Page MenuHomePhorge
Files F117747731

rcube_spoofchecker.php
No OneTemporary
Actions

Authored By
Unknown
Size
2 KB
Referenced Files
None
Subscribers
None

rcube_spoofchecker.php
View Options

<?php
/**
+-----------------------------------------------------------------------+
| This file is part of the Roundcube Webmail client |
| |
| Copyright (C) The Roundcube Dev Team |
| Copyright (C) Kolab Systems AG |
| |
| Licensed under the GNU General Public License version 3 or |
| any later version with exceptions for skins & plugins. |
| See the README file for a full license statement. |
| |
| PURPOSE: |
| E-mail/Domain name spoofing detection |
+-----------------------------------------------------------------------+
| Author: Aleksander Machniak <machniak@kolabsys.com> |
+-----------------------------------------------------------------------+
*/
/**
* Helper class for spoofing detection.
*
* @package Framework
* @subpackage Utils
*/
class rcube_spoofchecker
{
/** @var array In-memory cache of checked domains */
protected static $results = [];
/**
* Detects (potential) spoofing in an e-mail address or a domain.
*
* @param string $domain Email address or domain (UTF8 not punycode)
*
* @return bool True if spoofed/suspicious, False otherwise
*/
public static function check($domain)
{
if (($pos = strrpos($domain, '@')) !== false) {
$domain = substr($domain, $pos + 1);
}
if (isset(self::$results[$domain])) {
return self::$results[$domain];
}
// Spoofchecker is part of ext-intl (requires ICU >= 4.2)
$checker = new Spoofchecker();
// Note: The constant (and method?) added in PHP 7.3.0
if (defined('Spoofchecker::HIGHLY_RESTRICTIVE')) {
$checker->setRestrictionLevel(Spoofchecker::HIGHLY_RESTRICTIVE);
}
else {
$checker->setChecks(Spoofchecker::SINGLE_SCRIPT | Spoofchecker::INVISIBLE);
}
$result = $checker->isSuspicious($domain);
// TODO: Use areConfusable() to detect ascii-spoofing of some domains, e.g. paypa1.com?
// TODO: Domains with non-printable characters should be considered spoofed
return self::$results[$domain] = $result;
}
}

File Metadata

Mime Type
text/x-php
Expires
Sat, Apr 4, 12:32 AM (3 w, 6 d ago)
Storage Engine
local-disk
Storage Format
Raw Data
Storage Handle
18/e7/2ef79fbbec1841a3570945f80a3a
Default Alt Text
rcube_spoofchecker.php (2 KB)

Event Timeline