Skip to content

Commit

Permalink
Fix bug with DKIM and DMARC (#217)
Browse files Browse the repository at this point in the history 
* Fixed bug with DKIM and DMARC

* Adjusted test cases to reflect change
  • Loading branch information
@adhilto
adhilto authored Mar 22, 2023
1 parent 7072194 commit 1d5201f
Show file tree
Hide file tree
Showing 3 changed files with 62 additions and 57 deletions.
15 changes: 10 additions & 5 deletions Rego/EXOConfig.rego
View file
Original file line number Diff line number Diff line change
Expand Up @@ -124,7 +124,8 @@ DomainsWithDkim[DkimConfig.Domain] {
DkimConfig.Enabled == true
DkimRecord := input.dkim_records[_]
DkimRecord.domain == DkimConfig.Domain
startswith(DkimRecord.rdata, "v=DKIM1;")
ValidAnswers := [Answer | Answer := DkimRecord.rdata[_]; startswith(Answer, "v=DKIM1;")]
count(ValidAnswers) > 0
}

tests[{
Expand All @@ -151,7 +152,8 @@ tests[{
#--
DomainsWithoutDmarc[DmarcRecord.domain] {
DmarcRecord := input.dmarc_records[_]
not startswith(DmarcRecord.rdata, "v=DMARC1;")
ValidAnswers := [Answer | Answer := DmarcRecord.rdata[_]; startswith(Answer, "v=DMARC1;")]
count(ValidAnswers) == 0
}

tests[{
Expand All @@ -173,7 +175,8 @@ tests[{
#--
DomainsWithoutPreject[DmarcRecord.domain] {
DmarcRecord := input.dmarc_records[_]
not contains(DmarcRecord.rdata, "p=reject;")
ValidAnswers := [Answer | Answer := DmarcRecord.rdata[_]; contains(Answer, "p=reject;")]
count(ValidAnswers) == 0
}

tests[{
Expand All @@ -195,7 +198,8 @@ tests[{
#--
DomainsWithoutDHSContact[DmarcRecord.domain] {
DmarcRecord := input.dmarc_records[_]
not contains(DmarcRecord.rdata, "mailto:[email protected]")
ValidAnswers := [Answer | Answer := DmarcRecord.rdata[_]; contains(Answer, "mailto:[email protected]")]
count(ValidAnswers) == 0
}

tests[{
Expand All @@ -217,7 +221,8 @@ tests[{
#--
DomainsWithoutAgencyContact[DmarcRecord.domain] {
DmarcRecord := input.dmarc_records[_]
count(split(DmarcRecord.rdata, "@")) < 3
EnoughContacts := [Answer | Answer := DmarcRecord.rdata[_]; count(split(Answer, "@")) >= 3]
count(EnoughContacts) == 0
}

tests[{
Expand Down
52 changes: 26 additions & 26 deletions Testing/Unit/Rego/EXO/EXOConfig2_03_test.rego
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,13 +18,13 @@ test_Enabled_Correct_V1 if {
],
"dkim_records": [
{
"rdata" : "v=DKIM1;",
"rdata" : ["v=DKIM1;"],
"domain" : "test.name"
}
],
"spf_records": [
{
"rdata" : "spf1 ",
"rdata" : ["spf1 "],
"domain" : "test.name"
}
]
Expand Down Expand Up @@ -57,21 +57,21 @@ test_Enabled_Correct_V2 if {
],
"dkim_records": [
{
"rdata" : "v=DKIM1;",
"rdata" : ["v=DKIM1;"],
"domain" : "test.name"
},
{
"rdata" : "",
"rdata" : [],
"domain" : "example.onmicrosoft.com"
}
],
"spf_records": [
{
"rdata" : "spf1 ",
"rdata" : ["spf1 "],
"domain" : "test.name"
},
{
"rdata" : "spf1 ",
"rdata" : ["spf1 "],
"domain" : "example.onmicrosoft.com"
}
]
Expand Down Expand Up @@ -102,21 +102,21 @@ test_Enabled_Correct_V3 if {
],
"dkim_records": [
{
"rdata" : "v=DKIM1;",
"rdata" : ["v=DKIM1;"],
"domain" : "test.name"
},
{
"rdata" : "v=DKIM1;",
"rdata" : ["v=DKIM1;"],
"domain" : "test2.name"
}
],
"spf_records": [
{
"rdata" : "spf1 ",
"rdata" : ["spf1 "],
"domain" : "test.name"
},
{
"rdata" : "spf1 ",
"rdata" : ["spf1 "],
"domain" : "test2.name"
}
]
Expand All @@ -143,13 +143,13 @@ test_Enabled_Correct_V4 if {
],
"dkim_records": [
{
"rdata" : "v=DKIM1;",
"rdata" : ["v=DKIM1;"],
"domain" : "example.onmicrosoft.com"
}
],
"spf_records": [
{
"rdata" : "spf1 ",
"rdata" : ["spf1 "],
"domain" : "example.onmicrosoft.com"
}
]
Expand All @@ -175,13 +175,13 @@ test_Enabled_Incorrect if {
],
"dkim_records": [
{
"rdata" : "v=DKIM1;",
"rdata" : ["v=DKIM1;"],
"domain" : "test.name"
}
],
"spf_records": [
{
"rdata" : "spf1 ",
"rdata" : ["spf1 "],
"domain" : "test.name"
}
]
Expand All @@ -207,13 +207,13 @@ test_Rdata_Incorrect if {
],
"dkim_records": [
{
"rdata" : " ",
"rdata" : [],
"domain" : "test.name"
}
],
"spf_records": [
{
"rdata" : "spf1 ",
"rdata" : ["spf1 "],
"domain" : "test.name"
}
]
Expand All @@ -239,13 +239,13 @@ test_Rdata_Incorrect_V2 if {
],
"dkim_records": [
{
"rdata" : "Hello World",
"rdata" : ["Hello World"],
"domain" : "test.name"
}
],
"spf_records": [
{
"rdata" : "spf1 ",
"rdata" : ["spf1 "],
"domain" : "test.name"
}
]
Expand Down Expand Up @@ -275,21 +275,21 @@ test_Enabled_Correct_V2 if {
],
"dkim_records": [
{
"rdata" : "v=DKIM1;",
"rdata" : ["v=DKIM1;"],
"domain" : "test.name"
},
{
"rdata" : "v=DKIM1;",
"rdata" : ["v=DKIM1;"],
"domain" : "test2.name"
}
],
"spf_records": [
{
"rdata" : "spf1 ",
"rdata" : ["spf1 "],
"domain" : "test.name"
},
{
"rdata" : "spf1 ",
"rdata" : ["spf1 "],
"domain" : "test2.name"
}
]
Expand Down Expand Up @@ -319,21 +319,21 @@ test_Enabled_Inorrect_V3 if {
],
"dkim_records": [
{
"rdata" : "v=DKIM1;",
"rdata" : ["v=DKIM1;"],
"domain" : "test.name"
},
{
"rdata" : "v=DKIM1;",
"rdata" : ["v=DKIM1;"],
"domain" : "test2.name"
}
],
"spf_records": [
{
"rdata" : "spf1 ",
"rdata" : ["spf1 "],
"domain" : "test.name"
},
{
"rdata" : "spf1 ",
"rdata" : ["spf1 "],
"domain" : "test2.name"
}
]
Expand Down
Loading

0 comments on commit 1d5201f

Please sign in to comment.