dmarc: weed out SPF records from initial search
use a variable instead of array to count list (not using RR address after all)
This commit is contained in:
parent
278399f1ad
commit
8f834d5df2
@ -195,7 +195,6 @@ sub discover_policy {
|
|||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
@matches = $self->fetch_dmarc_record($org_dom);
|
@matches = $self->fetch_dmarc_record($org_dom);
|
||||||
|
|
||||||
if (0 == scalar @matches) {
|
if (0 == scalar @matches) {
|
||||||
$self->log(LOGINFO, "skip, no policy for $from_host");
|
$self->log(LOGINFO, "skip, no policy for $from_host");
|
||||||
return;
|
return;
|
||||||
@ -308,8 +307,8 @@ sub exists_in_dns {
|
|||||||
# I chose to query the name and match NS,MX,A,or AAAA records. Since it gets
|
# I chose to query the name and match NS,MX,A,or AAAA records. Since it gets
|
||||||
# repeated for the for the Organizational Name, if it fails, there's no
|
# repeated for the for the Organizational Name, if it fails, there's no
|
||||||
# delegation from the TLD.
|
# delegation from the TLD.
|
||||||
my $res = $self->init_resolver();
|
my $res = $self->init_resolver(8);
|
||||||
my $query = $res->send($domain) or do {
|
my $query = $res->query($domain, 'NS') or do {
|
||||||
if ($res->errorstring eq 'NXDOMAIN') {
|
if ($res->errorstring eq 'NXDOMAIN') {
|
||||||
$self->log(LOGDEBUG, "fail, non-existent domain: $domain");
|
$self->log(LOGDEBUG, "fail, non-existent domain: $domain");
|
||||||
return;
|
return;
|
||||||
@ -317,15 +316,15 @@ sub exists_in_dns {
|
|||||||
$self->log(LOGINFO, "error, looking up $domain: " . $res->errorstring);
|
$self->log(LOGINFO, "error, looking up $domain: " . $res->errorstring);
|
||||||
return;
|
return;
|
||||||
};
|
};
|
||||||
my @matches;
|
my $matches = 0;
|
||||||
for my $rr ($query->answer) {
|
for my $rr ($query->answer) {
|
||||||
next if $rr->type !~ /(?:NS|MX|A|AAAA)/;
|
next if $rr->type !~ /(?:NS|MX|A|AAAA)/;
|
||||||
push @matches, $rr->nsdname;
|
$matches++;
|
||||||
}
|
}
|
||||||
if (0 == scalar @matches) {
|
if (0 == $matches) {
|
||||||
$self->log(LOGDEBUG, "fail, no records for $domain");
|
$self->log(LOGDEBUG, "fail, no records for $domain");
|
||||||
}
|
}
|
||||||
return @matches;
|
return $matches;
|
||||||
}
|
}
|
||||||
|
|
||||||
sub fetch_dmarc_record {
|
sub fetch_dmarc_record {
|
||||||
@ -344,6 +343,7 @@ sub fetch_dmarc_record {
|
|||||||
# 2. Records that do not start with a "v=" tag that identifies the
|
# 2. Records that do not start with a "v=" tag that identifies the
|
||||||
# current version of DMARC are discarded.
|
# current version of DMARC are discarded.
|
||||||
next if 'v=' ne substr($rr->txtdata, 0, 2);
|
next if 'v=' ne substr($rr->txtdata, 0, 2);
|
||||||
|
next if 'v=spf' eq substr($rr->txtdata, 0, 5); # commonly found
|
||||||
$self->log(LOGINFO, $rr->txtdata);
|
$self->log(LOGINFO, $rr->txtdata);
|
||||||
push @matches, join('', $rr->txtdata);
|
push @matches, join('', $rr->txtdata);
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user