From 3d3d4faa7962ea6e778e5153baadf79a77a98929 Mon Sep 17 00:00:00 2001
From: Jeffrey Bencteux <jeffbencteux@gmail.com>
Date: Mon, 17 Oct 2022 11:14:24 -0400
Subject: [PATCH] add SPF version check

---
 README.md     |  1 +
 mailsecchk.sh | 16 ++++++++++++++++
 2 files changed, 17 insertions(+)

diff --git a/README.md b/README.md
index 22b7fff..d074aba 100644
--- a/README.md
+++ b/README.md
@@ -19,6 +19,7 @@ arguments:
 ## Current checks
 
 * SPF DNS record presence
+* SPF version
 * SPF not using FAIL mode "-all"
 * SPF include not resolving to a correct DNS TXT record (potential domain takeover)
 * DMARC DNS record presence
diff --git a/mailsecchk.sh b/mailsecchk.sh
index 83da84b..849531b 100755
--- a/mailsecchk.sh
+++ b/mailsecchk.sh
@@ -146,6 +146,21 @@ has_spf()
 	fi
 }
 
+spf_version()
+{
+	local spf="$1"
+
+	if [ "$spf" = "" ]; then
+		return
+	fi
+
+	if echo "$spf" | grep -Eqv "^\"(v=spf1[ ]|^\"v=spf1$)"; then
+		print_bad "SPF version is incorrect"
+	else
+		print_good "SPF version is correct"
+	fi
+}
+
 loose_spf()
 {
 	local spf="$1"
@@ -478,6 +493,7 @@ log "SPF: $spf"
 log ""
 
 has_spf "$spf"
+spf_version "$spf"
 loose_spf "$spf"
 spf_include_domain "$spf" "m365" "Microsoft 365" "spf.protection.outlook.com" "$specific"
 spf_include_domain "$spf" "google" "Google Workspace" "_spf.google.com" "$specific"