Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/andrewkvalheim/dmarc-report-notifier
Headless periodic DMARC report handler ⊷ Mirror
https://github.com/andrewkvalheim/dmarc-report-notifier
dmarc-reports
Last synced: 2 months ago
JSON representation
Headless periodic DMARC report handler ⊷ Mirror
- Host: GitHub
- URL: https://github.com/andrewkvalheim/dmarc-report-notifier
- Owner: AndrewKvalheim
- License: gpl-3.0
- Created: 2022-12-17T22:49:43.000Z (about 2 years ago)
- Default Branch: main
- Last Pushed: 2024-09-17T01:11:26.000Z (3 months ago)
- Last Synced: 2024-10-09T17:22:57.957Z (3 months ago)
- Topics: dmarc-reports
- Language: Python
- Homepage: https://codeberg.org/AndrewKvalheim/dmarc-report-notifier
- Size: 278 KB
- Stars: 2
- Watchers: 2
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE.md
Awesome Lists containing this project
README
# DMARC report notifier
*DMARC report notifier* is a headless periodic handler of [DMARC] aggregate reports. In contrast to other solutions to DMARC report monitoring that pursue elaborate web dashboards designed to guide an organization through policy rollouts and infrastructure changes, this utility is intended to fill the gap for low-volume senders with already aligned infrastructure that just need to do the minimum due diligence of being alerted to unexpected problems.
Intended to be scheduled as a daily job, this uses [parsedmarc] to read DMARC reports from a specified IMAP folder and then move them to an archive in the same mailbox. If any reports indicate a problem, a notification is sent via Matrix.
Example notification:
>
> ⛔ 1 message blocked
>
>
> CountSenderSPFDKIMDMARCReporter
>
>
>
> 1
> IP:192.0.2.1
rDNS:example.com
Envelope:example.com
Header:example.com
> ⛔example.com
: pass
> ⛔example.com
: pass
> ⛔
> Example
>
>
>
>
>
> ✅ 12 messages allowed
>
>
> CountSenderSPFDKIMDMARCReporter
>
>
>
> 6
> IP:192.0.2.2
rDNS:example.com
Envelope:example.com
Header:example.com
> ✅example.com
: pass
> ✅example.com
: pass
> ✅
> Example
>
>
> 3
> IP:192.0.2.3
rDNS:example.com
Envelope:example.com
Header:example.com
> ✅example.com
: pass
> ✅example.com
: pass
> ✅
> Example
>
>
> 2
> IP:192.0.2.3
rDNS:example.com
Envelope:example.com
Header:example.com
> ✅example.com
: pass
> ✅example.com
: pass
> ✅
> Example
>
>
> 1
> IP:192.0.2.4
rDNS:example.com
Envelope:example.com
Header:example.com
> ✅example.com
: pass
> ✅example.com
: pass
> ✅
> Example
>
>
>
>Configuration:
- Incoming reports:
- `IMAP_HOST`: parsedmarc `imap.host`
- `IMAP_USERNAME`: parsedmarc `imap.user`
- `IMAP_PASSWORD`: parsedmarc `imap.password`
- `IMAP_FOLDER_PROCESSED`: parsedmarc `mailbox.reports_folder`
- `IMAP_FOLDER_UNPROCESSED`: parsedmarc `mailbox.archive_folder`
- Outgoing notifications:
- `NOTIFICATION_LEVEL`: level of DMARC failure to report (`INFO`/`WARN`/`ERROR`)
- `MATRIX_HOMESERVER_URL`: base URL of Matrix client-server API
- `MATRIX_ACCESS_TOKEN`: secret access token of user to send notifications from
- `MATRIX_ROOM_ID`: room ID to send notifications to[DMARC]: https://en.wikipedia.org/wiki/DMARC
[Matrix]: https://matrix.org/
[parsedmarc]: https://github.com/domainaware/parsedmarc