fix(dkim): Log dkim signatures

nodemailer · Jan 25, 2024 · 89a0b0b · 89a0b0b
1 parent ca3ac76
commit 89a0b0b
Show file tree

Hide file tree

Showing 3 changed files with 4,339 additions and 1,022 deletions.
diff --git a/lib/auth.js b/lib/auth.js
@@ -5,6 +5,7 @@ const { dmarc } = require('mailauth/lib/dmarc');
 const { spf: checkSpf } = require('mailauth/lib/spf');
 const { dkimVerify } = require('mailauth/lib/dkim/verify');
 const { bimi } = require('mailauth/lib/bimi');
+const libmime = require('libmime');
 
 async function hookMail(plugin, connection, params) {
     const txn = connection?.transaction;
@@ -47,6 +48,8 @@ async function hookMail(plugin, connection, params) {
 async function hookDataPost(stream, plugin, connection) {
     const txn = connection.transaction;
 
+    const queueId = txn.uuid;
+
     // Step 2. DKIM
     let dkimResult;
     try {
@@ -57,10 +60,39 @@ async function hookDataPost(stream, plugin, connection) {
             minBitLength: plugin.cfg?.auth?.minBitLength
         });
         txn.notes.dkimResult = dkimResult;
+
+        const contentTypeHeaders = txn.header.get_all('Content-Type').map(line => libmime.parseHeaderValue(`${line}`));
+
         for (let result of dkimResult?.results || []) {
             if (result.info) {
                 connection.auth_results(result.info);
             }
+
+            const signingHeaders = (result.signingHeaders?.keys || '')
+                .toString()
+                .split(':')
+                .map(e => e.toLowerCase().trim());
+
+            plugin.loggelf({
+                short_message: '[DKIM] ' + result.status?.result,
+                _queue_id: queueId,
+                _mail_action: 'dkim_verify',
+                _dkim_info: result.info,
+                _dkim_status: result.status?.result,
+                _dkim_length_limited: result.canonBodyLengthLimited ? 'yes' : 'no',
+                _dkim_over_sized: result.status?.overSized,
+                _dkim_aligned: result.status?.aligned,
+                _dkim_signing_domain: result.signingDomain,
+                _dkim_selector: result.selector,
+                _dkim_algo: result.algo,
+                _dkim_mod_len: result.modulusLength,
+                _dkim_canon_header: result.format.split('/').shift(),
+                _dkim_canon_body: result.format.split('/').pop(),
+                _dkim_signing_headers: signingHeaders.join(','),
+                _dkim_signing_headers_content_type: signingHeaders.includes('content-type') ? 'yes' : 'no',
+                _content_type_count: contentTypeHeaders.length,
+                _content_type_boundary: contentTypeHeaders.length ? contentTypeHeaders.at(-1)?.params?.boundary?.substr(0, 20) : null
+            });
         }
     } catch (err) {
         txn.notes.dkimResult = { error: err };
@@ -90,12 +122,21 @@ async function hookDataPost(stream, plugin, connection) {
     let dmarcResult;
     let spfResult = txn.notes.spfResult;
     if (dkimResult?.headerFrom) {
+        const passingDomains = (dkimResult.results || [])
+            .filter(r => r.status.result === 'pass')
+            .map(r => ({
+                id: r.id,
+                domain: r.signingDomain,
+                aligned: r.status.aligned,
+                overSized: r.status.overSized
+            }));
+
         try {
             dmarcResult = await dmarc({
                 resolver: plugin.resolver,
                 headerFrom: dkimResult.headerFrom,
                 spfDomains: [].concat((spfResult?.status?.result === 'pass' && spfResult?.domain) || []),
-                dkimDomains: (dkimResult.results || []).filter(r => r.status.result === 'pass').map(r => r.signingDomain),
+                dkimDomains: passingDomains,
                 arcResult
             });
             txn.notes.dmarcResult = dmarcResult;