smartmta/dist_ts/mail/security/classes.spfverifier.d.ts

import type { Email } from '../core/classes.email.js';
/**
 * SPF result qualifiers
 */
export declare enum SpfQualifier {
    PASS = "+",
    NEUTRAL = "?",
    SOFTFAIL = "~",
    FAIL = "-"
}
/**
 * SPF mechanism types
 */
export declare enum SpfMechanismType {
    ALL = "all",
    INCLUDE = "include",
    A = "a",
    MX = "mx",
    IP4 = "ip4",
    IP6 = "ip6",
    EXISTS = "exists",
    REDIRECT = "redirect",
    EXP = "exp"
}
/**
 * SPF mechanism definition
 */
export interface SpfMechanism {
    qualifier: SpfQualifier;
    type: SpfMechanismType;
    value?: string;
}
/**
 * SPF record parsed data
 */
export interface SpfRecord {
    version: string;
    mechanisms: SpfMechanism[];
    modifiers: Record<string, string>;
}
/**
 * SPF verification result
 */
export interface SpfResult {
    result: 'pass' | 'neutral' | 'softfail' | 'fail' | 'temperror' | 'permerror' | 'none';
    explanation?: string;
    domain: string;
    ip: string;
    record?: string;
    error?: string;
}
/**
 * Class for verifying SPF records.
 * Delegates actual SPF evaluation to the Rust security bridge.
 * Retains parseSpfRecord() for lightweight local parsing.
 */
export declare class SpfVerifier {
    constructor(_dnsManager?: any);
    /**
     * Parse SPF record from TXT record (pure string parsing, no DNS)
     */
    parseSpfRecord(record: string): SpfRecord | null;
    /**
     * Verify SPF for a given email — delegates to Rust bridge
     */
    verify(email: Email, ip: string, heloDomain: string): Promise<SpfResult>;
    /**
     * Check if email passes SPF verification and apply headers
     */
    verifyAndApply(email: Email, ip: string, heloDomain: string): Promise<boolean>;
}