npm - mailauth - Versions diffs - 4.0.2 → 4.2.0 - Mend

mailauth 4.0.2 → 4.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/README.md +33 -0
package/lib/dmarc/get-dmarc-record.js +75 -0
package/lib/dmarc/verify.js +1 -67
package/lib/tools.js +1 -9
package/licenses.txt +11 -12
package/man/mailauth.1 +1 -1
package/package.json +12 -13

package/README.md CHANGED Viewed

@@ -294,6 +294,39 @@ process.stdout.write(headers); // authentication results
 process.stdout.write(message);
 ```
+## DMARC
+DMARC is verified as part of the authentication process and even as the `dmarc` handler is exported, it requires input from previous steps.
+### Helpers
+#### getDmarcRecord
+Returns parsed DMARC DNS record for a domain, or a subdomain
+```
+const getDmarcRecord = require('mailauth/lib/dmarc/get-dmarc-record');
+const dmarcRecord = getDmarcRecord("ethereal.email");
+console.log(dmarcRecord);
+```
+**Output**
+```
+{
+  v: 'DMARC1',
+  p: 'none',
+  pct: 100,
+  rua: 'mailto:re+joqy8fpatm3@dmarc.postmarkapp.com',
+  sp: 'none',
+  aspf: 'r',
+  rr: 'v=DMARC1; p=none; pct=100; rua=mailto:re+joqy8fpatm3@dmarc.postmarkapp.com; sp=none; aspf=r;',
+  isOrgRecord: false
+}
+```
+`isOrgRecord` is `true` for sudomains, where organizational domain's DMARC policy applies, so use the `sp`, not `p` policy.
 ## BIMI
 Brand Indicators for Message Identification (BIMI) support is based on [draft-blank-ietf-bimi-01](https://tools.ietf.org/html/draft-blank-ietf-bimi-01).

package/lib/dmarc/get-dmarc-record.js ADDED Viewed

@@ -0,0 +1,75 @@
+'use strict';
+const psl = require('psl');
+const dns = require('dns').promises;
+const resolveTxt = async (domain, resolver) => {
+    try {
+        let txt = await resolver(`_dmarc.${domain}`, 'TXT');
+        if (!txt || !txt.length) {
+            return false;
+        }
+        txt = txt.map(row => row.join('').trim()).filter(row => /^v=DMARC1\b/i.test(row));
+        if (txt.length !== 1) {
+            //no records or multiple records yield in no policy
+            return false;
+        }
+        return txt[0];
+    } catch (err) {
+        if (err.code === 'ENOTFOUND' || err.code === 'ENODATA') {
+            return false;
+        }
+        throw err;
+    }
+};
+const getDmarcRecord = async (domain, resolver) => {
+    resolver = resolver || dns.resolve;
+    let txt = await resolveTxt(domain, resolver);
+    let isOrgRecord = false;
+    if (!txt) {
+        let orgDomain = psl.get(domain);
+        if (orgDomain !== domain) {
+            // try org domain as well
+            txt = await resolveTxt(orgDomain, resolver);
+            isOrgRecord = true;
+        }
+    }
+    if (!txt) {
+        return false;
+    }
+    let parsed = Object.fromEntries(
+        txt
+            .split(';')
+            .map(e => e.trim())
+            .filter(e => e)
+            .map(e => {
+                let splitPos = e.indexOf('=');
+                if (splitPos < 0) {
+                    return [e.toLowerCase().trim(), false];
+                } else if (splitPos === 0) {
+                    return [false, e];
+                }
+                let key = e.substr(0, splitPos).toLowerCase().trim();
+                let val = e.substr(splitPos + 1);
+                if (['pct', 'ri'].includes(key)) {
+                    val = parseInt(val, 10) || 0;
+                }
+                return [key, val];
+            })
+    );
+    parsed.rr = txt;
+    parsed.isOrgRecord = isOrgRecord;
+    return parsed;
+};
+module.exports = getDmarcRecord;

package/lib/dmarc/verify.js CHANGED Viewed

@@ -4,73 +4,7 @@ const dns = require('dns').promises;
 const punycode = require('punycode/');
 const psl = require('psl');
 const { formatAuthHeaderRow, getAlignment } = require('../tools');
-const resolveTxt = async (domain, resolver) => {
-    try {
-        let txt = await resolver(`_dmarc.${domain}`, 'TXT');
-        if (!txt || !txt.length) {
-            return false;
-        }
-        txt = txt.map(row => row.join('').trim()).filter(row => /^v=DMARC1\b/i.test(row));
-        if (txt.length !== 1) {
-            //no records or multiple records yield in no policy
-            return false;
-        }
-        return txt[0];
-    } catch (err) {
-        if (err.code === 'ENOTFOUND' || err.code === 'ENODATA') {
-            return false;
-        }
-        throw err;
-    }
-};
-const getDmarcRecord = async (domain, resolver) => {
-    let txt = await resolveTxt(domain, resolver);
-    let isOrgRecord = false;
-    if (!txt) {
-        let orgDomain = psl.get(domain);
-        if (orgDomain !== domain) {
-            // try org domain as well
-            txt = await resolveTxt(orgDomain, resolver);
-            isOrgRecord = true;
-        }
-    }
-    if (!txt) {
-        return false;
-    }
-    let parsed = Object.fromEntries(
-        txt
-            .split(';')
-            .map(e => e.trim())
-            .filter(e => e)
-            .map(e => {
-                let splitPos = e.indexOf('=');
-                if (splitPos < 0) {
-                    return [e.toLowerCase().trim(), false];
-                } else if (splitPos === 0) {
-                    return [false, e];
-                }
-                let key = e.substr(0, splitPos).toLowerCase().trim();
-                let val = e.substr(splitPos + 1);
-                if (['pct', 'ri'].includes(key)) {
-                    val = parseInt(val, 10) || 0;
-                }
-                return [key, val];
-            })
-    );
-    parsed.rr = txt;
-    parsed.isOrgRecord = isOrgRecord;
-    return parsed;
-};
+const getDmarcRecord = require('./get-dmarc-record');
 const verifyDmarc = async opts => {
     let { headerFrom, spfDomains, dkimDomains, resolver, arcResult } = opts;

package/lib/tools.js CHANGED Viewed

@@ -10,7 +10,6 @@ const https = require('https');
 const packageData = require('../package');
 const parseDkimHeaders = require('./parse-dkim-headers');
 const psl = require('psl');
-const pki = require('node-forge').pki;
 const Joi = require('joi');
 const base64Schema = Joi.string().base64({ paddingRequired: false });
@@ -288,14 +287,7 @@ const getPublicKey = async (type, name, minBitLength, resolver) => {
             throw err;
         }
-        let modulusLength;
-        if (publicKeyObj.asymmetricKeyDetails) {
-            modulusLength = publicKeyObj.asymmetricKeyDetails.modulusLength;
-        } else {
-            // fall back to node-forge
-            const pubKeyData = pki.publicKeyFromPem(publicKeyPem.toString());
-            modulusLength = pubKeyData.n.bitLength();
-        }
+        let modulusLength = publicKeyObj.asymmetricKeyDetails.modulusLength;
         if (keyType === 'rsa' && modulusLength < 1024) {
             let err = new Error('RSA key too short');

package/licenses.txt CHANGED Viewed

@@ -1,12 +1,11 @@
-name             license type               link                                                            installed version  author
-----             ------------               ----                                                            -----------------  ------
-@postalsys/vmc   MIT                        https://registry.npmjs.org/@postalsys/vmc/-/vmc-1.0.6.tgz       1.0.6              Postal Systems OÜ
-fast-xml-parser  MIT                        git+https://github.com/NaturalIntelligence/fast-xml-parser.git  4.0.9              Amit Gupta (https://amitkumargupta.work/)
-ipaddr.js        MIT                        git://github.com/whitequark/ipaddr.js.git                       2.0.1              whitequark <whitequark@whitequark.org>
-joi              BSD-3-Clause               git://github.com/sideway/joi.git                                17.6.0             n/a
-libmime          MIT                        git://github.com/andris9/libmime.git                            5.1.0              Andris Reinman <andris@kreata.ee>
-node-forge       (BSD-3-Clause OR GPL-2.0)  git+https://github.com/digitalbazaar/forge.git                  1.3.1              Digital Bazaar, Inc. support@digitalbazaar.com http://digitalbazaar.com/
-nodemailer       MIT                        git+https://github.com/nodemailer/nodemailer.git                6.7.8              Andris Reinman
-psl              MIT                        git+ssh://git@github.com/lupomontero/psl.git                    1.9.0              Lupo Montero <lupomontero@gmail.com> (https://lupomontero.com/)
-punycode         MIT                        git+https://github.com/bestiejs/punycode.js.git                 2.1.1              Mathias Bynens https://mathiasbynens.be/
-yargs            MIT                        git+https://github.com/yargs/yargs.git                          17.5.1             n/a
+name             license type  link                                                            installed version  author
+----             ------------  ----                                                            -----------------  ------
+@postalsys/vmc   MIT           https://registry.npmjs.org/@postalsys/vmc/-/vmc-1.0.6.tgz       1.0.6              Postal Systems OÜ
+fast-xml-parser  MIT           git+https://github.com/NaturalIntelligence/fast-xml-parser.git  4.0.15             Amit Gupta (https://amitkumargupta.work/)
+ipaddr.js        MIT           git://github.com/whitequark/ipaddr.js.git                       2.0.1              whitequark <whitequark@whitequark.org>
+joi              BSD-3-Clause  git://github.com/hapijs/joi.git                                 17.7.0             n/a
+libmime          MIT           git://github.com/andris9/libmime.git                            5.2.0              Andris Reinman <andris@kreata.ee>
+nodemailer       MIT           git+https://github.com/nodemailer/nodemailer.git                6.9.0              Andris Reinman
+psl              MIT           git+ssh://git@github.com/lupomontero/psl.git                    1.9.0              Lupo Montero <lupomontero@gmail.com> (https://lupomontero.com/)
+punycode         MIT           git+https://github.com/mathiasbynens/punycode.js.git            2.3.0              Mathias Bynens https://mathiasbynens.be/
+yargs            MIT           git+https://github.com/yargs/yargs.git                          17.6.2             n/a

package/man/mailauth.1 CHANGED Viewed

@@ -1,4 +1,4 @@
-.TH "MAILAUTH" "1" "September 2022" "v4.0.1" "Mailauth Help"
+.TH "MAILAUTH" "1" "February 2023" "v4.1.0" "Mailauth Help"
 .SH "NAME"
 \fBmailauth\fR
 .QP

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
     "name": "mailauth",
-    "version": "4.0.2",
+    "version": "4.2.0",
     "description": "Email authentication library for Node.js",
     "main": "lib/mailauth.js",
     "scripts": {
@@ -32,29 +32,28 @@
     },
     "homepage": "https://github.com/postalsys/mailauth",
     "devDependencies": {
-        "chai": "4.3.6",
-        "eslint": "8.24.0",
+        "chai": "4.3.7",
+        "eslint": "8.33.0",
         "eslint-config-nodemailer": "1.2.0",
-        "eslint-config-prettier": "8.5.0",
+        "eslint-config-prettier": "8.6.0",
         "js-yaml": "4.1.0",
-        "license-report": "6.1.0",
+        "license-report": "6.3.0",
         "marked": "0.7.0",
         "marked-man": "0.7.0",
         "mbox-reader": "1.1.5",
-        "mocha": "10.0.0",
+        "mocha": "10.2.0",
         "pkg": "5.8.0"
     },
     "dependencies": {
         "@postalsys/vmc": "1.0.6",
-        "fast-xml-parser": "4.0.10",
+        "fast-xml-parser": "4.1.1",
         "ipaddr.js": "2.0.1",
-        "joi": "17.6.1",
-        "libmime": "5.1.0",
-        "node-forge": "1.3.1",
-        "nodemailer": "6.7.8",
+        "joi": "17.7.0",
+        "libmime": "5.2.1",
+        "nodemailer": "6.9.1",
         "psl": "1.9.0",
-        "punycode": "2.1.1",
-        "yargs": "17.5.1"
+        "punycode": "2.3.0",
+        "yargs": "17.6.2"
     },
     "engines": {
         "node": ">=16.0.0"