spf-dkim-dmarc-demo/recipient/web-api/lib/Email/SpoofingDemo/PostfixConfig.pm

#
# SPDX-FileCopyrightText: 2023 Afnic
#
# SPDX-License-Identifier: GPL-3.0-or-later
#

package Email::SpoofingDemo::PostfixConfig;

use strict;
use warnings;
use v5.10;
use utf8;

use Exporter 'import';

our @EXPORT_OK = qw(spf_dkim_dmarc_status
                    set_spf_dkim_dmarc_status);

my $CHECK_SPF_POLICY = 'check_policy_service unix:private/policy';
my $DKIM_MILTER = 'inet:127.0.0.1:8891';
my $DMARC_MILTER = 'inet:127.0.0.1:8893';

my $POSTCONF = '/usr/sbin/postconf';

sub safe_system {
    system @_;
    my $exit_status = ($? >> 8);
    die "$_[0] exited with status $exit_status" unless $exit_status == 0;
    return;
}

sub reload_postfix {
    safe_system(qw(postfix reload));
}

sub postconf_read {
    my ($variable) = @_;

    my $output = '';

    open (my $fh, '-|', $POSTCONF, '-h', $variable) or die "postconf: $!";
    while (<$fh>) {
        chomp;
        $output .= $_;
    }
    close($fh);

    my $exit_status = ($? >> 8);
    die "postconf failed" unless $exit_status == 0;

    if (wantarray) {
        return split(/,\s*/, $output);
    }
    else {
        return $output;
    }
}

sub postconf_set {
    die "Need an even number of parameters" if scalar(@_) % 2 != 0;

    my @vars_to_set;

    while (@_) {
        my $parameter = shift;
        my $value = shift;
        push(@vars_to_set, "$parameter=$value");
    }

    my ($parameter, $value) = @_;

    safe_system($POSTCONF, '-e', @vars_to_set);
}

sub smtpd_recipient_restrictions {
    my ($enabled) = @_;

    return ($enabled) ? $CHECK_SPF_POLICY : '';
}

sub spf_dkim_dmarc_status {
    my @smtpd_recipient_restrictions = postconf_read('smtpd_recipient_restrictions');
    my @smtpd_milters = postconf_read('smtpd_milters');

    return {
        spf => scalar(grep { $_ eq $CHECK_SPF_POLICY } @smtpd_recipient_restrictions),
        dkim => scalar(grep { $_ eq $DKIM_MILTER } @smtpd_milters),
        dmarc => scalar(grep { $_ eq $DMARC_MILTER } @smtpd_milters)
    };
}

sub smtpd_milters {
    my ($dkim_enabled, $dmarc_enabled) = @_;

    my @milters;
    push @milters, $DKIM_MILTER if $dkim_enabled;
    push @milters, $DMARC_MILTER if $dmarc_enabled;

    return join(', ', @milters);
}

sub set_spf_dkim_dmarc_status {
    my ($spf_enabled, $dkim_enabled, $dmarc_enabled) = @_;

    say STDERR "Setting configuration";
    postconf_set(
        smtpd_recipient_restrictions => smtpd_recipient_restrictions($spf_enabled),
        smtpd_milters => smtpd_milters($dkim_enabled, $dmarc_enabled)
    );

    say STDERR "Reloading Postfix";
    reload_postfix();
    say STDERR "Done";
}

1;
Ajout de la licence GPL-3.0-or-later 2023-10-25 15:50:33 +02:00			`#`
			`# SPDX-FileCopyrightText: 2023 Afnic`
			`#`
			`# SPDX-License-Identifier: GPL-3.0-or-later`
			`#`

API REST pour le destinataire de mails 2023-10-25 15:50:23 +02:00			`package Email::SpoofingDemo::PostfixConfig;`

			`use strict;`
			`use warnings;`
			`use v5.10;`
			`use utf8;`

			`use Exporter 'import';`

			`our @EXPORT_OK = qw(spf_dkim_dmarc_status`
			`set_spf_dkim_dmarc_status);`

			`my $CHECK_SPF_POLICY = 'check_policy_service unix:private/policy';`
			`my $DKIM_MILTER = 'inet:127.0.0.1:8891';`
			`my $DMARC_MILTER = 'inet:127.0.0.1:8893';`

			`my $POSTCONF = '/usr/sbin/postconf';`

			`sub safe_system {`
			`system @_;`
			`my $exit_status = ($? >> 8);`
			`die "$_[0] exited with status $exit_status" unless $exit_status == 0;`
			`return;`
			`}`

			`sub reload_postfix {`
			`safe_system(qw(postfix reload));`
			`}`

			`sub postconf_read {`
			`my ($variable) = @_;`

			`my $output = '';`

			`open (my $fh, '-\|', $POSTCONF, '-h', $variable) or die "postconf: $!";`
			`while (<$fh>) {`
			`chomp;`
			`$output .= $_;`
			`}`
			`close($fh);`

			`my $exit_status = ($? >> 8);`
			`die "postconf failed" unless $exit_status == 0;`

			`if (wantarray) {`
			`return split(/,\s*/, $output);`
			`}`
			`else {`
			`return $output;`
			`}`
			`}`

			`sub postconf_set {`
			`die "Need an even number of parameters" if scalar(@_) % 2 != 0;`

			`my @vars_to_set;`

			`while (@_) {`
			`my $parameter = shift;`
			`my $value = shift;`
			`push(@vars_to_set, "$parameter=$value");`
			`}`

			`my ($parameter, $value) = @_;`

			`safe_system($POSTCONF, '-e', @vars_to_set);`
			`}`

			`sub smtpd_recipient_restrictions {`
			`my ($enabled) = @_;`

			`return ($enabled) ? $CHECK_SPF_POLICY : '';`
			`}`

			`sub spf_dkim_dmarc_status {`
			`my @smtpd_recipient_restrictions = postconf_read('smtpd_recipient_restrictions');`
			`my @smtpd_milters = postconf_read('smtpd_milters');`

			`return {`
			`spf => scalar(grep { $_ eq $CHECK_SPF_POLICY } @smtpd_recipient_restrictions),`
			`dkim => scalar(grep { $_ eq $DKIM_MILTER } @smtpd_milters),`
			`dmarc => scalar(grep { $_ eq $DMARC_MILTER } @smtpd_milters)`
			`};`
			`}`

			`sub smtpd_milters {`
			`my ($dkim_enabled, $dmarc_enabled) = @_;`

			`my @milters;`
			`push @milters, $DKIM_MILTER if $dkim_enabled;`
			`push @milters, $DMARC_MILTER if $dmarc_enabled;`

			`return join(', ', @milters);`
			`}`

			`sub set_spf_dkim_dmarc_status {`
			`my ($spf_enabled, $dkim_enabled, $dmarc_enabled) = @_;`

			`say STDERR "Setting configuration";`
			`postconf_set(`
			`smtpd_recipient_restrictions => smtpd_recipient_restrictions($spf_enabled),`
			`smtpd_milters => smtpd_milters($dkim_enabled, $dmarc_enabled)`
			`);`

			`say STDERR "Reloading Postfix";`
			`reload_postfix();`
			`say STDERR "Done";`
			`}`

			`1;`