Update docs

domainaware · Jan 4, 2024 · 44ac16b · 44ac16b
1 parent 31a8529
commit 44ac16b
Show file tree

Hide file tree

Showing 2 changed files with 182 additions and 102 deletions.
diff --git a/checkdmarc/_cli.py b/checkdmarc/_cli.py
@@ -1,6 +1,6 @@
 #!/usr/bin/env python3
 # -*- coding: utf-8 -*-
-"""TValidates and parses email-related DNS records"""
+"""Validates and parses email-related DNS records"""
 
 from __future__ import annotations
 

diff --git a/docs/source/cli.md b/docs/source/cli.md
@@ -1,15 +1,16 @@
 # CLI
 
 ```text
-usage: checkdmarc [-h] [-p] [--ns NS [NS ...]] [--mx MX [MX ...]] [-d] [-f FORMAT] [-o OUTPUT [OUTPUT ...]]
-                  [-n NAMESERVER [NAMESERVER ...]] [-t TIMEOUT] [-b BIMI_SELECTOR] [-v] [-w WAIT] [--skip-tls]
-                  [--debug]
+usage: checkdmarc [-h] [-p] [--ns NS [NS ...]] [--mx MX [MX ...]] [-d] [-f FORMAT]
+                  [-o OUTPUT [OUTPUT ...]] [-n NAMESERVER [NAMESERVER ...]] [-t TIMEOUT]
+                  [-b BIMI_SELECTOR] [-v] [-w WAIT] [--skip-tls] [--debug]
                   domain [domain ...]
 
-Validates and parses email-related DNS records
+TValidates and parses email-related DNS records
 
 positional arguments:
-  domain                one or more domains, or a single path to a file containing a list of domains
+  domain                one or more domains, or a single path to a file containing a
+                        list of domains
 
 options:
   -h, --help            show this help message and exit
@@ -20,7 +21,8 @@ options:
   -f FORMAT, --format FORMAT
                         specify JSON or CSV screen output format
   -o OUTPUT [OUTPUT ...], --output OUTPUT [OUTPUT ...]
-                        one or more file paths to output to (must end in .json or .csv) (silences screen output)
+                        one or more file paths to output to (must end in .json or .csv)
+                        (silences screen output)
   -n NAMESERVER [NAMESERVER ...], --nameserver NAMESERVER [NAMESERVER ...]
                         nameservers to query
   -t TIMEOUT, --timeout TIMEOUT
@@ -36,133 +38,211 @@ options:
 ## Example
 
 ```bash
-checkdmarc fbi.gov
+checkdmarc proton.me
 ```
 
 ```json
 {
-    "domain": "fbi.gov",
-    "base_domain": "fbi.gov",
-    "dnssec": true,
-    "ns": {
+  "domain": "proton.me",
+  "base_domain": "proton.me",
+  "dnssec": true,
+  "ns": {
     "hostnames": [
-        "a1.fbi.gov",
-        "a2.fbi.gov",
-        "a3.fbi.gov"
+      "ns1.proton.me",
+      "ns2.proton.me",
+      "ns3.proton.me"
     ],
     "warnings": []
-    },
-    "mx": {
+  },
+  "mx": {
     "hosts": [
-        {
+      {
         "preference": 10,
-        "hostname": "mx-east.fbi.gov",
+        "hostname": "mail.protonmail.ch",
         "addresses": [
-            "153.31.160.5"
-        ],
-        "tls": true,
-        "starttls": true
-        }
+          "176.119.200.128",
+          "185.205.70.128",
+          "185.70.42.128"
+        ]
+      },
+      {
+        "preference": 20,
+        "hostname": "mailsec.protonmail.ch",
+        "addresses": [
+          "176.119.200.129",
+          "185.205.70.129",
+          "185.70.42.129"
+        ]
+      }
     ],
     "warnings": []
+  },
+  "mta_sts": {
+    "valid": true,
+    "id": "190906205100Z",
+    "policy": {
+      "version": "STSv1",
+      "mode": "enforce",
+      "max_age": 604800,
+      "mx": [
+        "mail.protonmail.ch",
+        "mailsec.protonmail.ch"
+      ]
     },
-    "spf": {
-    "record": "v=spf1 +mx ip4:153.31.0.0/16 -all",
+    "warnings": [
+      "MTA-STS policy lines should end with CRLF not LF"
+    ]
+  },
+  "spf": {
+    "record": "v=spf1 include:_spf.protonmail.ch ~all",
     "valid": true,
-    "dns_lookups": 1,
+    "dns_lookups": 2,
+    "dns_void_lookups": 0,
     "warnings": [],
     "parsed": {
-        "pass": [
-        {
-            "value": "mx-east.fbi.gov",
-            "mechanism": "mx"
-        },
+      "pass": [],
+      "neutral": [],
+      "softfail": [],
+      "fail": [],
+      "include": [
         {
-            "value": "153.31.0.0/16",
-            "mechanism": "ip4"
+          "domain": "_spf.protonmail.ch",
+          "record": "v=spf1 ip4:185.70.40.0/24 ip4:185.70.41.0/24 ip4:185.70.43.0/24 include:_spf2.protonmail.ch ~all",
+          "dns_lookups": 1,
+          "dns_void_lookups": 0,
+          "parsed": {
+            "pass": [
+              {
+                "value": "185.70.40.0/24",
+                "mechanism": "ip4"
+              },
+              {
+                "value": "185.70.41.0/24",
+                "mechanism": "ip4"
+              },
+              {
+                "value": "185.70.43.0/24",
+                "mechanism": "ip4"
+              }
+            ],
+            "neutral": [],
+            "softfail": [],
+            "fail": [],
+            "include": [
+              {
+                "domain": "_spf2.protonmail.ch",
+                "record": "v=spf1 ip4:51.89.119.103 ip4:91.134.188.129 ip4:51.77.79.158 ip4:54.38.221.122 ip4:188.165.51.139 ip4:54.36.149.183 ~all",
+                "dns_lookups": 0,
+                "dns_void_lookups": 0,
+                "parsed": {
+                  "pass": [
+                    {
+                      "value": "51.89.119.103",
+                      "mechanism": "ip4"
+                    },
+                    {
+                      "value": "91.134.188.129",
+                      "mechanism": "ip4"
+                    },
+                    {
+                      "value": "51.77.79.158",
+                      "mechanism": "ip4"
+                    },
+                    {
+                      "value": "54.38.221.122",
+                      "mechanism": "ip4"
+                    },
+                    {
+                      "value": "188.165.51.139",
+                      "mechanism": "ip4"
+                    },
+                    {
+                      "value": "54.36.149.183",
+                      "mechanism": "ip4"
+                    }
+                  ],
+                  "neutral": [],
+                  "softfail": [],
+                  "fail": [],
+                  "include": [],
+                  "redirect": null,
+                  "exp": null,
+                  "all": "softfail"
+                },
+                "warnings": []
+              }
+            ],
+            "redirect": null,
+            "exp": null,
+            "all": "softfail"
+          },
+          "warnings": []
         }
-        ],
-        "neutral": [],
-        "softfail": [],
-        "fail": [],
-        "include": [],
-        "redirect": null,
-        "exp": null,
-        "all": "fail"
+      ],
+      "redirect": null,
+      "exp": null,
+      "all": "softfail"
     }
-    },
-    "dmarc": {
-    "record": "v=DMARC1; p=reject; rua=mailto:dmarc-feedback@fbi.gov,mailto:reports@dmarc.cyber.dhs.gov; ruf=mailto:dmarc-feedback@fbi.gov; pct=100",
+  },
+  "dmarc": {
+    "record": "v=DMARC1; p=quarantine; fo=1; aspf=s; adkim=s;",
     "valid": true,
-    "location": "fbi.gov",
-    "warnings": [],
+    "location": "proton.me",
+    "warnings": [
+      "rua tag (destination for aggregate reports) not found"
+    ],
     "tags": {
-        "v": {
+      "v": {
         "value": "DMARC1",
         "explicit": true
-        },
-        "p": {
-        "value": "reject",
+      },
+      "p": {
+        "value": "quarantine",
         "explicit": true
-        },
-        "rua": {
-        "value": [
-            {
-            "scheme": "mailto",
-            "address": "dmarc-feedback@fbi.gov",
-            "size_limit": null
-            },
-            {
-            "scheme": "mailto",
-            "address": "reports@dmarc.cyber.dhs.gov",
-            "size_limit": null
-            }
-        ],
+      },
+      "fo": {
+        "value": "1",
         "explicit": true
-        },
-        "ruf": {
-        "value": [
-            {
-            "scheme": "mailto",
-            "address": "dmarc-feedback@fbi.gov",
-            "size_limit": null
-            }
-        ],
+      },
+      "aspf": {
+        "value": "s",
         "explicit": true
-        },
-        "pct": {
-        "value": 100,
+      },
+      "adkim": {
+        "value": "s",
         "explicit": true
-        },
-        "adkim": {
-        "value": "r",
-        "explicit": false
-        },
-        "aspf": {
-        "value": "r",
-        "explicit": false
-        },
-        "fo": {
-        "value": [
-            "0"
-        ],
+      },
+      "pct": {
+        "value": 100,
         "explicit": false
-        },
-        "rf": {
-        "value": [
-            "afrf"
-        ],
+      },
+      "rf": {
+        "value": "afrf",
         "explicit": false
-        },
-        "ri": {
+      },
+      "ri": {
         "value": 86400,
         "explicit": false
-        },
-        "sp": {
-        "value": "reject",
+      },
+      "sp": {
+        "value": "quarantine",
         "explicit": false
-        }
-    }
+      }
     }
+  },
+  "smtp_tls_reporting": {
+    "valid": true,
+    "tags": {
+      "v": {
+        "value": "TLSRPTv1"
+      },
+      "rua": {
+        "value": [
+          "https://reports.proton.me/reports/smtptls"
+        ]
+      }
+    },
+    "warnings": []
+  }
 }
 ```