diff options
| author | TechSneeze <dave@techsneeze.com> | 2019-08-09 00:39:05 +0300 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-08-09 00:39:05 +0300 |
| commit | 9e960124eb5d4127f8db01d1c9aa59e711adea10 (patch) | |
| tree | 56bdda32b09d23fbed48b890a613e0765b97daca | |
| parent | 841f6903ade2653b4601b56c5a3e8b1fa120f9bb (diff) | |
| parent | c7ece679e4c353a80f162d71f361928c055bfd87 (diff) | |
Merge pull request #63 from userjack6880/master
Fixed Exchange compatiblity, added IMAP port option, and other fixes.
| -rw-r--r-- | README.md | 40 | ||||
| -rw-r--r-- | dmarcts-report-parser.conf.sample | 15 | ||||
| -rwxr-xr-x | dmarcts-report-parser.pl | 66 |
3 files changed, 71 insertions, 50 deletions
@@ -41,36 +41,38 @@ git clone https://github.com/techsneeze/dmarcts-report-parser.git or download a zip file containg all files from [here](https://github.com/techsneeze/dmarcts-report-parser/archive/master.zip). Once the files have been downloaded, you will need to copy/rename `dmarcts-report-parser.conf.sample` to `dmarcts-report-parser.conf`. Next, edit the configuration options: ``` -#################################################################### -### configuration ################################################## -#################################################################### +################################################################################ +### configuration ############################################################## +################################################################################ -# If IMAP access is not used, config options starting with $imap -# do not need to be set and are ignored. +# If IMAP access is not used, config options starting with $imap do not need to +# be set and are ignored. $debug = 0; $delete_reports = 0; $dbname = 'dmarc'; $dbuser = 'dmarc'; -$dbpass = 'xxx'; -$dbhost = ''; # Set the hostname if we can't connect to the local socket. - -$imapserver = 'mail.example.com:143'; -$imapuser = 'dmarcreports'; -$imappass = 'xxx'; -$imapssl = '0'; # If set to 1, remember to change server port to 993 and to disable imaptls. -$imaptls = '1'; # Enabled as the default and best-practice. -$tlsverify = '1'; # Enable verify server cert as the default and best-practice. -$imapignoreerror = 0; # set it to 1 if you see an "ERROR: message_string() +$dbpass = 'password'; +$dbhost = 'dbhost'; # Set the hostname if we can't connect to the local socket. +$dbport = '3306'; + +$imapserver = 'imap.server'; +$imapuser = 'username'; +$imappass = 'password'; +$imapport = '143'; +$imapssl = '0'; # If set to 1, remember to change server port to 993 and disable imaptls. +$imaptls = '0'; # Enabled as the default and best-practice. +$tlsverify = '0'; # Enable verify server cert as the default and best-practice. +$imapignoreerror = '0'; # set it to 1 if you see an "ERROR: message_string() # expected 119613 bytes but received 81873 you may # need the IgnoreSizeErrors option" because of malfunction # imap server as MS Exchange 2007, ... -$imapreadfolder = 'Inbox'; +$imapreadfolder = 'dmarc'; -# If $imapmovefolder is set, processed IMAP messages -# will be moved (overruled by the --delete option!) -$imapmovefolder = 'Inbox.processed'; +# If $imapmovefolder is set, processed IMAP messages will be moved (overruled by +# the --delete option!) +$imapmovefolder = 'dmarc/processed'; # maximum size of XML files to store in database, long files can cause transaction aborts $maxsize_xml = 50000; diff --git a/dmarcts-report-parser.conf.sample b/dmarcts-report-parser.conf.sample index 65ae7aa..2ed7caf 100644 --- a/dmarcts-report-parser.conf.sample +++ b/dmarcts-report-parser.conf.sample @@ -10,13 +10,14 @@ $delete_reports = 0; $dbname = 'dmarc'; $dbuser = 'dmarc'; -$dbpass = 'xxx'; -$dbhost = ''; # Set the hostname if we can't connect to the local socket. +$dbpass = 'password'; +$dbhost = 'dbhost'; # Set the hostname if we can't connect to the local socket. $dbport = '3306'; -$imapserver = 'mail.example.com:143'; -$imapuser = 'dmarcreports'; -$imappass = 'xxx'; +$imapserver = 'imap.server'; +$imapuser = 'username'; +$imappass = 'password'; +$imapport = '143'; $imapssl = '0'; # If set to 1, remember to change server port to 993 and disable imaptls. $imaptls = '1'; # Enabled as the default and best-practice. $tlsverify = '1'; # Enable verify server cert as the default and best-practice. @@ -24,11 +25,11 @@ $imapignoreerror = '0'; # set it to 1 if you see an "ERROR: message_st # expected 119613 bytes but received 81873 you may # need the IgnoreSizeErrors option" because of malfunction # imap server as MS Exchange 2007, ... -$imapreadfolder = 'Inbox'; +$imapreadfolder = 'dmarc'; # If $imapmovefolder is set, processed IMAP messages will be moved (overruled by # the --delete option!) -$imapmovefolder = 'Inbox.processed'; +$imapmovefolder = 'dmarc/processed'; # maximum size of XML files to store in database, long files can cause transaction aborts $maxsize_xml = 50000; diff --git a/dmarcts-report-parser.pl b/dmarcts-report-parser.pl index 818b4b3..c58618e 100755 --- a/dmarcts-report-parser.pl +++ b/dmarcts-report-parser.pl @@ -103,6 +103,7 @@ sub show_usage { print " -r : Replace existing reports rather than skipping them. \n"; print " --delete : Delete processed message files (the XML is stored in the \n"; print " database for later reference). \n"; + print " --info : Print out number of XML files or emails processed. \n"; print "\n"; } @@ -117,7 +118,7 @@ sub show_usage { # Define all possible configuration options. our ($debug, $delete_reports, $delete_failed, $reports_replace, $maxsize_xml, $compress_xml, $dbname, $dbuser, $dbpass, $dbhost, $dbport, - $imapserver, $imapuser, $imappass, $imapignoreerror, $imapssl, $imaptls, $imapmovefolder, $imapreadfolder, $imapopt, $tlsverify); + $imapserver, $imapport, $imapuser, $imappass, $imapignoreerror, $imapssl, $imaptls, $imapmovefolder, $imapreadfolder, $imapopt, $tlsverify, $processInfo); # defaults $maxsize_xml = 50000; @@ -155,7 +156,7 @@ if (!defined $imapignoreerror ) { # Get command line options. my %options = (); use constant { TS_IMAP => 0, TS_MESSAGE_FILE => 1, TS_XML_FILE => 2, TS_MBOX_FILE => 3, TS_ZIP_FILE => 4 }; -GetOptions( \%options, 'd', 'r', 'x', 'm', 'e', 'i', 'z', 'delete' ); +GetOptions( \%options, 'd', 'r', 'x', 'm', 'e', 'i', 'z', 'delete', 'info' ); # Evaluate command line options my $source_options = 0; @@ -210,7 +211,7 @@ if ($ARGV[0]) { if (exists $options{r}) {$reports_replace = 1;} if (exists $options{d}) {$debug = 1;} if (exists $options{delete}) {$delete_reports = 1;} - +if (exists $options{info}) {$processInfo = 1;} # Setup connection to database server. my $dbh = DBI->connect("DBI:mysql:database=$dbname;host=$dbhost;port=$dbport", @@ -221,33 +222,46 @@ checkDatabase($dbh); # Process messages based on $reports_source. if ($reports_source == TS_IMAP) { + my $socketargs = ''; + my $processedReport = 0; # Disable verify mode for TLS support. if ($imaptls == 1) { - if ( $tlsverify == 0 ) { - print "use tls without verify servercert.\n" if $debug; - $imapopt = [ SSL_verify_mode => SSL_VERIFY_NONE ]; - } else { - print "use tls with verify servercert.\n" if $debug; - $imapopt = [ SSL_verify_mode => SSL_VERIFY_PEER ]; - } + if ( $tlsverify == 0 ) { + print "use tls without verify servercert.\n" if $debug; + $imapopt = [ SSL_verify_mode => SSL_VERIFY_NONE ]; + } else { + print "use tls with verify servercert.\n" if $debug; + $imapopt = [ SSL_verify_mode => SSL_VERIFY_PEER ]; + } + # The whole point of setting this socket arg is so that we don't get the nasty warning + } else { + print "using ssl without verify servercert.\n" if $debug; + $socketargs = [ SSL_verify_mode => SSL_VERIFY_NONE ]; } - print "connection to $imapserver with Ssl => $imapssl, User => $imapuser, Ignoresizeerrors => $imapignoreerror\n" if $debug; # Setup connection to IMAP server. - my $imap = Mail::IMAPClient->new( Server => $imapserver, - Ssl => $imapssl, - Starttls => $imapopt, - User => $imapuser, - Password => $imappass, - Ignoresizeerrors => $imapignoreerror, - Debug=> $debug - ) + my $imap = Mail::IMAPClient->new( + Server => $imapserver, + Port => $imapport, + Ssl => $imapssl, + Starttls => $imapopt, + Debug => $debug, + Socketargs => $socketargs + ) # module uses eval, so we use $@ instead of $! or die "IMAP Failure: $@"; + # This connection is finished this way because of the tradgedy of exchange... + $imap->User($imapuser); + $imap->Password($imappass); + $imap->connect(); + + # Ignore Size Errors if we're using Exchange + $imap->Ignoresizeerrors($imapignoreerror); + # Set $imap to UID mode, which will force imap functions to use/return # UIDs, instead of message sequence numbers. UIDs are not allowed to # change during a session and are not allowed to be used twice. Looping @@ -273,6 +287,7 @@ if ($reports_source == TS_IMAP) { foreach my $msg (@msgs) { my $processResult = processXML(TS_MESSAGE_FILE, $imap->message_string($msg), "IMAP message with UID #".$msg); + $processedReport++; if ($processResult & 4) { # processXML returned a value with database error bit enabled, do nothing at all! next; @@ -311,6 +326,7 @@ if ($reports_source == TS_IMAP) { # We're all done with IMAP here. $imap->logout(); + if ( $debug || $processInfo ) { print "Processed $processedReport emails.\n"; } } else { # TS_MESSAGE_FILE or TS_XML_FILE or TS_MBOX_FILE @@ -381,7 +397,7 @@ if ($reports_source == TS_IMAP) { } } } - print "Processed $counts messages(s).\n" if $debug; + if ($debug || $processInfo) { print "Processed $counts messages(s).\n"; } } @@ -391,15 +407,17 @@ if ($reports_source == TS_IMAP) { ################################################################################ sub processXML { - my $type = $_[0]; - my $filecontent = $_[1]; - my $f = $_[2]; + my ($type, $filecontent, $f) = (@_); if ($debug) { print "\n"; print "----------------------------------------------------------------\n"; print "Processing $f \n"; print "----------------------------------------------------------------\n"; + print "Type: $type\n"; + print "FileContent: $filecontent\n"; + print "MSG: $f\n"; + print "----------------------------------------------------------------\n"; } my $xml; #TS_XML_FILE or TS_MESSAGE_FILE @@ -450,7 +468,7 @@ sub processXML { # the fields of the first ZIPed XML file embedded into the message. The XML # itself is not checked to be a valid DMARC report. sub getXMLFromMessage { - my $message = $_[0]; + my ($message) = (@_); # fixup type in trustwave SEG mails $message =~ s/ContentType:/Content-Type:/; |