mail: add ipv6 rdns check

(cherry picked from commit 6fcfa6cac0)
2025-01-08 17:20:33 +01:00
parent e536c94028
commit f5f6b69d5d
5 changed files with 84 additions and 20 deletions
--- a/src/mail.js
+++ b/src/mail.js
@@ -397,8 +397,60 @@ async function checkDmarc(domain) {
    return dmarc;
 }

-// TODO: check ip6.arpa for IPv6 PTR
-async function checkPtr(mailFqdn) {
+async function checkPtr6(mailFqdn) {
+    assert.strictEqual(typeof mailFqdn, 'string');
+
+    const ptr = {
+        domain: null,
+        name: null,
+        type: 'PTR',
+        value: null,
+        expected: mailFqdn, // any trailing '.' is added by client software (https://lists.gt.net/spf/devel/7918)
+        status: false,
+        errorMessage: ''
+    };
+
+    const [error, ip] = await safe(network.getIPv6());
+    if (error) {
+        ptr.errorMessage = error.message;
+        return ptr;
+    }
+    if (ip === null) {
+        ptr.errorMessage = 'Server has no IPv6';
+        return ptr;
+    }
+
+    function expandIPv6(ipv6) {
+        const parts = ipv6.split('::');
+        const left = parts[0].split(':');
+        const right = parts[1] ? parts[1].split(':') : [];
+        const fill = new Array(8 - left.length - right.length).fill('0');
+        const full = [...left, ...fill, ...right];
+        return full.map(part => part.padStart(4, '0')).join('');
+    }
+
+    const expanded = expandIPv6(ip);
+    const reversed = expanded.split('').reverse().join('');
+    const reversedWithDots = reversed.split('').join('.');
+
+    ptr.domain = `${reversedWithDots}.ip6.arpa`;
+    ptr.name = ip;
+
+    const [error2, ptrRecords] = await safe(dig.resolve(ptr.domain, 'PTR', DNS_OPTIONS));
+    if (error2) {
+        ptr.errorMessage = error2.message;
+        return ptr;
+    }
+
+    if (ptrRecords.length !== 0) {
+        ptr.value = ptrRecords.join(' ');
+        ptr.status = ptrRecords.some(function (v) { return v === ptr.expected; });
+    }
+
+    return ptr;
+}
+
+async function checkPtr4(mailFqdn) {
    assert.strictEqual(typeof mailFqdn, 'string');

    const ptr = {
@@ -416,6 +468,10 @@ async function checkPtr(mailFqdn) {
        ptr.errorMessage = error.message;
        return ptr;
    }
+    if (ip === null) {
+        ptr.errorMessage = 'Server has no IPv4';
+        return ptr;
+    }

    ptr.domain = ip.split('.').reverse().join('.') + '.in-addr.arpa';
    ptr.name = ip;
@@ -550,7 +606,8 @@ async function getStatus(domain) {
        checks.push(
            { what: 'dns.spf', promise: checkSpf(domain, fqdn) },
            { what: 'dns.dkim', promise: checkDkim(mailDomain) },
-            { what: 'dns.ptr', promise: checkPtr(fqdn) },
+            { what: 'dns.ptr4', promise: checkPtr4(fqdn) },
+            { what: 'dns.ptr6', promise: checkPtr6(fqdn) },
            { what: 'relay', promise: checkOutboundPort25() },
            { what: 'rbl', promise: checkRblStatus(domain) },
        );