Juergen Kunz
6b082cee8f
Use addHeader() instead of non-existent setHeader() for security result headers, and align IBounceDetection with actual Rust struct fields (bounce_type + category only).
127 lines
3.7 KiB
TypeScript
127 lines
3.7 KiB
TypeScript
interface IDkimVerificationResult {
|
|
is_valid: boolean;
|
|
domain: string | null;
|
|
selector: string | null;
|
|
status: string;
|
|
details: string | null;
|
|
}
|
|
interface ISpfResult {
|
|
result: string;
|
|
domain: string;
|
|
ip: string;
|
|
explanation: string | null;
|
|
}
|
|
interface IDmarcResult {
|
|
passed: boolean;
|
|
policy: string;
|
|
domain: string;
|
|
dkim_result: string;
|
|
spf_result: string;
|
|
action: string;
|
|
details: string | null;
|
|
}
|
|
interface IEmailSecurityResult {
|
|
dkim: IDkimVerificationResult[];
|
|
spf: ISpfResult | null;
|
|
dmarc: IDmarcResult | null;
|
|
}
|
|
interface IValidationResult {
|
|
valid: boolean;
|
|
formatValid: boolean;
|
|
score: number;
|
|
error: string | null;
|
|
}
|
|
interface IBounceDetection {
|
|
bounce_type: string;
|
|
category: string;
|
|
}
|
|
interface IReputationResult {
|
|
ip: string;
|
|
score: number;
|
|
risk_level: string;
|
|
ip_type: string;
|
|
dnsbl_results: Array<{
|
|
server: string;
|
|
listed: boolean;
|
|
response: string | null;
|
|
}>;
|
|
listed_count: number;
|
|
total_checked: number;
|
|
}
|
|
interface IVersionInfo {
|
|
bin: string;
|
|
core: string;
|
|
security: string;
|
|
smtp: string;
|
|
}
|
|
/**
|
|
* Bridge between TypeScript and the Rust `mailer-bin` binary.
|
|
*
|
|
* Uses `@push.rocks/smartrust` for JSON-over-stdin/stdout IPC.
|
|
* Singleton — access via `RustSecurityBridge.getInstance()`.
|
|
*/
|
|
export declare class RustSecurityBridge {
|
|
private static instance;
|
|
private bridge;
|
|
private _running;
|
|
private constructor();
|
|
/** Get or create the singleton instance. */
|
|
static getInstance(): RustSecurityBridge;
|
|
/** Whether the Rust process is currently running and accepting commands. */
|
|
get running(): boolean;
|
|
/**
|
|
* Spawn the Rust binary and wait for the ready signal.
|
|
* @returns `true` if the binary started successfully, `false` otherwise.
|
|
*/
|
|
start(): Promise<boolean>;
|
|
/** Kill the Rust process. */
|
|
stop(): Promise<void>;
|
|
/** Ping the Rust process. */
|
|
ping(): Promise<boolean>;
|
|
/** Get version information for all Rust crates. */
|
|
getVersion(): Promise<IVersionInfo>;
|
|
/** Validate an email address. */
|
|
validateEmail(email: string): Promise<IValidationResult>;
|
|
/** Detect bounce type from SMTP response / diagnostic code. */
|
|
detectBounce(opts: {
|
|
smtpResponse?: string;
|
|
diagnosticCode?: string;
|
|
statusCode?: string;
|
|
}): Promise<IBounceDetection>;
|
|
/** Check IP reputation via DNSBL. */
|
|
checkIpReputation(ip: string): Promise<IReputationResult>;
|
|
/** Verify DKIM signatures on a raw email message. */
|
|
verifyDkim(rawMessage: string): Promise<IDkimVerificationResult[]>;
|
|
/** Sign an email with DKIM. */
|
|
signDkim(opts: {
|
|
rawMessage: string;
|
|
domain: string;
|
|
selector?: string;
|
|
privateKey: string;
|
|
}): Promise<{
|
|
header: string;
|
|
signedMessage: string;
|
|
}>;
|
|
/** Check SPF for a sender. */
|
|
checkSpf(opts: {
|
|
ip: string;
|
|
heloDomain: string;
|
|
hostname?: string;
|
|
mailFrom: string;
|
|
}): Promise<ISpfResult>;
|
|
/**
|
|
* Compound email security verification: DKIM + SPF + DMARC in one IPC call.
|
|
*
|
|
* This is the preferred method for inbound email verification — it avoids
|
|
* 3 sequential round-trips and correctly passes raw mail-auth types internally.
|
|
*/
|
|
verifyEmail(opts: {
|
|
rawMessage: string;
|
|
ip: string;
|
|
heloDomain: string;
|
|
hostname?: string;
|
|
mailFrom: string;
|
|
}): Promise<IEmailSecurityResult>;
|
|
}
|
|
export type { IDkimVerificationResult, ISpfResult, IDmarcResult, IEmailSecurityResult, IValidationResult, IBounceDetection, IReputationResult as IRustReputationResult, IVersionInfo, };
|