Move status checks for www, autoconfig, autodiscover, and mta-sts to within the section for the parent domain
Since we're checking the MTA-STS policy, there's no need to check that the domain resolves etc. directly.
This commit is contained in:
Joshua Tauberer
parent
10bedad3a3
commit
b805f8695e
|
|
@ -311,6 +311,17 @@ def run_domain_checks(rounded_time, env, output, pool):
|
|||
|
||||
domains_to_check = mail_domains | dns_domains | web_domains
|
||||
|
||||
# Remove "www", "autoconfig", "autodiscover", and "mta-sts" subdomains, which we group with their parent,
|
||||
# if their parent is in the domains to check list.
|
||||
domains_to_check = [
|
||||
d for d in domains_to_check
|
||||
if not (
|
||||
d.split(".", 1)[0] in ("www", "autoconfig", "autodiscover", "mta-sts")
|
||||
and len(d.split(".", 1)) == 2
|
||||
and d.split(".", 1)[1] in domains_to_check
|
||||
)
|
||||
]
|
||||
|
||||
# Get the list of domains that we don't serve web for because of a custom CNAME/A record.
|
||||
domains_with_a_records = get_domains_with_a_records(env)
|
||||
|
||||
|
|
@ -361,6 +372,26 @@ def run_domain_checks_on_domain(domain, rounded_time, env, dns_domains, dns_zone
|
|||
if domain in dns_domains:
|
||||
check_dns_zone_suggestions(domain, env, output, dns_zonefiles, domains_with_a_records)
|
||||
|
||||
# Check auto-configured subdomains. See run_domain_checks.
|
||||
# Skip mta-sts because we check the policy directly.
|
||||
for label in ("www", "autoconfig", "autodiscover"):
|
||||
subdomain = label + "." + domain
|
||||
if subdomain in web_domains or subdomain in mail_domains:
|
||||
# Run checks.
|
||||
subdomain_output = run_domain_checks_on_domain(subdomain, rounded_time, env, dns_domains, dns_zonefiles, mail_domains, web_domains, domains_with_a_records)
|
||||
|
||||
# Prepend the domain name to the start of each check line, and then add to the
|
||||
# checks for this domain.
|
||||
for attr, args, kwargs in subdomain_output[1].buf:
|
||||
if attr == "add_heading":
|
||||
# Drop the heading, but use its text as the subdomain name in
|
||||
# each line since it is in Unicode form.
|
||||
subdomain = args[0]
|
||||
continue
|
||||
if len(args) == 1 and isinstance(args[0], str):
|
||||
args = [ subdomain + ": " + args[0] ]
|
||||
getattr(output, attr)(*args, **kwargs)
|
||||
|
||||
return (domain, output)
|
||||
|
||||
def check_primary_hostname_dns(domain, env, output, dns_domains, dns_zonefiles):
|
||||
|
|
|
|||
Loading…
Reference in New Issue