You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Robin Thoni 6486178dfa updated postgres docker; updated rounecube to 1.3.6 6 years ago
..
.tx updated postgres docker; updated rounecube to 1.3.6 6 years ago
images updated postgres docker; updated rounecube to 1.3.6 6 years ago
localization updated postgres docker; updated rounecube to 1.3.6 6 years ago
skins updated postgres docker; updated rounecube to 1.3.6 6 years ago
tests updated postgres docker; updated rounecube to 1.3.6 6 years ago
.gitignore updated postgres docker; updated rounecube to 1.3.6 6 years ago
LICENSE updated postgres docker; updated rounecube to 1.3.6 6 years ago
README.md updated postgres docker; updated rounecube to 1.3.6 6 years ago
authres_status.js updated postgres docker; updated rounecube to 1.3.6 6 years ago
authres_status.php updated postgres docker; updated rounecube to 1.3.6 6 years ago
composer.json updated postgres docker; updated rounecube to 1.3.6 6 years ago
config.inc.php updated postgres docker; updated rounecube to 1.3.6 6 years ago
config.inc.php.dist updated postgres docker; updated rounecube to 1.3.6 6 years ago
phpcs.xml updated postgres docker; updated rounecube to 1.3.6 6 years ago
phpunit.xml updated postgres docker; updated rounecube to 1.3.6 6 years ago

README.md

authres_status plugin for roundcube

This plugin checks the Authentication-Results headers that were added by your MTA and displays an icon to show the verification status. Parsing of the Authentication-Results headers is more or less done according to RFC5451 which supports DKIM, DomainKeys, SPF, Sender-ID, iprev and SMTP AUTH result values.

This plugin is partially based on dkimstatus by jvehent, which was based on a plugin by Vladimir Mach.

Icons by brankic1979;

Install

If not using composer, copy all files to your plugins/ folder and add ‘authres_status’ to your $config[‘plugins’] array in config/main.inc.php or config/config.inc.php.

Configuration

If you want to enable the results column in your message list, enable this in your settings. You can also choose which statuses you would like to see/ignore.

As of version 0.2 you can also enable an internal DKIM verifier (php-dkim by angrychimp) if your MTA did not add a Authentication-Results header. You could experience some slow down because we need to retrieve the whole message body of each message for which we run the verifier.

Trusted mta’s (since v0.3)

An email can be passed through many mta’s before it finally ends up in your mailbox. Each mta can add additional headers to the email, thus also Authentication-Result headers. This makes it possible for a malicious mta to add a Authentication-Result header that has a passing result, eventhough the signature is invalid (or not existing). Section 2.2 of RFC5451 states that every Authentication-Result headers should start with an authserv-id which has a similar syntax as a fully-qualified domain name. Often the authserv-id is equal to the fqdn of the mta.

Since version 0.3 you can add a comma separated list of authserv-id’s that you trust, then only results from those mta’s will be displayed. If you are not sure what the authserv-id from your mta is, toggle the ‘raw message headers’ display in the preview pane and look for a Authentication-Results header. It should look like:

Authentication-Results: example.com;
                  sender-id=hardfail header.from=example.com;
                  dkim=pass (good signature) header.i=sender@example.com

The text between Authentication-Results: and the first ; is the authserv-id, in the example above it is example.com.

Tested

Tested on Roundcube 1.0.0+, let me know if it works on previous version as well

Known issues

  • After changing layouts (e.g. from list to widescreen) you need to refresh the page to correctly show the authentication status column