search

Mika56 / PHP-SPF-Check

Simple library to check an IP address against a domain's SPF record
MIT License
44 stars 25 forks source link

Result details #10

Open Pascal76 opened 8 years ago

Pascal76 commented 8 years ago

It would be nice to have details ex1: what validated the spf (ip4:xxx / a / mx / include => ip4:xxx ...) ex2: full list of authorized IPs + others non IP which are authorized too

Mika56 commented 8 years ago

Hi, This is on the list of things I want to do once v1 is out ( #6 ). What I was thinking was to keep the isIpAllowed as it is (returns one of the consts), but add a method like getDetailedResults which would return an object of class SPFResult, having the following methods:

<?php
namespace Mika56\SPFCheck;

class SPFResult
{
    /**
     * @return string The check result
     */
    abstract public function getResult();

    /**
     * @return string The whole SPF record the IP was queried against
     */
    abstract public function getSPFRecord();

    /**
     * @return string The part that matched the IP
     */
    abstract public function getMatchingPart();

    /**
     * @return bool whether the request was redirected or not
     */
    abstract public function wasRedirected();

    /**
     * @return string|null The reason why the check resulted in FAIL
     */
    abstract public function getExp();
}

Do you see any other method that could be added? I also wonder how to handle redirections, would the SPFResult class embed as many SPFResult as there was redirect and include parts?

Pascal76 commented 8 years ago

just the Full list of authorized IPs From my side you helped me a lot for my email deliverabily software (3 years project) If you have new time to spent for a project you can help me on it :)

Mika56 commented 8 years ago

Problem I see with the full list of allowed IP addresses is that we stop processing as soon as a mechanism matches... I think if you want to get the full list of IP addresses allowed, this would be a dedicated method. If my understanding of the norm is correct, results would also be incomplete when ptr mechanism is used (through I just read it is not recommended to use ptr since RFC7208).

Sadly I'm more than lacking time to start new projects (and continue current projects :smile: ), but I'm glad I was able to help you!

Mika56 commented 2 years ago

Version 2 was just released and now allows you to get a Result object with details on how the result was obtained. Is this enough for your first point?

Pascal76 commented 2 years ago

Hello @Mika56 It looks great but I migrated to https://github.com/mlocati/spf-lib to benefit the OnlineSemanticValidator function I will do tests when I have some time Thank you