diff --git a/.gitignore b/.gitignore index d8f583f..c8c17a6 100644 --- a/.gitignore +++ b/.gitignore @@ -142,4 +142,6 @@ scratch.py parsedmarc/resources/maps/base_reverse_dns.csv parsedmarc/resources/maps/unknown_base_reverse_dns.csv +parsedmarc/resources/maps/sus_domains.csv +parsedmarc/resources/maps/unknown_domains.txt *.bak diff --git a/.vscode/launch.json b/.vscode/launch.json index f2531e8..1a84b4e 100644 --- a/.vscode/launch.json +++ b/.vscode/launch.json @@ -11,6 +11,22 @@ "program": "${file}", "console": "integratedTerminal" }, + { + "name": "sample.eml", + "type": "debugpy", + "request": "launch", + "module": "parsedmarc.cli", + "args": ["samples/private/sample.eml"] + }, + { + "name": "find_sus_domains.py", + "type": "debugpy", + "request": "launch", + "program": "find_sus_domains.py", + "args": ["-i", "unknown_domains.txt", "-o", "sus_domains.csv"], + "cwd": "${workspaceFolder}/parsedmarc/resources/maps", + "console": "integratedTerminal" + }, { "name": "sortlists.py", "type": "debugpy", diff --git a/CHANGELOG.md b/CHANGELOG.md index 1e6db7f..a3744e3 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,12 @@ Changelog ========= +8.18.8 +------ + +- Fix parsing emails with an uncompressed aggregate report attachment (Closes #607) +- Add `--no-prettify-json` CLI option (PR #617) + 8.18.7 ------ diff --git a/parsedmarc/__init__.py b/parsedmarc/__init__.py index fe51925..8292976 100644 --- a/parsedmarc/__init__.py +++ b/parsedmarc/__init__.py @@ -1261,28 +1261,28 @@ def parse_report_email( payload = b64decode(payload) if payload.startswith(MAGIC_ZIP) or payload.startswith(MAGIC_GZIP): payload = extract_report(payload) - ns = nameservers - if payload.startswith("{"): - smtp_tls_report = parse_smtp_tls_report_json(payload) - result = OrderedDict( - [("report_type", "smtp_tls"), ("report", smtp_tls_report)] - ) - return result - aggregate_report = parse_aggregate_report_xml( - payload, - ip_db_path=ip_db_path, - always_use_local_files=always_use_local_files, - reverse_dns_map_path=reverse_dns_map_path, - reverse_dns_map_url=reverse_dns_map_url, - offline=offline, - nameservers=ns, - timeout=dns_timeout, - keep_alive=keep_alive, - ) + ns = nameservers + if payload.startswith("{"): + smtp_tls_report = parse_smtp_tls_report_json(payload) result = OrderedDict( - [("report_type", "aggregate"), ("report", aggregate_report)] + [("report_type", "smtp_tls"), ("report", smtp_tls_report)] ) return result + aggregate_report = parse_aggregate_report_xml( + payload, + ip_db_path=ip_db_path, + always_use_local_files=always_use_local_files, + reverse_dns_map_path=reverse_dns_map_path, + reverse_dns_map_url=reverse_dns_map_url, + offline=offline, + nameservers=ns, + timeout=dns_timeout, + keep_alive=keep_alive, + ) + result = OrderedDict( + [("report_type", "aggregate"), ("report", aggregate_report)] + ) + return result except (TypeError, ValueError, binascii.Error): pass diff --git a/parsedmarc/cli.py b/parsedmarc/cli.py index cdc7684..e2ab976 100644 --- a/parsedmarc/cli.py +++ b/parsedmarc/cli.py @@ -103,7 +103,9 @@ def _main(): def process_reports(reports_): indent_value = 2 if opts.prettify_json else None - output_str = "{0}\n".format(json.dumps(reports_, ensure_ascii=False, indent=indent_value)) + output_str = "{0}\n".format( + json.dumps(reports_, ensure_ascii=False, indent=indent_value) + ) if not opts.silent: print(output_str) @@ -483,7 +485,7 @@ def _main(): "--no-prettify-json", action="store_false", dest="prettify_json", - help="output JSON in a single line without indentation" + help="output JSON in a single line without indentation", ) arg_parser.add_argument("-v", "--version", action="version", version=__version__) @@ -625,7 +627,7 @@ def _main(): webhook_aggregate_url=None, webhook_forensic_url=None, webhook_smtp_tls_url=None, - webhook_timeout=60 + webhook_timeout=60, ) args = arg_parser.parse_args() diff --git a/parsedmarc/constants.py b/parsedmarc/constants.py index 3501402..23d4ca0 100644 --- a/parsedmarc/constants.py +++ b/parsedmarc/constants.py @@ -1,2 +1,2 @@ -__version__ = "8.18.7" +__version__ = "8.18.8" USER_AGENT = f"parsedmarc/{__version__}"