smartmta/dist_ts/mail/security/classes.dmarcverifier.d.ts

import type { Email } from '../core/classes.email.js';
/**
 * DMARC policy types
 */
export declare enum DmarcPolicy {
    NONE = "none",
    QUARANTINE = "quarantine",
    REJECT = "reject"
}
/**
 * DMARC alignment modes
 */
export declare enum DmarcAlignment {
    RELAXED = "r",
    STRICT = "s"
}
/**
 * DMARC record fields
 */
export interface DmarcRecord {
    version: string;
    policy: DmarcPolicy;
    subdomainPolicy?: DmarcPolicy;
    pct?: number;
    adkim?: DmarcAlignment;
    aspf?: DmarcAlignment;
    reportInterval?: number;
    failureOptions?: string;
    reportUriAggregate?: string[];
    reportUriForensic?: string[];
}
/**
 * DMARC verification result
 */
export interface DmarcResult {
    hasDmarc: boolean;
    record?: DmarcRecord;
    spfDomainAligned: boolean;
    dkimDomainAligned: boolean;
    spfPassed: boolean;
    dkimPassed: boolean;
    policyEvaluated: DmarcPolicy;
    actualPolicy: DmarcPolicy;
    appliedPercentage: number;
    action: 'pass' | 'quarantine' | 'reject';
    details: string;
    error?: string;
}
/**
 * Class for verifying and enforcing DMARC policies
 */
export declare class DmarcVerifier {
    private dnsManager?;
    constructor(dnsManager?: any);
    /**
     * Parse a DMARC record from a TXT record string
     * @param record DMARC TXT record string
     * @returns Parsed DMARC record or null if invalid
     */
    parseDmarcRecord(record: string): DmarcRecord | null;
    /**
     * Check if domains are aligned according to DMARC policy
     * @param headerDomain Domain from header (From)
     * @param authDomain Domain from authentication (SPF, DKIM)
     * @param alignment Alignment mode
     * @returns Whether the domains are aligned
     */
    private isDomainAligned;
    /**
     * Extract domain from an email address
     * @param email Email address
     * @returns Domain part of the email
     */
    private getDomainFromEmail;
    /**
     * Check if DMARC verification should be applied based on percentage
     * @param record DMARC record
     * @returns Whether DMARC verification should be applied
     */
    private shouldApplyDmarc;
    /**
     * Determine the action to take based on DMARC policy
     * @param policy DMARC policy
     * @returns Action to take
     */
    private determineAction;
    /**
     * Verify DMARC for an incoming email
     * @param email Email to verify
     * @param spfResult SPF verification result
     * @param dkimResult DKIM verification result
     * @returns DMARC verification result
     */
    verify(email: Email, spfResult: {
        domain: string;
        result: boolean;
    }, dkimResult: {
        domain: string;
        result: boolean;
    }): Promise<DmarcResult>;
    /**
     * Apply DMARC policy to an email
     * @param email Email to apply policy to
     * @param dmarcResult DMARC verification result
     * @returns Whether the email should be accepted
     */
    applyPolicy(email: Email, dmarcResult: DmarcResult): boolean;
    /**
     * End-to-end DMARC verification and policy application
     * This method should be called after SPF and DKIM verification
     * @param email Email to verify
     * @param spfResult SPF verification result
     * @param dkimResult DKIM verification result
     * @returns Whether the email should be accepted
     */
    verifyAndApply(email: Email, spfResult: {
        domain: string;
        result: boolean;
    }, dkimResult: {
        domain: string;
        result: boolean;
    }): Promise<boolean>;
}