-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathtr_en_strings.json
More file actions
151 lines (151 loc) · 7.34 KB
/
tr_en_strings.json
File metadata and controls
151 lines (151 loc) · 7.34 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
[
"(unknown)",
"AWS Route 53: Record types",
"Add TLS-RPT if you want reports about TLS failures.",
"Adoption depends on policy/requirements. Separate concern from email auth (SPF/DKIM/DMARC).",
"Alternative",
"Azure DNS: Create records (portal)",
"BIMI is used by some mail clients to display a brand logo. It is optional, but can improve recognition for recipients.",
"BIMI missing (optional)",
"BIMI record detected.",
"CAA is optional. It may be unavailable due to DNS response issues.",
"CAA missing (optional/governance)",
"CAA unverified (no response)",
"Check CAA",
"Check MX",
"Check failed",
"Checked only a small set of common names. Use only on domains you manage or have permission to test.",
"Cloudflare: Manage DNS records",
"Confirm the TXT (id). You also need to host https://mta-sts.<domain>/.well-known/mta-sts.txt",
"Confirm the rua address is deliverable and monitored.",
"Consolidate SPF into a single record (avoid ambiguous evaluation)",
"Contains <foreignObject>",
"Contains <script>",
"Could not extract registrar info from RDAP",
"Could not identify a common DNS provider from NS hostnames",
"Could not identify a common DNS provider from NS. Check delegated name servers in your registrar/DNS console.",
"DKIM delegated via CNAME (provider-managed key possible)",
"DKIM delegated via CNAME (v=DKIM1 found at target)",
"DKIM key (TXT) present",
"DKIM public key not found",
"DKIM unverified/missing",
"DMARC is configured. Review staged rollout, exceptions, and alignment.",
"DMARC is p=none",
"DMARC missing",
"DMARC missing (weak anti-spoofing)",
"DMARC rua missing",
"DNS hosting (authoritative): Unknown",
"DNSBL (Sender IP)",
"DNSSEC may be enabled. Ensure you have procedures for operation and key rollover (KSK/ZSK).",
"DNSSEC: DS missing (optional/policy)",
"DNSSEC: DS present",
"DigitalOcean: Manage DNS records",
"Does not look like SVG (<svg> not found)",
"Enable DKIM signing in your sender (Microsoft 365/Google/SaaS) and publish the public key",
"Enter a domain name (e.g. example.com).",
"Estimated lookups",
"Even if DKIM signing is enabled, verification requires a published public key. Check Microsoft 365 / Google / your sending SaaS settings.",
"Failed to retrieve BIMI (optional)",
"Failed to retrieve DKIM",
"Failed to retrieve DMARC",
"Failed to retrieve MX",
"Failed to retrieve NS (authoritative DNS)",
"Failed to retrieve SPF",
"Failed to retrieve registrar (WHOIS/RDAP)",
"Fetched via RDAP (HTTPS). May fail due to CORS or network restrictions.",
"GoDaddy: Add a TXT record",
"Google Cloud DNS: Records",
"Guidance: many inbox providers require a VMC for logo display (consider providing a=)",
"HTTPS reachability (reference)",
"High",
"IP-only SPF is brittle: if sender IPs change and SPF is not updated, legitimate mail may fail. If you use multiple SaaS senders, prefer include-based design and a sender inventory. If you truly have fixed IPs, pair it with change-management and staged rollout (~all → -all).",
"If include/redirect/exists pushes lookups beyond 10, SPF may fail with PermError.",
"If this is a mail domain and MX is missing, inbound mail may use another domain/path. Review the design.",
"Input error",
"Inventory senders and design SPF (avoid jumping straight to -all)",
"Inventory senders → add include/sender IPs → then finalize ~all/-all. Avoid jumping straight to -all to prevent dropping legitimate mail.",
"Likely not listed",
"Logo SVG: fetched OK / sanity checks OK (only when CORS allows)",
"Logo URL may be unreachable",
"Logo URL reachable (content/size not verified due to CORS)",
"Logo does not look like SVG (check Content-Type/content)",
"Logo image failed to load (check URL/existence/reachability)",
"Logo image load: OK (dimensions unavailable)",
"Logo may not be square (square is recommended)",
"Lookup failed (possible network/DoH restrictions).",
"Low",
"MTA-STS missing (no TLS enforcement)",
"MTA-STS: TXT present",
"MX indicates inbound mail servers. Confirm it matches your provider (Microsoft 365/Google/etc.).",
"MX not found",
"May contain event handler attributes (onload, etc.)",
"May reference external resources (http/https)",
"Medium",
"Missing a= (VMC/certificate URL)",
"Missing l= (logo URL)",
"Monitoring only (p=none). Review rua reports and tighten to quarantine/reject in stages.",
"Multiple SPF records",
"Multiple SPF records (may be invalid/ambiguous)",
"NS appears under the domain (possibly self-hosted/delegated)",
"Namecheap: Add a TXT record",
"No DMARC record found. Start with monitoring (p=none) and tighten gradually.",
"No common subdomains were found (this check is not exhaustive).",
"Possibly due to network restrictions or DNS response issues",
"Public DNS lookup may have failed",
"Public DNS lookup may have failed (BIMI is optional). Network restrictions may apply.",
"Quarantine. Review impact and consider moving to reject.",
"Querying...",
"RDAP (HTTPS) lookup may be blocked/failed. Verify with local whois.",
"Recommendation (safe first step)",
"Recommendation (safe rollout)",
"Registrar found",
"Registrar unknown",
"Reject. Review exceptions, forwarding, and subdomain (sp) policy.",
"Remove +all and restrict senders (urgent)",
"Review reports and consider staged move to quarantine/reject",
"SPF is +all",
"SPF lookup limit risk",
"SPF missing",
"SPF should usually be consolidated into a single record; multiple records can lead to ambiguous evaluation.",
"SPF: DNS lookup limit risk",
"SPF: IP-only (operational risk)",
"SPF: record is long",
"SPF: uses exists",
"SPF: uses ptr",
"SPF: uses redirect",
"SVG sanity checks found potential issues",
"SVG size (Content-Length)",
"SVG size (approx)",
"SVG viewBox may not be square",
"Sakura Internet: Support",
"Set up a mailbox for aggregate reports and configure rua",
"Simplify include/redirect to stay within 10 lookups",
"Some DNS lookups may have failed.",
"Start with p=none, set up a mailbox for aggregate reports (rua), then move to quarantine/reject in stages.",
"Start with p=none, set up rua reporting, then tighten in stages",
"Subdomain check (small)",
"Subdomain check: failed",
"Subdomain check: none found",
"TLS-RPT missing (optional)",
"TLS-RPT: TXT present",
"TXT records may be split. Ensure your tooling/UI correctly joins segments.",
"Unable to retrieve NS records",
"Unknown",
"Unknown (possibly custom NS)",
"Useful for centralized management, but mind the lookup limit (10).",
"Useful if you want to enforce TLS for inbound mail. Consider staged rollout alongside TLS-RPT.",
"Useful if you want to restrict which CAs may issue certificates. Consider adoption based on maturity.",
"Without SPF you cannot control senders via SPF alone. Inventory your senders (Microsoft 365/Google/SaaS) and design safely.",
"Xserver: Support",
"a= (VMC): looks like a PEM certificate (only when CORS allows)",
"a= URL may be unreachable",
"a= URL reachable (content not verified due to CORS)",
"a= is not https://",
"a= may not be a certificate (PEM)",
"exists can add complexity. Make intent explicit and watch the lookup limit.",
"l= is not https://",
"l= typically points to an SVG (.svg)",
"ptr is often discouraged (unstable/costly/false positives). Consider removing or replacing it.",
"unknown",
"yes"
]