Closed sdebarun closed 3 years ago
This library checks direct the DNS lookups only. In your case, we have this SPF record
v=spf1 mx a include:spf.smartemailing.cz include:spf.mailkit.eu include:_spf.google.com ip4:90.181.224.125 ip4:178.238.37.227 ~all
that's a total of 5 queries (mx + a + include + include + include). It seems that dmarcian.com also check the SPF records of the "included" records too:
spf.smartemailing.cz
at the moment resolves to
v=spf1 ip4:193.19.178.128/27 ip4:193.19.178.159 ip4:193.19.178.162 ip4:37.46.82.0/28 ip4:130.193.9.208/28 ip4:130.193.12.56 ip4:193.19.178.96/27 ip4:37.46.82.240/28 ip4:45.76.88.183 ip4:45.77.53.19 ip4:104.207.131.63 include:spf1.smartemailing.cz ~all
which has 1 more lookup (the include:spf1.smartemailing.cz
)
spf1.smartemailing.cz
at the moment resolves to
v=spf1 ip4:130.193.10.92 ip4:37.157.195.119 ip4:37.46.80.113 ip4:37.157.198.12 ip4:139.162.160.87 ip4:139.162.238.27 ip4:37.157.197.190 ip6:2a02:2b88:2:1::4a1d:1 ip6:2a02:2b88:2:1::4b41:1 ip6:2a03:b0c0:3:d0::f:b001 include:spf2.smartemailing.cz ~all
which has 1 more lookup (the include:spf2.smartemailing.cz
)
spf2.smartemailing.cz
at the moment resolves to
v=spf1 ip4:109.123.217.128/25 ip4:83.167.240.128/25 ip4:46.234.109.128/25 ip4:45.63.116.226 ip4:45.76.87.101 ip4:45.76.88.107 ip4:46.101.167.208 ip4:37.46.82.160/27 ip4:37.46.80.136 include:spf3.smartemailing.cz ~all
which has 1 more lookup (the include:spf3.smartemailing.cz
)
spf3.smartemailing.cz
at the moment resolves to
v=spf1 ip4:130.193.14.240/28 ip4:130.193.14.192/28 ip4:130.193.12.157 ip4:130.193.14.128/28 ip4:130.193.14.176/28 ip4:130.193.10.185 ~all
no lookups here
spf.mailkit.eu
at the moment resolves to
v=spf1 ip4:217.11.236.80/28 ip4:185.136.200.0/22 ~all
no lookups here
_spf.google.com
at the moment resolves to
v=spf1 include:_netblocks.google.com include:_netblocks2.google.com include:_netblocks3.google.com ~all
which has 3 more lookup (the include:...
)
_netblocks.google.com
at the moment resolves to
v=spf1 ip4:35.190.247.0/24 ip4:64.233.160.0/19 ip4:66.102.0.0/20 ip4:66.249.80.0/20 ip4:72.14.192.0/18 ip4:74.125.0.0/16 ip4:108.177.8.0/21 ip4:173.194.0.0/16 ip4:209.85.128.0/17 ip4:216.58.192.0/19 ip4:216.239.32.0/19 ~all
no lookups here
_netblocks2.google.com
at the moment resolves to
v=spf1 ip6:2001:4860:4000::/36 ip6:2404:6800:4000::/36 ip6:2607:f8b0:4000::/36 ip6:2800:3f0:4000::/36 ip6:2a00:1450:4000::/36 ip6:2c0f:fb50:4000::/36 ~all
no lookups here
_netblocks3.google.com
at the moment resolves to
v=spf1 ip4:172.217.0.0/19 ip4:172.217.32.0/20 ip4:172.217.128.0/19 ip4:172.217.160.0/20 ip4:172.217.192.0/19 ip4:172.253.56.0/21 ip4:172.253.112.0/20 ip4:108.177.96.0/19 ip4:35.191.0.0/16 ip4:130.211.0.0/22 ~all
no lookups here
And that's a total of 11 lookups (the value reported by dmarcian).
So I have ran an recursion and it gives me the desired output like dmarcian. But I cannot return the final value as returning will stop the recusrsion. Please take a look in the code and it will be very much helpful if you can help me out. I made the recursion with lumen(micro framework of Laravel) by tinkering the core code (in SemanticValidator by adding return $count at line 85) and returning counts all the time of all the domains included in it. I have a bit success but did not achieve what I exactly wanted. I got the counts of the individual domains of the included domains too but failed to add them all and get a final sum to check if it is greater than 10 or not. Here is my lumen code of the controller.
public function validateSpf($domain){
//$originalDomainSpfLookUpCount = [];
$decoder = new \SPFLib\Decoder();
$originalSpf = $decoder->getRecordFromDomain($domain);
$record = (new \SPFLib\Decoder())->getRecordFromTXT($originalSpf);
$issues = (new \SPFLib\SemanticValidator())->validate($record);
$originalDomainSpfLookUpCount[] = isset($issues['totalCount']) ? $issues['totalCount'] : false ;
// return $originalDomainSpfLookUpCount;
//looking for how many included domains are there.
$partsOfSpf = explode(' ', $originalSpf );
$includeddomains = [];
foreach($partsOfSpf as $key => $part){
$includeddomains[] = str_replace('include:','',strstr($part,"include:"));
$includeddomains = array_filter($includeddomains);
// str_replace('inlcude:','');
}
//return $includeddomains;
//running recursion
if(count($includeddomains) > 0){
foreach($includeddomains as $index => $include){
$this->validateSpf($include);
}
}
echo "<pre>";
print_r($originalDomainSpfLookUpCount[0]);
echo "</pre>";
}
public function validatedOutput(Request $request){
return $this->validateSpf($request->domain);
}
Hi, I have done a fresh installation of the package. But Yet I am not getting the count as dmarcian.com. it still returns count 5 for kojenecke-obleceni.eu. Do I need to do something else? I am running this code
$decoder = new \SPFLib\Decoder();
$spf = $decoder->getRecordFromDomain('kojenecke-obleceni.eu');
$record = (new \SPFLib\Decoder())->getRecordFromTXT($spf);
$issues = (new \SPFLib\SemanticValidator())->validate($record);
foreach ($issues as $issue) {
echo (string) $issue, "\n";
}
You should use OnlineSemanticValidator
instead of SemanticValidator
- see the relevant README.md
section.
In any case, I haven't published a new SPFLib version including it yet: keep an eye at the releases page. You can be notified for new releases via email by choosing the Watch → Releases only option you can find top right:
I've just published version 3.1.0 with this new OnlineSemanticValidator
class.
I am checking a domain here and it gives me an error related to required number of DNS look up to evaluate the spf. But If I use this piece of code from the library documentation,
$record = (new \SPFLib\Decoder())->getRecordFromTXT($spfString);
$issues = (new \SPFLib\SemanticValidator())->validate($record);
foreach ($issues as $key => $issue) {
echo $issue, "\n";
}
I am not getting any thing similar. I would like to know why there is a difference in result between the library and https://dmarcian.com/ and if anything I can do to fix it. Thank You,