1.18. spf
¶
This module provides functionality for checking published Sender Policy Framework (SPF) records. SPF is defined in RFC 7208.
1.18.1. Data¶
-
DEFAULT_DNS_TIMEOUT
= 10[source]¶ The default number of seconds to wait for a query response from the DNS server.
-
MAX_QUERIES
= 10[source]¶ The maximum number of DNS queries allowed to take place during evaluation as defined within section 4.6.4 of RFC 7208.
1.18.2. Functions¶
-
check_host
(ip, domain, sender=None, timeout=10)[source]¶ Analyze the Sender Policy Framework of a domain by creating a
SenderPolicyFramework
instance and returning the result ofSenderPolicyFramework.check_host()
.Parameters: - ip (str,
ipaddress.IPv4Address
,ipaddress.IPv6Address
) – The IP address of the host sending the message. - domain (str) – The domain to check the SPF policy of.
- sender (str) – The “MAIL FROM” identity of the message being sent.
- timeout (int) – The timeout for DNS queries.
Returns: The result of the SPF policy if one can be found or None.
Return type: - ip (str,
1.18.3. Classes¶
-
class
SenderPolicyFramework
(ip, domain, sender=None, timeout=10)[source]¶ Analyze the Sender Policy Framework configuration for a domain to determine if an IP address is authorized to send messages on it’s behalf. The exp modifier defined in section 6.2 of the RFC is not supported.
-
__init__
(ip, domain, sender=None, timeout=10)[source]¶ Parameters: - ip (str,
ipaddress.IPv4Address
,ipaddress.IPv6Address
) – The IP address of the host sending the message. - domain (str) – The domain to check the SPF policy of.
- sender (str) – The “MAIL FROM” identity of the message being sent.
- timeout (int) – The timeout for DNS queries.
- ip (str,
-
check_host
()[source]¶ Check the SPF policy described by the object. The string representing the matched policy is returned if an SPF policy exists, otherwise None will be returned if no policy is defined.
Returns: The result of the SPF policy described by the object. Return type: None, str
-
expand_macros
(value, ip, domain, sender)[source]¶ Expand a string based on the macros it contains as specified by section 7 of RFC 7208.
Parameters: - value (str) – The string containing macros to expand.
- ip (str,
ipaddress.IPv4Address
,ipaddress.IPv6Address
) – The IP address to use when expanding macros. - domain (str) – The domain name to use when expanding macros.
- sender (str) – The email address of the sender to use when expanding macros.
Returns: The string with the interpreted macros replaced within it.
Return type:
-
matches
= None[source]¶ A list of
SPFMatch
instances showing the path traversed to identify a matching directive. Multiple entries in this list are present when include directives are used and a match is found within the body of one. The list is ordered from the top level domain to the matching record.
-
records
= None[source]¶ A
collections.OrderedDict
of all the SPF records that were resolved. This would be any records resolved due to an “include” directive in addition to the top level domain.
-
-
class
SPFDirective
(mechanism, qualifier, rvalue=None)[source]¶ A class representing a single directive within a sender policy framework record.
-
class
SPFMatch
(record, directive)[source]¶ A simple container to associate a matched directive with it’s record.
-
class
SPFRecord
(directives, domain=None)[source]¶ A class representing a parsed Sender Policy Framework record with all of its directives.
-
__init__
(directives, domain=None)[source]¶ Parameters: - directives (list) – A list of
SPFDirective
instances. - domain (str) – The domain with which this record is associated with.
- directives (list) – A list of
-
1.18.4. Exceptions¶
-
exception
SPFError
(message)[source]¶ Bases:
Exception
Base exception for errors raised by this module.
-
exception
SPFTempError
(message)[source]¶ Bases:
king_phisher.spf.SPFError
Exception indicating that the verification process encountered a transient (generally DNS) error while performing the check. Described in section 2.6.6 of RFC 7208.
-
exception
SPFTimeOutError
(message)[source]¶ Bases:
king_phisher.spf.SPFTempError
Exception indicating that a timeout occurred while querying the DNS server. This is normally caused when the client can’t communicate with the DNS server.
-
exception
SPFParseError
(message)[source]¶ Bases:
king_phisher.spf.SPFPermError
Exception indicating that the domains published records could not be correctly parsed.
-
exception
SPFPermError
(message)[source]¶ Bases:
king_phisher.spf.SPFError
Exception indicating that the domains published records could not be correctly interpreted. Described in section 2.6.7 of RFC 7208.