport']); } if ($autodiscover_config['smtp']['port'] != '465') { $records[] = array('_smtps._tcp.' . $domain, 'SRV', $autodiscover_config['smtp']['server'] . ' ' . $autodiscover_config['smtp']['port']); } if ($autodiscover_config['sieve']['port'] != '4190') { $records[] = array('_sieve._tcp.' . $domain, 'SRV', $autodiscover_config['sieve']['server'] . ' ' . $autodiscover_config['sieve']['port']); } } define('state_good', "✓"); define('state_missing', "✗"); define('state_nomatch', "?"); $record_types = array( 'A' => DNS_A, 'AAAA' => DNS_AAAA, 'CNAME' => DNS_CNAME, 'MX' => DNS_MX, 'PTR' => DNS_PTR, 'SRV' => DNS_SRV, 'TXT' => DNS_TXT, ); $data_field = array( 'A' => 'ip', 'AAAA' => 'ipv6', 'CNAME' => 'target', 'MX' => 'target', 'PTR' => 'target', 'SRV' => 'data', 'TLSA' => 'data', 'TXT' => 'txt', ); ?>

0 && count($cname) > 0) { if ($a[0]['ip'] == $cname[0]['ip']) { $currents = array(array('host' => $record[0], 'class' => 'IN', 'type' => 'CNAME', 'target' => $record[2])); $aaaa = dns_get_record($record[0], DNS_AAAA); $cname = dns_get_record($record[2], DNS_AAAA); if (count($aaaa) == 0 || count($cname) == 0 || $aaaa[0]['ipv6'] != $cname[0]['ipv6']) { $currents[0]['target'] = $aaaa[0]['ipv6']; } } else { $currents = array(array('host' => $record[0], 'class' => 'IN', 'type' => 'CNAME', 'target' => $a[0]['ip'])); } } } foreach ($currents as $current) { $current['type'] == strtoupper($current['type']); if ($current['type'] != $record[1]) { continue; } elseif ($current['type'] == 'TXT' && strpos($record[0], '_dmarc.') === 0) { $state = state_nomatch; if (strpos($current[$data_field[$current['type']]], $record[3]) === 0) $state = state_good . ' (' . current[$data_field[$current['type']]] . ')'; } else if ($current['type'] == 'TXT' && strpos($current['txt'], 'v=spf1') === 0) { $allowed = get_spf_allowed_hosts($record[0]); $spf_ok = FALSE; $spf_ok6 = FALSE; foreach ($allowed as $net) { if (in_net($ip, $net)) $spf_ok = TRUE; if (in_net($ip6, $net)) $spf_ok6 = TRUE; } if ($spf_ok && (empty($ip6) || $spf_ok6)) $state = state_good . ' (' . $current[$data_field[$current['type']]] . ')'; } else if ($current['type'] != 'TXT' && isset($data_field[$current['type']]) && $state != state_good) { $state = state_nomatch; if ($current[$data_field[$current['type']]] == $record[2]) $state = state_good; } } if ($state == state_nomatch) { $state = array(); foreach ($currents as $current) { $state[] = $current[$data_field[$current['type']]]; } $state = implode('
', $state); } echo sprintf('', $record[0], $record[1], $record[2], $state); } ?>
%s%s%s%s