Skip to main content

Simple tool to extract error reports from DMARC files

Project description

DMARCReporting Build Status

This is a simple tool that displays the errors from a bunch of DMARC reports. It's meant to simplify the job of figuring out DMARC errors.

This is very much a work in progress, use only for tests! Feedback and pull requests are welcome.

Install

pip install DMARCReporting

How to use

  • Download all zipped DMARC reports to a samples folder

  • Execute:

    DMARCReporting /path/to/reports
    

The tool processes the files one by one:

  • unarchives the file on the fly
  • parses the DMARC report
  • if any DMARC rejection or quarantine or a failing SPF and/or DKIM authentication and/or alignment happens, a report is displayed on the console together with the DMARC report file name.

An example report looks as follows:

report.xml.gz
Source IP      Source Host                     Payload From (From:)    Envelop From (MAIL FROM)    DMARC    DKIM Align    DKIM Auth    SPF Align    SPF Auth    File
-------------  ------------------------------  ----------------------  --------------------------  -------  ------------  -----------  -----------  ----------  ------
80.96.161.193  Unknown host                    bellous.com             bellous.com                 none     pass          pass         fail         fail        report.xml.gz
208.90.221.45  208-90-221-45.static.flhsi.com  bellous.com             calendar.yambo.com          none     pass          pass         fail         pass        report.xml.gz
80.96.161.193  Unknown host                    disicious.com           disicious.com               none     pass          pass         fail         fail        report.xml.zip
208.90.221.45  208-90-221-45.static.flhsi.com  disicious.com           calendar.trumbee.com        none     pass          pass         fail         pass        report.xml.zip

Run tests

make install-dev
make test

Development Notes

This tool was started by Alex Bolboaca, with a clear goal: allow easier processing DMARC reports received by email. Alternate tools exist, but they are meant for enterprises, meaning they are either expensive or use a lot of infrastructure.

The main goal is to see a report of email failures to allow investigation. Therefore, this tool should be minimalistic, extracting the minimum necessary information and requiring a minimum infrastructure.

While it's possible to deploy it as a cloud function through a later development of a Docker container, it should also allow running it locally after obtaining the DMARC zipped reports in some way.

The current version has been developed mostly by Thierry de Pauw, so all thanks should go to him :).

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

DMARCReporting-0.3.0.tar.gz (9.5 kB view details)

Uploaded Source

Built Distribution

DMARCReporting-0.3.0-py3-none-any.whl (7.7 kB view details)

Uploaded Python 3

File details

Details for the file DMARCReporting-0.3.0.tar.gz.

File metadata

  • Download URL: DMARCReporting-0.3.0.tar.gz
  • Upload date:
  • Size: 9.5 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/4.0.2 CPython/3.11.7

File hashes

Hashes for DMARCReporting-0.3.0.tar.gz
Algorithm Hash digest
SHA256 ad91db029ac4d263e09445250b99880e0485255d31e672e9403ac549aeceaf10
MD5 9a3017c7f0e40f67cb36faefb6c5b9f2
BLAKE2b-256 9a95bf38a105ed624c2e22135d72c1ef4bfd0d006f6e534f3924cce2cb185f9f

See more details on using hashes here.

File details

Details for the file DMARCReporting-0.3.0-py3-none-any.whl.

File metadata

File hashes

Hashes for DMARCReporting-0.3.0-py3-none-any.whl
Algorithm Hash digest
SHA256 20e5a974a5b48b4212652958b6c537ec43b5ec29a69e93cd635a849494c51d54
MD5 0b2af73377349c50aff54c55ceaeaa02
BLAKE2b-256 08c8b14f599e0b0aa885b24b798c21ecdf5e0e599731f29fa8c1c562cabc9671

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page