DMARC report analyzer - Open Source solution

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
11 messages Options
Reply | Threaded
Open this post in threaded view
|

DMARC report analyzer - Open Source solution

Roberto Carna
Dear, I'm receiving DMARC reports in one mail account from my domain. All the reports coming for Google and Yahoo mainly are attached in ZIP format, and they are XML files.

Is there any open source DMARC report analyzer for a Linux platform ??? I prefer Debian or Ubuntu.

Thanks a lot !!!
Reply | Threaded
Open this post in threaded view
|

Re: DMARC report analyzer - Open Source solution

Bernardo Reino
Hello,

On December 26, 2019 7:54:02 PM UTC, Roberto Carna <[hidden email]> wrote:

>Dear, I'm receiving DMARC reports in one mail account from my domain.
>All
>the reports coming for Google and Yahoo mainly are attached in ZIP
>format,
>and they are XML files.
>
>Is there any open source DMARC report analyzer for a Linux platform ???
>I
>prefer Debian or Ubuntu.
>
>Thanks a lot !!!

I've used dmarc-cat for some time:

https://github.com/keltia/dmarc-cat

(nowadays I just ignore the reports..)

Cheers.

(I apologize if the formatting is off.. mobile phone..)
Reply | Threaded
Open this post in threaded view
|

RE: DMARC report analyzer - Open Source solution

Kevin Miller
In reply to this post by Roberto Carna

I just went through this.  Here’s some notes I kept.  Note that we’re using Exchange.  I created a mailbox/user called dmarc and pull reports from it via IMAP. 

 

Reports are retrieved from Exchange based on the following software/process:
  http://www.techsneeze.com/how-parse-dmarc-reports-imap/
  http://www.techsneeze.com/how-parse-dmarc-reports/ (obsolete - superseded by the above)
  Source:
  https://github.com/techsneeze/dmarcts-report-parser

Reports are viewable via a browser using
  https://github.com/techsneeze/dmarcts-report-viewer/
  (view the README.md for details)


The IMAP retrieval and import into a database are accomplished via a perl script.  It is instantiated in crontab to run nightly:
  45      5       *       *       *       /usr/local/bin/dmarcts/dmarcts-report-parser.pl -i

If run from the CLI, the usage is as follows:

===========================================================================================

Usage:
    ./dmarcts-report-parser.pl [OPTIONS] [PATH]

 This script needs a configuration file called <dmarcts-report-parser.conf> in
 the current working directory, which defines a database server with credentials
 and (if used) an IMAP server with credentials.

 Additionally, one of the following source options must be provided:
        -i : Read reports from messages on IMAP server as defined in the
             config file.
        -m : Read reports from mbox file(s) provided in PATH.
        -e : Read reports from MIME email file(s) provided in PATH.
        -x : Read reports from xml file(s) provided in PATH.

 The following optional options are allowed:
        -d : Print debug info.
        -r : Replace existing reports rather than skipping them.
  --delete : Delete processed message files (the XML is stored in the
             database for later reference).
    --info : Print out number of XML files or emails processed.

The provided source option requires a PATH.


After retrieval, messages are moved to a subfolder called "Processed" if the import was successful, or notProcessed if it fails for some reason.

HTH…

 

...Kevin

--

Kevin Miller

Network/email Administrator, CBJ MIS Dept.

155 South Seward Street

Juneau, Alaska 99801

Phone: (907) 586-0242, Fax: (907) 586-4588 Registered Linux User No: 307357

 

From: [hidden email] <[hidden email]> On Behalf Of Roberto Carna
Sent: Thursday, December 26, 2019 10:54 AM
To: Postfix <[hidden email]>
Subject: DMARC report analyzer - Open Source solution

 

EXTERNAL E-MAIL: BE CAUTIOUS WHEN OPENING FILES OR FOLLOWING LINKS


Dear, I'm receiving DMARC reports in one mail account from my domain. All the reports coming for Google and Yahoo mainly are attached in ZIP format, and they are XML files.

 

Is there any open source DMARC report analyzer for a Linux platform ??? I prefer Debian or Ubuntu.

 

Thanks a lot !!!

Reply | Threaded
Open this post in threaded view
|

Re: DMARC report analyzer - Open Source solution

Roberto Carna
Special thanks to both of you.

Right now I'll put to read what you suggest in order to analyze DMARC reports.

Regards !!!

El jue., 26 dic. 2019 a las 17:34, Kevin Miller (<[hidden email]>) escribió:

I just went through this.  Here’s some notes I kept.  Note that we’re using Exchange.  I created a mailbox/user called dmarc and pull reports from it via IMAP. 

 

Reports are retrieved from Exchange based on the following software/process:
  http://www.techsneeze.com/how-parse-dmarc-reports-imap/
  http://www.techsneeze.com/how-parse-dmarc-reports/ (obsolete - superseded by the above)
  Source:
  https://github.com/techsneeze/dmarcts-report-parser

Reports are viewable via a browser using
  https://github.com/techsneeze/dmarcts-report-viewer/
  (view the README.md for details)


The IMAP retrieval and import into a database are accomplished via a perl script.  It is instantiated in crontab to run nightly:
  45      5       *       *       *       /usr/local/bin/dmarcts/dmarcts-report-parser.pl -i

If run from the CLI, the usage is as follows:

===========================================================================================

Usage:
    ./dmarcts-report-parser.pl [OPTIONS] [PATH]

 This script needs a configuration file called <dmarcts-report-parser.conf> in
 the current working directory, which defines a database server with credentials
 and (if used) an IMAP server with credentials.

 Additionally, one of the following source options must be provided:
        -i : Read reports from messages on IMAP server as defined in the
             config file.
        -m : Read reports from mbox file(s) provided in PATH.
        -e : Read reports from MIME email file(s) provided in PATH.
        -x : Read reports from xml file(s) provided in PATH.

 The following optional options are allowed:
        -d : Print debug info.
        -r : Replace existing reports rather than skipping them.
  --delete : Delete processed message files (the XML is stored in the
             database for later reference).
    --info : Print out number of XML files or emails processed.

The provided source option requires a PATH.


After retrieval, messages are moved to a subfolder called "Processed" if the import was successful, or notProcessed if it fails for some reason.

HTH…

 

...Kevin

--

Kevin Miller

Network/email Administrator, CBJ MIS Dept.

155 South Seward Street

Juneau, Alaska 99801

Phone: (907) 586-0242, Fax: (907) 586-4588 Registered Linux User No: 307357

 

From: [hidden email] <[hidden email]> On Behalf Of Roberto Carna
Sent: Thursday, December 26, 2019 10:54 AM
To: Postfix <[hidden email]>
Subject: DMARC report analyzer - Open Source solution

 

EXTERNAL E-MAIL: BE CAUTIOUS WHEN OPENING FILES OR FOLLOWING LINKS


Dear, I'm receiving DMARC reports in one mail account from my domain. All the reports coming for Google and Yahoo mainly are attached in ZIP format, and they are XML files.

 

Is there any open source DMARC report analyzer for a Linux platform ??? I prefer Debian or Ubuntu.

 

Thanks a lot !!!

Reply | Threaded
Open this post in threaded view
|

Re: DMARC report analyzer - Open Source solution

Roberto Carna
In reply to this post by Kevin Miller
Dear Kevin, I've implemented dmarcts-report-viewer and now it runs OK,..It gives me veri relevant information.

My new question is this:

dmarcts-report-viewer is only for DMARC aggregation reports ? What can I do to get and ser DMARC forensic reports ?

Thanks a lot again !!!

El jue., 26 dic. 2019 a las 17:34, Kevin Miller (<[hidden email]>) escribió:

I just went through this.  Here’s some notes I kept.  Note that we’re using Exchange.  I created a mailbox/user called dmarc and pull reports from it via IMAP. 

 

Reports are retrieved from Exchange based on the following software/process:
  http://www.techsneeze.com/how-parse-dmarc-reports-imap/
  http://www.techsneeze.com/how-parse-dmarc-reports/ (obsolete - superseded by the above)
  Source:
  https://github.com/techsneeze/dmarcts-report-parser

Reports are viewable via a browser using
  https://github.com/techsneeze/dmarcts-report-viewer/
  (view the README.md for details)


The IMAP retrieval and import into a database are accomplished via a perl script.  It is instantiated in crontab to run nightly:
  45      5       *       *       *       /usr/local/bin/dmarcts/dmarcts-report-parser.pl -i

If run from the CLI, the usage is as follows:

===========================================================================================

Usage:
    ./dmarcts-report-parser.pl [OPTIONS] [PATH]

 This script needs a configuration file called <dmarcts-report-parser.conf> in
 the current working directory, which defines a database server with credentials
 and (if used) an IMAP server with credentials.

 Additionally, one of the following source options must be provided:
        -i : Read reports from messages on IMAP server as defined in the
             config file.
        -m : Read reports from mbox file(s) provided in PATH.
        -e : Read reports from MIME email file(s) provided in PATH.
        -x : Read reports from xml file(s) provided in PATH.

 The following optional options are allowed:
        -d : Print debug info.
        -r : Replace existing reports rather than skipping them.
  --delete : Delete processed message files (the XML is stored in the
             database for later reference).
    --info : Print out number of XML files or emails processed.

The provided source option requires a PATH.


After retrieval, messages are moved to a subfolder called "Processed" if the import was successful, or notProcessed if it fails for some reason.

HTH…

 

...Kevin

--

Kevin Miller

Network/email Administrator, CBJ MIS Dept.

155 South Seward Street

Juneau, Alaska 99801

Phone: (907) 586-0242, Fax: (907) 586-4588 Registered Linux User No: 307357

 

From: [hidden email] <[hidden email]> On Behalf Of Roberto Carna
Sent: Thursday, December 26, 2019 10:54 AM
To: Postfix <[hidden email]>
Subject: DMARC report analyzer - Open Source solution

 

EXTERNAL E-MAIL: BE CAUTIOUS WHEN OPENING FILES OR FOLLOWING LINKS


Dear, I'm receiving DMARC reports in one mail account from my domain. All the reports coming for Google and Yahoo mainly are attached in ZIP format, and they are XML files.

 

Is there any open source DMARC report analyzer for a Linux platform ??? I prefer Debian or Ubuntu.

 

Thanks a lot !!!

Reply | Threaded
Open this post in threaded view
|

Re: DMARC report analyzer - Open Source solution

Julian Kippels
Hi,

I am using parsedmarc (https://domainaware.github.io/parsedmarc/) for
both aggregate and forensic reports, including sending the results to
our Splunk server with Dashboard.

Julian


Am Mon, 6 Jan 2020 10:46:57 -0300
schrieb Roberto Carna <[hidden email]>:

> Dear Kevin, I've implemented dmarcts-report-viewer and now it runs
> OK,..It gives me veri relevant information.
>
> My new question is this:
>
> dmarcts-report-viewer is only for DMARC aggregation reports ? What
> can I do to get and ser DMARC forensic reports ?
>
> Thanks a lot again !!!
>
> El jue., 26 dic. 2019 a las 17:34, Kevin Miller
> (<[hidden email]>) escribió:
>
> > I just went through this.  Here’s some notes I kept.  Note that
> > we’re using Exchange.  I created a mailbox/user called dmarc and
> > pull reports from it via IMAP.
> >
> >
> >
> > Reports are retrieved from Exchange based on the following
> > software/process:
> >   http://www.techsneeze.com/how-parse-dmarc-reports-imap/
> >   http://www.techsneeze.com/how-parse-dmarc-reports/ (obsolete -
> > superseded by the above)
> >   Source:
> >   https://github.com/techsneeze/dmarcts-report-parser
> >
> > Reports are viewable via a browser using
> >   https://github.com/techsneeze/dmarcts-report-viewer/
> >   (view the README.md for details)
> >
> >
> > The IMAP retrieval and import into a database are accomplished via
> > a perl script.  It is instantiated in crontab to run nightly:
> >   45      5       *       *       *       /usr/local/bin/dmarcts/
> > dmarcts-report-parser.pl -i
> >
> > If run from the CLI, the usage is as follows:
> >
> >
> > ===========================================================================================
> >
> > Usage:
> >     ./dmarcts-report-parser.pl [OPTIONS] [PATH]
> >
> >  This script needs a configuration file called
> > <dmarcts-report-parser.conf> in
> >  the current working directory, which defines a database server with
> > credentials
> >  and (if used) an IMAP server with credentials.
> >
> >  Additionally, one of the following source options must be provided:
> >         -i : Read reports from messages on IMAP server as defined
> > in the config file.
> >         -m : Read reports from mbox file(s) provided in PATH.
> >         -e : Read reports from MIME email file(s) provided in PATH.
> >         -x : Read reports from xml file(s) provided in PATH.
> >
> >  The following optional options are allowed:
> >         -d : Print debug info.
> >         -r : Replace existing reports rather than skipping them.
> >   --delete : Delete processed message files (the XML is stored in
> > the database for later reference).
> >     --info : Print out number of XML files or emails processed.
> >
> > The provided source option requires a PATH.
> >
> >
> > After retrieval, messages are moved to a subfolder called
> > "Processed" if the import was successful, or notProcessed if it
> > fails for some reason.
> >
> > HTH…
> >
> >
> >
> > ...Kevin
> >
> > --
> >
> > Kevin Miller
> >
> > Network/email Administrator, CBJ MIS Dept.
> >
> > 155 South Seward Street
> >
> > Juneau, Alaska 99801
> >
> > Phone: (907) 586-0242, Fax: (907) 586-4588 Registered Linux User
> > No: 307357
> >
> >
> >
> > *From:* [hidden email]
> > <[hidden email]> *On Behalf Of *Roberto Carna
> > *Sent:* Thursday, December 26, 2019 10:54 AM
> > *To:* Postfix <[hidden email]>
> > *Subject:* DMARC report analyzer - Open Source solution
> >
> >
> >
> > EXTERNAL E-MAIL: BE CAUTIOUS WHEN OPENING FILES OR FOLLOWING LINKS
> > ------------------------------
> >
> > Dear, I'm receiving DMARC reports in one mail account from my
> > domain. All the reports coming for Google and Yahoo mainly are
> > attached in ZIP format, and they are XML files.
> >
> >
> >
> > Is there any open source DMARC report analyzer for a Linux platform
> > ??? I prefer Debian or Ubuntu.
> >
> >
> >
> > Thanks a lot !!!
> >  



--
---------------------------------------------------------
| | Julian Kippels
| | M.Sc. Informatik
| |
| | Zentrum für Informations- und Medientechnologie
| | Heinrich-Heine-Universität Düsseldorf
| | Universitätsstr. 1
| | Raum 25.41.O1.32
| | 40225 Düsseldorf / Germany
| |
| | Tel: +49-211-81-14920
| | mail: [hidden email]
---------------------------------------------------------

Reply | Threaded
Open this post in threaded view
|

Re: DMARC report analyzer - Open Source solution

Patrick Proniewski
Hello,

I'm also using Splunk, but I'm not really sure parsedmarc worth the effort. The only dashboard screenshot available for parsedmarc is rather unimpressive…

pat

January 6, 2020 3:35 PM, "Julian Kippels" <[hidden email]> wrote:

> Hi,
>
> I am using parsedmarc (https://domainaware.github.io/parsedmarc) for
> both aggregate and forensic reports, including sending the results to
> our Splunk server with Dashboard.
>
> Julian
>
> Am Mon, 6 Jan 2020 10:46:57 -0300
> schrieb Roberto Carna <[hidden email]>:
>
>> Dear Kevin, I've implemented dmarcts-report-viewer and now it runs
>> OK,..It gives me veri relevant information.
>>
>> My new question is this:
>>
>> dmarcts-report-viewer is only for DMARC aggregation reports ? What
>> can I do to get and ser DMARC forensic reports ?
>>
>> Thanks a lot again !!!
>>
>> El jue., 26 dic. 2019 a las 17:34, Kevin Miller
>> (<[hidden email]>) escribió:
>>
>> I just went through this. Here’s some notes I kept. Note that
>> we’re using Exchange. I created a mailbox/user called dmarc and
>> pull reports from it via IMAP.
>>
>> Reports are retrieved from Exchange based on the following
>> software/process:
>> http://www.techsneeze.com/how-parse-dmarc-reports-imap
>> http://www.techsneeze.com/how-parse-dmarc-reports (obsolete -
>> superseded by the above)
>> Source:
>> https://github.com/techsneeze/dmarcts-report-parser
>>
>> Reports are viewable via a browser using
>> https://github.com/techsneeze/dmarcts-report-viewer
>> (view the README.md for details)
>>
>> The IMAP retrieval and import into a database are accomplished via
>> a perl script. It is instantiated in crontab to run nightly:
>> 45 5 * * * /usr/local/bin/dmarcts/
>> dmarcts-report-parser.pl -i
>>
>> If run from the CLI, the usage is as follows:
>>
>> ===========================================================================================
>>
>> Usage:
>> ./dmarcts-report-parser.pl [OPTIONS] [PATH]
>>
>> This script needs a configuration file called
>> <dmarcts-report-parser.conf> in
>> the current working directory, which defines a database server with
>> credentials
>> and (if used) an IMAP server with credentials.
>>
>> Additionally, one of the following source options must be provided:
>> -i : Read reports from messages on IMAP server as defined
>> in the config file.
>> -m : Read reports from mbox file(s) provided in PATH.
>> -e : Read reports from MIME email file(s) provided in PATH.
>> -x : Read reports from xml file(s) provided in PATH.
>>
>> The following optional options are allowed:
>> -d : Print debug info.
>> -r : Replace existing reports rather than skipping them.
>> --delete : Delete processed message files (the XML is stored in
>> the database for later reference).
>> --info : Print out number of XML files or emails processed.
>>
>> The provided source option requires a PATH.
>>
>> After retrieval, messages are moved to a subfolder called
>> "Processed" if the import was successful, or notProcessed if it
>> fails for some reason.
>>
>> HTH…
>>
>> ...Kevin
>>
>> --
>>
>> Kevin Miller
>>
>> Network/email Administrator, CBJ MIS Dept.
>>
>> 155 South Seward Street
>>
>> Juneau, Alaska 99801
>>
>> Phone: (907) 586-0242, Fax: (907) 586-4588 Registered Linux User
>> No: 307357
>>
>> *From:* [hidden email]
>> <[hidden email]> *On Behalf Of *Roberto Carna
>> *Sent:* Thursday, December 26, 2019 10:54 AM
>> *To:* Postfix <[hidden email]>
>> *Subject:* DMARC report analyzer - Open Source solution
>>
>> EXTERNAL E-MAIL: BE CAUTIOUS WHEN OPENING FILES OR FOLLOWING LINKS
>> ------------------------------
>>
>> Dear, I'm receiving DMARC reports in one mail account from my
>> domain. All the reports coming for Google and Yahoo mainly are
>> attached in ZIP format, and they are XML files.
>>
>> Is there any open source DMARC report analyzer for a Linux platform
>> ??? I prefer Debian or Ubuntu.
>>
>> Thanks a lot !!!
>
> --
> ---------------------------------------------------------
> | | Julian Kippels
> | | M.Sc. Informatik
> | |
> | | Zentrum für Informations- und Medientechnologie
> | | Heinrich-Heine-Universität Düsseldorf
> | | Universitätsstr. 1
> | | Raum 25.41.O1.32
> | | 40225 Düsseldorf / Germany
> | |
> | | Tel: +49-211-81-14920
> | | mail: [hidden email]
> ---------------------------------------------------------
Reply | Threaded
Open this post in threaded view
|

RE: DMARC report analyzer - Open Source solution

Kevin Miller
In reply to this post by Roberto Carna

I don’t know.  I haven’t gotten that far…

 

...Kevin

--

Kevin Miller

Network/email Administrator, CBJ MIS Dept.

155 South Seward Street

Juneau, Alaska 99801

Phone: (907) 586-0242, Fax: (907) 586-4588 Registered Linux User No: 307357

 

From: Roberto Carna <[hidden email]>
Sent: Monday, January 6, 2020 4:47 AM
To: Kevin Miller <[hidden email]>
Cc: Postfix users <[hidden email]>
Subject: Re: DMARC report analyzer - Open Source solution

 

EXTERNAL E-MAIL: BE CAUTIOUS WHEN OPENING FILES OR FOLLOWING LINKS


Dear Kevin, I've implemented dmarcts-report-viewer and now it runs OK,..It gives me veri relevant information.

 

My new question is this:

 

dmarcts-report-viewer is only for DMARC aggregation reports ? What can I do to get and ser DMARC forensic reports ?

 

Thanks a lot again !!!

 

El jue., 26 dic. 2019 a las 17:34, Kevin Miller (<[hidden email]>) escribió:

I just went through this.  Here’s some notes I kept.  Note that we’re using Exchange.  I created a mailbox/user called dmarc and pull reports from it via IMAP. 

 

Reports are retrieved from Exchange based on the following software/process:
  http://www.techsneeze.com/how-parse-dmarc-reports-imap/
  http://www.techsneeze.com/how-parse-dmarc-reports/ (obsolete - superseded by the above)
  Source:
  https://github.com/techsneeze/dmarcts-report-parser

Reports are viewable via a browser using
  https://github.com/techsneeze/dmarcts-report-viewer/
  (view the README.md for details)


The IMAP retrieval and import into a database are accomplished via a perl script.  It is instantiated in crontab to run nightly:
  45      5       *       *       *       /usr/local/bin/dmarcts/dmarcts-report-parser.pl -i

If run from the CLI, the usage is as follows:

===========================================================================================

Usage:
    ./dmarcts-report-parser.pl [OPTIONS] [PATH]

 This script needs a configuration file called <dmarcts-report-parser.conf> in
 the current working directory, which defines a database server with credentials
 and (if used) an IMAP server with credentials.

 Additionally, one of the following source options must be provided:
        -i : Read reports from messages on IMAP server as defined in the
             config file.
        -m : Read reports from mbox file(s) provided in PATH.
        -e : Read reports from MIME email file(s) provided in PATH.
        -x : Read reports from xml file(s) provided in PATH.

 The following optional options are allowed:
        -d : Print debug info.
        -r : Replace existing reports rather than skipping them.
  --delete : Delete processed message files (the XML is stored in the
             database for later reference).
    --info : Print out number of XML files or emails processed.

The provided source option requires a PATH.


After retrieval, messages are moved to a subfolder called "Processed" if the import was successful, or notProcessed if it fails for some reason.

HTH…

 

...Kevin

--

Kevin Miller

Network/email Administrator, CBJ MIS Dept.

155 South Seward Street

Juneau, Alaska 99801

Phone: (907) 586-0242, Fax: (907) 586-4588 Registered Linux User No: 307357

 

From: [hidden email] <[hidden email]> On Behalf Of Roberto Carna
Sent: Thursday, December 26, 2019 10:54 AM
To: Postfix <[hidden email]>
Subject: DMARC report analyzer - Open Source solution

 

EXTERNAL E-MAIL: BE CAUTIOUS WHEN OPENING FILES OR FOLLOWING LINKS


Dear, I'm receiving DMARC reports in one mail account from my domain. All the reports coming for Google and Yahoo mainly are attached in ZIP format, and they are XML files.

 

Is there any open source DMARC report analyzer for a Linux platform ??? I prefer Debian or Ubuntu.

 

Thanks a lot !!!

Reply | Threaded
Open this post in threaded view
|

Re: DMARC report analyzer - Open Source solution

Roberto Carna
In reply to this post by Julian Kippels
Dear Julian, when you use Parsedmarc for aggregate and forensic reports, do you receive any forensic report ??? Because I've read that just a few remote mail servers with DMARC support send this type of report, so it's no sense to implement the feature I'm asking for, just aggregate reports visualization is OK.

Thanks again, greetings !!!

El lun., 6 ene. 2020 a las 11:37, Julian Kippels (<[hidden email]>) escribió:
Hi,

I am using parsedmarc (https://domainaware.github.io/parsedmarc/) for
both aggregate and forensic reports, including sending the results to
our Splunk server with Dashboard.

Julian


Am Mon, 6 Jan 2020 10:46:57 -0300
schrieb Roberto Carna <[hidden email]>:

> Dear Kevin, I've implemented dmarcts-report-viewer and now it runs
> OK,..It gives me veri relevant information.
>
> My new question is this:
>
> dmarcts-report-viewer is only for DMARC aggregation reports ? What
> can I do to get and ser DMARC forensic reports ?
>
> Thanks a lot again !!!
>
> El jue., 26 dic. 2019 a las 17:34, Kevin Miller
> (<[hidden email]>) escribió:
>
> > I just went through this.  Here’s some notes I kept.  Note that
> > we’re using Exchange.  I created a mailbox/user called dmarc and
> > pull reports from it via IMAP.
> >
> >
> >
> > Reports are retrieved from Exchange based on the following
> > software/process:
> >   http://www.techsneeze.com/how-parse-dmarc-reports-imap/
> >   http://www.techsneeze.com/how-parse-dmarc-reports/ (obsolete -
> > superseded by the above)
> >   Source:
> >   https://github.com/techsneeze/dmarcts-report-parser
> >
> > Reports are viewable via a browser using
> >   https://github.com/techsneeze/dmarcts-report-viewer/
> >   (view the README.md for details)
> >
> >
> > The IMAP retrieval and import into a database are accomplished via
> > a perl script.  It is instantiated in crontab to run nightly:
> >   45      5       *       *       *       /usr/local/bin/dmarcts/
> > dmarcts-report-parser.pl -i
> >
> > If run from the CLI, the usage is as follows:
> >
> >
> > ===========================================================================================
> >
> > Usage:
> >     ./dmarcts-report-parser.pl [OPTIONS] [PATH]
> >
> >  This script needs a configuration file called
> > <dmarcts-report-parser.conf> in
> >  the current working directory, which defines a database server with
> > credentials
> >  and (if used) an IMAP server with credentials.
> >
> >  Additionally, one of the following source options must be provided:
> >         -i : Read reports from messages on IMAP server as defined
> > in the config file.
> >         -m : Read reports from mbox file(s) provided in PATH.
> >         -e : Read reports from MIME email file(s) provided in PATH.
> >         -x : Read reports from xml file(s) provided in PATH.
> >
> >  The following optional options are allowed:
> >         -d : Print debug info.
> >         -r : Replace existing reports rather than skipping them.
> >   --delete : Delete processed message files (the XML is stored in
> > the database for later reference).
> >     --info : Print out number of XML files or emails processed.
> >
> > The provided source option requires a PATH.
> >
> >
> > After retrieval, messages are moved to a subfolder called
> > "Processed" if the import was successful, or notProcessed if it
> > fails for some reason.
> >
> > HTH…
> >
> >
> >
> > ...Kevin
> >
> > --
> >
> > Kevin Miller
> >
> > Network/email Administrator, CBJ MIS Dept.
> >
> > 155 South Seward Street
> >
> > Juneau, Alaska 99801
> >
> > Phone: (907) 586-0242, Fax: (907) 586-4588 Registered Linux User
> > No: 307357
> >
> >
> >
> > *From:* [hidden email]
> > <[hidden email]> *On Behalf Of *Roberto Carna
> > *Sent:* Thursday, December 26, 2019 10:54 AM
> > *To:* Postfix <[hidden email]>
> > *Subject:* DMARC report analyzer - Open Source solution
> >
> >
> >
> > EXTERNAL E-MAIL: BE CAUTIOUS WHEN OPENING FILES OR FOLLOWING LINKS
> > ------------------------------
> >
> > Dear, I'm receiving DMARC reports in one mail account from my
> > domain. All the reports coming for Google and Yahoo mainly are
> > attached in ZIP format, and they are XML files.
> >
> >
> >
> > Is there any open source DMARC report analyzer for a Linux platform
> > ??? I prefer Debian or Ubuntu.
> >
> >
> >
> > Thanks a lot !!!
> > 



--
---------------------------------------------------------
| | Julian Kippels
| | M.Sc. Informatik
| |
| | Zentrum für Informations- und Medientechnologie
| | Heinrich-Heine-Universität Düsseldorf
| | Universitätsstr. 1
| | Raum 25.41.O1.32
| | 40225 Düsseldorf / Germany
| |
| | Tel: +49-211-81-14920
| | mail: [hidden email]
---------------------------------------------------------

Reply | Threaded
Open this post in threaded view
|

Re: DMARC report analyzer - Open Source solution

Jonathan Sélea
In reply to this post by Roberto Carna
Hi,

I use the following:


Together with:


It is not the best looking tool but it does the job :)
Jonathan Sélea

PGP Key: 0x8B35B3C894B964DD
Fingerprint: 4AF2 10DE 996B 673C 0FD8  AFA0 8B35 B3C8 94B9 64DD 


On tor, dec 26, 2019 at 8:54 PM, Roberto Carna <[hidden email]> wrote:
Dear, I'm receiving DMARC reports in one mail account from my domain. All the reports coming for Google and Yahoo mainly are attached in ZIP format, and they are XML files.

Is there any open source DMARC report analyzer for a Linux platform ??? I prefer Debian or Ubuntu.

Thanks a lot !!!
Reply | Threaded
Open this post in threaded view
|

Re: DMARC report analyzer - Open Source solution

Roberto Carna
Dear Jonhatan, I'm using the same solutions as you:

dmarcts-report-parser + dmatcts-report-viewer

But I'm seeing that I receive just aggregate reports and not forensic reports.

Please can you tell me if you receive forensic reports ???

Thanks a lot !!!

El mar., 7 ene. 2020 a las 10:46, Jonathan Sélea (<[hidden email]>) escribió:
Hi,

I use the following:


Together with:


It is not the best looking tool but it does the job :)
Jonathan Sélea

PGP Key: 0x8B35B3C894B964DD
Fingerprint: 4AF2 10DE 996B 673C 0FD8  AFA0 8B35 B3C8 94B9 64DD 


On tor, dec 26, 2019 at 8:54 PM, Roberto Carna <[hidden email]> wrote:
Dear, I'm receiving DMARC reports in one mail account from my domain. All the reports coming for Google and Yahoo mainly are attached in ZIP format, and they are XML files.

Is there any open source DMARC report analyzer for a Linux platform ??? I prefer Debian or Ubuntu.

Thanks a lot !!!