email: Show reverse DNS entries to be configured

Imroves: https://salsa.debian.org/freedombox-team/freedombox/-/issues/56

[sunil]

- Show reverse DNS records for both IPv4 and IPv6 addresses.

- Use utility to lookup public IP addresses.

- Rename the template context variable and method to use less technical terms.

- Use Python's ipaddress module to compute the PTR record's domain value.

- Don't retrieve primary domain at the module level.

Signed-off-by: Benedek Nagy <contact@nbenedek.me>
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Benedek Nagy <contact@nbenedek.me>

plinth/modules/email/dns.py

@@ -7,10 +7,17 @@ See: https://dmarcguide.globalcyberalliance.org/
 See: https://support.google.com/a/answer/2466580
 See: https://datatracker.ietf.org/doc/html/rfc6186
 See: https://rspamd.com/doc/modules/dkim_signing.html
+See: https://en.wikipedia.org/wiki/Reverse_DNS_lookup
 """
 
+import ipaddress
+import typing
 from dataclasses import dataclass
 
+from plinth.modules.privacy import lookup_public_address
+
+from . import privileged
+
 
 @dataclass
 class Entry:  # pylint: disable=too-many-instance-attributes
@@ -41,8 +48,6 @@ class Entry:  # pylint: disable=too-many-instance-attributes
 
 def get_entries():
     """Return the list of DNS entries to make."""
-    from . import privileged
-
     domain = privileged.domain.get_domains()['primary_domain']
     mx_spam_entries = [
         Entry(type_='MX', value=f'{domain}.'),
@@ -70,3 +75,21 @@ def get_entries():
               port=995, value=f'{domain}.'),
     ]
     return mx_spam_entries + dkim_entries + autoconfig_entries
+
+
+def get_reverse_entries() -> list[Entry]:
+    """Return the list of reverse DNS entries to make."""
+    entries = []
+    domain = privileged.domain.get_domains()['primary_domain']
+    for ip_type in typing.get_args(typing.Literal['ipv4', 'ipv6']):
+        try:
+            ip_address = lookup_public_address(ip_type)
+            reverse_pointer = ipaddress.ip_address(ip_address).reverse_pointer
+        except Exception as exception:
+            reverse_pointer = \
+                f'Error querying external {ip_type} address: {exception}'
+
+        entry = Entry(domain=reverse_pointer, type_='PTR', value=f'{domain}.')
+        entries.append(entry)
+
+    return entries

plinth/modules/email/templates/email.html

@@ -58,4 +58,41 @@
       </tbody>
     </table>
   </div>
+
+  <h4>{% trans "Reverse DNS" %}</h4>
+
+  <p>
+    {% blocktrans trimmed %}
+      If your {{ box_name }} runs on a cloud service infrastructure, you
+      should configure <a href="https://en.wikipedia.org/wiki/Reverse_DNS_lookup">
+      Reverse DNS lookup</a>. This isn't mandatory, however, it greatly improves
+      email deliverability. Reverse DNS isn't configured where your regular DNS
+      is. You should look for it in the settings of your VPS. Some providers
+      preconfigure the IP address part for you and you only have to set the domain part.
+    {% endblocktrans %}
+  </p>
+
+  <div class="table-responsive">
+    <table class="table table-sm">
+      <thead>
+        <tr>
+          <th>{% trans "Host" %}</th>
+          <th>{% trans "TTL" %}</th>
+          <th>{% trans "Type" %}</th>
+          <th>{% trans "Host/Target/Value" %}</th>
+        </tr>
+      </thead>
+      <tbody>
+        {% for dns_entry in reverse_dns_entries %}
+          <tr>
+            <td>{{ dns_entry.domain|default_if_none:"" }}</td>
+            <td>{{ dns_entry.ttl }}</td>
+            <td>{{ dns_entry.type_ }}</td>
+            <td class="text-break">{{ dns_entry.get_split_value }}</td>
+          </tr>
+        {% endfor %}
+      </tbody>
+    </table>
+  </div>
+
 {% endblock %}

plinth/modules/email/views.py

@@ -26,6 +26,7 @@ class EmailAppView(AppView):
         """Add additional context data for rendering the template."""
         context = super().get_context_data(**kwargs)
         context['dns_entries'] = dns.get_entries()
+        context['reverse_dns_entries'] = dns.get_reverse_entries()
         return context
 
     def get_initial(self):