mirror of
https://github.com/domainaware/parsedmarc.git
synced 2026-07-03 15:34:19 +00:00
8.0.0
This commit is contained in:
+2
-2
@@ -3,7 +3,7 @@
|
||||
<head>
|
||||
<meta charset="utf-8" />
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
|
||||
<title>Overview: module code — parsedmarc 7.1.1 documentation</title>
|
||||
<title>Overview: module code — parsedmarc 8.0.0 documentation</title>
|
||||
<link rel="stylesheet" href="../_static/pygments.css" type="text/css" />
|
||||
<link rel="stylesheet" href="../_static/css/theme.css" type="text/css" />
|
||||
<!--[if lt IE 9]>
|
||||
@@ -27,7 +27,7 @@
|
||||
<a href="../index.html" class="icon icon-home"> parsedmarc
|
||||
</a>
|
||||
<div class="version">
|
||||
7.1.1
|
||||
8.0.0
|
||||
</div>
|
||||
<div role="search">
|
||||
<form id="rtd-search-form" class="wy-form" action="../search.html" method="get">
|
||||
|
||||
+110
-167
@@ -3,7 +3,7 @@
|
||||
<head>
|
||||
<meta charset="utf-8" />
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
|
||||
<title>parsedmarc — parsedmarc 7.1.1 documentation</title>
|
||||
<title>parsedmarc — parsedmarc 8.0.0 documentation</title>
|
||||
<link rel="stylesheet" href="../_static/pygments.css" type="text/css" />
|
||||
<link rel="stylesheet" href="../_static/css/theme.css" type="text/css" />
|
||||
<!--[if lt IE 9]>
|
||||
@@ -27,7 +27,7 @@
|
||||
<a href="../index.html" class="icon icon-home"> parsedmarc
|
||||
</a>
|
||||
<div class="version">
|
||||
7.1.1
|
||||
8.0.0
|
||||
</div>
|
||||
<div role="search">
|
||||
<form id="rtd-search-form" class="wy-form" action="../search.html" method="get">
|
||||
@@ -68,48 +68,48 @@
|
||||
|
||||
<span class="sd">"""A Python package for parsing DMARC reports"""</span>
|
||||
|
||||
<span class="kn">import</span> <span class="nn">logging</span>
|
||||
<span class="kn">import</span> <span class="nn">os</span>
|
||||
<span class="kn">import</span> <span class="nn">shutil</span>
|
||||
<span class="kn">import</span> <span class="nn">xml.parsers.expat</span> <span class="k">as</span> <span class="nn">expat</span>
|
||||
<span class="kn">import</span> <span class="nn">json</span>
|
||||
<span class="kn">from</span> <span class="nn">datetime</span> <span class="kn">import</span> <span class="n">datetime</span>
|
||||
<span class="kn">from</span> <span class="nn">time</span> <span class="kn">import</span> <span class="n">sleep</span>
|
||||
<span class="kn">from</span> <span class="nn">collections</span> <span class="kn">import</span> <span class="n">OrderedDict</span>
|
||||
<span class="kn">from</span> <span class="nn">io</span> <span class="kn">import</span> <span class="n">BytesIO</span><span class="p">,</span> <span class="n">StringIO</span>
|
||||
<span class="kn">from</span> <span class="nn">gzip</span> <span class="kn">import</span> <span class="n">GzipFile</span>
|
||||
<span class="kn">from</span> <span class="nn">socket</span> <span class="kn">import</span> <span class="n">timeout</span>
|
||||
<span class="kn">import</span> <span class="nn">zipfile</span>
|
||||
<span class="kn">from</span> <span class="nn">csv</span> <span class="kn">import</span> <span class="n">DictWriter</span>
|
||||
<span class="kn">import</span> <span class="nn">re</span>
|
||||
<span class="kn">from</span> <span class="nn">base64</span> <span class="kn">import</span> <span class="n">b64decode</span>
|
||||
<span class="kn">import</span> <span class="nn">binascii</span>
|
||||
<span class="kn">import</span> <span class="nn">email</span>
|
||||
<span class="kn">import</span> <span class="nn">tempfile</span>
|
||||
<span class="kn">import</span> <span class="nn">email.utils</span>
|
||||
<span class="kn">import</span> <span class="nn">json</span>
|
||||
<span class="kn">import</span> <span class="nn">logging</span>
|
||||
<span class="kn">import</span> <span class="nn">mailbox</span>
|
||||
<span class="kn">import</span> <span class="nn">os</span>
|
||||
<span class="kn">import</span> <span class="nn">re</span>
|
||||
<span class="kn">import</span> <span class="nn">shutil</span>
|
||||
<span class="kn">import</span> <span class="nn">tempfile</span>
|
||||
<span class="kn">import</span> <span class="nn">xml.parsers.expat</span> <span class="k">as</span> <span class="nn">expat</span>
|
||||
<span class="kn">import</span> <span class="nn">zipfile</span>
|
||||
<span class="kn">from</span> <span class="nn">base64</span> <span class="kn">import</span> <span class="n">b64decode</span>
|
||||
<span class="kn">from</span> <span class="nn">collections</span> <span class="kn">import</span> <span class="n">OrderedDict</span>
|
||||
<span class="kn">from</span> <span class="nn">csv</span> <span class="kn">import</span> <span class="n">DictWriter</span>
|
||||
<span class="kn">from</span> <span class="nn">datetime</span> <span class="kn">import</span> <span class="n">datetime</span>
|
||||
<span class="kn">from</span> <span class="nn">gzip</span> <span class="kn">import</span> <span class="n">GzipFile</span>
|
||||
<span class="kn">from</span> <span class="nn">io</span> <span class="kn">import</span> <span class="n">BytesIO</span><span class="p">,</span> <span class="n">StringIO</span>
|
||||
<span class="kn">from</span> <span class="nn">typing</span> <span class="kn">import</span> <span class="n">Callable</span>
|
||||
|
||||
<span class="kn">import</span> <span class="nn">mailparser</span>
|
||||
<span class="kn">from</span> <span class="nn">expiringdict</span> <span class="kn">import</span> <span class="n">ExpiringDict</span>
|
||||
<span class="kn">import</span> <span class="nn">xmltodict</span>
|
||||
<span class="kn">from</span> <span class="nn">expiringdict</span> <span class="kn">import</span> <span class="n">ExpiringDict</span>
|
||||
<span class="kn">from</span> <span class="nn">lxml</span> <span class="kn">import</span> <span class="n">etree</span>
|
||||
<span class="kn">from</span> <span class="nn">mailsuite.imap</span> <span class="kn">import</span> <span class="n">IMAPClient</span>
|
||||
<span class="kn">from</span> <span class="nn">mailsuite.smtp</span> <span class="kn">import</span> <span class="n">send_email</span>
|
||||
<span class="kn">from</span> <span class="nn">imapclient.exceptions</span> <span class="kn">import</span> <span class="n">IMAPClientError</span>
|
||||
|
||||
<span class="kn">from</span> <span class="nn">parsedmarc.mail</span> <span class="kn">import</span> <span class="n">MailboxConnection</span>
|
||||
<span class="kn">from</span> <span class="nn">parsedmarc.utils</span> <span class="kn">import</span> <span class="n">get_base_domain</span><span class="p">,</span> <span class="n">get_ip_address_info</span>
|
||||
<span class="kn">from</span> <span class="nn">parsedmarc.utils</span> <span class="kn">import</span> <span class="n">is_outlook_msg</span><span class="p">,</span> <span class="n">convert_outlook_msg</span>
|
||||
<span class="kn">from</span> <span class="nn">parsedmarc.utils</span> <span class="kn">import</span> <span class="n">timestamp_to_human</span><span class="p">,</span> <span class="n">human_timestamp_to_datetime</span>
|
||||
<span class="kn">from</span> <span class="nn">parsedmarc.utils</span> <span class="kn">import</span> <span class="n">parse_email</span>
|
||||
<span class="kn">from</span> <span class="nn">parsedmarc.utils</span> <span class="kn">import</span> <span class="n">timestamp_to_human</span><span class="p">,</span> <span class="n">human_timestamp_to_datetime</span>
|
||||
|
||||
<span class="n">__version__</span> <span class="o">=</span> <span class="s2">"7.1.1"</span>
|
||||
<span class="n">__version__</span> <span class="o">=</span> <span class="s2">"8.0.0"</span>
|
||||
|
||||
<span class="n">logging</span><span class="o">.</span><span class="n">basicConfig</span><span class="p">(</span>
|
||||
<span class="nb">format</span><span class="o">=</span><span class="s1">'</span><span class="si">%(levelname)8s</span><span class="s1">:</span><span class="si">%(filename)s</span><span class="s1">:</span><span class="si">%(lineno)d</span><span class="s1">:'</span>
|
||||
<span class="s1">'</span><span class="si">%(message)s</span><span class="s1">'</span><span class="p">,</span>
|
||||
<span class="n">formatter</span> <span class="o">=</span> <span class="n">logging</span><span class="o">.</span><span class="n">Formatter</span><span class="p">(</span>
|
||||
<span class="n">fmt</span><span class="o">=</span><span class="s1">'</span><span class="si">%(levelname)8s</span><span class="s1">:</span><span class="si">%(filename)s</span><span class="s1">:</span><span class="si">%(lineno)d</span><span class="s1">:</span><span class="si">%(message)s</span><span class="s1">'</span><span class="p">,</span>
|
||||
<span class="n">datefmt</span><span class="o">=</span><span class="s1">'%Y-%m-</span><span class="si">%d</span><span class="s1">:%H:%M:%S'</span><span class="p">)</span>
|
||||
<span class="n">handler</span> <span class="o">=</span> <span class="n">logging</span><span class="o">.</span><span class="n">StreamHandler</span><span class="p">()</span>
|
||||
<span class="n">handler</span><span class="o">.</span><span class="n">setFormatter</span><span class="p">(</span><span class="n">formatter</span><span class="p">)</span>
|
||||
|
||||
<span class="n">logger</span> <span class="o">=</span> <span class="n">logging</span><span class="o">.</span><span class="n">getLogger</span><span class="p">(</span><span class="s2">"parsedmarc"</span><span class="p">)</span>
|
||||
<span class="n">logger</span><span class="o">.</span><span class="n">addHandler</span><span class="p">(</span><span class="n">handler</span><span class="p">)</span>
|
||||
<span class="n">logger</span><span class="o">.</span><span class="n">debug</span><span class="p">(</span><span class="s2">"parsedmarc v</span><span class="si">{0}</span><span class="s2">"</span><span class="o">.</span><span class="n">format</span><span class="p">(</span><span class="n">__version__</span><span class="p">))</span>
|
||||
|
||||
<span class="n">feedback_report_regex</span> <span class="o">=</span> <span class="n">re</span><span class="o">.</span><span class="n">compile</span><span class="p">(</span><span class="sa">r</span><span class="s2">"^([\w\-]+): (.+)$"</span><span class="p">,</span> <span class="n">re</span><span class="o">.</span><span class="n">MULTILINE</span><span class="p">)</span>
|
||||
@@ -273,7 +273,7 @@
|
||||
|
||||
<div class="viewcode-block" id="parse_aggregate_report_xml"><a class="viewcode-back" href="../index.html#parsedmarc.parse_aggregate_report_xml">[docs]</a><span class="k">def</span> <span class="nf">parse_aggregate_report_xml</span><span class="p">(</span><span class="n">xml</span><span class="p">,</span> <span class="n">ip_db_path</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span> <span class="n">offline</span><span class="o">=</span><span class="kc">False</span><span class="p">,</span>
|
||||
<span class="n">nameservers</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span> <span class="n">timeout</span><span class="o">=</span><span class="mf">2.0</span><span class="p">,</span>
|
||||
<span class="n">parallel</span><span class="o">=</span><span class="kc">False</span><span class="p">,</span> <span class="n">server</span><span class="o">=</span><span class="kc">None</span><span class="p">):</span>
|
||||
<span class="n">parallel</span><span class="o">=</span><span class="kc">False</span><span class="p">,</span> <span class="n">keep_alive</span><span class="o">=</span><span class="kc">None</span><span class="p">):</span>
|
||||
<span class="sd">"""Parses a DMARC XML report string and returns a consistent OrderedDict</span>
|
||||
|
||||
<span class="sd"> Args:</span>
|
||||
@@ -284,7 +284,7 @@
|
||||
<span class="sd"> (Cloudflare's public DNS resolvers by default)</span>
|
||||
<span class="sd"> timeout (float): Sets the DNS timeout in seconds</span>
|
||||
<span class="sd"> parallel (bool): Parallel processing</span>
|
||||
<span class="sd"> server (IMAPClient): Connection object</span>
|
||||
<span class="sd"> keep_alive (callable): Keep alive function</span>
|
||||
|
||||
<span class="sd"> Returns:</span>
|
||||
<span class="sd"> OrderedDict: The parsed aggregate DMARC report</span>
|
||||
@@ -378,9 +378,9 @@
|
||||
|
||||
<span class="k">if</span> <span class="nb">type</span><span class="p">(</span><span class="n">report</span><span class="p">[</span><span class="s2">"record"</span><span class="p">])</span> <span class="o">==</span> <span class="nb">list</span><span class="p">:</span>
|
||||
<span class="k">for</span> <span class="n">i</span> <span class="ow">in</span> <span class="nb">range</span><span class="p">(</span><span class="nb">len</span><span class="p">(</span><span class="n">report</span><span class="p">[</span><span class="s2">"record"</span><span class="p">])):</span>
|
||||
<span class="k">if</span> <span class="n">server</span> <span class="ow">is</span> <span class="ow">not</span> <span class="kc">None</span> <span class="ow">and</span> <span class="n">i</span> <span class="o">></span> <span class="mi">0</span> <span class="ow">and</span> <span class="n">i</span> <span class="o">%</span> <span class="mi">20</span> <span class="o">==</span> <span class="mi">0</span><span class="p">:</span>
|
||||
<span class="n">logger</span><span class="o">.</span><span class="n">debug</span><span class="p">(</span><span class="s2">"Sending noop cmd"</span><span class="p">)</span>
|
||||
<span class="n">server</span><span class="o">.</span><span class="n">noop</span><span class="p">()</span>
|
||||
<span class="k">if</span> <span class="n">keep_alive</span> <span class="ow">is</span> <span class="ow">not</span> <span class="kc">None</span> <span class="ow">and</span> <span class="n">i</span> <span class="o">></span> <span class="mi">0</span> <span class="ow">and</span> <span class="n">i</span> <span class="o">%</span> <span class="mi">20</span> <span class="o">==</span> <span class="mi">0</span><span class="p">:</span>
|
||||
<span class="n">logger</span><span class="o">.</span><span class="n">debug</span><span class="p">(</span><span class="s2">"Sending keepalive cmd"</span><span class="p">)</span>
|
||||
<span class="n">keep_alive</span><span class="p">()</span>
|
||||
<span class="n">logger</span><span class="o">.</span><span class="n">debug</span><span class="p">(</span><span class="s2">"Processed </span><span class="si">{0}</span><span class="s2">/</span><span class="si">{1}</span><span class="s2">"</span><span class="o">.</span><span class="n">format</span><span class="p">(</span>
|
||||
<span class="n">i</span><span class="p">,</span> <span class="nb">len</span><span class="p">(</span><span class="n">report</span><span class="p">[</span><span class="s2">"record"</span><span class="p">])))</span>
|
||||
<span class="n">report_record</span> <span class="o">=</span> <span class="n">_parse_report_record</span><span class="p">(</span><span class="n">report</span><span class="p">[</span><span class="s2">"record"</span><span class="p">][</span><span class="n">i</span><span class="p">],</span>
|
||||
@@ -467,7 +467,7 @@
|
||||
<span class="n">nameservers</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span>
|
||||
<span class="n">dns_timeout</span><span class="o">=</span><span class="mf">2.0</span><span class="p">,</span>
|
||||
<span class="n">parallel</span><span class="o">=</span><span class="kc">False</span><span class="p">,</span>
|
||||
<span class="n">server</span><span class="o">=</span><span class="kc">None</span><span class="p">):</span>
|
||||
<span class="n">keep_alive</span><span class="o">=</span><span class="kc">None</span><span class="p">):</span>
|
||||
<span class="sd">"""Parses a file at the given path, a file-like object. or bytes as a</span>
|
||||
<span class="sd"> aggregate DMARC report</span>
|
||||
|
||||
@@ -479,7 +479,7 @@
|
||||
<span class="sd"> (Cloudflare's public DNS resolvers by default)</span>
|
||||
<span class="sd"> dns_timeout (float): Sets the DNS timeout in seconds</span>
|
||||
<span class="sd"> parallel (bool): Parallel processing</span>
|
||||
<span class="sd"> server (IMAPClient): Connection object</span>
|
||||
<span class="sd"> keep_alive (callable): Keep alive function</span>
|
||||
|
||||
<span class="sd"> Returns:</span>
|
||||
<span class="sd"> OrderedDict: The parsed DMARC aggregate report</span>
|
||||
@@ -492,7 +492,7 @@
|
||||
<span class="n">nameservers</span><span class="o">=</span><span class="n">nameservers</span><span class="p">,</span>
|
||||
<span class="n">timeout</span><span class="o">=</span><span class="n">dns_timeout</span><span class="p">,</span>
|
||||
<span class="n">parallel</span><span class="o">=</span><span class="n">parallel</span><span class="p">,</span>
|
||||
<span class="n">server</span><span class="o">=</span><span class="n">server</span><span class="p">)</span></div>
|
||||
<span class="n">keep_alive</span><span class="o">=</span><span class="n">keep_alive</span><span class="p">)</span></div>
|
||||
|
||||
|
||||
<div class="viewcode-block" id="parsed_aggregate_reports_to_csv_rows"><a class="viewcode-back" href="../index.html#parsedmarc.parsed_aggregate_reports_to_csv_rows">[docs]</a><span class="k">def</span> <span class="nf">parsed_aggregate_reports_to_csv_rows</span><span class="p">(</span><span class="n">reports</span><span class="p">):</span>
|
||||
@@ -828,7 +828,7 @@
|
||||
<div class="viewcode-block" id="parse_report_email"><a class="viewcode-back" href="../index.html#parsedmarc.parse_report_email">[docs]</a><span class="k">def</span> <span class="nf">parse_report_email</span><span class="p">(</span><span class="n">input_</span><span class="p">,</span> <span class="n">offline</span><span class="o">=</span><span class="kc">False</span><span class="p">,</span> <span class="n">ip_db_path</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span>
|
||||
<span class="n">nameservers</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span> <span class="n">dns_timeout</span><span class="o">=</span><span class="mf">2.0</span><span class="p">,</span>
|
||||
<span class="n">strip_attachment_payloads</span><span class="o">=</span><span class="kc">False</span><span class="p">,</span>
|
||||
<span class="n">parallel</span><span class="o">=</span><span class="kc">False</span><span class="p">,</span> <span class="n">server</span><span class="o">=</span><span class="kc">None</span><span class="p">):</span>
|
||||
<span class="n">parallel</span><span class="o">=</span><span class="kc">False</span><span class="p">,</span> <span class="n">keep_alive</span><span class="o">=</span><span class="kc">None</span><span class="p">):</span>
|
||||
<span class="sd">"""</span>
|
||||
<span class="sd"> Parses a DMARC report from an email</span>
|
||||
|
||||
@@ -841,7 +841,7 @@
|
||||
<span class="sd"> strip_attachment_payloads (bool): Remove attachment payloads from</span>
|
||||
<span class="sd"> forensic report results</span>
|
||||
<span class="sd"> parallel (bool): Parallel processing</span>
|
||||
<span class="sd"> server (IMAPClient): Connection object</span>
|
||||
<span class="sd"> keep_alive (callable): keep alive function</span>
|
||||
|
||||
<span class="sd"> Returns:</span>
|
||||
<span class="sd"> OrderedDict:</span>
|
||||
@@ -909,7 +909,7 @@
|
||||
<span class="n">nameservers</span><span class="o">=</span><span class="n">ns</span><span class="p">,</span>
|
||||
<span class="n">dns_timeout</span><span class="o">=</span><span class="n">dns_timeout</span><span class="p">,</span>
|
||||
<span class="n">parallel</span><span class="o">=</span><span class="n">parallel</span><span class="p">,</span>
|
||||
<span class="n">server</span><span class="o">=</span><span class="n">server</span><span class="p">)</span>
|
||||
<span class="n">keep_alive</span><span class="o">=</span><span class="n">keep_alive</span><span class="p">)</span>
|
||||
<span class="n">result</span> <span class="o">=</span> <span class="n">OrderedDict</span><span class="p">([(</span><span class="s2">"report_type"</span><span class="p">,</span> <span class="s2">"aggregate"</span><span class="p">),</span>
|
||||
<span class="p">(</span><span class="s2">"report"</span><span class="p">,</span> <span class="n">aggregate_report</span><span class="p">)])</span>
|
||||
<span class="k">return</span> <span class="n">result</span>
|
||||
@@ -959,7 +959,7 @@
|
||||
|
||||
<div class="viewcode-block" id="parse_report_file"><a class="viewcode-back" href="../index.html#parsedmarc.parse_report_file">[docs]</a><span class="k">def</span> <span class="nf">parse_report_file</span><span class="p">(</span><span class="n">input_</span><span class="p">,</span> <span class="n">nameservers</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span> <span class="n">dns_timeout</span><span class="o">=</span><span class="mf">2.0</span><span class="p">,</span>
|
||||
<span class="n">strip_attachment_payloads</span><span class="o">=</span><span class="kc">False</span><span class="p">,</span> <span class="n">ip_db_path</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span>
|
||||
<span class="n">offline</span><span class="o">=</span><span class="kc">False</span><span class="p">,</span> <span class="n">parallel</span><span class="o">=</span><span class="kc">False</span><span class="p">,</span> <span class="n">server</span><span class="o">=</span><span class="kc">None</span><span class="p">):</span>
|
||||
<span class="n">offline</span><span class="o">=</span><span class="kc">False</span><span class="p">,</span> <span class="n">parallel</span><span class="o">=</span><span class="kc">False</span><span class="p">,</span> <span class="n">keep_alive</span><span class="o">=</span><span class="kc">None</span><span class="p">):</span>
|
||||
<span class="sd">"""Parses a DMARC aggregate or forensic file at the given path, a</span>
|
||||
<span class="sd"> file-like object. or bytes</span>
|
||||
|
||||
@@ -973,7 +973,7 @@
|
||||
<span class="sd"> ip_db_path (str): Path to a MMDB file from MaxMind or DBIP</span>
|
||||
<span class="sd"> offline (bool): Do not make online queries for geolocation or DNS</span>
|
||||
<span class="sd"> parallel (bool): Parallel processing</span>
|
||||
<span class="sd"> server (IMAPClient): Connection object</span>
|
||||
<span class="sd"> keep_alive (callable): Keep alive function</span>
|
||||
|
||||
<span class="sd"> Returns:</span>
|
||||
<span class="sd"> OrderedDict: The parsed DMARC report</span>
|
||||
@@ -995,7 +995,7 @@
|
||||
<span class="n">nameservers</span><span class="o">=</span><span class="n">nameservers</span><span class="p">,</span>
|
||||
<span class="n">dns_timeout</span><span class="o">=</span><span class="n">dns_timeout</span><span class="p">,</span>
|
||||
<span class="n">parallel</span><span class="o">=</span><span class="n">parallel</span><span class="p">,</span>
|
||||
<span class="n">server</span><span class="o">=</span><span class="n">server</span><span class="p">)</span>
|
||||
<span class="n">keep_alive</span><span class="o">=</span><span class="n">keep_alive</span><span class="p">)</span>
|
||||
<span class="n">results</span> <span class="o">=</span> <span class="n">OrderedDict</span><span class="p">([(</span><span class="s2">"report_type"</span><span class="p">,</span> <span class="s2">"aggregate"</span><span class="p">),</span>
|
||||
<span class="p">(</span><span class="s2">"report"</span><span class="p">,</span> <span class="n">report</span><span class="p">)])</span>
|
||||
<span class="k">except</span> <span class="n">InvalidAggregateReport</span><span class="p">:</span>
|
||||
@@ -1008,7 +1008,7 @@
|
||||
<span class="n">dns_timeout</span><span class="o">=</span><span class="n">dns_timeout</span><span class="p">,</span>
|
||||
<span class="n">strip_attachment_payloads</span><span class="o">=</span><span class="n">sa</span><span class="p">,</span>
|
||||
<span class="n">parallel</span><span class="o">=</span><span class="n">parallel</span><span class="p">,</span>
|
||||
<span class="n">server</span><span class="o">=</span><span class="n">server</span><span class="p">)</span>
|
||||
<span class="n">keep_alive</span><span class="o">=</span><span class="n">keep_alive</span><span class="p">)</span>
|
||||
<span class="k">except</span> <span class="n">InvalidDMARCReport</span><span class="p">:</span>
|
||||
<span class="k">raise</span> <span class="n">InvalidDMARCReport</span><span class="p">(</span><span class="s2">"Not a valid aggregate or forensic "</span>
|
||||
<span class="s2">"report"</span><span class="p">)</span>
|
||||
@@ -1073,71 +1073,38 @@
|
||||
<span class="p">(</span><span class="s2">"forensic_reports"</span><span class="p">,</span> <span class="n">forensic_reports</span><span class="p">)])</span></div>
|
||||
|
||||
|
||||
<div class="viewcode-block" id="get_imap_capabilities"><a class="viewcode-back" href="../index.html#parsedmarc.get_imap_capabilities">[docs]</a><span class="k">def</span> <span class="nf">get_imap_capabilities</span><span class="p">(</span><span class="n">server</span><span class="p">):</span>
|
||||
<div class="viewcode-block" id="get_dmarc_reports_from_mailbox"><a class="viewcode-back" href="../index.html#parsedmarc.get_dmarc_reports_from_mailbox">[docs]</a><span class="k">def</span> <span class="nf">get_dmarc_reports_from_mailbox</span><span class="p">(</span><span class="n">connection</span><span class="p">:</span> <span class="n">MailboxConnection</span><span class="p">,</span>
|
||||
<span class="n">reports_folder</span><span class="o">=</span><span class="s2">"INBOX"</span><span class="p">,</span>
|
||||
<span class="n">archive_folder</span><span class="o">=</span><span class="s2">"Archive"</span><span class="p">,</span>
|
||||
<span class="n">delete</span><span class="o">=</span><span class="kc">False</span><span class="p">,</span>
|
||||
<span class="n">test</span><span class="o">=</span><span class="kc">False</span><span class="p">,</span>
|
||||
<span class="n">ip_db_path</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span>
|
||||
<span class="n">offline</span><span class="o">=</span><span class="kc">False</span><span class="p">,</span>
|
||||
<span class="n">nameservers</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span>
|
||||
<span class="n">dns_timeout</span><span class="o">=</span><span class="mf">6.0</span><span class="p">,</span>
|
||||
<span class="n">strip_attachment_payloads</span><span class="o">=</span><span class="kc">False</span><span class="p">,</span>
|
||||
<span class="n">results</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span>
|
||||
<span class="n">batch_size</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span>
|
||||
<span class="n">create_folders</span><span class="o">=</span><span class="kc">True</span><span class="p">):</span>
|
||||
<span class="sd">"""</span>
|
||||
<span class="sd"> Returns a list of an IMAP server's capabilities</span>
|
||||
<span class="sd"> Fetches and parses DMARC reports from a mailbox</span>
|
||||
|
||||
<span class="sd"> Args:</span>
|
||||
<span class="sd"> server (imapclient.IMAPClient): An instance of imapclient.IMAPClient</span>
|
||||
|
||||
<span class="sd"> Returns (list): A list of capabilities</span>
|
||||
<span class="sd"> """</span>
|
||||
|
||||
<span class="n">capabilities</span> <span class="o">=</span> <span class="nb">list</span><span class="p">(</span><span class="nb">map</span><span class="p">(</span><span class="nb">str</span><span class="p">,</span> <span class="nb">list</span><span class="p">(</span><span class="n">server</span><span class="o">.</span><span class="n">capabilities</span><span class="p">())))</span>
|
||||
<span class="k">for</span> <span class="n">i</span> <span class="ow">in</span> <span class="nb">range</span><span class="p">(</span><span class="nb">len</span><span class="p">(</span><span class="n">capabilities</span><span class="p">)):</span>
|
||||
<span class="n">capabilities</span><span class="p">[</span><span class="n">i</span><span class="p">]</span> <span class="o">=</span> <span class="nb">str</span><span class="p">(</span><span class="n">capabilities</span><span class="p">[</span><span class="n">i</span><span class="p">])</span><span class="o">.</span><span class="n">replace</span><span class="p">(</span><span class="s2">"b'"</span><span class="p">,</span>
|
||||
<span class="s2">""</span><span class="p">)</span><span class="o">.</span><span class="n">replace</span><span class="p">(</span><span class="s2">"'"</span><span class="p">,</span>
|
||||
<span class="s2">""</span><span class="p">)</span>
|
||||
<span class="n">logger</span><span class="o">.</span><span class="n">debug</span><span class="p">(</span><span class="s2">"IMAP server supports: </span><span class="si">{0}</span><span class="s2">"</span><span class="o">.</span><span class="n">format</span><span class="p">(</span><span class="n">capabilities</span><span class="p">))</span>
|
||||
|
||||
<span class="k">return</span> <span class="n">capabilities</span></div>
|
||||
|
||||
|
||||
<div class="viewcode-block" id="get_dmarc_reports_from_inbox"><a class="viewcode-back" href="../index.html#parsedmarc.get_dmarc_reports_from_inbox">[docs]</a><span class="k">def</span> <span class="nf">get_dmarc_reports_from_inbox</span><span class="p">(</span><span class="n">connection</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span>
|
||||
<span class="n">host</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span>
|
||||
<span class="n">user</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span>
|
||||
<span class="n">password</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span>
|
||||
<span class="n">port</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span>
|
||||
<span class="n">ssl</span><span class="o">=</span><span class="kc">True</span><span class="p">,</span>
|
||||
<span class="n">verify</span><span class="o">=</span><span class="kc">True</span><span class="p">,</span>
|
||||
<span class="n">timeout</span><span class="o">=</span><span class="mi">30</span><span class="p">,</span>
|
||||
<span class="n">max_retries</span><span class="o">=</span><span class="mi">4</span><span class="p">,</span>
|
||||
<span class="n">reports_folder</span><span class="o">=</span><span class="s2">"INBOX"</span><span class="p">,</span>
|
||||
<span class="n">archive_folder</span><span class="o">=</span><span class="s2">"Archive"</span><span class="p">,</span>
|
||||
<span class="n">delete</span><span class="o">=</span><span class="kc">False</span><span class="p">,</span>
|
||||
<span class="n">test</span><span class="o">=</span><span class="kc">False</span><span class="p">,</span>
|
||||
<span class="n">ip_db_path</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span>
|
||||
<span class="n">offline</span><span class="o">=</span><span class="kc">False</span><span class="p">,</span>
|
||||
<span class="n">nameservers</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span>
|
||||
<span class="n">dns_timeout</span><span class="o">=</span><span class="mf">6.0</span><span class="p">,</span>
|
||||
<span class="n">strip_attachment_payloads</span><span class="o">=</span><span class="kc">False</span><span class="p">,</span>
|
||||
<span class="n">results</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span>
|
||||
<span class="n">batch_size</span><span class="o">=</span><span class="kc">None</span><span class="p">):</span>
|
||||
<span class="sd">"""</span>
|
||||
<span class="sd"> Fetches and parses DMARC reports from an inbox</span>
|
||||
|
||||
<span class="sd"> Args:</span>
|
||||
<span class="sd"> connection: An IMAPClient connection to reuse</span>
|
||||
<span class="sd"> host: The mail server hostname or IP address</span>
|
||||
<span class="sd"> user: The mail server user</span>
|
||||
<span class="sd"> password: The mail server password</span>
|
||||
<span class="sd"> port: The mail server port</span>
|
||||
<span class="sd"> ssl (bool): Use SSL/TLS</span>
|
||||
<span class="sd"> verify (bool): Verify SSL/TLS certificate</span>
|
||||
<span class="sd"> timeout (float): IMAP timeout in seconds</span>
|
||||
<span class="sd"> max_retries (int): The maximum number of retries after a timeout</span>
|
||||
<span class="sd"> reports_folder: The IMAP folder where reports can be found</span>
|
||||
<span class="sd"> connection: A Mailbox connection object</span>
|
||||
<span class="sd"> reports_folder: The folder where reports can be found</span>
|
||||
<span class="sd"> archive_folder: The folder to move processed mail to</span>
|
||||
<span class="sd"> delete (bool): Delete messages after processing them</span>
|
||||
<span class="sd"> test (bool): Do not move or delete messages after processing them</span>
|
||||
<span class="sd"> ip_db_path (str): Path to a MMDB file from MaxMind or DBIP</span>
|
||||
<span class="sd"> offline (bool): Do not query onfline for geolocation or DNS</span>
|
||||
<span class="sd"> offline (bool): Do not query online for geolocation or DNS</span>
|
||||
<span class="sd"> nameservers (list): A list of DNS nameservers to query</span>
|
||||
<span class="sd"> dns_timeout (float): Set the DNS query timeout</span>
|
||||
<span class="sd"> strip_attachment_payloads (bool): Remove attachment payloads from</span>
|
||||
<span class="sd"> forensic report results</span>
|
||||
<span class="sd"> forensic report results</span>
|
||||
<span class="sd"> results (dict): Results from the previous run</span>
|
||||
<span class="sd"> batch_size (int): Number of messages to read and process before saving</span>
|
||||
<span class="sd"> create_folders (bool): Whether to create the destination folders</span>
|
||||
<span class="sd"> (not used in watch)</span>
|
||||
|
||||
<span class="sd"> Returns:</span>
|
||||
<span class="sd"> OrderedDict: Lists of ``aggregate_reports`` and ``forensic_reports``</span>
|
||||
@@ -1145,9 +1112,8 @@
|
||||
<span class="k">if</span> <span class="n">delete</span> <span class="ow">and</span> <span class="n">test</span><span class="p">:</span>
|
||||
<span class="k">raise</span> <span class="ne">ValueError</span><span class="p">(</span><span class="s2">"delete and test options are mutually exclusive"</span><span class="p">)</span>
|
||||
|
||||
<span class="k">if</span> <span class="n">connection</span> <span class="ow">is</span> <span class="kc">None</span> <span class="ow">and</span> <span class="p">(</span><span class="n">user</span> <span class="ow">is</span> <span class="kc">None</span> <span class="ow">or</span> <span class="n">password</span> <span class="ow">is</span> <span class="kc">None</span><span class="p">):</span>
|
||||
<span class="k">raise</span> <span class="ne">ValueError</span><span class="p">(</span><span class="s2">"Must supply a connection, or a username and "</span>
|
||||
<span class="s2">"password"</span><span class="p">)</span>
|
||||
<span class="k">if</span> <span class="n">connection</span> <span class="ow">is</span> <span class="kc">None</span><span class="p">:</span>
|
||||
<span class="k">raise</span> <span class="ne">ValueError</span><span class="p">(</span><span class="s2">"Must supply a connection"</span><span class="p">)</span>
|
||||
|
||||
<span class="n">aggregate_reports</span> <span class="o">=</span> <span class="p">[]</span>
|
||||
<span class="n">forensic_reports</span> <span class="o">=</span> <span class="p">[]</span>
|
||||
@@ -1161,22 +1127,13 @@
|
||||
<span class="n">aggregate_reports</span> <span class="o">=</span> <span class="n">results</span><span class="p">[</span><span class="s2">"aggregate_reports"</span><span class="p">]</span><span class="o">.</span><span class="n">copy</span><span class="p">()</span>
|
||||
<span class="n">forensic_reports</span> <span class="o">=</span> <span class="n">results</span><span class="p">[</span><span class="s2">"forensic_reports"</span><span class="p">]</span><span class="o">.</span><span class="n">copy</span><span class="p">()</span>
|
||||
|
||||
<span class="k">if</span> <span class="n">connection</span><span class="p">:</span>
|
||||
<span class="n">server</span> <span class="o">=</span> <span class="n">connection</span>
|
||||
<span class="k">else</span><span class="p">:</span>
|
||||
<span class="n">server</span> <span class="o">=</span> <span class="n">IMAPClient</span><span class="p">(</span><span class="n">host</span><span class="p">,</span> <span class="n">user</span><span class="p">,</span> <span class="n">password</span><span class="p">,</span> <span class="n">port</span><span class="o">=</span><span class="n">port</span><span class="p">,</span>
|
||||
<span class="n">ssl</span><span class="o">=</span><span class="n">ssl</span><span class="p">,</span> <span class="n">verify</span><span class="o">=</span><span class="n">verify</span><span class="p">,</span>
|
||||
<span class="n">timeout</span><span class="o">=</span><span class="n">timeout</span><span class="p">,</span>
|
||||
<span class="n">max_retries</span><span class="o">=</span><span class="n">max_retries</span><span class="p">,</span>
|
||||
<span class="n">initial_folder</span><span class="o">=</span><span class="n">reports_folder</span><span class="p">)</span>
|
||||
<span class="k">if</span> <span class="ow">not</span> <span class="n">test</span> <span class="ow">and</span> <span class="n">create_folders</span><span class="p">:</span>
|
||||
<span class="n">connection</span><span class="o">.</span><span class="n">create_folder</span><span class="p">(</span><span class="n">archive_folder</span><span class="p">)</span>
|
||||
<span class="n">connection</span><span class="o">.</span><span class="n">create_folder</span><span class="p">(</span><span class="n">aggregate_reports_folder</span><span class="p">)</span>
|
||||
<span class="n">connection</span><span class="o">.</span><span class="n">create_folder</span><span class="p">(</span><span class="n">forensic_reports_folder</span><span class="p">)</span>
|
||||
<span class="n">connection</span><span class="o">.</span><span class="n">create_folder</span><span class="p">(</span><span class="n">invalid_reports_folder</span><span class="p">)</span>
|
||||
|
||||
<span class="k">if</span> <span class="ow">not</span> <span class="n">test</span><span class="p">:</span>
|
||||
<span class="n">server</span><span class="o">.</span><span class="n">create_folder</span><span class="p">(</span><span class="n">archive_folder</span><span class="p">)</span>
|
||||
<span class="n">server</span><span class="o">.</span><span class="n">create_folder</span><span class="p">(</span><span class="n">aggregate_reports_folder</span><span class="p">)</span>
|
||||
<span class="n">server</span><span class="o">.</span><span class="n">create_folder</span><span class="p">(</span><span class="n">forensic_reports_folder</span><span class="p">)</span>
|
||||
<span class="n">server</span><span class="o">.</span><span class="n">create_folder</span><span class="p">(</span><span class="n">invalid_reports_folder</span><span class="p">)</span>
|
||||
|
||||
<span class="n">messages</span> <span class="o">=</span> <span class="n">server</span><span class="o">.</span><span class="n">search</span><span class="p">()</span>
|
||||
<span class="n">messages</span> <span class="o">=</span> <span class="n">connection</span><span class="o">.</span><span class="n">fetch_messages</span><span class="p">(</span><span class="n">reports_folder</span><span class="p">)</span>
|
||||
<span class="n">total_messages</span> <span class="o">=</span> <span class="nb">len</span><span class="p">(</span><span class="n">messages</span><span class="p">)</span>
|
||||
<span class="n">logger</span><span class="o">.</span><span class="n">debug</span><span class="p">(</span><span class="s2">"Found </span><span class="si">{0}</span><span class="s2"> messages in </span><span class="si">{1}</span><span class="s2">"</span><span class="o">.</span><span class="n">format</span><span class="p">(</span><span class="nb">len</span><span class="p">(</span><span class="n">messages</span><span class="p">),</span>
|
||||
<span class="n">reports_folder</span><span class="p">))</span>
|
||||
@@ -1193,16 +1150,16 @@
|
||||
<span class="n">logger</span><span class="o">.</span><span class="n">debug</span><span class="p">(</span><span class="s2">"Processing message </span><span class="si">{0}</span><span class="s2"> of </span><span class="si">{1}</span><span class="s2">: UID </span><span class="si">{2}</span><span class="s2">"</span><span class="o">.</span><span class="n">format</span><span class="p">(</span>
|
||||
<span class="n">i</span><span class="o">+</span><span class="mi">1</span><span class="p">,</span> <span class="n">message_limit</span><span class="p">,</span> <span class="n">msg_uid</span>
|
||||
<span class="p">))</span>
|
||||
<span class="n">msg_content</span> <span class="o">=</span> <span class="n">server</span><span class="o">.</span><span class="n">fetch_message</span><span class="p">(</span><span class="n">msg_uid</span><span class="p">,</span> <span class="n">parse</span><span class="o">=</span><span class="kc">False</span><span class="p">)</span>
|
||||
<span class="n">sa</span> <span class="o">=</span> <span class="n">strip_attachment_payloads</span>
|
||||
<span class="n">msg_content</span> <span class="o">=</span> <span class="n">connection</span><span class="o">.</span><span class="n">fetch_message</span><span class="p">(</span><span class="n">msg_uid</span><span class="p">)</span>
|
||||
<span class="k">try</span><span class="p">:</span>
|
||||
<span class="n">sa</span> <span class="o">=</span> <span class="n">strip_attachment_payloads</span>
|
||||
<span class="n">parsed_email</span> <span class="o">=</span> <span class="n">parse_report_email</span><span class="p">(</span><span class="n">msg_content</span><span class="p">,</span>
|
||||
<span class="n">nameservers</span><span class="o">=</span><span class="n">nameservers</span><span class="p">,</span>
|
||||
<span class="n">dns_timeout</span><span class="o">=</span><span class="n">dns_timeout</span><span class="p">,</span>
|
||||
<span class="n">ip_db_path</span><span class="o">=</span><span class="n">ip_db_path</span><span class="p">,</span>
|
||||
<span class="n">offline</span><span class="o">=</span><span class="n">offline</span><span class="p">,</span>
|
||||
<span class="n">strip_attachment_payloads</span><span class="o">=</span><span class="n">sa</span><span class="p">,</span>
|
||||
<span class="n">server</span><span class="o">=</span><span class="n">server</span><span class="p">)</span>
|
||||
<span class="n">keep_alive</span><span class="o">=</span><span class="n">connection</span><span class="o">.</span><span class="n">keepalive</span><span class="p">)</span>
|
||||
<span class="k">if</span> <span class="n">parsed_email</span><span class="p">[</span><span class="s2">"report_type"</span><span class="p">]</span> <span class="o">==</span> <span class="s2">"aggregate"</span><span class="p">:</span>
|
||||
<span class="n">aggregate_reports</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="n">parsed_email</span><span class="p">[</span><span class="s2">"report"</span><span class="p">])</span>
|
||||
<span class="n">aggregate_report_msg_uids</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="n">msg_uid</span><span class="p">)</span>
|
||||
@@ -1215,12 +1172,12 @@
|
||||
<span class="k">if</span> <span class="n">delete</span><span class="p">:</span>
|
||||
<span class="n">logger</span><span class="o">.</span><span class="n">debug</span><span class="p">(</span>
|
||||
<span class="s2">"Deleting message UID </span><span class="si">{0}</span><span class="s2">"</span><span class="o">.</span><span class="n">format</span><span class="p">(</span><span class="n">msg_uid</span><span class="p">))</span>
|
||||
<span class="n">server</span><span class="o">.</span><span class="n">delete_messages</span><span class="p">([</span><span class="n">msg_uid</span><span class="p">])</span>
|
||||
<span class="n">connection</span><span class="o">.</span><span class="n">delete_message</span><span class="p">(</span><span class="n">msg_uid</span><span class="p">)</span>
|
||||
<span class="k">else</span><span class="p">:</span>
|
||||
<span class="n">logger</span><span class="o">.</span><span class="n">debug</span><span class="p">(</span>
|
||||
<span class="s2">"Moving message UID </span><span class="si">{0}</span><span class="s2"> to </span><span class="si">{1}</span><span class="s2">"</span><span class="o">.</span><span class="n">format</span><span class="p">(</span>
|
||||
<span class="n">msg_uid</span><span class="p">,</span> <span class="n">invalid_reports_folder</span><span class="p">))</span>
|
||||
<span class="n">server</span><span class="o">.</span><span class="n">move_messages</span><span class="p">([</span><span class="n">msg_uid</span><span class="p">],</span> <span class="n">invalid_reports_folder</span><span class="p">)</span>
|
||||
<span class="n">connection</span><span class="o">.</span><span class="n">move_message</span><span class="p">(</span><span class="n">msg_uid</span><span class="p">,</span> <span class="n">invalid_reports_folder</span><span class="p">)</span>
|
||||
|
||||
<span class="k">if</span> <span class="ow">not</span> <span class="n">test</span><span class="p">:</span>
|
||||
<span class="k">if</span> <span class="n">delete</span><span class="p">:</span>
|
||||
@@ -1234,12 +1191,12 @@
|
||||
<span class="s2">"Deleting message </span><span class="si">{0}</span><span class="s2"> of </span><span class="si">{1}</span><span class="s2">: UID </span><span class="si">{2}</span><span class="s2">"</span><span class="o">.</span><span class="n">format</span><span class="p">(</span>
|
||||
<span class="n">i</span> <span class="o">+</span> <span class="mi">1</span><span class="p">,</span> <span class="n">number_of_processed_msgs</span><span class="p">,</span> <span class="n">msg_uid</span><span class="p">))</span>
|
||||
<span class="k">try</span><span class="p">:</span>
|
||||
<span class="n">server</span><span class="o">.</span><span class="n">delete_messages</span><span class="p">([</span><span class="n">msg_uid</span><span class="p">])</span>
|
||||
<span class="n">connection</span><span class="o">.</span><span class="n">delete_message</span><span class="p">(</span><span class="n">msg_uid</span><span class="p">)</span>
|
||||
|
||||
<span class="k">except</span> <span class="ne">Exception</span> <span class="k">as</span> <span class="n">e</span><span class="p">:</span>
|
||||
<span class="n">message</span> <span class="o">=</span> <span class="s2">"Error deleting message UID"</span>
|
||||
<span class="n">e</span> <span class="o">=</span> <span class="s2">"</span><span class="si">{0}</span><span class="s2"> </span><span class="si">{1}</span><span class="s2">: "</span> <span class="s2">"</span><span class="si">{2}</span><span class="s2">"</span><span class="o">.</span><span class="n">format</span><span class="p">(</span><span class="n">message</span><span class="p">,</span> <span class="n">msg_uid</span><span class="p">,</span> <span class="n">e</span><span class="p">)</span>
|
||||
<span class="n">logger</span><span class="o">.</span><span class="n">error</span><span class="p">(</span><span class="s2">"IMAP error: </span><span class="si">{0}</span><span class="s2">"</span><span class="o">.</span><span class="n">format</span><span class="p">(</span><span class="n">e</span><span class="p">))</span>
|
||||
<span class="n">logger</span><span class="o">.</span><span class="n">error</span><span class="p">(</span><span class="s2">"Mailbox error: </span><span class="si">{0}</span><span class="s2">"</span><span class="o">.</span><span class="n">format</span><span class="p">(</span><span class="n">e</span><span class="p">))</span>
|
||||
<span class="k">else</span><span class="p">:</span>
|
||||
<span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">aggregate_report_msg_uids</span><span class="p">)</span> <span class="o">></span> <span class="mi">0</span><span class="p">:</span>
|
||||
<span class="n">log_message</span> <span class="o">=</span> <span class="s2">"Moving aggregate report messages from"</span>
|
||||
@@ -1254,12 +1211,12 @@
|
||||
<span class="s2">"Moving message </span><span class="si">{0}</span><span class="s2"> of </span><span class="si">{1}</span><span class="s2">: UID </span><span class="si">{2}</span><span class="s2">"</span><span class="o">.</span><span class="n">format</span><span class="p">(</span>
|
||||
<span class="n">i</span><span class="o">+</span><span class="mi">1</span><span class="p">,</span> <span class="n">number_of_agg_report_msgs</span><span class="p">,</span> <span class="n">msg_uid</span><span class="p">))</span>
|
||||
<span class="k">try</span><span class="p">:</span>
|
||||
<span class="n">server</span><span class="o">.</span><span class="n">move_messages</span><span class="p">([</span><span class="n">msg_uid</span><span class="p">],</span>
|
||||
<span class="n">aggregate_reports_folder</span><span class="p">)</span>
|
||||
<span class="n">connection</span><span class="o">.</span><span class="n">move_message</span><span class="p">(</span><span class="n">msg_uid</span><span class="p">,</span>
|
||||
<span class="n">aggregate_reports_folder</span><span class="p">)</span>
|
||||
<span class="k">except</span> <span class="ne">Exception</span> <span class="k">as</span> <span class="n">e</span><span class="p">:</span>
|
||||
<span class="n">message</span> <span class="o">=</span> <span class="s2">"Error moving message UID"</span>
|
||||
<span class="n">e</span> <span class="o">=</span> <span class="s2">"</span><span class="si">{0}</span><span class="s2"> </span><span class="si">{1}</span><span class="s2">: </span><span class="si">{2}</span><span class="s2">"</span><span class="o">.</span><span class="n">format</span><span class="p">(</span><span class="n">message</span><span class="p">,</span> <span class="n">msg_uid</span><span class="p">,</span> <span class="n">e</span><span class="p">)</span>
|
||||
<span class="n">logger</span><span class="o">.</span><span class="n">error</span><span class="p">(</span><span class="s2">"IMAP error: </span><span class="si">{0}</span><span class="s2">"</span><span class="o">.</span><span class="n">format</span><span class="p">(</span><span class="n">e</span><span class="p">))</span>
|
||||
<span class="n">logger</span><span class="o">.</span><span class="n">error</span><span class="p">(</span><span class="s2">"Mailbox error: </span><span class="si">{0}</span><span class="s2">"</span><span class="o">.</span><span class="n">format</span><span class="p">(</span><span class="n">e</span><span class="p">))</span>
|
||||
<span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">forensic_report_msg_uids</span><span class="p">)</span> <span class="o">></span> <span class="mi">0</span><span class="p">:</span>
|
||||
<span class="n">message</span> <span class="o">=</span> <span class="s2">"Moving forensic report messages from"</span>
|
||||
<span class="n">logger</span><span class="o">.</span><span class="n">debug</span><span class="p">(</span>
|
||||
@@ -1274,21 +1231,21 @@
|
||||
<span class="n">message</span><span class="p">,</span>
|
||||
<span class="n">i</span> <span class="o">+</span> <span class="mi">1</span><span class="p">,</span> <span class="n">number_of_forensic_msgs</span><span class="p">,</span> <span class="n">msg_uid</span><span class="p">))</span>
|
||||
<span class="k">try</span><span class="p">:</span>
|
||||
<span class="n">server</span><span class="o">.</span><span class="n">move_messages</span><span class="p">([</span><span class="n">msg_uid</span><span class="p">],</span>
|
||||
<span class="n">forensic_reports_folder</span><span class="p">)</span>
|
||||
<span class="n">connection</span><span class="o">.</span><span class="n">move_message</span><span class="p">(</span><span class="n">msg_uid</span><span class="p">,</span>
|
||||
<span class="n">forensic_reports_folder</span><span class="p">)</span>
|
||||
<span class="k">except</span> <span class="ne">Exception</span> <span class="k">as</span> <span class="n">e</span><span class="p">:</span>
|
||||
<span class="n">e</span> <span class="o">=</span> <span class="s2">"Error moving message UID </span><span class="si">{0}</span><span class="s2">: </span><span class="si">{1}</span><span class="s2">"</span><span class="o">.</span><span class="n">format</span><span class="p">(</span>
|
||||
<span class="n">msg_uid</span><span class="p">,</span> <span class="n">e</span><span class="p">)</span>
|
||||
<span class="n">logger</span><span class="o">.</span><span class="n">error</span><span class="p">(</span><span class="s2">"IMAP error: </span><span class="si">{0}</span><span class="s2">"</span><span class="o">.</span><span class="n">format</span><span class="p">(</span><span class="n">e</span><span class="p">))</span>
|
||||
<span class="n">logger</span><span class="o">.</span><span class="n">error</span><span class="p">(</span><span class="s2">"Mailbox error: </span><span class="si">{0}</span><span class="s2">"</span><span class="o">.</span><span class="n">format</span><span class="p">(</span><span class="n">e</span><span class="p">))</span>
|
||||
<span class="n">results</span> <span class="o">=</span> <span class="n">OrderedDict</span><span class="p">([(</span><span class="s2">"aggregate_reports"</span><span class="p">,</span> <span class="n">aggregate_reports</span><span class="p">),</span>
|
||||
<span class="p">(</span><span class="s2">"forensic_reports"</span><span class="p">,</span> <span class="n">forensic_reports</span><span class="p">)])</span>
|
||||
|
||||
<span class="n">total_messages</span> <span class="o">=</span> <span class="nb">len</span><span class="p">(</span><span class="n">server</span><span class="o">.</span><span class="n">search</span><span class="p">())</span>
|
||||
<span class="n">total_messages</span> <span class="o">=</span> <span class="nb">len</span><span class="p">(</span><span class="n">connection</span><span class="o">.</span><span class="n">fetch_messages</span><span class="p">(</span><span class="n">reports_folder</span><span class="p">))</span>
|
||||
|
||||
<span class="k">if</span> <span class="ow">not</span> <span class="n">test</span> <span class="ow">and</span> <span class="ow">not</span> <span class="n">batch_size</span> <span class="ow">and</span> <span class="n">total_messages</span> <span class="o">></span> <span class="mi">0</span><span class="p">:</span>
|
||||
<span class="c1"># Process emails that came in during the last run</span>
|
||||
<span class="n">results</span> <span class="o">=</span> <span class="n">get_dmarc_reports_from_inbox</span><span class="p">(</span>
|
||||
<span class="n">connection</span><span class="o">=</span><span class="n">server</span><span class="p">,</span>
|
||||
<span class="n">results</span> <span class="o">=</span> <span class="n">get_dmarc_reports_from_mailbox</span><span class="p">(</span>
|
||||
<span class="n">connection</span><span class="o">=</span><span class="n">connection</span><span class="p">,</span>
|
||||
<span class="n">reports_folder</span><span class="o">=</span><span class="n">reports_folder</span><span class="p">,</span>
|
||||
<span class="n">archive_folder</span><span class="o">=</span><span class="n">archive_folder</span><span class="p">,</span>
|
||||
<span class="n">delete</span><span class="o">=</span><span class="n">delete</span><span class="p">,</span>
|
||||
@@ -1304,29 +1261,26 @@
|
||||
<span class="k">return</span> <span class="n">results</span></div>
|
||||
|
||||
|
||||
<div class="viewcode-block" id="watch_inbox"><a class="viewcode-back" href="../index.html#parsedmarc.watch_inbox">[docs]</a><span class="k">def</span> <span class="nf">watch_inbox</span><span class="p">(</span><span class="n">host</span><span class="p">,</span> <span class="n">username</span><span class="p">,</span> <span class="n">password</span><span class="p">,</span> <span class="n">callback</span><span class="p">,</span> <span class="n">port</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span> <span class="n">ssl</span><span class="o">=</span><span class="kc">True</span><span class="p">,</span>
|
||||
<span class="n">verify</span><span class="o">=</span><span class="kc">True</span><span class="p">,</span> <span class="n">reports_folder</span><span class="o">=</span><span class="s2">"INBOX"</span><span class="p">,</span>
|
||||
<div class="viewcode-block" id="watch_inbox"><a class="viewcode-back" href="../index.html#parsedmarc.watch_inbox">[docs]</a><span class="k">def</span> <span class="nf">watch_inbox</span><span class="p">(</span><span class="n">mailbox_connection</span><span class="p">:</span> <span class="n">MailboxConnection</span><span class="p">,</span>
|
||||
<span class="n">callback</span><span class="p">:</span> <span class="n">Callable</span><span class="p">,</span>
|
||||
<span class="n">reports_folder</span><span class="o">=</span><span class="s2">"INBOX"</span><span class="p">,</span>
|
||||
<span class="n">archive_folder</span><span class="o">=</span><span class="s2">"Archive"</span><span class="p">,</span> <span class="n">delete</span><span class="o">=</span><span class="kc">False</span><span class="p">,</span> <span class="n">test</span><span class="o">=</span><span class="kc">False</span><span class="p">,</span>
|
||||
<span class="n">idle_timeout</span><span class="o">=</span><span class="mi">30</span><span class="p">,</span> <span class="n">ip_db_path</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span>
|
||||
<span class="n">check_timeout</span><span class="o">=</span><span class="mi">30</span><span class="p">,</span> <span class="n">ip_db_path</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span>
|
||||
<span class="n">offline</span><span class="o">=</span><span class="kc">False</span><span class="p">,</span> <span class="n">nameservers</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span>
|
||||
<span class="n">dns_timeout</span><span class="o">=</span><span class="mf">6.0</span><span class="p">,</span> <span class="n">strip_attachment_payloads</span><span class="o">=</span><span class="kc">False</span><span class="p">,</span>
|
||||
<span class="n">batch_size</span><span class="o">=</span><span class="kc">None</span><span class="p">):</span>
|
||||
<span class="sd">"""</span>
|
||||
<span class="sd"> Use an IDLE IMAP connection to parse incoming emails, and pass the results</span>
|
||||
<span class="sd"> to a callback function</span>
|
||||
<span class="sd"> Watches the mailbox for new messages and</span>
|
||||
<span class="sd"> sends the results to a callback function</span>
|
||||
<span class="sd"> Args:</span>
|
||||
<span class="sd"> host: The mail server hostname or IP address</span>
|
||||
<span class="sd"> username: The mail server username</span>
|
||||
<span class="sd"> password: The mail server password</span>
|
||||
<span class="sd"> mailbox_connection: The mailbox connection object</span>
|
||||
<span class="sd"> callback: The callback function to receive the parsing results</span>
|
||||
<span class="sd"> port: The mail server port</span>
|
||||
<span class="sd"> ssl (bool): Use SSL/TLS</span>
|
||||
<span class="sd"> verify (bool): Verify the TLS/SSL certificate</span>
|
||||
<span class="sd"> reports_folder: The IMAP folder where reports can be found</span>
|
||||
<span class="sd"> archive_folder: The folder to move processed mail to</span>
|
||||
<span class="sd"> delete (bool): Delete messages after processing them</span>
|
||||
<span class="sd"> test (bool): Do not move or delete messages after processing them</span>
|
||||
<span class="sd"> idle_timeout (int): Number of seconds to wait for a IMAP IDLE response</span>
|
||||
<span class="sd"> check_timeout (int): Number of seconds to wait for a IMAP IDLE response</span>
|
||||
<span class="sd"> or the number of seconds until the next mail check</span>
|
||||
<span class="sd"> ip_db_path (str): Path to a MMDB file from MaxMind or DBIP</span>
|
||||
<span class="sd"> offline (bool): Do not query online for geolocation or DNS</span>
|
||||
<span class="sd"> nameservers (list): A list of one or more nameservers to use</span>
|
||||
@@ -1336,36 +1290,25 @@
|
||||
<span class="sd"> forensic report samples with None</span>
|
||||
<span class="sd"> batch_size (int): Number of messages to read and process before saving</span>
|
||||
<span class="sd"> """</span>
|
||||
<span class="n">sa</span> <span class="o">=</span> <span class="n">strip_attachment_payloads</span>
|
||||
|
||||
<span class="k">def</span> <span class="nf">idle_callback</span><span class="p">(</span><span class="n">connection</span><span class="p">):</span>
|
||||
<span class="n">res</span> <span class="o">=</span> <span class="n">get_dmarc_reports_from_inbox</span><span class="p">(</span><span class="n">connection</span><span class="o">=</span><span class="n">connection</span><span class="p">,</span>
|
||||
<span class="n">reports_folder</span><span class="o">=</span><span class="n">reports_folder</span><span class="p">,</span>
|
||||
<span class="n">archive_folder</span><span class="o">=</span><span class="n">archive_folder</span><span class="p">,</span>
|
||||
<span class="n">delete</span><span class="o">=</span><span class="n">delete</span><span class="p">,</span>
|
||||
<span class="n">test</span><span class="o">=</span><span class="n">test</span><span class="p">,</span>
|
||||
<span class="n">ip_db_path</span><span class="o">=</span><span class="n">ip_db_path</span><span class="p">,</span>
|
||||
<span class="n">offline</span><span class="o">=</span><span class="n">offline</span><span class="p">,</span>
|
||||
<span class="n">nameservers</span><span class="o">=</span><span class="n">nameservers</span><span class="p">,</span>
|
||||
<span class="n">dns_timeout</span><span class="o">=</span><span class="n">dns_timeout</span><span class="p">,</span>
|
||||
<span class="n">strip_attachment_payloads</span><span class="o">=</span><span class="n">sa</span><span class="p">,</span>
|
||||
<span class="n">batch_size</span><span class="o">=</span><span class="n">batch_size</span><span class="p">)</span>
|
||||
<span class="k">def</span> <span class="nf">check_callback</span><span class="p">(</span><span class="n">connection</span><span class="p">):</span>
|
||||
<span class="n">sa</span> <span class="o">=</span> <span class="n">strip_attachment_payloads</span>
|
||||
<span class="n">res</span> <span class="o">=</span> <span class="n">get_dmarc_reports_from_mailbox</span><span class="p">(</span><span class="n">connection</span><span class="o">=</span><span class="n">connection</span><span class="p">,</span>
|
||||
<span class="n">reports_folder</span><span class="o">=</span><span class="n">reports_folder</span><span class="p">,</span>
|
||||
<span class="n">archive_folder</span><span class="o">=</span><span class="n">archive_folder</span><span class="p">,</span>
|
||||
<span class="n">delete</span><span class="o">=</span><span class="n">delete</span><span class="p">,</span>
|
||||
<span class="n">test</span><span class="o">=</span><span class="n">test</span><span class="p">,</span>
|
||||
<span class="n">ip_db_path</span><span class="o">=</span><span class="n">ip_db_path</span><span class="p">,</span>
|
||||
<span class="n">offline</span><span class="o">=</span><span class="n">offline</span><span class="p">,</span>
|
||||
<span class="n">nameservers</span><span class="o">=</span><span class="n">nameservers</span><span class="p">,</span>
|
||||
<span class="n">dns_timeout</span><span class="o">=</span><span class="n">dns_timeout</span><span class="p">,</span>
|
||||
<span class="n">strip_attachment_payloads</span><span class="o">=</span><span class="n">sa</span><span class="p">,</span>
|
||||
<span class="n">batch_size</span><span class="o">=</span><span class="n">batch_size</span><span class="p">,</span>
|
||||
<span class="n">create_folders</span><span class="o">=</span><span class="kc">False</span><span class="p">)</span>
|
||||
<span class="n">callback</span><span class="p">(</span><span class="n">res</span><span class="p">)</span>
|
||||
|
||||
<span class="k">while</span> <span class="kc">True</span><span class="p">:</span>
|
||||
<span class="k">try</span><span class="p">:</span>
|
||||
<span class="n">IMAPClient</span><span class="p">(</span><span class="n">host</span><span class="o">=</span><span class="n">host</span><span class="p">,</span> <span class="n">username</span><span class="o">=</span><span class="n">username</span><span class="p">,</span> <span class="n">password</span><span class="o">=</span><span class="n">password</span><span class="p">,</span>
|
||||
<span class="n">port</span><span class="o">=</span><span class="n">port</span><span class="p">,</span> <span class="n">ssl</span><span class="o">=</span><span class="n">ssl</span><span class="p">,</span> <span class="n">verify</span><span class="o">=</span><span class="n">verify</span><span class="p">,</span>
|
||||
<span class="n">initial_folder</span><span class="o">=</span><span class="n">reports_folder</span><span class="p">,</span>
|
||||
<span class="n">idle_callback</span><span class="o">=</span><span class="n">idle_callback</span><span class="p">,</span>
|
||||
<span class="n">idle_timeout</span><span class="o">=</span><span class="n">idle_timeout</span><span class="p">)</span>
|
||||
<span class="k">except</span> <span class="p">(</span><span class="n">timeout</span><span class="p">,</span> <span class="n">IMAPClientError</span><span class="p">):</span>
|
||||
<span class="n">logger</span><span class="o">.</span><span class="n">warning</span><span class="p">(</span><span class="s2">"IMAP connection timeout. Reconnecting..."</span><span class="p">)</span>
|
||||
<span class="n">sleep</span><span class="p">(</span><span class="mi">5</span><span class="p">)</span>
|
||||
<span class="k">except</span> <span class="ne">Exception</span> <span class="k">as</span> <span class="n">e</span><span class="p">:</span>
|
||||
<span class="n">logger</span><span class="o">.</span><span class="n">warning</span><span class="p">(</span><span class="s2">"IMAP connection error. </span><span class="si">{0}</span><span class="s2">. "</span>
|
||||
<span class="s2">"Reconnecting..."</span><span class="o">.</span><span class="n">format</span><span class="p">(</span><span class="n">e</span><span class="p">))</span>
|
||||
<span class="n">sleep</span><span class="p">(</span><span class="mi">5</span><span class="p">)</span></div>
|
||||
<span class="n">mailbox_connection</span><span class="o">.</span><span class="n">watch</span><span class="p">(</span><span class="n">check_callback</span><span class="o">=</span><span class="n">check_callback</span><span class="p">,</span>
|
||||
<span class="n">check_timeout</span><span class="o">=</span><span class="n">check_timeout</span><span class="p">)</span></div>
|
||||
|
||||
|
||||
<div class="viewcode-block" id="save_output"><a class="viewcode-back" href="../index.html#parsedmarc.save_output">[docs]</a><span class="k">def</span> <span class="nf">save_output</span><span class="p">(</span><span class="n">results</span><span class="p">,</span> <span class="n">output_directory</span><span class="o">=</span><span class="s2">"output"</span><span class="p">,</span>
|
||||
|
||||
+49
-11
@@ -142,7 +142,10 @@ For example
|
||||
host = imap.example.com
|
||||
user = dmarcresports@example.com
|
||||
password = $uperSecure
|
||||
|
||||
[mailbox]
|
||||
watch = True
|
||||
delete = False
|
||||
|
||||
[elasticsearch]
|
||||
hosts = 127.0.0.1:9200
|
||||
@@ -161,6 +164,13 @@ For example
|
||||
server = localhost
|
||||
port = 514
|
||||
|
||||
[gmail_api]
|
||||
credentials_file = /path/to/credentials.json # Get this file from console.google.com. See https://developers.google.com/identity/protocols/oauth2
|
||||
token_file = /path/to/token.json # This file will be generated automatically
|
||||
scopes = https://mail.google.com/
|
||||
include_spam_trash=True
|
||||
|
||||
|
||||
The full set of configuration options are:
|
||||
|
||||
- ``general``
|
||||
@@ -182,8 +192,16 @@ The full set of configuration options are:
|
||||
|
||||
.. note::
|
||||
Setting this to a number larger than one can improve performance when processing thousands of files
|
||||
- ``imap``
|
||||
|
||||
- ``mailbox``
|
||||
- ``reports_folder`` - str: The mailbox folder (or label for Gmail) where the incoming reports can be found (Default: INBOX)
|
||||
- ``archive_folder`` - str: The mailbox folder (or label for Gmail) to sort processed emails into (Default: Archive)
|
||||
- ``watch`` - bool: Use the IMAP ``IDLE`` command to process messages as they arrive or poll MS Graph for new messages
|
||||
- ``delete`` - bool: Delete messages after processing them, instead of archiving them
|
||||
- ``test`` - bool: Do not move or delete messages
|
||||
- ``batch_size`` - int: Number of messages to read and process before saving. Defaults to all messages if not set.
|
||||
|
||||
- ``imap``
|
||||
- ``host`` - str: The IMAP server hostname or IP address
|
||||
- ``port`` - int: The IMAP server port (Default: 993).
|
||||
|
||||
@@ -194,16 +212,17 @@ The full set of configuration options are:
|
||||
- ``skip_certificate_verification`` - bool: Skip certificate verification (not recommended)
|
||||
- ``user`` - str: The IMAP user
|
||||
- ``password`` - str: The IMAP password
|
||||
|
||||
..note::
|
||||
The percent symbol has a special function, so it should be escaped. Use "%%" instead of "%" and it should work fine.
|
||||
|
||||
- ``reports_folder`` - str: The IMAP folder where the incoming reports can be found (Default: INBOX)
|
||||
- ``archive_folder`` - str: The IMAP folder to sort processed emails into (Default: Archive)
|
||||
- ``watch`` - bool: Use the IMAP ``IDLE`` command to process messages as they arrive
|
||||
- ``delete`` - bool: Delete messages after processing them, instead of archiving them
|
||||
- ``test`` - bool: Do not move or delete messages
|
||||
- ``batch_size`` - int: Number of messages to read and process before saving. Defaults to all messages if not set.
|
||||
|
||||
- ``msgraph``
|
||||
- ``user`` - str: The M365 user
|
||||
- ``password`` - str: The user password
|
||||
- ``client_id`` - str: The app registration's client ID
|
||||
- ``client_secret`` - str: The app registration's secret
|
||||
- ``mailbox`` - str: The mailbox name. This defaults to the user that is logged in, but could be a shared mailbox if the user has access to the mailbox
|
||||
|
||||
.. note::
|
||||
You must create an app registration in Azure AD and have an admin grant the Microsoft Graph `Mail.ReadWrite` (delegated) permission to the app.
|
||||
|
||||
- ``elasticsearch``
|
||||
- ``hosts`` - str: A comma separated list of hostnames and ports or URLs (e.g. ``127.0.0.1:9200`` or ``https://user:secret@localhost``)
|
||||
|
||||
@@ -244,6 +263,24 @@ The full set of configuration options are:
|
||||
- ``s3``
|
||||
- ``bucket`` - str: The S3 bucket name
|
||||
- ``path`` - int: The path to upload reports to (Default: /)
|
||||
- ``syslog``
|
||||
- ``server`` - str: The Syslog server name or IP address
|
||||
- ``port`` - int: The UDP port to use (Default: 514)
|
||||
- ``gmail_api``
|
||||
- ``gmail_api_credentials_file`` - str: Path to file containing the credentials, None to disable (Default: None)
|
||||
- ``gmail_api_token_file`` - str: Path to save the token file (Default: .token)
|
||||
- ``gmail_api_include_spam_trash`` - bool: Include messages in Spam and Trash when searching reports (Default: False)
|
||||
- ``gmail_api_scopes`` - str: Comma separated list of scopes to use when acquiring credentials (Default: https://www.googleapis.com/auth/gmail.modify)
|
||||
|
||||
.. warning::
|
||||
|
||||
It is **strongly recommended** to **not** use the ``nameservers`` setting.
|
||||
By default, ``parsedmarc`` uses `Cloudflare's public resolvers`_,
|
||||
which are much faster and more reliable than Google, Cisco OpenDNS, or
|
||||
even most local resolvers.
|
||||
|
||||
The ``nameservers`` option should only be used if your network blocks DNS
|
||||
requests to outside resolvers.
|
||||
|
||||
.. warning::
|
||||
|
||||
@@ -268,6 +305,7 @@ The full set of configuration options are:
|
||||
after you have manually moved known samples you want to save to that
|
||||
folder (e.g. malicious samples and non-sensitive legitimate samples).
|
||||
|
||||
|
||||
Sample aggregate report output
|
||||
==============================
|
||||
|
||||
|
||||
+2
-1
@@ -4,7 +4,7 @@
|
||||
*
|
||||
* Sphinx stylesheet -- basic theme.
|
||||
*
|
||||
* :copyright: Copyright 2007-2021 by the Sphinx team, see AUTHORS.
|
||||
* :copyright: Copyright 2007-2022 by the Sphinx team, see AUTHORS.
|
||||
* :license: BSD, see LICENSE for details.
|
||||
*
|
||||
*/
|
||||
@@ -757,6 +757,7 @@ span.pre {
|
||||
-ms-hyphens: none;
|
||||
-webkit-hyphens: none;
|
||||
hyphens: none;
|
||||
white-space: nowrap;
|
||||
}
|
||||
|
||||
div[class*="highlight-"] {
|
||||
|
||||
+56
-21
@@ -4,7 +4,7 @@
|
||||
*
|
||||
* Sphinx JavaScript utilities for all documentation.
|
||||
*
|
||||
* :copyright: Copyright 2007-2021 by the Sphinx team, see AUTHORS.
|
||||
* :copyright: Copyright 2007-2022 by the Sphinx team, see AUTHORS.
|
||||
* :license: BSD, see LICENSE for details.
|
||||
*
|
||||
*/
|
||||
@@ -154,9 +154,7 @@ var Documentation = {
|
||||
this.fixFirefoxAnchorBug();
|
||||
this.highlightSearchWords();
|
||||
this.initIndexTable();
|
||||
if (DOCUMENTATION_OPTIONS.NAVIGATION_WITH_KEYS) {
|
||||
this.initOnKeyListeners();
|
||||
}
|
||||
this.initOnKeyListeners();
|
||||
},
|
||||
|
||||
/**
|
||||
@@ -264,6 +262,16 @@ var Documentation = {
|
||||
hideSearchWords : function() {
|
||||
$('#searchbox .highlight-link').fadeOut(300);
|
||||
$('span.highlighted').removeClass('highlighted');
|
||||
var url = new URL(window.location);
|
||||
url.searchParams.delete('highlight');
|
||||
window.history.replaceState({}, '', url);
|
||||
},
|
||||
|
||||
/**
|
||||
* helper function to focus on search bar
|
||||
*/
|
||||
focusSearchBar : function() {
|
||||
$('input[name=q]').first().focus();
|
||||
},
|
||||
|
||||
/**
|
||||
@@ -288,27 +296,54 @@ var Documentation = {
|
||||
},
|
||||
|
||||
initOnKeyListeners: function() {
|
||||
// only install a listener if it is really needed
|
||||
if (!DOCUMENTATION_OPTIONS.NAVIGATION_WITH_KEYS &&
|
||||
!DOCUMENTATION_OPTIONS.ENABLE_SEARCH_SHORTCUTS)
|
||||
return;
|
||||
|
||||
$(document).keydown(function(event) {
|
||||
var activeElementType = document.activeElement.tagName;
|
||||
// don't navigate when in search box, textarea, dropdown or button
|
||||
if (activeElementType !== 'TEXTAREA' && activeElementType !== 'INPUT' && activeElementType !== 'SELECT'
|
||||
&& activeElementType !== 'BUTTON' && !event.altKey && !event.ctrlKey && !event.metaKey
|
||||
&& !event.shiftKey) {
|
||||
switch (event.keyCode) {
|
||||
case 37: // left
|
||||
var prevHref = $('link[rel="prev"]').prop('href');
|
||||
if (prevHref) {
|
||||
window.location.href = prevHref;
|
||||
return false;
|
||||
}
|
||||
break;
|
||||
case 39: // right
|
||||
var nextHref = $('link[rel="next"]').prop('href');
|
||||
if (nextHref) {
|
||||
window.location.href = nextHref;
|
||||
return false;
|
||||
}
|
||||
break;
|
||||
&& activeElementType !== 'BUTTON') {
|
||||
if (event.altKey || event.ctrlKey || event.metaKey)
|
||||
return;
|
||||
|
||||
if (!event.shiftKey) {
|
||||
switch (event.key) {
|
||||
case 'ArrowLeft':
|
||||
if (!DOCUMENTATION_OPTIONS.NAVIGATION_WITH_KEYS)
|
||||
break;
|
||||
var prevHref = $('link[rel="prev"]').prop('href');
|
||||
if (prevHref) {
|
||||
window.location.href = prevHref;
|
||||
return false;
|
||||
}
|
||||
break;
|
||||
case 'ArrowRight':
|
||||
if (!DOCUMENTATION_OPTIONS.NAVIGATION_WITH_KEYS)
|
||||
break;
|
||||
var nextHref = $('link[rel="next"]').prop('href');
|
||||
if (nextHref) {
|
||||
window.location.href = nextHref;
|
||||
return false;
|
||||
}
|
||||
break;
|
||||
case 'Escape':
|
||||
if (!DOCUMENTATION_OPTIONS.ENABLE_SEARCH_SHORTCUTS)
|
||||
break;
|
||||
Documentation.hideSearchWords();
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
// some keyboard layouts may need Shift to get /
|
||||
switch (event.key) {
|
||||
case '/':
|
||||
if (!DOCUMENTATION_OPTIONS.ENABLE_SEARCH_SHORTCUTS)
|
||||
break;
|
||||
Documentation.focusSearchBar();
|
||||
return false;
|
||||
}
|
||||
}
|
||||
});
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
var DOCUMENTATION_OPTIONS = {
|
||||
URL_ROOT: document.getElementById("documentation_options").getAttribute('data-url_root'),
|
||||
VERSION: '7.1.1',
|
||||
VERSION: '8.0.0',
|
||||
LANGUAGE: 'None',
|
||||
COLLAPSE_INDEX: false,
|
||||
BUILDER: 'html',
|
||||
@@ -8,5 +8,7 @@ var DOCUMENTATION_OPTIONS = {
|
||||
LINK_SUFFIX: '.html',
|
||||
HAS_SOURCE: true,
|
||||
SOURCELINK_SUFFIX: '.txt',
|
||||
NAVIGATION_WITH_KEYS: false
|
||||
NAVIGATION_WITH_KEYS: false,
|
||||
SHOW_SEARCH_SUMMARY: true,
|
||||
ENABLE_SEARCH_SHORTCUTS: true,
|
||||
};
|
||||
@@ -5,7 +5,7 @@
|
||||
* This script contains the language-specific data used by searchtools.js,
|
||||
* namely the list of stopwords, stemmer, scorer and splitter.
|
||||
*
|
||||
* :copyright: Copyright 2007-2021 by the Sphinx team, see AUTHORS.
|
||||
* :copyright: Copyright 2007-2022 by the Sphinx team, see AUTHORS.
|
||||
* :license: BSD, see LICENSE for details.
|
||||
*
|
||||
*/
|
||||
|
||||
@@ -4,7 +4,7 @@
|
||||
*
|
||||
* Sphinx JavaScript utilities for the full-text search.
|
||||
*
|
||||
* :copyright: Copyright 2007-2021 by the Sphinx team, see AUTHORS.
|
||||
* :copyright: Copyright 2007-2022 by the Sphinx team, see AUTHORS.
|
||||
* :license: BSD, see LICENSE for details.
|
||||
*
|
||||
*/
|
||||
@@ -172,10 +172,6 @@ var Search = {
|
||||
}
|
||||
// stem the word
|
||||
var word = stemmer.stemWord(tmp[i].toLowerCase());
|
||||
// prevent stemmer from cutting word smaller than two chars
|
||||
if(word.length < 3 && tmp[i].length >= 3) {
|
||||
word = tmp[i];
|
||||
}
|
||||
var toAppend;
|
||||
// select the correct list
|
||||
if (word[0] == '-') {
|
||||
@@ -276,7 +272,7 @@ var Search = {
|
||||
setTimeout(function() {
|
||||
displayNextItem();
|
||||
}, 5);
|
||||
} else if (DOCUMENTATION_OPTIONS.HAS_SOURCE) {
|
||||
} else if (DOCUMENTATION_OPTIONS.SHOW_SEARCH_SUMMARY) {
|
||||
$.ajax({url: requestUrl,
|
||||
dataType: "text",
|
||||
complete: function(jqxhr, textstatus) {
|
||||
@@ -293,7 +289,7 @@ var Search = {
|
||||
}, 5);
|
||||
}});
|
||||
} else {
|
||||
// no source available, just display title
|
||||
// just display title
|
||||
Search.output.append(listItem);
|
||||
setTimeout(function() {
|
||||
displayNextItem();
|
||||
|
||||
+3
-5
@@ -3,7 +3,7 @@
|
||||
<head>
|
||||
<meta charset="utf-8" />
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
|
||||
<title>Index — parsedmarc 7.1.1 documentation</title>
|
||||
<title>Index — parsedmarc 8.0.0 documentation</title>
|
||||
<link rel="stylesheet" href="_static/pygments.css" type="text/css" />
|
||||
<link rel="stylesheet" href="_static/css/theme.css" type="text/css" />
|
||||
<!--[if lt IE 9]>
|
||||
@@ -27,7 +27,7 @@
|
||||
<a href="index.html" class="icon icon-home"> parsedmarc
|
||||
</a>
|
||||
<div class="version">
|
||||
7.1.1
|
||||
8.0.0
|
||||
</div>
|
||||
<div role="search">
|
||||
<form id="rtd-search-form" class="wy-form" action="search.html" method="get">
|
||||
@@ -134,7 +134,7 @@
|
||||
<td style="width: 33%; vertical-align: top;"><ul>
|
||||
<li><a href="index.html#parsedmarc.utils.get_base_domain">get_base_domain() (in module parsedmarc.utils)</a>
|
||||
</li>
|
||||
<li><a href="index.html#parsedmarc.get_dmarc_reports_from_inbox">get_dmarc_reports_from_inbox() (in module parsedmarc)</a>
|
||||
<li><a href="index.html#parsedmarc.get_dmarc_reports_from_mailbox">get_dmarc_reports_from_mailbox() (in module parsedmarc)</a>
|
||||
</li>
|
||||
<li><a href="index.html#parsedmarc.get_dmarc_reports_from_mbox">get_dmarc_reports_from_mbox() (in module parsedmarc)</a>
|
||||
</li>
|
||||
@@ -142,8 +142,6 @@
|
||||
</li>
|
||||
</ul></td>
|
||||
<td style="width: 33%; vertical-align: top;"><ul>
|
||||
<li><a href="index.html#parsedmarc.get_imap_capabilities">get_imap_capabilities() (in module parsedmarc)</a>
|
||||
</li>
|
||||
<li><a href="index.html#parsedmarc.utils.get_ip_address_country">get_ip_address_country() (in module parsedmarc.utils)</a>
|
||||
</li>
|
||||
<li><a href="index.html#parsedmarc.utils.get_ip_address_info">get_ip_address_info() (in module parsedmarc.utils)</a>
|
||||
|
||||
+112
-86
@@ -4,7 +4,7 @@
|
||||
<meta charset="utf-8" /><meta name="generator" content="Docutils 0.17.1: http://docutils.sourceforge.net/" />
|
||||
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
|
||||
<title>parsedmarc documentation - Open source DMARC report analyzer and visualizer — parsedmarc 7.1.1 documentation</title>
|
||||
<title>parsedmarc documentation - Open source DMARC report analyzer and visualizer — parsedmarc 8.0.0 documentation</title>
|
||||
<link rel="stylesheet" href="_static/pygments.css" type="text/css" />
|
||||
<link rel="stylesheet" href="_static/css/theme.css" type="text/css" />
|
||||
<!--[if lt IE 9]>
|
||||
@@ -28,7 +28,7 @@
|
||||
<a href="#" class="icon icon-home"> parsedmarc
|
||||
</a>
|
||||
<div class="version">
|
||||
7.1.1
|
||||
8.0.0
|
||||
</div>
|
||||
<div role="search">
|
||||
<form id="rtd-search-form" class="wy-form" action="search.html" method="get">
|
||||
@@ -257,7 +257,10 @@ lookalike domain monitoring, check out <a class="reference external" href="https
|
||||
<span class="na">host</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s">imap.example.com</span><span class="w"></span>
|
||||
<span class="na">user</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s">dmarcresports@example.com</span><span class="w"></span>
|
||||
<span class="na">password</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s">$uperSecure</span><span class="w"></span>
|
||||
|
||||
<span class="k">[mailbox]</span><span class="w"></span>
|
||||
<span class="na">watch</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s">True</span><span class="w"></span>
|
||||
<span class="na">delete</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s">False</span><span class="w"></span>
|
||||
|
||||
<span class="k">[elasticsearch]</span><span class="w"></span>
|
||||
<span class="na">hosts</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s">127.0.0.1:9200</span><span class="w"></span>
|
||||
@@ -275,6 +278,12 @@ lookalike domain monitoring, check out <a class="reference external" href="https
|
||||
<span class="k">[syslog]</span><span class="w"></span>
|
||||
<span class="na">server</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s">localhost</span><span class="w"></span>
|
||||
<span class="na">port</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s">514</span><span class="w"></span>
|
||||
|
||||
<span class="k">[gmail_api]</span><span class="w"></span>
|
||||
<span class="na">credentials_file</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s">/path/to/credentials.json # Get this file from console.google.com. See https://developers.google.com/identity/protocols/oauth2</span><span class="w"></span>
|
||||
<span class="na">token_file</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s">/path/to/token.json # This file will be generated automatically</span><span class="w"></span>
|
||||
<span class="na">scopes</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s">https://mail.google.com/</span><span class="w"></span>
|
||||
<span class="na">include_spam_trash</span><span class="o">=</span><span class="s">True</span><span class="w"></span>
|
||||
</pre></div>
|
||||
</div>
|
||||
<p>The full set of configuration options are:</p>
|
||||
@@ -304,9 +313,20 @@ lookalike domain monitoring, check out <a class="reference external" href="https
|
||||
</dd>
|
||||
</dl>
|
||||
</li>
|
||||
<li><p><code class="docutils literal notranslate"><span class="pre">imap</span></code></p>
|
||||
<blockquote>
|
||||
<div><ul class="simple">
|
||||
<li><dl class="simple">
|
||||
<dt><code class="docutils literal notranslate"><span class="pre">mailbox</span></code></dt><dd><ul class="simple">
|
||||
<li><p><code class="docutils literal notranslate"><span class="pre">reports_folder</span></code> - str: The mailbox folder (or label for Gmail) where the incoming reports can be found (Default: INBOX)</p></li>
|
||||
<li><p><code class="docutils literal notranslate"><span class="pre">archive_folder</span></code> - str: The mailbox folder (or label for Gmail) to sort processed emails into (Default: Archive)</p></li>
|
||||
<li><p><code class="docutils literal notranslate"><span class="pre">watch</span></code> - bool: Use the IMAP <code class="docutils literal notranslate"><span class="pre">IDLE</span></code> command to process messages as they arrive or poll MS Graph for new messages</p></li>
|
||||
<li><p><code class="docutils literal notranslate"><span class="pre">delete</span></code> - bool: Delete messages after processing them, instead of archiving them</p></li>
|
||||
<li><p><code class="docutils literal notranslate"><span class="pre">test</span></code> - bool: Do not move or delete messages</p></li>
|
||||
<li><p><code class="docutils literal notranslate"><span class="pre">batch_size</span></code> - int: Number of messages to read and process before saving. Defaults to all messages if not set.</p></li>
|
||||
</ul>
|
||||
</dd>
|
||||
</dl>
|
||||
</li>
|
||||
<li><dl>
|
||||
<dt><code class="docutils literal notranslate"><span class="pre">imap</span></code></dt><dd><ul class="simple">
|
||||
<li><p><code class="docutils literal notranslate"><span class="pre">host</span></code> - str: The IMAP server hostname or IP address</p></li>
|
||||
<li><p><code class="docutils literal notranslate"><span class="pre">port</span></code> - int: The IMAP server port (Default: 993).</p></li>
|
||||
</ul>
|
||||
@@ -320,19 +340,23 @@ lookalike domain monitoring, check out <a class="reference external" href="https
|
||||
<li><p><code class="docutils literal notranslate"><span class="pre">user</span></code> - str: The IMAP user</p></li>
|
||||
<li><p><code class="docutils literal notranslate"><span class="pre">password</span></code> - str: The IMAP password</p></li>
|
||||
</ul>
|
||||
<dl class="simple">
|
||||
<dt>..note::</dt><dd><p>The percent symbol has a special function, so it should be escaped. Use “%%” instead of “%” and it should work fine.</p>
|
||||
</dd>
|
||||
</dl>
|
||||
<ul class="simple">
|
||||
<li><p><code class="docutils literal notranslate"><span class="pre">reports_folder</span></code> - str: The IMAP folder where the incoming reports can be found (Default: INBOX)</p></li>
|
||||
<li><p><code class="docutils literal notranslate"><span class="pre">archive_folder</span></code> - str: The IMAP folder to sort processed emails into (Default: Archive)</p></li>
|
||||
<li><p><code class="docutils literal notranslate"><span class="pre">watch</span></code> - bool: Use the IMAP <code class="docutils literal notranslate"><span class="pre">IDLE</span></code> command to process messages as they arrive</p></li>
|
||||
<li><p><code class="docutils literal notranslate"><span class="pre">delete</span></code> - bool: Delete messages after processing them, instead of archiving them</p></li>
|
||||
<li><p><code class="docutils literal notranslate"><span class="pre">test</span></code> - bool: Do not move or delete messages</p></li>
|
||||
<li><p><code class="docutils literal notranslate"><span class="pre">batch_size</span></code> - int: Number of messages to read and process before saving. Defaults to all messages if not set.</p></li>
|
||||
</li>
|
||||
<li><dl>
|
||||
<dt><code class="docutils literal notranslate"><span class="pre">msgraph</span></code></dt><dd><ul class="simple">
|
||||
<li><p><code class="docutils literal notranslate"><span class="pre">user</span></code> - str: The M365 user</p></li>
|
||||
<li><p><code class="docutils literal notranslate"><span class="pre">password</span></code> - str: The user password</p></li>
|
||||
<li><p><code class="docutils literal notranslate"><span class="pre">client_id</span></code> - str: The app registration’s client ID</p></li>
|
||||
<li><p><code class="docutils literal notranslate"><span class="pre">client_secret</span></code> - str: The app registration’s secret</p></li>
|
||||
<li><p><code class="docutils literal notranslate"><span class="pre">mailbox</span></code> - str: The mailbox name. This defaults to the user that is logged in, but could be a shared mailbox if the user has access to the mailbox</p></li>
|
||||
</ul>
|
||||
</div></blockquote>
|
||||
<div class="admonition note">
|
||||
<p class="admonition-title">Note</p>
|
||||
<p>You must create an app registration in Azure AD and have an admin grant the Microsoft Graph <cite>Mail.ReadWrite</cite> (delegated) permission to the app.</p>
|
||||
</div>
|
||||
</dd>
|
||||
</dl>
|
||||
</li>
|
||||
<li><dl>
|
||||
<dt><code class="docutils literal notranslate"><span class="pre">elasticsearch</span></code></dt><dd><ul class="simple">
|
||||
@@ -401,7 +425,34 @@ lookalike domain monitoring, check out <a class="reference external" href="https
|
||||
</dd>
|
||||
</dl>
|
||||
</li>
|
||||
<li><dl class="simple">
|
||||
<dt><code class="docutils literal notranslate"><span class="pre">syslog</span></code></dt><dd><ul class="simple">
|
||||
<li><p><code class="docutils literal notranslate"><span class="pre">server</span></code> - str: The Syslog server name or IP address</p></li>
|
||||
<li><p><code class="docutils literal notranslate"><span class="pre">port</span></code> - int: The UDP port to use (Default: 514)</p></li>
|
||||
</ul>
|
||||
</dd>
|
||||
</dl>
|
||||
</li>
|
||||
<li><dl class="simple">
|
||||
<dt><code class="docutils literal notranslate"><span class="pre">gmail_api</span></code></dt><dd><ul class="simple">
|
||||
<li><p><code class="docutils literal notranslate"><span class="pre">gmail_api_credentials_file</span></code> - str: Path to file containing the credentials, None to disable (Default: None)</p></li>
|
||||
<li><p><code class="docutils literal notranslate"><span class="pre">gmail_api_token_file</span></code> - str: Path to save the token file (Default: .token)</p></li>
|
||||
<li><p><code class="docutils literal notranslate"><span class="pre">gmail_api_include_spam_trash</span></code> - bool: Include messages in Spam and Trash when searching reports (Default: False)</p></li>
|
||||
<li><p><code class="docutils literal notranslate"><span class="pre">gmail_api_scopes</span></code> - str: Comma separated list of scopes to use when acquiring credentials (Default: <a class="reference external" href="https://www.googleapis.com/auth/gmail.modify">https://www.googleapis.com/auth/gmail.modify</a>)</p></li>
|
||||
</ul>
|
||||
</dd>
|
||||
</dl>
|
||||
</li>
|
||||
</ul>
|
||||
<div class="admonition warning">
|
||||
<p class="admonition-title">Warning</p>
|
||||
<p>It is <strong>strongly recommended</strong> to <strong>not</strong> use the <code class="docutils literal notranslate"><span class="pre">nameservers</span></code> setting.
|
||||
By default, <code class="docutils literal notranslate"><span class="pre">parsedmarc</span></code> uses <a class="reference external" href="https://1.1.1.1/">Cloudflare’s public resolvers</a>,
|
||||
which are much faster and more reliable than Google, Cisco OpenDNS, or
|
||||
even most local resolvers.</p>
|
||||
<p>The <code class="docutils literal notranslate"><span class="pre">nameservers</span></code> option should only be used if your network blocks DNS
|
||||
requests to outside resolvers.</p>
|
||||
</div>
|
||||
<div class="admonition warning">
|
||||
<p class="admonition-title">Warning</p>
|
||||
<p><code class="docutils literal notranslate"><span class="pre">save_aggregate</span></code> and <code class="docutils literal notranslate"><span class="pre">save_forensic</span></code> are separate options because
|
||||
@@ -1708,33 +1759,27 @@ or bytes.</p>
|
||||
</dd></dl>
|
||||
|
||||
<dl class="py function">
|
||||
<dt class="sig sig-object py" id="parsedmarc.get_dmarc_reports_from_inbox">
|
||||
<span class="sig-prename descclassname"><span class="pre">parsedmarc.</span></span><span class="sig-name descname"><span class="pre">get_dmarc_reports_from_inbox</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">connection</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">host</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">user</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">password</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">port</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">ssl</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">True</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">verify</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">True</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">timeout</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">30</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">max_retries</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">4</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">reports_folder</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">'INBOX'</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">archive_folder</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">'Archive'</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">delete</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">test</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">ip_db_path</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">offline</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">nameservers</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">dns_timeout</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">6.0</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">strip_attachment_payloads</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">results</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">batch_size</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/parsedmarc.html#get_dmarc_reports_from_inbox"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#parsedmarc.get_dmarc_reports_from_inbox" title="Permalink to this definition"></a></dt>
|
||||
<dd><p>Fetches and parses DMARC reports from an inbox</p>
|
||||
<dt class="sig sig-object py" id="parsedmarc.get_dmarc_reports_from_mailbox">
|
||||
<span class="sig-prename descclassname"><span class="pre">parsedmarc.</span></span><span class="sig-name descname"><span class="pre">get_dmarc_reports_from_mailbox</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">connection</span></span><span class="p"><span class="pre">:</span></span><span class="w"> </span><span class="n"><span class="pre">parsedmarc.mail.mailbox_connection.MailboxConnection</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">reports_folder</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">'INBOX'</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">archive_folder</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">'Archive'</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">delete</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">test</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">ip_db_path</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">offline</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">nameservers</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">dns_timeout</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">6.0</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">strip_attachment_payloads</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">results</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">batch_size</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">create_folders</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">True</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/parsedmarc.html#get_dmarc_reports_from_mailbox"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#parsedmarc.get_dmarc_reports_from_mailbox" title="Permalink to this definition"></a></dt>
|
||||
<dd><p>Fetches and parses DMARC reports from a mailbox</p>
|
||||
<dl class="field-list simple">
|
||||
<dt class="field-odd">Parameters</dt>
|
||||
<dd class="field-odd"><ul class="simple">
|
||||
<li><p><strong>connection</strong> – An IMAPClient connection to reuse</p></li>
|
||||
<li><p><strong>host</strong> – The mail server hostname or IP address</p></li>
|
||||
<li><p><strong>user</strong> – The mail server user</p></li>
|
||||
<li><p><strong>password</strong> – The mail server password</p></li>
|
||||
<li><p><strong>port</strong> – The mail server port</p></li>
|
||||
<li><p><strong>ssl</strong> (<em>bool</em>) – Use SSL/TLS</p></li>
|
||||
<li><p><strong>verify</strong> (<em>bool</em>) – Verify SSL/TLS certificate</p></li>
|
||||
<li><p><strong>timeout</strong> (<em>float</em>) – IMAP timeout in seconds</p></li>
|
||||
<li><p><strong>max_retries</strong> (<em>int</em>) – The maximum number of retries after a timeout</p></li>
|
||||
<li><p><strong>reports_folder</strong> – The IMAP folder where reports can be found</p></li>
|
||||
<li><p><strong>connection</strong> – A Mailbox connection object</p></li>
|
||||
<li><p><strong>reports_folder</strong> – The folder where reports can be found</p></li>
|
||||
<li><p><strong>archive_folder</strong> – The folder to move processed mail to</p></li>
|
||||
<li><p><strong>delete</strong> (<em>bool</em>) – Delete messages after processing them</p></li>
|
||||
<li><p><strong>test</strong> (<em>bool</em>) – Do not move or delete messages after processing them</p></li>
|
||||
<li><p><strong>ip_db_path</strong> (<em>str</em>) – Path to a MMDB file from MaxMind or DBIP</p></li>
|
||||
<li><p><strong>offline</strong> (<em>bool</em>) – Do not query onfline for geolocation or DNS</p></li>
|
||||
<li><p><strong>offline</strong> (<em>bool</em>) – Do not query online for geolocation or DNS</p></li>
|
||||
<li><p><strong>nameservers</strong> (<em>list</em>) – A list of DNS nameservers to query</p></li>
|
||||
<li><p><strong>dns_timeout</strong> (<em>float</em>) – Set the DNS query timeout</p></li>
|
||||
<li><p><strong>strip_attachment_payloads</strong> (<em>bool</em>) – Remove attachment payloads from</p></li>
|
||||
<li><p><strong>results</strong> (<em>dict</em>) – </p></li>
|
||||
<li><p><strong>results</strong> – Results from the previous run</p></li>
|
||||
<li><p><strong>strip_attachment_payloads</strong> (<em>bool</em>) – Remove attachment payloads from
|
||||
forensic report results</p></li>
|
||||
<li><p><strong>results</strong> (<em>dict</em>) – Results from the previous run</p></li>
|
||||
<li><p><strong>batch_size</strong> (<em>int</em>) – Number of messages to read and process before saving</p></li>
|
||||
<li><p><strong>create_folders</strong> (<em>bool</em>) – Whether to create the destination folders
|
||||
(not used in watch)</p></li>
|
||||
</ul>
|
||||
</dd>
|
||||
<dt class="field-even">Returns</dt>
|
||||
@@ -1774,18 +1819,6 @@ DMARC reports</p>
|
||||
</dl>
|
||||
</dd></dl>
|
||||
|
||||
<dl class="py function">
|
||||
<dt class="sig sig-object py" id="parsedmarc.get_imap_capabilities">
|
||||
<span class="sig-prename descclassname"><span class="pre">parsedmarc.</span></span><span class="sig-name descname"><span class="pre">get_imap_capabilities</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">server</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/parsedmarc.html#get_imap_capabilities"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#parsedmarc.get_imap_capabilities" title="Permalink to this definition"></a></dt>
|
||||
<dd><p>Returns a list of an IMAP server’s capabilities</p>
|
||||
<dl class="field-list simple">
|
||||
<dt class="field-odd">Parameters</dt>
|
||||
<dd class="field-odd"><p><strong>server</strong> (<em>imapclient.IMAPClient</em>) – An instance of imapclient.IMAPClient</p>
|
||||
</dd>
|
||||
</dl>
|
||||
<p>Returns (list): A list of capabilities</p>
|
||||
</dd></dl>
|
||||
|
||||
<dl class="py function">
|
||||
<dt class="sig sig-object py" id="parsedmarc.get_report_zip">
|
||||
<span class="sig-prename descclassname"><span class="pre">parsedmarc.</span></span><span class="sig-name descname"><span class="pre">get_report_zip</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">results</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/parsedmarc.html#get_report_zip"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#parsedmarc.get_report_zip" title="Permalink to this definition"></a></dt>
|
||||
@@ -1805,7 +1838,7 @@ DMARC reports</p>
|
||||
|
||||
<dl class="py function">
|
||||
<dt class="sig sig-object py" id="parsedmarc.parse_aggregate_report_file">
|
||||
<span class="sig-prename descclassname"><span class="pre">parsedmarc.</span></span><span class="sig-name descname"><span class="pre">parse_aggregate_report_file</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">_input</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">offline</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">ip_db_path</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">nameservers</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">dns_timeout</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">2.0</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">parallel</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">server</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/parsedmarc.html#parse_aggregate_report_file"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#parsedmarc.parse_aggregate_report_file" title="Permalink to this definition"></a></dt>
|
||||
<span class="sig-prename descclassname"><span class="pre">parsedmarc.</span></span><span class="sig-name descname"><span class="pre">parse_aggregate_report_file</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">_input</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">offline</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">ip_db_path</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">nameservers</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">dns_timeout</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">2.0</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">parallel</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">keep_alive</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/parsedmarc.html#parse_aggregate_report_file"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#parsedmarc.parse_aggregate_report_file" title="Permalink to this definition"></a></dt>
|
||||
<dd><p>Parses a file at the given path, a file-like object. or bytes as a
|
||||
aggregate DMARC report</p>
|
||||
<dl class="field-list simple">
|
||||
@@ -1818,7 +1851,7 @@ aggregate DMARC report</p>
|
||||
<li><p><strong>default</strong><strong>)</strong> (<em>(</em><em>Cloudflare's public DNS resolvers by</em>) – </p></li>
|
||||
<li><p><strong>dns_timeout</strong> (<em>float</em>) – Sets the DNS timeout in seconds</p></li>
|
||||
<li><p><strong>parallel</strong> (<em>bool</em>) – Parallel processing</p></li>
|
||||
<li><p><strong>server</strong> (<em>IMAPClient</em>) – Connection object</p></li>
|
||||
<li><p><strong>keep_alive</strong> (<em>callable</em>) – Keep alive function</p></li>
|
||||
</ul>
|
||||
</dd>
|
||||
<dt class="field-even">Returns</dt>
|
||||
@@ -1832,7 +1865,7 @@ aggregate DMARC report</p>
|
||||
|
||||
<dl class="py function">
|
||||
<dt class="sig sig-object py" id="parsedmarc.parse_aggregate_report_xml">
|
||||
<span class="sig-prename descclassname"><span class="pre">parsedmarc.</span></span><span class="sig-name descname"><span class="pre">parse_aggregate_report_xml</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">xml</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">ip_db_path</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">offline</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">nameservers</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">timeout</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">2.0</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">parallel</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">server</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/parsedmarc.html#parse_aggregate_report_xml"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#parsedmarc.parse_aggregate_report_xml" title="Permalink to this definition"></a></dt>
|
||||
<span class="sig-prename descclassname"><span class="pre">parsedmarc.</span></span><span class="sig-name descname"><span class="pre">parse_aggregate_report_xml</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">xml</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">ip_db_path</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">offline</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">nameservers</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">timeout</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">2.0</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">parallel</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">keep_alive</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/parsedmarc.html#parse_aggregate_report_xml"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#parsedmarc.parse_aggregate_report_xml" title="Permalink to this definition"></a></dt>
|
||||
<dd><p>Parses a DMARC XML report string and returns a consistent OrderedDict</p>
|
||||
<dl class="field-list simple">
|
||||
<dt class="field-odd">Parameters</dt>
|
||||
@@ -1844,7 +1877,7 @@ aggregate DMARC report</p>
|
||||
<li><p><strong>default</strong><strong>)</strong> (<em>(</em><em>Cloudflare's public DNS resolvers by</em>) – </p></li>
|
||||
<li><p><strong>timeout</strong> (<em>float</em>) – Sets the DNS timeout in seconds</p></li>
|
||||
<li><p><strong>parallel</strong> (<em>bool</em>) – Parallel processing</p></li>
|
||||
<li><p><strong>server</strong> (<em>IMAPClient</em>) – Connection object</p></li>
|
||||
<li><p><strong>keep_alive</strong> (<em>callable</em>) – Keep alive function</p></li>
|
||||
</ul>
|
||||
</dd>
|
||||
<dt class="field-even">Returns</dt>
|
||||
@@ -1887,7 +1920,7 @@ aggregate DMARC report</p>
|
||||
|
||||
<dl class="py function">
|
||||
<dt class="sig sig-object py" id="parsedmarc.parse_report_email">
|
||||
<span class="sig-prename descclassname"><span class="pre">parsedmarc.</span></span><span class="sig-name descname"><span class="pre">parse_report_email</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">input_</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">offline</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">ip_db_path</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">nameservers</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">dns_timeout</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">2.0</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">strip_attachment_payloads</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">parallel</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">server</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/parsedmarc.html#parse_report_email"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#parsedmarc.parse_report_email" title="Permalink to this definition"></a></dt>
|
||||
<span class="sig-prename descclassname"><span class="pre">parsedmarc.</span></span><span class="sig-name descname"><span class="pre">parse_report_email</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">input_</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">offline</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">ip_db_path</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">nameservers</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">dns_timeout</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">2.0</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">strip_attachment_payloads</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">parallel</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">keep_alive</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/parsedmarc.html#parse_report_email"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#parsedmarc.parse_report_email" title="Permalink to this definition"></a></dt>
|
||||
<dd><p>Parses a DMARC report from an email</p>
|
||||
<dl class="field-list simple">
|
||||
<dt class="field-odd">Parameters</dt>
|
||||
@@ -1900,7 +1933,7 @@ aggregate DMARC report</p>
|
||||
<li><p><strong>strip_attachment_payloads</strong> (<em>bool</em>) – Remove attachment payloads from</p></li>
|
||||
<li><p><strong>results</strong> (<em>forensic report</em>) – </p></li>
|
||||
<li><p><strong>parallel</strong> (<em>bool</em>) – Parallel processing</p></li>
|
||||
<li><p><strong>server</strong> (<em>IMAPClient</em>) – Connection object</p></li>
|
||||
<li><p><strong>keep_alive</strong> (<em>callable</em>) – keep alive function</p></li>
|
||||
</ul>
|
||||
</dd>
|
||||
<dt class="field-even">Returns</dt>
|
||||
@@ -1918,7 +1951,7 @@ aggregate DMARC report</p>
|
||||
|
||||
<dl class="py function">
|
||||
<dt class="sig sig-object py" id="parsedmarc.parse_report_file">
|
||||
<span class="sig-prename descclassname"><span class="pre">parsedmarc.</span></span><span class="sig-name descname"><span class="pre">parse_report_file</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">input_</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">nameservers</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">dns_timeout</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">2.0</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">strip_attachment_payloads</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">ip_db_path</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">offline</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">parallel</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">server</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/parsedmarc.html#parse_report_file"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#parsedmarc.parse_report_file" title="Permalink to this definition"></a></dt>
|
||||
<span class="sig-prename descclassname"><span class="pre">parsedmarc.</span></span><span class="sig-name descname"><span class="pre">parse_report_file</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">input_</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">nameservers</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">dns_timeout</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">2.0</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">strip_attachment_payloads</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">ip_db_path</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">offline</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">parallel</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">keep_alive</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/parsedmarc.html#parse_report_file"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#parsedmarc.parse_report_file" title="Permalink to this definition"></a></dt>
|
||||
<dd><p>Parses a DMARC aggregate or forensic file at the given path, a
|
||||
file-like object. or bytes</p>
|
||||
<dl class="field-list simple">
|
||||
@@ -1933,7 +1966,7 @@ file-like object. or bytes</p>
|
||||
<li><p><strong>ip_db_path</strong> (<em>str</em>) – Path to a MMDB file from MaxMind or DBIP</p></li>
|
||||
<li><p><strong>offline</strong> (<em>bool</em>) – Do not make online queries for geolocation or DNS</p></li>
|
||||
<li><p><strong>parallel</strong> (<em>bool</em>) – Parallel processing</p></li>
|
||||
<li><p><strong>server</strong> (<em>IMAPClient</em>) – Connection object</p></li>
|
||||
<li><p><strong>keep_alive</strong> (<em>callable</em>) – Keep alive function</p></li>
|
||||
</ul>
|
||||
</dd>
|
||||
<dt class="field-even">Returns</dt>
|
||||
@@ -2038,40 +2071,33 @@ format</p>
|
||||
|
||||
<dl class="py function">
|
||||
<dt class="sig sig-object py" id="parsedmarc.watch_inbox">
|
||||
<span class="sig-prename descclassname"><span class="pre">parsedmarc.</span></span><span class="sig-name descname"><span class="pre">watch_inbox</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">host</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">username</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">password</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">callback</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">port</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">ssl</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">True</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">verify</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">True</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">reports_folder</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">'INBOX'</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">archive_folder</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">'Archive'</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">delete</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">test</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">idle_timeout</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">30</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">ip_db_path</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">offline</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">nameservers</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">dns_timeout</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">6.0</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">strip_attachment_payloads</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">batch_size</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/parsedmarc.html#watch_inbox"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#parsedmarc.watch_inbox" title="Permalink to this definition"></a></dt>
|
||||
<dd><p>Use an IDLE IMAP connection to parse incoming emails, and pass the results
|
||||
to a callback function
|
||||
:param host: The mail server hostname or IP address
|
||||
:param username: The mail server username
|
||||
:param password: The mail server password
|
||||
:param callback: The callback function to receive the parsing results
|
||||
:param port: The mail server port
|
||||
:param ssl: Use SSL/TLS
|
||||
:type ssl: bool
|
||||
:param verify: Verify the TLS/SSL certificate
|
||||
:type verify: bool
|
||||
:param reports_folder: The IMAP folder where reports can be found
|
||||
:param archive_folder: The folder to move processed mail to
|
||||
:param delete: Delete messages after processing them
|
||||
:type delete: bool
|
||||
:param test: Do not move or delete messages after processing them
|
||||
:type test: bool
|
||||
:param idle_timeout: Number of seconds to wait for a IMAP IDLE response
|
||||
:type idle_timeout: int
|
||||
:param ip_db_path: Path to a MMDB file from MaxMind or DBIP
|
||||
:type ip_db_path: str
|
||||
:param offline: Do not query online for geolocation or DNS
|
||||
:type offline: bool
|
||||
:param nameservers: A list of one or more nameservers to use
|
||||
:type nameservers: list
|
||||
:param (Cloudflare’s public DNS resolvers by default):
|
||||
:param dns_timeout: Set the DNS query timeout
|
||||
:type dns_timeout: float
|
||||
:param strip_attachment_payloads: Replace attachment payloads in
|
||||
:type strip_attachment_payloads: bool
|
||||
:param forensic report samples with None:
|
||||
:param batch_size: Number of messages to read and process before saving
|
||||
:type batch_size: int</p>
|
||||
<span class="sig-prename descclassname"><span class="pre">parsedmarc.</span></span><span class="sig-name descname"><span class="pre">watch_inbox</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">mailbox_connection</span></span><span class="p"><span class="pre">:</span></span><span class="w"> </span><span class="n"><span class="pre">parsedmarc.mail.mailbox_connection.MailboxConnection</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">callback</span></span><span class="p"><span class="pre">:</span></span><span class="w"> </span><span class="n"><span class="pre">Callable</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">reports_folder</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">'INBOX'</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">archive_folder</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">'Archive'</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">delete</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">test</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">check_timeout</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">30</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">ip_db_path</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">offline</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">nameservers</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">dns_timeout</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">6.0</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">strip_attachment_payloads</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">batch_size</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/parsedmarc.html#watch_inbox"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#parsedmarc.watch_inbox" title="Permalink to this definition"></a></dt>
|
||||
<dd><dl class="simple">
|
||||
<dt>Watches the mailbox for new messages and</dt><dd><p>sends the results to a callback function</p>
|
||||
</dd>
|
||||
</dl>
|
||||
<dl class="field-list simple">
|
||||
<dt class="field-odd">Parameters</dt>
|
||||
<dd class="field-odd"><ul class="simple">
|
||||
<li><p><strong>mailbox_connection</strong> – The mailbox connection object</p></li>
|
||||
<li><p><strong>callback</strong> – The callback function to receive the parsing results</p></li>
|
||||
<li><p><strong>reports_folder</strong> – The IMAP folder where reports can be found</p></li>
|
||||
<li><p><strong>archive_folder</strong> – The folder to move processed mail to</p></li>
|
||||
<li><p><strong>delete</strong> (<em>bool</em>) – Delete messages after processing them</p></li>
|
||||
<li><p><strong>test</strong> (<em>bool</em>) – Do not move or delete messages after processing them</p></li>
|
||||
<li><p><strong>check_timeout</strong> (<em>int</em>) – Number of seconds to wait for a IMAP IDLE response
|
||||
or the number of seconds until the next mail check</p></li>
|
||||
<li><p><strong>ip_db_path</strong> (<em>str</em>) – Path to a MMDB file from MaxMind or DBIP</p></li>
|
||||
<li><p><strong>offline</strong> (<em>bool</em>) – Do not query online for geolocation or DNS</p></li>
|
||||
<li><p><strong>nameservers</strong> (<em>list</em>) – A list of one or more nameservers to use</p></li>
|
||||
<li><p><strong>default</strong><strong>)</strong> (<em>(</em><em>Cloudflare's public DNS resolvers by</em>) – </p></li>
|
||||
<li><p><strong>dns_timeout</strong> (<em>float</em>) – Set the DNS query timeout</p></li>
|
||||
<li><p><strong>strip_attachment_payloads</strong> (<em>bool</em>) – Replace attachment payloads in</p></li>
|
||||
<li><p><strong>None</strong> (<em>forensic report samples with</em>) – </p></li>
|
||||
<li><p><strong>batch_size</strong> (<em>int</em>) – Number of messages to read and process before saving</p></li>
|
||||
</ul>
|
||||
</dd>
|
||||
</dl>
|
||||
</dd></dl>
|
||||
|
||||
<section id="module-parsedmarc.elastic">
|
||||
|
||||
BIN
Binary file not shown.
+2
-2
@@ -3,7 +3,7 @@
|
||||
<head>
|
||||
<meta charset="utf-8" />
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
|
||||
<title>Python Module Index — parsedmarc 7.1.1 documentation</title>
|
||||
<title>Python Module Index — parsedmarc 8.0.0 documentation</title>
|
||||
<link rel="stylesheet" href="_static/pygments.css" type="text/css" />
|
||||
<link rel="stylesheet" href="_static/css/theme.css" type="text/css" />
|
||||
<!--[if lt IE 9]>
|
||||
@@ -30,7 +30,7 @@
|
||||
<a href="index.html" class="icon icon-home"> parsedmarc
|
||||
</a>
|
||||
<div class="version">
|
||||
7.1.1
|
||||
8.0.0
|
||||
</div>
|
||||
<div role="search">
|
||||
<form id="rtd-search-form" class="wy-form" action="search.html" method="get">
|
||||
|
||||
+2
-2
@@ -3,7 +3,7 @@
|
||||
<head>
|
||||
<meta charset="utf-8" />
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
|
||||
<title>Search — parsedmarc 7.1.1 documentation</title>
|
||||
<title>Search — parsedmarc 8.0.0 documentation</title>
|
||||
<link rel="stylesheet" href="_static/pygments.css" type="text/css" />
|
||||
<link rel="stylesheet" href="_static/css/theme.css" type="text/css" />
|
||||
|
||||
@@ -30,7 +30,7 @@
|
||||
<a href="index.html" class="icon icon-home"> parsedmarc
|
||||
</a>
|
||||
<div class="version">
|
||||
7.1.1
|
||||
8.0.0
|
||||
</div>
|
||||
<div role="search">
|
||||
<form id="rtd-search-form" class="wy-form" action="#" method="get">
|
||||
|
||||
+1
-1
File diff suppressed because one or more lines are too long
Reference in New Issue
Block a user