Beispiel #1
0
        public override List <CheckResult> Analyze(object data)
        {
            var mailItem = data as MailItem;
            var results  = new List <CheckResult>();

            var currentUser        = mailItem?.UserProperties.Session.CurrentUser.Address;
            var senderName         = mailItem.SenderName;
            var senderEmailAddress = mailItem.SenderEmailAddress;
            var senderCombo        = senderName + "/" + senderEmailAddress;

            // Get already known values
            var learn = new FinalFrontierLearnLib.Learn();

            Dictionary <string, int> DictSenderName  = learn.getDictSenderName();
            Dictionary <string, int> DictSenderEmail = learn.getDictSenderEmail();
            Dictionary <string, int> DictSenderCombo = learn.getDictSenderCombo();


            // TODO: Get thorug app config
            try
            {
                ownaddresses = ConfigurationManager.AppSettings["ownaddresses"].Split(',').ToList();
                ownaddresses.Add(currentUser);
            }
            catch (System.Exception)
            {
                System.Windows.Forms.MessageBox.Show("Could not read configuration file app.config / " + AppDomain.CurrentDomain.SetupInformation.ConfigurationFile + "\n\nCAUTION: FINALFRONTIER WILL NOT BE FUNCTIONING PROPERLY!!!");
            }

            var checkMethods = new CheckMethods();

            Action <CheckResult> add = x => { if (x != null)
                                              {
                                                  results.Add(x);
                                              }
            };
            Action <List <CheckResult> > addRange = x =>
            {
                if (x != null)
                {
                    x.RemoveAll(y => y == null);
                    results.AddRange(x);
                }
            };

            foreach (string entry in mailItem.Headers("Received"))
            {
                string receiveDomain = checkMethods.GetReceiveFromString(entry);
                add(checkMethods.CheckBadTld("Receive-badTLD", receiveDomain));
                addRange(checkMethods.CheckFreeMailers("Receive-Freemailer", entry, senderEmailAddress));
            }

            addRange(CheckSender(senderName, senderEmailAddress, checkMethods.GetSenderSMTPAddress(mailItem)));

            add(checkRecipients(currentUser, mailItem.To?.Split(',').ToList(), mailItem.CC?.Split(',').ToList()));

            // evaluate history of senderName, senderEmailAddress and their combo
            if (DictSenderName.ContainsKey(senderName))
            {
                add(new CheckResult("Metadata-NewName", "Der Name (Freitext) des Absenders ist bekannt", senderName, -40));
            }
            else
            {
                add(new CheckResult("Meta-NameNew", "Der Name (Freitext) des Absenders ist neu", senderName, -10));
            }

            if (DictSenderEmail.ContainsKey(senderEmailAddress))
            {
                if (DictSenderEmail[senderEmailAddress] > 0)
                {
                    add(new CheckResult("Meta-SenderAddressSeenBefore", "Die vermeintliche Emailadresse ist bekannt.", senderEmailAddress, -30));
                }
            }
            else
            {
                add(new CheckResult("Meta-SenderNew", "Vermeintliche Emailadresse ist neu.", senderEmailAddress, -20));
            }

            if (DictSenderCombo.ContainsKey(senderCombo))
            {
                if (DictSenderCombo[senderCombo] > 0)
                {
                    add(new CheckResult("Meta-ComboSeenBefore", "Die Kombination von Absender (Freitext) und Emailadresse ist bekannt.", senderEmailAddress, 100));
                }
            }
            else
            {
                add(new CheckResult("Meta-ComboNew", "Die Kombination von Absender (Freitext) und Emailadresse ist neu.", senderEmailAddress, -40));
            }

            //add(checkMethods.SenderWhitelist(senderEmailAddress, senderNameDomainPart));

            foreach (string entry in mailItem.Headers("From"))
            {
                if (entry.Contains("\"\""))
                {
                    add(new CheckResult("Meta-SuspiciousSender", "Die Angabe des Absenders enthält leere Hochkommata.", senderEmailAddress, -40));
                }
                if (entry.Contains("''"))
                {
                    add(new CheckResult("Meta-SuspiciousSender", "Die Angabe des Absenders enthält leere Hochkommata.", senderEmailAddress, -40));
                }
                if (entry.StartsWith("@"))
                {
                    add(new CheckResult("Meta-SuspiciousSender", "Die Mailadresse des Absenders ist fehlerhaft / verdächtig.", senderEmailAddress, -40));
                }
            }

            score = results.Sum(x => x.score);

            return(results);
        }