NAME

Mail::STS::Domain - class for MTA-STS domain lookups

VERSION

version 0.03

SYNOPSIS

my $domain = $sts->domain('example.com');
# or construct it yourself
my $domain = Mail::STS::Domain(
  resolver => $resolver, # Net::DNS::Resolver
  agent => $agent, # LWP::UserAgent
  domain => 'example.com',
);

$domain->mx;
# [ 'mta1.example.com', ... ]
$domain->tlsa;
# undef or Net::DNS::RR:TLSA
$domain->primary
# mta1.example.com
$domain->tlsrpt;
# undef or Mail::STS::TLSRPTRecord
$domain->sts;
# undef or Mail::STS::STSRecord
$domain->policy;
# Mail::STS::Policy or will die()

ATTRIBUTES

domain (required)

The domain to lookup.

resolver (required)

A Net::DNS::Resolver object to use for DNS lookups.

agent (required)

A LWP::UserAgent object to use for retrieving policy documents by https.

max_policy_size(default: 65536)

Maximum size allowed for STS policy document.

METHODS

mx()

Retrieves MX hostnames from DNS and returns a array reference.

List is sorted by priority.

$domain->mx;
# [ 'mta1.example.com', 'backup-mta1.example.com' ]

a()

Returns the domainname if a AAAA or A record exists for the domain.

$domain->a;
# "example.com"

record_type()

Returns the type of record the domain resolves to:

"mx"

If domain has MX records.

"a"

If domain has an AAAA or A record.

"non-existent"

If the domain does not exist.

primary()

Returns the hostname of the primary MTA for this domain.

In case of MX records the first element of mx().

In case of an AAAA or A record the domainname.

Or undef if the domain does not resolve at all.

is_primary_secure()

Returns 1 if resolver signaled successfull DNSSEC validation for the hostname returned by primary().

Otherwise returns 0.

tlsa()

Returns a Net::DNS::RR in case an TLSA record exists for the hostname returned by primary() otherwise undef.

tlsrpt()

Returns an Mail::STS::TLSRPTRecord if a TLSRPT TXT record for the domain could be lookup.

sts()

Returns an Mail::STS::STSRecord if a STS TXT record for the domain could be lookup.

policy()

Returns a Mail::STS::Policy object if a policy for the domain could be retrieved by the well known URL.

Otherwise will die with an error.

check_policy_update()

Checks if a new version of the policy is available.

First checks if the policy max_age has expired. Then checks if the _mta_sts record lists a new policy version.

If there is a new policy the current policy will be resettet so the next call to ->policy() will return the new policy.

Returns 1 if new policy was found otherwise 0.

is_mx_secure() =head2 is_a_secure() =head2 is_tlsa_secure() =head2 is_sts_secure() =head2 is_tlsrpt_secure()

Returns 1 if resolver signaled successfull DNSSEC validation (ad flag) for returned record otherwise returns 0.

AUTHOR

Markus Benning <ich@markusbenning.de>

COPYRIGHT AND LICENSE

This software is copyright (c) 2018 by Markus Benning <ich@markusbenning.de>.

This is free software; you can redistribute it and/or modify it under the same terms as the Perl 5 programming language system itself.