cqrenet/relay
4
0
Fork 0
mirror of https://github.com/chatmail/relay.git synced 2026-05-20 12:58:04 +00:00
Code Issues Packages Projects Releases Wiki Activity

DNS: added checks for PTR records

Browse Source
This commit is contained in:
missytake
2023-12-13 04:03:26 +01:00
parent fe675a9a72
commit 2669babb53
2 changed files with 17 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
cmdeploy/src/cmdeploy/cmdeploy.py
View File

@@ -106,6 +106,7 @@ def dns_cmd(args, out):
template = importlib.resources.files(__package__).joinpath("chatmail.zone.f") template = importlib.resources.files(__package__).joinpath("chatmail.zone.f")
ssh = f"ssh root@{args.config.mail_domain}" ssh = f"ssh root@{args.config.mail_domain}"
get_ipv6 = "ip a | grep inet6 | grep 'scope global' | sed -e 's#/64 scope global##' | sed -e 's#inet6##'" get_ipv6 = "ip a | grep inet6 | grep 'scope global' | sed -e 's#/64 scope global##' | sed -e 's#inet6##'"
get_ipv4 = "ip a | grep 'inet ' | grep 'scope global' | grep -oE '[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}' | head -1"
dns = DNS() dns = DNS()
def read_dkim_entries(entry): def read_dkim_entries(entry):
@@ -121,6 +122,15 @@ def dns_cmd(args, out):
acme_account_url = out.shell_output(f"{ssh} -- acmetool account-url") acme_account_url = out.shell_output(f"{ssh} -- acmetool account-url")
dkim_entry = read_dkim_entries(out.shell_output(f"{ssh} -- opendkim-genzone -F")) dkim_entry = read_dkim_entries(out.shell_output(f"{ssh} -- opendkim-genzone -F"))
ipv6 = out.shell_output(f"{ssh} -- {get_ipv6}").strip() ipv6 = out.shell_output(f"{ssh} -- {get_ipv6}").strip()
ipv4 = out.shell_output(f"{ssh} -- {get_ipv4}").strip()
print()
if not dns.check_ptr_record(ipv4, args.config.mail_domain):
print(f"You should add a PTR/reverse DNS entry for {ipv4}, with the value: {args.config.mail_domain}.")
print("You can do so at your hosting provider (maybe this isn't your DNS provider).\n")
if not dns.check_ptr_record(ipv6, args.config.mail_domain):
print(f"You should add a PTR/reverse DNS entry for {ipv6}, with the value: {args.config.mail_domain}.")
print("You can do so at your hosting provider (maybe this isn't your DNS provider).\n")
to_print = [] to_print = []
with open(template, "r") as f: with open(template, "r") as f:

7
cmdeploy/src/cmdeploy/dns.py
View File

@@ -1,4 +1,5 @@
import requests import requests
from ipaddress import ip_address
url = "https://dns.nextdns.io/dns-query" url = "https://dns.nextdns.io/dns-query"
dns_types = { dns_types = {
@@ -9,6 +10,7 @@ dns_types = {
"SRV": 33, "SRV": 33,
"CAA": 257, "CAA": 257,
"TXT": 16, "TXT": 16,
"PTR": 12,
} }
@@ -59,3 +61,8 @@ class DNS:
if not result: if not result:
result = self.get("AAAA", domain) result = self.get("AAAA", domain)
return result return result
def check_ptr_record(self, ip: str, mail_domain) -> str:
"""Check the PTR record for an IPv4 or IPv6 address."""
result = self.get("PTR", ip_address(ip).reverse_pointer)
return result[:-1] == mail_domain