-
Notifications
You must be signed in to change notification settings - Fork 8
/
main.go
92 lines (80 loc) · 2.13 KB
/
main.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
package main
import (
"bufio"
"flag"
"fmt"
"log"
"os"
"strings"
"github.com/foxcpp/mailsec-check/dns"
"github.com/mitchellh/colorstring"
)
var (
active = flag.Bool("active", false, "Do some tests that require making connections to the SMTP servers")
protocol = flag.Bool("protocol", false, "Display protocol records")
)
func printStatus(level Level, name, desc, record string) {
var color, mark string
switch level {
case LevelUnknown:
color = "[dark_gray]"
mark = " "
desc = "not evaluated;"
case LevelSecure:
color = "[green]"
mark = "+"
case LevelInsecure:
color = "[yellow]"
mark = " "
case LevelMissing:
color = "[red]"
mark = " "
case LevelInvalid:
color = "[red]"
mark = "!"
}
colorstring.Println(fmt.Sprintf("[%s%s[reset]] %s[bold]%s:[reset] \t %s", color, mark, color, name, desc))
if *protocol && record != "" {
colorstring.Println(fmt.Sprintf(" %s%s[reset]", "[blue]", "Record:"))
scanner := bufio.NewScanner(strings.NewReader(record))
for scanner.Scan() {
fmt.Printf("\t%s\n", scanner.Text())
}
if err := scanner.Err(); err != nil {
fmt.Fprintln(os.Stderr, "Error reading record string: ", err)
}
}
}
func main() {
log.SetFlags(0)
log.SetOutput(os.Stderr)
flag.Parse()
if len(flag.Args()) != 1 {
log.Println("Usage:", os.Args[0], "<domain>")
os.Exit(2)
}
domain := flag.Args()[0]
var err error
extR, err = dns.NewExtResolver()
if err != nil {
log.Println(err)
os.Exit(1)
}
res, err := evaluateAll(domain)
if err != nil {
log.Println(err)
os.Exit(1)
}
colorstring.Println("[bold]-- Source forgery protection[reset]")
printStatus(res.dkim, "DKIM", res.dkimDesc, "")
printStatus(res.spf, "SPF", res.spfDesc, res.spfRec)
printStatus(res.dmarc, "DMARC", res.dmarcDesc, res.dmarcRec)
fmt.Println()
colorstring.Println("[bold]-- TLS enforcement[reset]")
printStatus(res.mtasts, "MTA-STS", res.mtastsDesc, res.mtastsRec)
printStatus(res.dane, "DANE", res.daneDesc, res.daneRec)
fmt.Println()
colorstring.Println("[bold]-- DNS consistency[reset]")
printStatus(res.fcrdns, "FCrDNS", res.fcrdnsDesc, "")
printStatus(res.dnssecMX, "DNSSEC", res.dnssecMXDesc, "")
}