From ef6031cd6558c89fd117059b5071a7875bd28256 Mon Sep 17 00:00:00 2001
From: Uwe Kamper <me@uwekamper.de>
Date: Sat, 10 Feb 2024 15:40:53 +0100
Subject: [PATCH] #881 add new mail auth subcategory for TLS-RPT

---
 checks/categories.py | 31 +++++++++++++++++++++++++++++++
 1 file changed, 31 insertions(+)

diff --git a/checks/categories.py b/checks/categories.py
index 917b10fea..e8e216116 100644
--- a/checks/categories.py
+++ b/checks/categories.py
@@ -222,6 +222,7 @@ def __init__(self, name="mail-auth"):
             MailAuthDkim,
             MailAuthSpf,
             MailAuthSpfPolicy,
+            MailAuthTlsRptExists,
         ]
         super().__init__(name, subtests)
 
@@ -2246,6 +2247,36 @@ def result_bad_redirect(self, tech_data):
         self.tech_data = tech_data
 
 
+class MailAuthTlsRptExists(Subtest):
+    def __init__(self):
+        super().__init__(
+            name="spf",
+            label="detail mail auth tlsrpt label",
+            explanation="detail mail auth tlsrpt exp",
+            tech_string="detail mail auth tlsrpt tech table",
+            worst_status=scoring.MAIL_AUTH_SPF_WORST_STATUS,
+            full_score=scoring.MAIL_AUTH_SPF_PASS,
+            model_score_field="spf_score",
+        )
+        # Fix for one line, one value data.
+        self.tech_data = [[self.tech_data]]
+
+    def result_good(self, tech_data):
+        self._status(STATUS_SUCCESS)
+        self.verdict = "detail mail auth spf verdict good"
+        self.tech_data = [[tech_data]]
+
+    def result_bad(self, tech_data):
+        self._status(STATUS_FAIL)
+        self.verdict = "detail mail auth spf verdict bad"
+        if tech_data:
+            # More than one spf record. Show the records.
+            self.tech_data = [[tech_data]]
+        else:
+            self.tech_data = ""
+            self.tech_type = ""
+
+
 # --- APPSECPRIV
 class WebAppsecprivHttpXFrame(Subtest):
     def __init__(self):