search

pimlie / authres_status

Roundcube plugin that checks the Authentication-Results headers (rfc5451) of your emails and displays the verification status.
Other
34 stars 20 forks source link

Wrong status when dmarc=fail but dkim=pass [bug] #42

Closed AndreyMZ closed 3 years ago

AndreyMZ commented 4 years ago

Steps to reproduce

Receive an email message with the following headers:

Authentication-Results: victim.example;
    dmarc=fail (p=QUARANTINE sp=NONE) smtp.from=attacker.example header.from=victim.example;
    dkim=pass header.d=attacker.example
Return-Path: <mbox@attacker.example>
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
    d=attacker.example; s=default; t=1586426938;
    <...>
From: mbox2@victim.example
To: mbox1@victim.example
Subject: Test
<...>

Actual result

The status is:

Some signatures are invalid but at least one is valid for the sender's domain. verified by arc=fail (p=QUARANTINE sp=NONE); dkim=pass

Expected result

The status is:

Signature is not valid! Verified by dmarc=fail (p=QUARANTINE sp=NONE)

tomsommer commented 3 years ago

This is because "dmarc" matches "arc" in the regex

AndreyMZ commented 3 years ago

The bug is still present. Only a small part (change arc to dmark) was fixed. Could you reopen it, please?

Below is the result after mergin PR #45 (commit aeab13f7d8).

Actual result

status_partial_pass.png Some signatures are invalid but at least one is valid for the sender's domain. verified by dmarc=fail (p=QUARANTINE sp=NONE); dkim=pass; spf=pass (sender IP is 192.0.2.77)

Expected result

status_fail.png Signature is not valid! Verified by dmarc=fail (p=QUARANTINE sp=NONE)

AndreyMZ commented 3 years ago

Could you reopen this issue, please?