helpers: add test for labelRemove sanitization

packages/helpers/src/dkim/index.ts

@@ -19,6 +19,7 @@ export interface DKIMVerificationResult {
   algo: string;
   format: string;
   modulusLength: number;
+  appliedSanitization?: string;
 }
 
 export async function verifyDKIMSignature(
@@ -38,6 +39,7 @@ export async function verifyDKIMSignature(
   let dkimResult = await tryVerifyDKIM(email, domain);
 
   // If DKIM verification fails, try again after sanitizing email
+  let appliedSanitization;
   if (dkimResult.status.comment === "bad signature" && enableSanitization) {
     const results = await Promise.all(
       sanitizers.map((sanitize) =>
@@ -53,6 +55,7 @@ export async function verifyDKIMSignature(
     if (passed) {
       console.log(`DKIM: Verification passed after applying sanitization "${passed.sanitizer}"`);
       dkimResult = passed.result;
+      appliedSanitization = passed.sanitizer;
     }
   }
 
@@ -85,6 +88,7 @@ export async function verifyDKIMSignature(
     algo: dkimResult.algo,
     format: dkimResult.format,
     modulusLength: dkimResult.modulusLength,
+    appliedSanitization,
   };
 }
 

packages/helpers/tests/dkim.test.ts

@@ -13,6 +13,7 @@ describe("DKIM signature verification", () => {
     const result = await verifyDKIMSignature(email);
 
     expect(result.signingDomain).toBe("icloud.com");
+    expect(result.appliedSanitization).toBeFalsy();
   });
 
   it("should fail for invalid selector", async () => {
@@ -86,3 +87,18 @@ describe("DKIM signature verification", () => {
     }
   });
 });
+
+describe("DKIM with sanitization", () => {
+  it("should pass after removing label from Subject", async () => {
+    const email = fs.readFileSync(
+      path.join(__dirname, `test-data/email-good.eml`)
+    );
+
+    // Add a label to the subject
+    const tamperedEmail = email.toString().replace("Subject: ", "Subject: [EmailListABC]");
+
+    const result = await verifyDKIMSignature(tamperedEmail);
+
+    expect(result.appliedSanitization).toBe("removeLabels");
+  });
+});