mail_auth/report/arf/
parse.rs

1/*
2 * SPDX-FileCopyrightText: 2020 Stalwart Labs LLC <hello@stalw.art>
3 *
4 * SPDX-License-Identifier: Apache-2.0 OR MIT
5 */
6
7use crate::{
8    common::headers::HeaderIterator,
9    report::{AuthFailureType, DeliveryResult, Error, Feedback, FeedbackType, IdentityAlignment},
10};
11use mail_parser::{HeaderValue, MessageParser, MimeHeaders, PartType, parsers::MessageStream};
12use std::borrow::Cow;
13
14impl<'x> Feedback<'x> {
15    pub fn parse_rfc5322(message: &'x [u8]) -> Result<Self, Error> {
16        let message = MessageParser::new()
17            .parse(message)
18            .ok_or(Error::MailParseError)?;
19        let mut feedback = None;
20        let mut included_message = None;
21        let mut included_headers = None;
22
23        for part in message.parts {
24            let arf = match part.body {
25                PartType::Text(arf) | PartType::Html(arf)
26                    if part.is_content_type("message", "feedback-report") =>
27                {
28                    match arf {
29                        Cow::Borrowed(arf) => Cow::Borrowed(arf.as_bytes()),
30                        Cow::Owned(arf) => Cow::Owned(arf.into_bytes()),
31                    }
32                }
33                PartType::Binary(arf) | PartType::InlineBinary(arf)
34                    if part.is_content_type("message", "feedback-report") =>
35                {
36                    arf
37                }
38                PartType::Text(headers) if part.is_content_type("text", "rfc822-headers") => {
39                    included_headers = match headers {
40                        Cow::Borrowed(arf) => Cow::Borrowed(arf.as_bytes()),
41                        Cow::Owned(arf) => Cow::Owned(arf.into_bytes()),
42                    }
43                    .into();
44                    continue;
45                }
46                PartType::Message(message) => {
47                    included_message = match message.raw_message {
48                        Cow::Borrowed(message) => Cow::Borrowed(
49                            message
50                                .get(part.offset_body as usize..part.offset_end as usize)
51                                .unwrap_or_default(),
52                        ),
53                        message => message,
54                    }
55                    .into();
56                    continue;
57                }
58                _ => continue,
59            };
60
61            feedback = match arf {
62                Cow::Borrowed(arf) => Feedback::parse_arf(arf),
63                Cow::Owned(arf) => Feedback::parse_arf(&arf).map(|f| f.into_owned()),
64            };
65        }
66
67        if let Some(mut feedback) = feedback {
68            for (feedback, included) in [
69                (&mut feedback.message, included_message),
70                (&mut feedback.headers, included_headers),
71            ] {
72                if let Some(included) = included {
73                    *feedback = match included {
74                        Cow::Borrowed(bytes) => Some(String::from_utf8_lossy(bytes)),
75                        Cow::Owned(bytes) => Some(
76                            String::from_utf8(bytes)
77                                .unwrap_or_else(|err| {
78                                    String::from_utf8_lossy(err.as_bytes()).into_owned()
79                                })
80                                .into(),
81                        ),
82                    };
83                }
84            }
85
86            Ok(feedback)
87        } else {
88            Err(Error::NoReportsFound)
89        }
90    }
91
92    pub fn parse_arf(arf: &'x [u8]) -> Option<Self> {
93        let mut f = Feedback {
94            incidents: 1,
95            ..Default::default()
96        };
97        let mut has_ft = false;
98
99        let mut fields = HeaderIterator::new(arf);
100        fields.seek_start();
101
102        for (key, value) in fields {
103            let txt_value = std::str::from_utf8(value).unwrap_or_default().trim();
104
105            match key.first() {
106                Some(b'A' | b'a') => {
107                    if key.eq_ignore_ascii_case(b"Arrival-Date") {
108                        if let HeaderValue::DateTime(dt) = MessageStream::new(value).parse_date() {
109                            f.arrival_date = dt.to_timestamp().into();
110                        }
111                    } else if key.eq_ignore_ascii_case(b"Auth-Failure") {
112                        f.auth_failure = if txt_value.eq_ignore_ascii_case("adsp") {
113                            AuthFailureType::Adsp
114                        } else if txt_value.eq_ignore_ascii_case("bodyhash") {
115                            AuthFailureType::BodyHash
116                        } else if txt_value.eq_ignore_ascii_case("revoked") {
117                            AuthFailureType::Revoked
118                        } else if txt_value.eq_ignore_ascii_case("signature") {
119                            AuthFailureType::Signature
120                        } else if txt_value.eq_ignore_ascii_case("spf") {
121                            AuthFailureType::Spf
122                        } else if txt_value.eq_ignore_ascii_case("dmarc") {
123                            AuthFailureType::Dmarc
124                        } else {
125                            continue;
126                        };
127                    } else if key.eq_ignore_ascii_case(b"Authentication-Results") {
128                        f.authentication_results.push(txt_value.into());
129                    }
130                }
131                Some(b'D' | b'd') => {
132                    if key.eq_ignore_ascii_case(b"DKIM-ADSP-DNS") {
133                        f.dkim_adsp_dns = Some(txt_value.into());
134                    } else if key.eq_ignore_ascii_case(b"DKIM-Canonicalized-Body") {
135                        f.dkim_canonicalized_body = Some(txt_value.into());
136                    } else if key.eq_ignore_ascii_case(b"DKIM-Canonicalized-Header") {
137                        f.dkim_canonicalized_header = Some(txt_value.into());
138                    } else if key.eq_ignore_ascii_case(b"DKIM-Domain") {
139                        f.dkim_domain = Some(txt_value.into());
140                    } else if key.eq_ignore_ascii_case(b"DKIM-Identity") {
141                        f.dkim_identity = Some(txt_value.into());
142                    } else if key.eq_ignore_ascii_case(b"DKIM-Selector") {
143                        f.dkim_selector = Some(txt_value.into());
144                    } else if key.eq_ignore_ascii_case(b"DKIM-Selector-DNS") {
145                        f.dkim_selector_dns = Some(txt_value.into());
146                    } else if key.eq_ignore_ascii_case(b"Delivery-Result") {
147                        f.delivery_result = if txt_value.eq_ignore_ascii_case("delivered") {
148                            DeliveryResult::Delivered
149                        } else if txt_value.eq_ignore_ascii_case("spam") {
150                            DeliveryResult::Spam
151                        } else if txt_value.eq_ignore_ascii_case("policy") {
152                            DeliveryResult::Policy
153                        } else if txt_value.eq_ignore_ascii_case("reject") {
154                            DeliveryResult::Reject
155                        } else if txt_value.eq_ignore_ascii_case("other") {
156                            DeliveryResult::Other
157                        } else {
158                            continue;
159                        };
160                    }
161                }
162                Some(b'F' | b'f') if key.eq_ignore_ascii_case(b"Feedback-Type") => {
163                    f.feedback_type = if txt_value.eq_ignore_ascii_case("abuse") {
164                        FeedbackType::Abuse
165                    } else if txt_value.eq_ignore_ascii_case("auth-failure") {
166                        FeedbackType::AuthFailure
167                    } else if txt_value.eq_ignore_ascii_case("fraud") {
168                        FeedbackType::Fraud
169                    } else if txt_value.eq_ignore_ascii_case("not-spam") {
170                        FeedbackType::NotSpam
171                    } else if txt_value.eq_ignore_ascii_case("other") {
172                        FeedbackType::Other
173                    } else if txt_value.eq_ignore_ascii_case("virus") {
174                        FeedbackType::Virus
175                    } else {
176                        continue;
177                    };
178                    has_ft = true;
179                }
180                Some(b'I' | b'i') => {
181                    if key.eq_ignore_ascii_case(b"Identity-Alignment") {
182                        for id in txt_value.split(',') {
183                            let id = id.trim();
184                            if id.eq_ignore_ascii_case("dkim") {
185                                f.identity_alignment =
186                                    if f.identity_alignment == IdentityAlignment::Spf {
187                                        IdentityAlignment::DkimSpf
188                                    } else {
189                                        IdentityAlignment::Dkim
190                                    };
191                            } else if id.eq_ignore_ascii_case("spf") {
192                                f.identity_alignment =
193                                    if f.identity_alignment == IdentityAlignment::Dkim {
194                                        IdentityAlignment::DkimSpf
195                                    } else {
196                                        IdentityAlignment::Spf
197                                    };
198                            } else if id.eq_ignore_ascii_case("none") {
199                                f.identity_alignment = IdentityAlignment::None;
200                                break;
201                            }
202                        }
203                    } else if key.eq_ignore_ascii_case(b"Incidents") {
204                        f.incidents = txt_value.parse().unwrap_or(1);
205                    }
206                }
207                Some(b'O' | b'o') => {
208                    if key.eq_ignore_ascii_case(b"Original-Envelope-Id") {
209                        f.original_envelope_id = Some(txt_value.into());
210                    } else if key.eq_ignore_ascii_case(b"Original-Mail-From") {
211                        f.original_mail_from = Some(txt_value.into());
212                    } else if key.eq_ignore_ascii_case(b"Original-Rcpt-To") {
213                        f.original_rcpt_to = Some(txt_value.into());
214                    }
215                }
216                Some(b'R' | b'r') => {
217                    if key.eq_ignore_ascii_case(b"Reported-Domain") {
218                        f.reported_domain.push(txt_value.into());
219                    } else if key.eq_ignore_ascii_case(b"Reported-URI") {
220                        f.reported_uri.push(txt_value.into());
221                    } else if key.eq_ignore_ascii_case(b"Reporting-MTA") {
222                        f.reporting_mta = Some(if let Some(mta) = txt_value.strip_prefix("dns;") {
223                            mta.trim().into()
224                        } else {
225                            txt_value.into()
226                        });
227                    } else if key.eq_ignore_ascii_case(b"Received-Date")
228                        && let HeaderValue::DateTime(dt) = MessageStream::new(value).parse_date()
229                    {
230                        f.arrival_date = dt.to_timestamp().into();
231                    }
232                }
233                Some(b'S' | b's') => {
234                    if key.eq_ignore_ascii_case(b"SPF-DNS") {
235                        f.spf_dns = Some(txt_value.into());
236                    } else if key.eq_ignore_ascii_case(b"Source-IP") {
237                        f.source_ip = if let Some((ip, _)) = txt_value.split_once(' ') {
238                            ip.parse().ok()
239                        } else {
240                            txt_value.parse().ok()
241                        };
242                    } else if key.eq_ignore_ascii_case(b"Source-Port") {
243                        f.source_port = txt_value.parse().unwrap_or(0);
244                    }
245                }
246                Some(b'U' | b'u') if key.eq_ignore_ascii_case(b"User-Agent") => {
247                    f.user_agent = Some(txt_value.into());
248                }
249                Some(b'V' | b'v') if key.eq_ignore_ascii_case(b"Version") => {
250                    f.version = txt_value.parse().unwrap_or(0);
251                }
252                _ => (),
253            }
254        }
255
256        if has_ft { Some(f) } else { None }
257    }
258}
259
260#[cfg(test)]
261mod test {
262    use std::{fs, path::PathBuf};
263
264    use crate::report::Feedback;
265
266    #[test]
267    fn arf_report_parse() {
268        let mut test_dir = PathBuf::from(env!("CARGO_MANIFEST_DIR"));
269        test_dir.push("resources");
270        test_dir.push("arf");
271
272        for file_name in fs::read_dir(&test_dir).unwrap() {
273            let mut file_name = file_name.unwrap().path();
274            if !file_name.extension().unwrap().to_str().unwrap().eq("eml") {
275                continue;
276            }
277            println!("Parsing ARF feedback {}", file_name.to_str().unwrap());
278
279            let arf = fs::read(&file_name).unwrap();
280            let mut feedback = Feedback::parse_rfc5322(&arf).unwrap();
281            feedback.message = None;
282
283            file_name.set_extension("json");
284
285            let expected_feedback =
286                serde_json::from_slice::<Feedback>(&fs::read(&file_name).unwrap()).unwrap();
287
288            assert_eq!(expected_feedback, feedback);
289
290            /*fs::write(
291                &file_name,
292                serde_json::to_string_pretty(&feedback).unwrap().as_bytes(),
293            )
294            .unwrap();*/
295        }
296    }
297}
mail_auth/report/arf/parse.rs

mail_auth/report/arf/
parse.rs
