RubyGems - mailshield - Versions diffs - 0.1.1 → 1.1 - Mend

mailshield 0.1.1 → 1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

checksums.yaml +4 -4
data/lib/mailshield/docs/mailshield.png +0 -0
data/lib/mailshield/secure_email_validator.rb +16 -0
data/lib/mailshield/temp_domains.yml +3520 -0
data/lib/mailshield/version.rb +1 -1
data/lib/mailshield.rb +78 -114
metadata +6 -3

data/lib/mailshield/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module Mailshield
-  VERSION = "0.1.1"
+  VERSION = "1.1"
 end

data/lib/mailshield.rb CHANGED Viewed

@@ -1,133 +1,88 @@
 # frozen_string_literal: true
-require_relative "mailshield/version"
+require_relative 'mailshield/version'
 require 'resolv'
 require 'csv'
+require 'net/smtp'
 module MailShield
+  EMAIL_REGEX = /\A[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}\z/.freeze
-  class ValidationResult
-    attr_reader :emails
-    def initialize(emails)
-      @emails = emails
-    end
-    def valid_emails
-      emails.select { |email| email[:valid] }.map { |email| email[:email] }
-    end
-    def invalid_emails
-      emails.reject { |email| email[:valid] }.map { |email| email[:email] }
-    end
-    def get_emails
-      emails.map { |email| { email: email[:email], valid: email[:valid] } }
-    end
-  end
+  class ValidationError < StandardError; end
+  class InvalidFormatError < ValidationError; end
+  class DomainNotFoundError < ValidationError; end
+  class SPFError < ValidationError; end
+  class DMARCError < ValidationError; end
+  class SMTPError < ValidationError; end
   class << self
-    TEMP_DOMAINS = %w[mailinator.com tempmail.com guerrillamail.com].freeze # Known temporary domains
+    attr_accessor :dns_cache, :smtp_cache
-    # Main method to validate an email and return results in a hash
-    def validate_email(email)
-      result = {
-        email: email,
-        valid: true,
-        issues: []
-      }
-      unless valid_email_format?(email)
-        result[:valid] = false
-        result[:issues] << "The email address format is invalid."
-        return result
-      end
+    def validate_email(email, verify_by_send: false)
+      reset_caches
       domain = extract_domain(email)
-      if known_temp_domain?(domain)
-        result[:valid] = false
-        result[:issues] << "The email domain is known to be temporary or disposable."
-        return result
-      end
-      mx_records = fetch_mx_records(domain)
-      if mx_records.empty?
-        result[:valid] = false
-        result[:issues] << "The email domain does not have valid mail exchange records."
-        return result
-      elsif suspicious_mx_records?(mx_records)
-        result[:valid] = false
-        result[:issues] << "The email domain's mail exchange records suggest it might be used for temporary or disposable email services."
-        return result
+      begin
+        validate_format!(email)
+        validate_domain!(domain)
+        validate_spf!(domain)
+        validate_dmarc!(domain)
+        validate_smtp!(email) if verify_by_send
+      rescue ValidationError => e
+        return { valid: false, issues: [e.message] }
       end
-      unless spf_record?(domain)
-        result[:valid] = false
-        result[:issues] << "The email domain is missing important records that help confirm its authenticity."
-        return result
-      end
+      { valid: true, issues: [] }
+    end
-      unless dmarc_record?(domain)
-        result[:valid] = false
-        result[:issues] << "The email domain is missing records that help protect against email fraud."
-        return result
-      end
-      result
+    def verify_address(email)
+      smtp_verify_email(email)
     end
+    private
-    def validate_emails_from_csv(input_file_path)
-      email_results = []
-      CSV.foreach(input_file_path, headers: true) do |row|
-        email = row['email']
-        validation_result = validate_email_for_csv(email)
-        email_results << { email: email, valid: validation_result }
-      end
+    def reset_caches
+      @dns_cache = {}
+      @smtp_cache = {}
+    end
-      ValidationResult.new(email_results)
+    def validate_format!(email)
+      raise InvalidFormatError, 'The email address format is invalid.' unless valid_email_format?(email)
     end
-    def validate_email_for_csv(email)
-      return false unless valid_email_format?(email)
-      domain = extract_domain(email)
+    def validate_domain!(domain)
+      raise DomainNotFoundError, 'Email Not Found.' if fetch_mx_records(domain).empty?
+    end
-      return false if known_temp_domain?(domain)
-      return false unless spf_record?(domain)
-      return false unless dmarc_record?(domain)
+    def validate_spf!(domain)
+      raise SPFError, 'Temporary / Disposable Email' unless spf_record?(domain)
+    end
-      true
+    def validate_dmarc!(domain)
+      raise DMARCError, 'Temporary / Disposable Email' unless dmarc_record?(domain)
     end
-    private
+    def validate_smtp!(email)
+      raise SMTPError, 'Email Address Not Found' unless smtp_verify_email(email)
+    end
     def extract_domain(email)
       email.split('@').last.downcase
     end
     def valid_email_format?(email)
-      email_regex = /\A[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}\z/
-      !!(email =~ email_regex)
-    end
-    def known_temp_domain?(domain)
-      TEMP_DOMAINS.include?(domain)
+      EMAIL_REGEX.match?(email)
     end
     def fetch_mx_records(domain)
-      Resolv::DNS.open do |dns|
-        mx_records = dns.getresources(domain, Resolv::DNS::Resource::IN::MX)
-        mx_records.map(&:exchange).map(&:to_s)
+      dns_cache[domain] ||= begin
+        Resolv::DNS.open do |dns|
+          dns.getresources(domain, Resolv::DNS::Resource::IN::MX).map(&:exchange).map(&:to_s)
+        end
+      rescue Resolv::ResolvError
+        []
       end
-    rescue Resolv::ResolvError
-      []
-    end
-    def suspicious_mx_records?(mx_records)
-      suspicious_patterns = [/mailinator/, /tempmail/, /guerrillamail/]
-      mx_records.any? { |mx| suspicious_patterns.any? { |pattern| mx.match?(pattern) } }
     end
     def spf_record?(domain)
@@ -141,27 +96,36 @@ module MailShield
     end
     def fetch_txt_records(domain)
-      Resolv::DNS.open do |dns|
-        records = dns.getresources(domain, Resolv::DNS::Resource::IN::TXT)
-        records.map(&:data)
+      dns_cache[domain] ||= begin
+        Resolv::DNS.open do |dns|
+          dns.getresources(domain, Resolv::DNS::Resource::IN::TXT).map(&:data)
+        end
+      rescue Resolv::ResolvError
+        []
       end
-    rescue Resolv::ResolvError
-      []
     end
-  end
-end
+    def smtp_verify_email(email)
+      domain = extract_domain(email)
+      smtp_server = smtp_cache[domain] ||= get_smtp_server(domain)
+      return false unless smtp_server
+      begin
+        Net::SMTP.start(smtp_server, 25, 'localhost') do |smtp|
+          smtp.helo('localhost')
+          smtp.mailfrom('test@example.com')
+          response = smtp.rcptto(email)
+          response == '250 OK'
+        end
+      rescue Net::SMTPFatalError, Net::SMTPServerBusy, Net::SMTPSyntaxError, Errno::ECONNREFUSED => e
+        false
+      end
+    end
-# SPF Record Explanation:
-#
-# SPF (Sender Policy Framework): A mechanism that helps email servers verify that an email claiming to come from a specific domain is actually sent by an authorized mail server.
-# This prevents spammers from sending messages with forged "From" addresses.
-#
-# DMARC Record Explanation:
-#
-# DMARC (Domain-based Message Authentication, Reporting, and Conformance): A protocol that builds on SPF and DKIM (DomainKeys Identified Mail) to help email domain owners protect their domain from being used in email spoofing.
-# It provides a way for domain owners to publish policies about their email authentication practices and how receiving mail servers should enforce them.
-#
-# References:
-# https://www.dkim.org/
-# https://www.cloudflare.com/en-gb/learning/dns/dns-records/dns-spf-record/
+    def get_smtp_server(domain)
+      mx_records = fetch_mx_records(domain)
+      mx_records.first
+    end
+  end
+end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: mailshield
 version: !ruby/object:Gem::Version
-  version: 0.1.1
+  version: '1.1'
 platform: ruby
 authors:
 - jana
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-08-25 00:00:00.000000000 Z
+date: 2024-08-29 00:00:00.000000000 Z
 dependencies: []
 description: MailShield helps secure your application by identifying temporary or
   disposable email domains.
@@ -19,6 +19,9 @@ extensions: []
 extra_rdoc_files: []
 files:
 - lib/mailshield.rb
+- lib/mailshield/docs/mailshield.png
+- lib/mailshield/secure_email_validator.rb
+- lib/mailshield/temp_domains.yml
 - lib/mailshield/version.rb
 homepage: https://github.com/janarthanan-shanmugam/mailshield
 licenses:
@@ -43,7 +46,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.5.11
+rubygems_version: 3.5.18
 signing_key:
 specification_version: 4
 summary: A gem to detect temporary or disposable email domains.