Open fw23git opened 3 days ago
There could be multiple received
headers, so should all be verified?
For a start, I would suggest only the received header with the server that is doing the "authentication checks" (as noted down in the "Authentication-Results" header). So if this header reads like this:
Authentication-Results: receiver.example.org;
spf=pass smtp.mailfrom=example.com;
dkim=pass header.i=@example.com
The correct received header to parse would look like this:
Received: from out-20.smtp.github.com (out-20.smtp.github.com [192.30.252.203])
...
(Client CN "*.smtp.github.com", Issuer "DigiCert Global G2 TLS RSA SHA256 2020 CA1" (verified OK))
by receiver.example.org (Postfix) with ESMTPS id 662FF42FEE
I would not display the daneValid in this case, for example when the client did not present a certificate:
Received: from uspmta121063.emsmtp.com (uspmta121063.emsmtp.com [185.4.121.63])
...
(Client did not present a certificate)
by receiver.example.org (Postfix) with ESMTPS id 5426D40232
or in cases this certificate line is absent.
Hello,
it would be great to add a daneValid icon after the existing dkimPass icon, just behind the senders "from" mail address in the interface.
If the sender would have had sent a valid Certificate (verified OK) its time to show it, I guess.
This information is part of the header and looks like this in a message, for example:
Thank you