Hi, I am using parsedmarc (https://domainaware.github.io/parsedmarc/) for both aggregate and forensic reports, including sending the results to our Splunk server with Dashboard.
Julian Am Mon, 6 Jan 2020 10:46:57 -0300 schrieb Roberto Carna <robertocarn...@gmail.com>: > Dear Kevin, I've implemented dmarcts-report-viewer and now it runs > OK,..It gives me veri relevant information. > > My new question is this: > > dmarcts-report-viewer is only for DMARC aggregation reports ? What > can I do to get and ser DMARC forensic reports ? > > Thanks a lot again !!! > > El jue., 26 dic. 2019 a las 17:34, Kevin Miller > (<kevin.mil...@juneau.org>) escribió: > > > I just went through this. Here’s some notes I kept. Note that > > we’re using Exchange. I created a mailbox/user called dmarc and > > pull reports from it via IMAP. > > > > > > > > Reports are retrieved from Exchange based on the following > > software/process: > > http://www.techsneeze.com/how-parse-dmarc-reports-imap/ > > http://www.techsneeze.com/how-parse-dmarc-reports/ (obsolete - > > superseded by the above) > > Source: > > https://github.com/techsneeze/dmarcts-report-parser > > > > Reports are viewable via a browser using > > https://github.com/techsneeze/dmarcts-report-viewer/ > > (view the README.md for details) > > > > > > The IMAP retrieval and import into a database are accomplished via > > a perl script. It is instantiated in crontab to run nightly: > > 45 5 * * * /usr/local/bin/dmarcts/ > > dmarcts-report-parser.pl -i > > > > If run from the CLI, the usage is as follows: > > > > > > =========================================================================================== > > > > Usage: > > ./dmarcts-report-parser.pl [OPTIONS] [PATH] > > > > This script needs a configuration file called > > <dmarcts-report-parser.conf> in > > the current working directory, which defines a database server with > > credentials > > and (if used) an IMAP server with credentials. > > > > Additionally, one of the following source options must be provided: > > -i : Read reports from messages on IMAP server as defined > > in the config file. > > -m : Read reports from mbox file(s) provided in PATH. > > -e : Read reports from MIME email file(s) provided in PATH. > > -x : Read reports from xml file(s) provided in PATH. > > > > The following optional options are allowed: > > -d : Print debug info. > > -r : Replace existing reports rather than skipping them. > > --delete : Delete processed message files (the XML is stored in > > the database for later reference). > > --info : Print out number of XML files or emails processed. > > > > The provided source option requires a PATH. > > > > > > After retrieval, messages are moved to a subfolder called > > "Processed" if the import was successful, or notProcessed if it > > fails for some reason. > > > > HTH… > > > > > > > > ...Kevin > > > > -- > > > > Kevin Miller > > > > Network/email Administrator, CBJ MIS Dept. > > > > 155 South Seward Street > > > > Juneau, Alaska 99801 > > > > Phone: (907) 586-0242, Fax: (907) 586-4588 Registered Linux User > > No: 307357 > > > > > > > > *From:* owner-postfix-us...@postfix.org > > <owner-postfix-us...@postfix.org> *On Behalf Of *Roberto Carna > > *Sent:* Thursday, December 26, 2019 10:54 AM > > *To:* Postfix <postfix-users@postfix.org> > > *Subject:* DMARC report analyzer - Open Source solution > > > > > > > > EXTERNAL E-MAIL: BE CAUTIOUS WHEN OPENING FILES OR FOLLOWING LINKS > > ------------------------------ > > > > Dear, I'm receiving DMARC reports in one mail account from my > > domain. All the reports coming for Google and Yahoo mainly are > > attached in ZIP format, and they are XML files. > > > > > > > > Is there any open source DMARC report analyzer for a Linux platform > > ??? I prefer Debian or Ubuntu. > > > > > > > > Thanks a lot !!! > > -- --------------------------------------------------------- | | Julian Kippels | | M.Sc. Informatik | | | | Zentrum für Informations- und Medientechnologie | | Heinrich-Heine-Universität Düsseldorf | | Universitätsstr. 1 | | Raum 25.41.O1.32 | | 40225 Düsseldorf / Germany | | | | Tel: +49-211-81-14920 | | mail: kipp...@hhu.de ---------------------------------------------------------
