From 01b72119fe3fafe5c81630e1f15bbfee19bc3d1e Mon Sep 17 00:00:00 2001 From: Sean Whalen Date: Thu, 25 Oct 2018 09:43:00 -0400 Subject: [PATCH] Update documentation --- README.rst | 42 +++++++++++++++------------- docs/index.rst | 76 +++++++++++++++++++++++++++++++++++++------------- 2 files changed, 78 insertions(+), 40 deletions(-) diff --git a/README.rst b/README.rst index 400faa9..4362d41 100644 --- a/README.rst +++ b/README.rst @@ -55,26 +55,26 @@ CLI help :: - usage: parsedmarc [-h] [--strip-attachment-payloads] [-o OUTPUT] - [-n NAMESERVERS [NAMESERVERS ...]] [-t TIMEOUT] [-H HOST] - [-u USER] [-p PASSWORD] [--imap-port IMAP_PORT] - [--imap-no-ssl] [-r REPORTS_FOLDER] [-a ARCHIVE_FOLDER] [-d] - [-E [ELASTICSEARCH_HOST [ELASTICSEARCH_HOST ...]]] - [--elasticsearch-index-prefix ELASTICSEARCH_INDEX_PREFIX] - [--elasticsearch-index-suffix ELASTICSEARCH_INDEX_SUFFIX] - [--hec HEC] [--hec-token HEC_TOKEN] [--hec-index HEC_INDEX] - [--hec-skip-certificate-verification] - [-K [KAFKA_HOSTS [KAFKA_HOSTS ...]]] - [--kafka-aggregate-topic KAFKA_AGGREGATE_TOPIC] - [--kafka-forensic_topic KAFKA_FORENSIC_TOPIC] - [--save-aggregate] [--save-forensic] [-O OUTGOING_HOST] - [-U OUTGOING_USER] [-P OUTGOING_PASSWORD] - [--outgoing-port OUTGOING_PORT] - [--outgoing-ssl OUTGOING_SSL] [-F OUTGOING_FROM] - [-T OUTGOING_TO [OUTGOING_TO ...]] [-S OUTGOING_SUBJECT] - [-A OUTGOING_ATTACHMENT] [-M OUTGOING_MESSAGE] [-w] [--test] - [-s] [--debug] [-v] - [file_path [file_path ...]] + usage: cli.py [-h] [--strip-attachment-payloads] [-o OUTPUT] + [-n NAMESERVERS [NAMESERVERS ...]] [-t TIMEOUT] [-H HOST] + [-u USER] [-p PASSWORD] [--imap-port IMAP_PORT] + [--imap-skip-certificate-verification] [--imap-no-ssl] + [-r REPORTS_FOLDER] [-a ARCHIVE_FOLDER] [-d] + [-E [ELASTICSEARCH_HOST [ELASTICSEARCH_HOST ...]]] + [--elasticsearch-index-prefix ELASTICSEARCH_INDEX_PREFIX] + [--elasticsearch-index-suffix ELASTICSEARCH_INDEX_SUFFIX] + [--hec HEC] [--hec-token HEC_TOKEN] [--hec-index HEC_INDEX] + [--hec-skip-certificate-verification] + [-K [KAFKA_HOSTS [KAFKA_HOSTS ...]]] + [--kafka-aggregate-topic KAFKA_AGGREGATE_TOPIC] + [--kafka-forensic_topic KAFKA_FORENSIC_TOPIC] [--save-aggregate] + [--save-forensic] [-O OUTGOING_HOST] [-U OUTGOING_USER] + [-P OUTGOING_PASSWORD] [--outgoing-port OUTGOING_PORT] + [--outgoing-ssl OUTGOING_SSL] [-F OUTGOING_FROM] + [-T OUTGOING_TO [OUTGOING_TO ...]] [-S OUTGOING_SUBJECT] + [-A OUTGOING_ATTACHMENT] [-M OUTGOING_MESSAGE] [-w] [--test] + [-s] [--debug] [-v] + [file_path [file_path ...]] Parses DMARC reports @@ -100,6 +100,8 @@ CLI help IMAP password --imap-port IMAP_PORT IMAP port + --imap-skip-certificate-verification + Skip certificate verification for IMAP --imap-no-ssl Do not use SSL/TLS when connecting to IMAP -r REPORTS_FOLDER, --reports-folder REPORTS_FOLDER The IMAP folder containing the reports (Default: diff --git a/docs/index.rst b/docs/index.rst index d80d419..9cbc62c 100644 --- a/docs/index.rst +++ b/docs/index.rst @@ -61,26 +61,27 @@ CLI help :: - usage: parsedmarc [-h] [--strip-attachment-payloads] [-o OUTPUT] - [-n NAMESERVERS [NAMESERVERS ...]] [-t TIMEOUT] [-H HOST] - [-u USER] [-p PASSWORD] [--imap-port IMAP_PORT] - [--imap-no-ssl] [-r REPORTS_FOLDER] [-a ARCHIVE_FOLDER] [-d] - [-E [ELASTICSEARCH_HOST [ELASTICSEARCH_HOST ...]]] - [--elasticsearch-index-prefix ELASTICSEARCH_INDEX_PREFIX] - [--elasticsearch-index-suffix ELASTICSEARCH_INDEX_SUFFIX] - [--hec HEC] [--hec-token HEC_TOKEN] [--hec-index HEC_INDEX] - [--hec-skip-certificate-verification] - [-K [KAFKA_HOSTS [KAFKA_HOSTS ...]]] - [--kafka-aggregate-topic KAFKA_AGGREGATE_TOPIC] - [--kafka-forensic_topic KAFKA_FORENSIC_TOPIC] - [--save-aggregate] [--save-forensic] [-O OUTGOING_HOST] - [-U OUTGOING_USER] [-P OUTGOING_PASSWORD] - [--outgoing-port OUTGOING_PORT] - [--outgoing-ssl OUTGOING_SSL] [-F OUTGOING_FROM] - [-T OUTGOING_TO [OUTGOING_TO ...]] [-S OUTGOING_SUBJECT] - [-A OUTGOING_ATTACHMENT] [-M OUTGOING_MESSAGE] [-w] [--test] - [-s] [--debug] [-v] - [file_path [file_path ...]] + usage: parsedmarc [-h] [--strip-attachment-payloads] [-o OUTPUT] + [-n NAMESERVERS [NAMESERVERS ...]] [-t TIMEOUT] [-H HOST] + [-u USER] [-p PASSWORD] [--imap-port IMAP_PORT] + [--imap-skip-certificate-verification] [--imap-no-ssl] + [-r REPORTS_FOLDER] [-a ARCHIVE_FOLDER] [-d] + [-E [ELASTICSEARCH_HOST [ELASTICSEARCH_HOST ...]]] + [--elasticsearch-index-prefix ELASTICSEARCH_INDEX_PREFIX] + [--elasticsearch-index-suffix ELASTICSEARCH_INDEX_SUFFIX] + [--hec HEC] [--hec-token HEC_TOKEN] [--hec-index HEC_INDEX] + [--hec-skip-certificate-verification] + [-K [KAFKA_HOSTS [KAFKA_HOSTS ...]]] + [--kafka-aggregate-topic KAFKA_AGGREGATE_TOPIC] + [--kafka-forensic_topic KAFKA_FORENSIC_TOPIC] + [--save-aggregate] [--save-forensic] [-O OUTGOING_HOST] + [-U OUTGOING_USER] [-P OUTGOING_PASSWORD] + [--outgoing-port OUTGOING_PORT] + [--outgoing-ssl OUTGOING_SSL] [-F OUTGOING_FROM] + [-T OUTGOING_TO [OUTGOING_TO ...]] [-S OUTGOING_SUBJECT] + [-A OUTGOING_ATTACHMENT] [-M OUTGOING_MESSAGE] [-w] [--test] + [-s] [--debug] [-v] + [file_path [file_path ...]] Parses DMARC reports @@ -106,6 +107,8 @@ CLI help IMAP password --imap-port IMAP_PORT IMAP port + --imap-skip-certificate-verification + Skip certificate verification for IMAP --imap-no-ssl Do not use SSL/TLS when connecting to IMAP -r REPORTS_FOLDER, --reports-folder REPORTS_FOLDER The IMAP folder containing the reports (Default: @@ -380,6 +383,39 @@ Installation ``parsedmarc`` works with Python 3 only. +.. note:: + + If your system is behind a web proxy, you neeed to configure your system + to use that proxy. To do this, edit ``/etc/environment`` and add your + proxy details there, for example: + + :: + + http_proxy=http://user:password@prox-server:3128 + https_proxy=http://user:password@prox-server:3128 + ftp_proxy=http://user:password@prox-server:3128 + + Or if no credentials are needed: + + :: + + http_proxy=http://prox-server:3128 + https_proxy=http://@prox-server:3128 + ftp_proxy=http://prox-server:3128 + + This will set the the proxy up for use system-wide, including for + ``parsedmarc``. + +.. warning:: + + If your mail server is Microsoft Exchange, ensure that it is patched to at + least: + + - Exchange Server 2010 Update Rollup 22 (`KB4295699 `_) + - Exchange Server 2013 Cumulative Update 21 (`KB4099855 `_) + - Exchange Server 2016 Cumulative Update 11 (`KB4134118 `_) + + On Debian or Ubuntu systems, run: .. code-block:: bash