Add checks for RFC8460, SMTP-TLS reporting (TLSRPT) #881 #1300

uwekamper · 2024-03-01T00:40:14Z

This PR adds support for checking the policy record (e.g. _smtp._tls.example.com). The check parses the record and results in a "WARNING" state when the TLSRPT policy record is either nonexistant or malformed. To check if the TLSRPT record is well formed, we include a TLSRPT policy record parser in this PR.

The respective descriptions have been updated for both "en" and "nl" translations – though the "nl" translations needs to be looked over by a native speaker.

The test results UI has been updated to include the TLSRPT check on the results page (as part of 'Authenticity marks against phishing' section).

TLSRPT record broken or non-existing:

TLSRPT record exists and is well-formed:

…rrect translation markers, add tlsrpt callback

…licy records with parser

uwekamper added 30 commits February 10, 2024 15:40

internetstandards#881 add placeholder translation targets

a4678d0

internetstandards#881 add new mail auth subcategory for TLS-RPT

ef6031c

internetstandards#881 add scoring for TLS-RPR existance check

524babf

internetstandards#881 add link to RFC 8460 to both translations

bc46910

internetstandards#881 add database model fields for tlsrpt checks, co…

e7c43d8

…rrect translation markers, add tlsrpt callback

internetstandards#881 correct type in status name

2eab6b4

internetstandards#881 add TLS-RPT to FAQ page title

6cafb7b

internetstandards#881 manually add migration

0ddc6d5

internetstandards#881 change title of migration

d8cd152

internetstandards#881 add celery tasks and callbacks for tlsrpt

643144c

internetstandards#881 fix format str

49b432b

internetstandards#881 resolve the correct dns name

7a1d8c6

internetstandards#881 return correct test name

7c3518d

actually save the tlsrpt results to database internetstandards#881

398912c

internetstandards#881 add to results table

b1575a0

internetstandards#881 check for lowercase magic string

3e1258c

internetstandards#881: add TLSRPT parser + unittests, check TLSRPT po…

96f78fe

…licy records with parser

internetstandards#881 complete description text

b175489

internetstandards#881 remove unused code

1155487

internetstandards#881 fix copy-paste error

885c4e6

internetstandards#881 tlsrpt not tlsprt

94aa878

internetstandards#881 unify TLSRPT spelling

35f5fb6

internetstandards#881 fix wrong var name

75b123c

internetstandards#881 keep results even when they are bad

3d5a27a

internetstandards#881 add message for when TLSRPT is invalid

b4005c5

internetstandards#881 duplicate translatioN

12c4c6c

internetstandards#881 show correct verdict

346fc71

internetstandards#881 add missing 'not'

cb79b70

Merge branch 'internetstandards:main' into feature/881-tlsrpt

0a6a177

internetstandards#881 show warning, not fail icon

a852507

internetstandards#881 remove multiple leafs in migrations

0fbe116

uwekamper mentioned this pull request Mar 1, 2024

Check for RFC8460, SMTP-TLS reporting (TLS-RPT) #881

Open

baknu requested a review from mxsasha April 3, 2024 13:28

uwekamper added 2 commits April 8, 2024 14:08

internetstandards#881 fix linter errors

63b7e5b

internetstandards#881 fix style errors found by black

b886bcc

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add checks for RFC8460, SMTP-TLS reporting (TLSRPT) #881 #1300

Add checks for RFC8460, SMTP-TLS reporting (TLSRPT) #881 #1300

uwekamper commented Mar 1, 2024

Add checks for RFC8460, SMTP-TLS reporting (TLSRPT) #881 #1300

Are you sure you want to change the base?

Add checks for RFC8460, SMTP-TLS reporting (TLSRPT) #881 #1300

Conversation

uwekamper commented Mar 1, 2024

TLSRPT record broken or non-existing:

TLSRPT record exists and is well-formed: