FS#3734 - DMARC Support

Author: Florian Schaal

interface/web/dns/dns_dmarc_edit.php

@@ -0,0 +1,164 @@
+<?php
+
+/*
+	Form Definition
+
+	Tabledefinition
+
+	Datatypes:
+	- INTEGER (Forces the input to Int)
+	- DOUBLE
+	- CURRENCY (Formats the values to currency notation)
+	- VARCHAR (no format check, maxlength: 255)
+	- TEXT (no format check)
+	- DATE (Dateformat, automatic conversion to timestamps)
+
+	Formtype:
+	- TEXT (Textfield)
+	- TEXTAREA (Textarea)
+	- PASSWORD (Password textfield, input is not shown when edited)
+	- SELECT (Select option field)
+	- RADIO
+	- CHECKBOX
+	- CHECKBOXARRAY
+	- FILE
+
+	VALUE:
+	- Wert oder Array
+
+	Hint:
+	The ID field of the database table is not part of the datafield definition.
+	The ID field must be always auto incement (int or bigint).
+
+
+*/
+global $app;
+
+$form["title"]    = "DNS DMARC Record";
+$form["description"]  = "";
+$form["name"]    = "dns_dmarc";
+$form["action"]   = "dns_dmarc_edit.php";
+$form["db_table"]  = "dns_rr";
+$form["db_table_idx"] = "id";
+$form["db_history"]  = "yes";
+$form["tab_default"] = "dns";
+$form["list_default"] = "dns_a_list.php";
+$form["auth"]   = 'yes'; // yes / no
+
+$form["auth_preset"]["userid"]  = 0; // 0 = id of the user, > 0 id must match with id of current user
+$form["auth_preset"]["groupid"] = 0; // 0 = default groupid of the user, > 0 id must match with groupid of current user
+$form["auth_preset"]["perm_user"] = 'riud'; //r = read, i = insert, u = update, d = delete
+$form["auth_preset"]["perm_group"] = 'riud'; //r = read, i = insert, u = update, d = delete
+$form["auth_preset"]["perm_other"] = ''; //r = read, i = insert, u = update, d = delete
+
+$form["tabs"]['dns'] = array (
+	'title'  => "DNS DMARC",
+	'width'  => 100,
+	'template'  => "templates/dns_dmarc_edit.htm",
+	'fields'  => array (
+		//#################################
+		// Begin Datatable fields
+		//#################################
+		'server_id' => array (
+			'datatype' => 'INTEGER',
+			'formtype' => 'SELECT',
+			'default' => '',
+			'value'  => '',
+			'width'  => '30',
+			'maxlength' => '255'
+		),
+		'zone' => array (
+			'datatype' => 'INTEGER',
+			'formtype' => 'TEXT',
+			'default' => @$app->functions->intval($_REQUEST["zone"]),
+			'value'  => '',
+			'width'  => '30',
+			'maxlength' => '255'
+		),
+		'name' => array (
+			'datatype' => 'VARCHAR',
+			'formtype' => 'TEXT',
+			'filters'   => array( 0 => array( 'event' => 'SAVE',
+					'type' => 'IDNTOASCII'),
+				1 => array( 'event' => 'SHOW',
+					'type' => 'IDNTOUTF8'),
+				2 => array( 'event' => 'SAVE',
+					'type' => 'TOLOWER')
+			),
+			'validators' => array (  0 => array ( 'type' => 'REGEX',
+					'regex' => '/^[a-zA-Z0-9\.\-\_]{0,255}$/',
+					'errmsg'=> 'name_error_regex'),
+			),
+			'default' => '',
+			'value'  => '',
+			'width'  => '30',
+			'maxlength' => '255'
+		),
+		'type' => array (
+			'datatype' => 'VARCHAR',
+			'formtype' => 'TEXT',
+			'default' => 'TXT',
+			'value'  => '',
+			'width'  => '5',
+			'maxlength' => '5'
+		),
+		'data' => array (
+			'datatype' => 'VARCHAR',
+			'formtype' => 'TEXT',
+			'default' => '',
+			'value'  => '',
+			'width'  => '30',
+			'maxlength' => '255'
+		),
+		/*
+		'aux' => array (
+			'datatype'	=> 'INTEGER',
+			'formtype'	=> 'TEXT',
+			'default'	=> '0',
+			'value'		=> '',
+			'width'		=> '10',
+			'maxlength'	=> '10'
+		),
+		*/
+		'ttl' => array (
+			'datatype' => 'INTEGER',
+			'formtype' => 'TEXT',
+			'validators' => array (  0 => array ( 'type' => 'RANGE',
+					'range' => '60:',
+					'errmsg'=> 'ttl_range_error'),
+			),
+			'default' => '3600',
+			'value'  => '',
+			'width'  => '10',
+			'maxlength' => '10'
+		),
+		'active' => array (
+			'datatype' => 'VARCHAR',
+			'formtype' => 'CHECKBOX',
+			'default' => 'Y',
+		),
+		'stamp' => array (
+			'datatype' => 'VARCHAR',
+			'formtype' => 'TEXT',
+			'default' => '',
+			'value'  => '',
+			'width'  => '30',
+			'maxlength' => '255'
+		),
+		'serial' => array (
+			'datatype' => 'INTEGER',
+			'formtype' => 'TEXT',
+			'default' => '',
+			'value'  => '',
+			'width'  => '10',
+			'maxlength' => '10'
+		),
+		//#################################
+		// End Datatable fields
+		//#################################
+	)
+);
+
+
+
+?>

interface/web/dns/form/dns_dmarc.tform.php

@@ -0,0 +1,48 @@
+<?php
+$wb['data_txt'] = 'DMARC Record';
+$wb['domain_txt'] = 'Domain';
+$wb['dmarc_policy_txt'] = 'Mail Receiver Policy';
+$wb['dmarc_policy_note_txt'] = 'How ISPs should handle messages that failed SPF and DKIM.';
+$wb['dmarc_policy_none_txt'] = 'none';
+$wb['dmarc_policy_quarantine_txt'] = 'quarantine';
+$wb['dmarc_policy_reject_txt'] = 'reject';
+$wb['dmarc_rua_txt'] = 'Aggregate Data Reporting Address';
+$wb['dmarc_rua_note_txt'] = 'Email to receive reports from ISPs aboute messages which failed SPF and DKIM checks (DMARC) for the domain.';
+$wb['dmarc_ruf_txt'] = 'Forensic Data Reporting Address';
+$wb['dmarc_ruf_note_txt'] = 'Email to receive sample messages that are failing SPF and DKIM checks (DMARC) for the domain.';
+$wb['dmarc_fo_txt'] = 'Forensic reporting options';
+$wb['dmarc_fo0_txt'] = "Generate reports if all underlying authentication mechanisms fail to produce a DMARC 'pass' result.";
+$wb['dmarc_fo1_txt'] = 'Generate reports if any mechanisms fail.';
+$wb['dmarc_fod_txt'] = 'Generate report if DKIM signature failed to verify.';
+$wb['dmarc_fos_txt'] = 'Generate report if SPF failed.';
+$wb['dmarc_adkim_txt'] = 'DKIM identifier alignment';
+$wb['dmarc_adkim_note_txt'] = "'strict' requires exact matching between DKIM domain and email's from";
+$wb['dmarc_adkim_r_txt'] = 'relaxed';
+$wb['dmarc_adkim_s_txt'] = 'strict';
+$wb['dmarc_aspf_txt'] = 'SPF identifier alignment';
+$wb['dmarc_aspf_note_txt'] = "'strict' requires exact matching between SPF domain and email's from";
+$wb['dmarc_aspf_r_txt'] = 'relaxed';
+$wb['dmarc_aspf_s_txt'] = 'strict';
+$wb['dmarc_rf_txt'] = 'Report Format';
+$wb['dmarc_rf_afrf_txt'] = 'Authentication Failure Reporting Format';
+$wb['dmarc_rf_iodef_txt'] = 'Incident Object Description Exchange Format';
+$wb['dmarc_pct_txt'] = 'Apply Policy to this Percentage';
+$wb['dmarc_pct_note_txt'] = '% (100 default). Messages in percent from the domain you want ISPs to check.';
+$wb['dmarc_ri_txt'] = 'Reporting Interval';
+$wb['dmarc_ri_note_txt'] = 'Seconds (default=86400). The time in seconds that aggregate reports should be generate (86400 repersents 1 day).';
+$wb['dmarc_sp_txt'] = 'Subdomain Policy (Defaults to same as domain).';
+$wb['dmarc_sp_same_txt'] = 'same as domain';
+$wb['dmarc_sp_none_txt'] = 'none';
+$wb['dmarc_sp_quarantine_txt'] = 'quarantine';
+$wb['dmarc_sp_reject_txt'] = 'reject';
+$wb['ttl_txt'] = 'TTL';
+$wb['active_txt'] = 'Active';
+$wb['dmarc_more_spf_txt'] = 'More than one active SPF Record';
+$wb['dmarc_no_dkim_spf_txt'] = 'No active DKIM or SPF Record.';
+$wb['dmarc_invalid_email_txt'] = 'Invalid Email';
+$wb['dmarc_empty_txt'] = 'DMARC Record empty - specify at least one option';
+$wb['record_exists_txt'] = 'DNS-Record already exists';
+$wb['limit_dns_record_txt'] = 'The max. number of DNS records for your account is reached.';
+$wb['no_zone_perm'] = 'You do not have the permission to add a record to this DNS zone.';
+$wb['ttl_range_error'] = 'Min. TTL time is 60 seconds.';
+?>

interface/web/dns/lib/lang/ar_dns_dmarc.lng

@@ -0,0 +1,48 @@
+<?php
+$wb['data_txt'] = 'DMARC Record';
+$wb['domain_txt'] = 'Domain';
+$wb['dmarc_policy_txt'] = 'Mail Receiver Policy';
+$wb['dmarc_policy_note_txt'] = 'How ISPs should handle messages that failed SPF and DKIM.';
+$wb['dmarc_policy_none_txt'] = 'none';
+$wb['dmarc_policy_quarantine_txt'] = 'quarantine';
+$wb['dmarc_policy_reject_txt'] = 'reject';
+$wb['dmarc_rua_txt'] = 'Aggregate Data Reporting Address';
+$wb['dmarc_rua_note_txt'] = 'Email to receive reports from ISPs aboute messages which failed SPF and DKIM checks (DMARC) for the domain.';
+$wb['dmarc_ruf_txt'] = 'Forensic Data Reporting Address';
+$wb['dmarc_ruf_note_txt'] = 'Email to receive sample messages that are failing SPF and DKIM checks (DMARC) for the domain.';
+$wb['dmarc_fo_txt'] = 'Forensic reporting options';
+$wb['dmarc_fo0_txt'] = "Generate reports if all underlying authentication mechanisms fail to produce a DMARC 'pass' result.";
+$wb['dmarc_fo1_txt'] = 'Generate reports if any mechanisms fail.';
+$wb['dmarc_fod_txt'] = 'Generate report if DKIM signature failed to verify.';
+$wb['dmarc_fos_txt'] = 'Generate report if SPF failed.';
+$wb['dmarc_adkim_txt'] = 'DKIM identifier alignment';
+$wb['dmarc_adkim_note_txt'] = "'strict' requires exact matching between DKIM domain and email's from";
+$wb['dmarc_adkim_r_txt'] = 'relaxed';
+$wb['dmarc_adkim_s_txt'] = 'strict';
+$wb['dmarc_aspf_txt'] = 'SPF identifier alignment';
+$wb['dmarc_aspf_note_txt'] = "'strict' requires exact matching between SPF domain and email's from";
+$wb['dmarc_aspf_r_txt'] = 'relaxed';
+$wb['dmarc_aspf_s_txt'] = 'strict';
+$wb['dmarc_rf_txt'] = 'Report Format';
+$wb['dmarc_rf_afrf_txt'] = 'Authentication Failure Reporting Format';
+$wb['dmarc_rf_iodef_txt'] = 'Incident Object Description Exchange Format';
+$wb['dmarc_pct_txt'] = 'Apply Policy to this Percentage';
+$wb['dmarc_pct_note_txt'] = '% (100 default). Messages in percent from the domain you want ISPs to check.';
+$wb['dmarc_ri_txt'] = 'Reporting Interval';
+$wb['dmarc_ri_note_txt'] = 'Seconds (default=86400). The time in seconds that aggregate reports should be generate (86400 repersents 1 day).';
+$wb['dmarc_sp_txt'] = 'Subdomain Policy (Defaults to same as domain).';
+$wb['dmarc_sp_same_txt'] = 'same as domain';
+$wb['dmarc_sp_none_txt'] = 'none';
+$wb['dmarc_sp_quarantine_txt'] = 'quarantine';
+$wb['dmarc_sp_reject_txt'] = 'reject';
+$wb['ttl_txt'] = 'TTL';
+$wb['active_txt'] = 'Active';
+$wb['dmarc_more_spf_txt'] = 'More than one active SPF Record';
+$wb['dmarc_no_dkim_spf_txt'] = 'No active DKIM or SPF Record.';
+$wb['dmarc_invalid_email_txt'] = 'Invalid Email';
+$wb['dmarc_empty_txt'] = 'DMARC Record empty - specify at least one option';
+$wb['record_exists_txt'] = 'DNS-Record already exists';
+$wb['limit_dns_record_txt'] = 'The max. number of DNS records for your account is reached.';
+$wb['no_zone_perm'] = 'You do not have the permission to add a record to this DNS zone.';
+$wb['ttl_range_error'] = 'Min. TTL time is 60 seconds.';
+?>

interface/web/dns/lib/lang/bg_dns_dmarc.lng

@@ -0,0 +1,48 @@
+<?php
+$wb['data_txt'] = 'DMARC Record';
+$wb['domain_txt'] = 'Domain';
+$wb['dmarc_policy_txt'] = 'Mail Receiver Policy';
+$wb['dmarc_policy_note_txt'] = 'How ISPs should handle messages that failed SPF and DKIM.';
+$wb['dmarc_policy_none_txt'] = 'none';
+$wb['dmarc_policy_quarantine_txt'] = 'quarantine';
+$wb['dmarc_policy_reject_txt'] = 'reject';
+$wb['dmarc_rua_txt'] = 'Aggregate Data Reporting Address';
+$wb['dmarc_rua_note_txt'] = 'Email to receive reports from ISPs aboute messages which failed SPF and DKIM checks (DMARC) for the domain.';
+$wb['dmarc_ruf_txt'] = 'Forensic Data Reporting Address';
+$wb['dmarc_ruf_note_txt'] = 'Email to receive sample messages that are failing SPF and DKIM checks (DMARC) for the domain.';
+$wb['dmarc_fo_txt'] = 'Forensic reporting options';
+$wb['dmarc_fo0_txt'] = "Generate reports if all underlying authentication mechanisms fail to produce a DMARC 'pass' result.";
+$wb['dmarc_fo1_txt'] = 'Generate reports if any mechanisms fail.';
+$wb['dmarc_fod_txt'] = 'Generate report if DKIM signature failed to verify.';
+$wb['dmarc_fos_txt'] = 'Generate report if SPF failed.';
+$wb['dmarc_adkim_txt'] = 'DKIM identifier alignment';
+$wb['dmarc_adkim_note_txt'] = "'strict' requires exact matching between DKIM domain and email's from";
+$wb['dmarc_adkim_r_txt'] = 'relaxed';
+$wb['dmarc_adkim_s_txt'] = 'strict';
+$wb['dmarc_aspf_txt'] = 'SPF identifier alignment';
+$wb['dmarc_aspf_note_txt'] = "'strict' requires exact matching between SPF domain and email's from";
+$wb['dmarc_aspf_r_txt'] = 'relaxed';
+$wb['dmarc_aspf_s_txt'] = 'strict';
+$wb['dmarc_rf_txt'] = 'Report Format';
+$wb['dmarc_rf_afrf_txt'] = 'Authentication Failure Reporting Format';
+$wb['dmarc_rf_iodef_txt'] = 'Incident Object Description Exchange Format';
+$wb['dmarc_pct_txt'] = 'Apply Policy to this Percentage';
+$wb['dmarc_pct_note_txt'] = '% (100 default). Messages in percent from the domain you want ISPs to check.';
+$wb['dmarc_ri_txt'] = 'Reporting Interval';
+$wb['dmarc_ri_note_txt'] = 'Seconds (default=86400). The time in seconds that aggregate reports should be generate (86400 repersents 1 day).';
+$wb['dmarc_sp_txt'] = 'Subdomain Policy (Defaults to same as domain).';
+$wb['dmarc_sp_same_txt'] = 'same as domain';
+$wb['dmarc_sp_none_txt'] = 'none';
+$wb['dmarc_sp_quarantine_txt'] = 'quarantine';
+$wb['dmarc_sp_reject_txt'] = 'reject';
+$wb['ttl_txt'] = 'TTL';
+$wb['active_txt'] = 'Active';
+$wb['dmarc_more_spf_txt'] = 'More than one active SPF Record';
+$wb['dmarc_no_dkim_spf_txt'] = 'No active DKIM or SPF Record.';
+$wb['dmarc_invalid_email_txt'] = 'Invalid Email';
+$wb['dmarc_empty_txt'] = 'DMARC Record empty - specify at least one option';
+$wb['record_exists_txt'] = 'DNS-Record already exists';
+$wb['limit_dns_record_txt'] = 'The max. number of DNS records for your account is reached.';
+$wb['no_zone_perm'] = 'You do not have the permission to add a record to this DNS zone.';
+$wb['ttl_range_error'] = 'Min. TTL time is 60 seconds.';
+?>

interface/web/dns/lib/lang/br_dns_dmarc.lng

@@ -0,0 +1,48 @@
+<?php
+$wb['data_txt'] = 'DMARC Record';
+$wb['domain_txt'] = 'Domain';
+$wb['dmarc_policy_txt'] = 'Mail Receiver Policy';
+$wb['dmarc_policy_note_txt'] = 'How ISPs should handle messages that failed SPF and DKIM.';
+$wb['dmarc_policy_none_txt'] = 'none';
+$wb['dmarc_policy_quarantine_txt'] = 'quarantine';
+$wb['dmarc_policy_reject_txt'] = 'reject';
+$wb['dmarc_rua_txt'] = 'Aggregate Data Reporting Address';
+$wb['dmarc_rua_note_txt'] = 'Email to receive reports from ISPs aboute messages which failed SPF and DKIM checks (DMARC) for the domain.';
+$wb['dmarc_ruf_txt'] = 'Forensic Data Reporting Address';
+$wb['dmarc_ruf_note_txt'] = 'Email to receive sample messages that are failing SPF and DKIM checks (DMARC) for the domain.';
+$wb['dmarc_fo_txt'] = 'Forensic reporting options';
+$wb['dmarc_fo0_txt'] = "Generate reports if all underlying authentication mechanisms fail to produce a DMARC 'pass' result.";
+$wb['dmarc_fo1_txt'] = 'Generate reports if any mechanisms fail.';
+$wb['dmarc_fod_txt'] = 'Generate report if DKIM signature failed to verify.';
+$wb['dmarc_fos_txt'] = 'Generate report if SPF failed.';
+$wb['dmarc_adkim_txt'] = 'DKIM identifier alignment';
+$wb['dmarc_adkim_note_txt'] = "'strict' requires exact matching between DKIM domain and email's from";
+$wb['dmarc_adkim_r_txt'] = 'relaxed';
+$wb['dmarc_adkim_s_txt'] = 'strict';
+$wb['dmarc_aspf_txt'] = 'SPF identifier alignment';
+$wb['dmarc_aspf_note_txt'] = "'strict' requires exact matching between SPF domain and email's from";
+$wb['dmarc_aspf_r_txt'] = 'relaxed';
+$wb['dmarc_aspf_s_txt'] = 'strict';
+$wb['dmarc_rf_txt'] = 'Report Format';
+$wb['dmarc_rf_afrf_txt'] = 'Authentication Failure Reporting Format';
+$wb['dmarc_rf_iodef_txt'] = 'Incident Object Description Exchange Format';
+$wb['dmarc_pct_txt'] = 'Apply Policy to this Percentage';
+$wb['dmarc_pct_note_txt'] = '% (100 default). Messages in percent from the domain you want ISPs to check.';
+$wb['dmarc_ri_txt'] = 'Reporting Interval';
+$wb['dmarc_ri_note_txt'] = 'Seconds (default=86400). The time in seconds that aggregate reports should be generate (86400 repersents 1 day).';
+$wb['dmarc_sp_txt'] = 'Subdomain Policy (Defaults to same as domain).';
+$wb['dmarc_sp_same_txt'] = 'same as domain';
+$wb['dmarc_sp_none_txt'] = 'none';
+$wb['dmarc_sp_quarantine_txt'] = 'quarantine';
+$wb['dmarc_sp_reject_txt'] = 'reject';
+$wb['ttl_txt'] = 'TTL';
+$wb['active_txt'] = 'Active';
+$wb['dmarc_more_spf_txt'] = 'More than one active SPF Record';
+$wb['dmarc_no_dkim_spf_txt'] = 'No active DKIM or SPF Record.';
+$wb['dmarc_invalid_email_txt'] = 'Invalid Email';
+$wb['dmarc_empty_txt'] = 'DMARC Record empty - specify at least one option';
+$wb['record_exists_txt'] = 'DNS-Record already exists';
+$wb['limit_dns_record_txt'] = 'The max. number of DNS records for your account is reached.';
+$wb['no_zone_perm'] = 'You do not have the permission to add a record to this DNS zone.';
+$wb['ttl_range_error'] = 'Min. TTL time is 60 seconds.';
+?>