I don’t know. I haven’t gotten that far… ...Kevin -- Kevin Miller Network/email Administrator, CBJ MIS Dept. 155 South Seward Street Juneau, Alaska 99801 Phone: (907) 586-0242, Fax: (907) 586-4588 Registered Linux User No: 307357
From: Roberto Carna <robertocarn...@gmail.com> Sent: Monday, January 6, 2020 4:47 AM To: Kevin Miller <kevin.mil...@juneau.org> Cc: Postfix users <postfix-users@postfix.org> Subject: Re: DMARC report analyzer - Open Source solution EXTERNAL E-MAIL: BE CAUTIOUS WHEN OPENING FILES OR FOLLOWING LINKS ________________________________ Dear Kevin, I've implemented dmarcts-report-viewer and now it runs OK,..It gives me veri relevant information. My new question is this: dmarcts-report-viewer is only for DMARC aggregation reports ? What can I do to get and ser DMARC forensic reports ? Thanks a lot again !!! El jue., 26 dic. 2019 a las 17:34, Kevin Miller (<kevin.mil...@juneau.org<mailto:kevin.mil...@juneau.org>>) escribió: I just went through this. Here’s some notes I kept. Note that we’re using Exchange. I created a mailbox/user called dmarc and pull reports from it via IMAP. Reports are retrieved from Exchange based on the following software/process: http://www.techsneeze.com/how-parse-dmarc-reports-imap/ http://www.techsneeze.com/how-parse-dmarc-reports/ (obsolete - superseded by the above) Source: https://github.com/techsneeze/dmarcts-report-parser Reports are viewable via a browser using https://github.com/techsneeze/dmarcts-report-viewer/ (view the README.md for details) The IMAP retrieval and import into a database are accomplished via a perl script. It is instantiated in crontab to run nightly: 45 5 * * * /usr/local/bin/dmarcts/dmarcts-report-parser.pl<http://dmarcts-report-parser.pl> -i If run from the CLI, the usage is as follows: =========================================================================================== Usage: ./dmarcts-report-parser.pl<http://dmarcts-report-parser.pl> [OPTIONS] [PATH] This script needs a configuration file called <dmarcts-report-parser.conf> in the current working directory, which defines a database server with credentials and (if used) an IMAP server with credentials. Additionally, one of the following source options must be provided: -i : Read reports from messages on IMAP server as defined in the config file. -m : Read reports from mbox file(s) provided in PATH. -e : Read reports from MIME email file(s) provided in PATH. -x : Read reports from xml file(s) provided in PATH. The following optional options are allowed: -d : Print debug info. -r : Replace existing reports rather than skipping them. --delete : Delete processed message files (the XML is stored in the database for later reference). --info : Print out number of XML files or emails processed. The provided source option requires a PATH. After retrieval, messages are moved to a subfolder called "Processed" if the import was successful, or notProcessed if it fails for some reason. HTH… ...Kevin -- Kevin Miller Network/email Administrator, CBJ MIS Dept. 155 South Seward Street Juneau, Alaska 99801 Phone: (907) 586-0242, Fax: (907) 586-4588 Registered Linux User No: 307357 From: owner-postfix-us...@postfix.org<mailto:owner-postfix-us...@postfix.org> <owner-postfix-us...@postfix.org<mailto:owner-postfix-us...@postfix.org>> On Behalf Of Roberto Carna Sent: Thursday, December 26, 2019 10:54 AM To: Postfix <postfix-users@postfix.org<mailto:postfix-users@postfix.org>> Subject: DMARC report analyzer - Open Source solution EXTERNAL E-MAIL: BE CAUTIOUS WHEN OPENING FILES OR FOLLOWING LINKS ________________________________ Dear, I'm receiving DMARC reports in one mail account from my domain. All the reports coming for Google and Yahoo mainly are attached in ZIP format, and they are XML files. Is there any open source DMARC report analyzer for a Linux platform ??? I prefer Debian or Ubuntu. Thanks a lot !!!
