Verification ID Instructions #3
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Verification | |
| on: | |
| issues: | |
| types: | |
| - labeled | |
| - opened | |
| jobs: | |
| generate-id: | |
| if: contains(github.event.issue.labels.*.name, 'false positive') # Check for the label | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Generate ID | |
| id: generate-id | |
| run: | | |
| ISSUE_URL="${{ github.event.issue.html_url }}" | |
| VERIFICATION_ID=$(echo -n "${ISSUE_URL}" | sha1sum | awk '{print $1}') | |
| echo "verification_id=antiphish-$VERIFICATION_ID" >> $GITHUB_ENV | |
| - name: Post Instructions | |
| uses: actions/github-script@v6 | |
| with: | |
| github-token: ${{ secrets.GH_BONE_PAT }} | |
| script: | | |
| const verificationId = process.env.verification_id; | |
| const issueNumber = context.issue.number; | |
| const issueAuthor = context.payload.issue.user.login; | |
| const instructions = ` | |
| ### Verification Step Required | |
| @${issueAuthor}, thank you for submitting a false positive report! To help us **verify** your ownership of the affected domain(s), please complete the following steps: | |
| 1. Set a **DNS TXT record** for the domain(s) listed in this issue with the following details: | |
| - **Record Name**: \`_phishingdb\` | |
| - **Record Value**: \`antiphish-${verificationId}\` | |
| **Your Verification ID**: \`antiphish-${verificationId}\` | |
| 2. Wait for DNS propagation (this may take a few minutes to a few hours). | |
| 3. Reply to this issue once the TXT record has been set. | |
| #### Important Notes | |
| - **Verification does not guarantee whitelisting**. The Phishing.Database team will review your report after verifying ownership, but the decision to whitelist depends on further investigation and analysis. | |
| - If the record cannot be set or you need alternative methods of verification, please contact us at [[email protected]](mailto:[email protected]) - preferably from the domain's official email address. | |
| #### How to Check the TXT Record ? | |
| You can verify that the TXT record is properly set using: | |
| - Online tools like [Google's Dig Tool](https://toolbox.googleapps.com/apps/dig/) or [MXToolBox TXT Lookup](https://mxtoolbox.com/TXTLookup.aspx). | |
| - The command line: | |
| \`\`\` | |
| dig TXT example.com | |
| \`\`\` | |
| Thank you for your cooperation! The Phishing Database team will address your issue as soon as possible after verification. | |
| *The Phishing.Database Project Team.* | |
| `; | |
| github.rest.issues.createComment({ | |
| ...context.repo, | |
| issue_number: issueNumber, | |
| body: instructions | |
| }); |