105 lines
3.3 KiB
Python
105 lines
3.3 KiB
Python
from app.config import Settings
|
|
from app.dmarc_parser import ParsedAuthResult, ParsedRecord
|
|
from app.known_senders import classify_record
|
|
|
|
|
|
def _record(source_ip: str, *, dkim_domain: str = "tukutoi.com", spf_domain: str = "tukutoi.com") -> ParsedRecord:
|
|
return ParsedRecord(
|
|
source_ip=source_ip,
|
|
count=1,
|
|
disposition="none",
|
|
policy_dkim="pass",
|
|
policy_spf="pass",
|
|
dkim_aligned=True,
|
|
spf_aligned=True,
|
|
dmarc_pass=True,
|
|
header_from="tukutoi.com",
|
|
reason_type=None,
|
|
reason_comment=None,
|
|
auth_results=[
|
|
ParsedAuthResult(auth_type="dkim", domain=dkim_domain, result="pass"),
|
|
ParsedAuthResult(auth_type="spf", domain=spf_domain, result="pass"),
|
|
],
|
|
)
|
|
|
|
|
|
def test_ip_allowlisted_sender_requires_ip_match_even_when_auth_domain_matches():
|
|
settings = Settings.model_validate(
|
|
{
|
|
"known_senders": {
|
|
"tukutoi.com": [
|
|
{
|
|
"id": "mailcow",
|
|
"name": "mailcow outbound",
|
|
"ip_allowlist": ["45.148.30.200/32"],
|
|
"dkim_domains": ["tukutoi.com"],
|
|
"spf_domains": ["tukutoi.com"],
|
|
}
|
|
]
|
|
},
|
|
"alerts": {"email": {"enabled": False}},
|
|
}
|
|
)
|
|
|
|
match = classify_record(settings, "tukutoi.com", _record("50.31.205.203"))
|
|
|
|
assert match.is_known is False
|
|
assert match.id is None
|
|
assert match.name is None
|
|
|
|
|
|
def test_ip_allowlisted_sender_matches_configured_ip():
|
|
settings = Settings.model_validate(
|
|
{
|
|
"known_senders": {
|
|
"tukutoi.com": [
|
|
{
|
|
"id": "mailcow",
|
|
"name": "mailcow outbound",
|
|
"ip_allowlist": ["45.148.30.200/32"],
|
|
"dkim_domains": ["tukutoi.com"],
|
|
"spf_domains": ["tukutoi.com"],
|
|
}
|
|
]
|
|
},
|
|
"alerts": {"email": {"enabled": False}},
|
|
}
|
|
)
|
|
|
|
match = classify_record(settings, "tukutoi.com", _record("45.148.30.200"))
|
|
|
|
assert match.is_known is True
|
|
assert match.id == "mailcow"
|
|
|
|
|
|
def test_domain_only_sender_still_matches_auth_domain_when_no_ip_allowlist_exists():
|
|
settings = Settings.model_validate(
|
|
{
|
|
"known_senders": {
|
|
"tukutoi.com": [
|
|
{
|
|
"id": "domain-only",
|
|
"name": "domain-only sender",
|
|
"ip_allowlist": [],
|
|
"dkim_domains": ["tukutoi.com"],
|
|
"spf_domains": [],
|
|
}
|
|
]
|
|
},
|
|
"alerts": {"email": {"enabled": False}},
|
|
}
|
|
)
|
|
|
|
match = classify_record(settings, "tukutoi.com", _record("50.31.205.203"))
|
|
|
|
assert match.is_known is True
|
|
assert match.id == "domain-only"
|
|
|
|
|
|
def test_aligned_dkim_without_configured_sender_is_not_known_sender():
|
|
settings = Settings.model_validate({"known_senders": {}, "alerts": {"email": {"enabled": False}}})
|
|
|
|
match = classify_record(settings, "tukutoi.com", _record("50.31.205.203"))
|
|
|
|
assert match.is_known is False
|