From 538547d1cca7b1e0c4e9e455f324f17afa0daa6c Mon Sep 17 00:00:00 2001 From: Philippe PITTOLI Date: Thu, 11 Apr 2024 15:19:34 +0200 Subject: [PATCH] DMARC: first baby steps towards an implementation of the type. --- src/App/Type/DMARC.purs | 79 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 79 insertions(+) create mode 100644 src/App/Type/DMARC.purs diff --git a/src/App/Type/DMARC.purs b/src/App/Type/DMARC.purs new file mode 100644 index 0000000..33535c5 --- /dev/null +++ b/src/App/Type/DMARC.purs @@ -0,0 +1,79 @@ +module App.Type.DMARC where + +import Prelude +import Data.Generic.Rep (class Generic) +import Data.Show.Generic (genericShow) + +import App.Type.GenericSerialization (generic_serialization) +import Data.Maybe (Maybe(..)) + +import Data.Codec.Argonaut (JsonCodec) +import Data.Codec.Argonaut as CA +import Data.Codec.Argonaut.Record as CAR + +type DMARC + = { + -- | adkim= Optional. + -- | Consistency policy for DKIM. Either strict (dkim signature domain = "From:" field) or relaxed. + adkim :: Maybe ConsistencyPolicy + -- | aspf= Optional. + -- | Consistency policy for SPF. Either strict (dkim signature domain = "From:" field) or relaxed. + , aspf :: Maybe ConsistencyPolicy + -- | v= "DMARC1", entirely optional (for now, even ignored). + , v :: Maybe Version + -- | pct= Percentage of messages to filter [0...100], 100 by default. + , pct :: Int + -- | p= Requested Mail Receiver policy (None, Quarantine, Reject). + , p :: Policy + -- | sp= Requested Mail Receiver policy for all subdomains. + , sp :: Policy + -- | ruf= Addresses to which message-specific failure information is to be reported. + , ruf :: MailTo + -- | fo= When to send a report (on DKIM or SPF error? Any? Both?). + , fo :: Maybe ReportOccasion + -- | rua= Where to send the aggregated reports. A size limit can be provided (see `rua_maxlen`). + , rua :: MailTo + -- | Optional. !XXm Max size of the report (in megabytes). + , rua_maxlen :: Maybe Int + -- | rf= Optional. Report format, AFRF by default. + , rf :: Maybe Format + -- | ri= Optional. Interval requested between aggregate reports. By default 86400. + , ri :: Maybe Int + } + +data ReportOccasion = Both | DKIMonly | SPFonly | AnyOccasion + +data ConsistencyPolicy + -- | s = strict. + -- | + -- | For DKIM: DKIM signature and "From:" field should have the exact same domain. + -- | + -- | For SPF: First, SPF should produce a passing result. Then, the "From:" and the "MailFrom:" fields are checked. + -- | In strict mode, Both "MailFrom:" and "From:" fields should have the same value. + -- | + -- | From RFC7489: For example, if a message passes an SPF check with an + -- | RFC5321.MailFrom domain of "cbg.bounces.example.com", and the address + -- | portion of the RFC5322.From field contains "payments@example.com", + -- | the Authenticated RFC5321.MailFrom domain identifier and the + -- | RFC5322.From domain are considered to be "in alignment" in relaxed + -- | mode, but not in strict mode. + = Strict + -- | r = relaxed, default. + -- | + -- | For DKIM: "From:" field can be in the same domain of the domain of the DKIM signature. + -- | Example: "From:" is example@foo.example.org, DKIM signature can be d=example.org or d=bar.example.org. + -- | + -- | For SPF: + | Relaxed + +data Format = AFRF -- Authentication Failure Reporting Format +data Version = DMARC1 +data Policy + -- | "None" means to basically just accept the mail. + = None + -- | "Quarantine" means to consider the mail as suspicious, by giving it a bad spam score or something like that. + | Quarantine + -- | "Reject" means to not accept any failure of DKIM or SPF. + | Reject + +type MailTo = String