private SpfQualifier CheckMechanism(SpfMechanism mechanism, IPAddress ip, string sender, string domain)
{
DnsMessage dnsMessage;
switch (mechanism.Type)
{
case SpfMechanismType.All:
return(mechanism.Qualifier);
case SpfMechanismType.A:
bool?isAMatch = IsIpMatch(String.IsNullOrEmpty(mechanism.Domain) ? domain : mechanism.Domain, ip, mechanism.Prefix, mechanism.Prefix6);
if (!isAMatch.HasValue)
{
return(SpfQualifier.TempError);
}
if (isAMatch.Value)
{
return(mechanism.Qualifier);
}
break;
case SpfMechanismType.Mx:
dnsMessage = ResolveDns(ExpandDomain(String.IsNullOrEmpty(mechanism.Domain) ? domain : mechanism.Domain, ip, sender, domain), RecordType.Mx);
if ((dnsMessage == null) || ((dnsMessage.ReturnCode != ReturnCode.NoError) && (dnsMessage.ReturnCode != ReturnCode.NxDomain)))
{
return(SpfQualifier.TempError);
}
int mxCheckedCount = 0;
foreach (MxRecord mxRecord in dnsMessage.AnswerRecords.OfType <MxRecord>())
{
if (++mxCheckedCount == 10)
{
break;
}
bool?isMxMatch = IsIpMatch(mxRecord.ExchangeDomainName, ip, mechanism.Prefix, mechanism.Prefix6);
if (!isMxMatch.HasValue)
{
return(SpfQualifier.TempError);
}
if (isMxMatch.Value)
{
return(mechanism.Qualifier);
}
}
break;
case SpfMechanismType.Ip4:
case SpfMechanismType.Ip6:
IPAddress compareAddress;
if (IPAddress.TryParse(mechanism.Domain, out compareAddress))
{
if (ip.AddressFamily != compareAddress.AddressFamily)
{
return(SpfQualifier.None);
}
if (mechanism.Prefix.HasValue)
{
if ((mechanism.Prefix.Value < 0) || (mechanism.Prefix.Value > (compareAddress.AddressFamily == AddressFamily.InterNetworkV6 ? 128 : 32)))
{
return(SpfQualifier.PermError);
}
if (ip.GetNetworkAddress(mechanism.Prefix.Value).Equals(compareAddress.GetNetworkAddress(mechanism.Prefix.Value)))
{
return(mechanism.Qualifier);
}
}
else if (ip.Equals(compareAddress))
{
return(mechanism.Qualifier);
}
}
else
{
return(SpfQualifier.PermError);
}
break;
case SpfMechanismType.Ptr:
dnsMessage = ResolveDns(ip.GetReverseLookupAddress(), RecordType.Ptr);
if ((dnsMessage == null) || ((dnsMessage.ReturnCode != ReturnCode.NoError) && (dnsMessage.ReturnCode != ReturnCode.NxDomain)))
{
return(SpfQualifier.TempError);
}
string ptrCompareName = String.IsNullOrEmpty(mechanism.Domain) ? domain : mechanism.Domain;
int ptrCheckedCount = 0;
foreach (PtrRecord ptrRecord in dnsMessage.AnswerRecords.OfType <PtrRecord>())
{
if (++ptrCheckedCount == 10)
{
break;
}
bool?isPtrMatch = IsIpMatch(ptrRecord.PointerDomainName, ip, 0, 0);
if (isPtrMatch.HasValue && isPtrMatch.Value)
{
if (ptrRecord.PointerDomainName.Equals(ptrCompareName, StringComparison.InvariantCultureIgnoreCase) || (ptrRecord.PointerDomainName.EndsWith("." + ptrCompareName, StringComparison.InvariantCultureIgnoreCase)))
{
return(mechanism.Qualifier);
}
}
}
break;
case SpfMechanismType.Exist:
if (String.IsNullOrEmpty(mechanism.Domain))
{
return(SpfQualifier.PermError);
}
dnsMessage = ResolveDns(ExpandDomain(mechanism.Domain, ip, sender, domain), RecordType.A);
if ((dnsMessage == null) || ((dnsMessage.ReturnCode != ReturnCode.NoError) && (dnsMessage.ReturnCode != ReturnCode.NxDomain)))
{
return(SpfQualifier.TempError);
}
if (dnsMessage.AnswerRecords.Count(record => (record.RecordType == RecordType.A)) > 0)
{
return(mechanism.Qualifier);
}
break;
case SpfMechanismType.Include:
if (String.IsNullOrEmpty(mechanism.Domain) || (mechanism.Domain.Equals(domain, StringComparison.InvariantCultureIgnoreCase)))
{
return(SpfQualifier.PermError);
}
string includeDomain = ExpandDomain(mechanism.Domain, ip, sender, domain);
string explanation;
switch (CheckHostInternal(ip, sender, includeDomain, false, out explanation))
{
case SpfQualifier.Pass:
return(mechanism.Qualifier);
case SpfQualifier.Fail:
case SpfQualifier.SoftFail:
case SpfQualifier.Neutral:
return(SpfQualifier.None);
case SpfQualifier.TempError:
return(SpfQualifier.TempError);
case SpfQualifier.PermError:
case SpfQualifier.None:
return(SpfQualifier.PermError);
}
break;
default:
return(SpfQualifier.PermError);
}
return(SpfQualifier.None);
}
internal static bool TryParse(string s, out SpfTerm value)
{
if (String.IsNullOrEmpty(s))
{
value = null;
return(false);
}
#region Parse Mechanism
Regex regex = new Regex(@"^(\s)*(?<qualifier>[~+?-]?)(?<type>[a-z0-9]+)(:(?<domain>[^/]+))?(/(?<prefix>[0-9]+)(/(?<prefix6>[0-9]+))?)?(\s)*$", RegexOptions.Compiled | RegexOptions.IgnoreCase);
Match match = regex.Match(s);
if (match.Success)
{
SpfMechanism mechanism = new SpfMechanism();
switch (match.Groups["qualifier"].Value)
{
case "+":
mechanism.Qualifier = SpfQualifier.Pass;
break;
case "-":
mechanism.Qualifier = SpfQualifier.Fail;
break;
case "~":
mechanism.Qualifier = SpfQualifier.SoftFail;
break;
case "?":
mechanism.Qualifier = SpfQualifier.Neutral;
break;
default:
mechanism.Qualifier = SpfQualifier.Pass;
break;
}
SpfMechanismType type;
mechanism.Type = EnumHelper <SpfMechanismType> .TryParse(match.Groups["type"].Value, true, out type) ? type : SpfMechanismType.Unknown;
mechanism.Domain = match.Groups["domain"].Value;
string tmpPrefix = match.Groups["prefix"].Value;
int prefix;
if (!String.IsNullOrEmpty(tmpPrefix) && Int32.TryParse(tmpPrefix, out prefix))
{
mechanism.Prefix = prefix;
}
tmpPrefix = match.Groups["prefix6"].Value;
if (!String.IsNullOrEmpty(tmpPrefix) && Int32.TryParse(tmpPrefix, out prefix))
{
mechanism.Prefix6 = prefix;
}
value = mechanism;
return(true);
}
#endregion
#region Parse Modifier
regex = new Regex(@"^(\s)*(?<type>[a-z]+)=(?<domain>[^\s]+)(\s)*$", RegexOptions.Compiled | RegexOptions.IgnoreCase);
match = regex.Match(s);
if (match.Success)
{
SpfModifier modifier = new SpfModifier();
SpfModifierType type;
modifier.Type = EnumHelper <SpfModifierType> .TryParse(match.Groups["type"].Value, true, out type) ? type : SpfModifierType.Unknown;
modifier.Domain = match.Groups["domain"].Value;
value = modifier;
return(true);
}
#endregion
value = null;
return(false);
}
