diff --git a/.travis.yml b/.travis.yml index 7a867f8..c99facb 100644 --- a/.travis.yml +++ b/.travis.yml @@ -10,7 +10,7 @@ python: # commands to install dependencies before_install: - "sudo apt-get update" - - "sudo apt-get install -y libemail-outlook-message-perl" + - "sudo apt-get install -y libemail-outlook-message-perl geoipupdate" - "curl -O https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-6.5.1.deb && sudo dpkg -i --force-confnew elasticsearch-6.5.1.deb && sudo service elasticsearch restart" install: diff --git a/CHANGELOG.md b/CHANGELOG.md index e10beca..424ec67 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,10 @@ +6.1.5 +----- + +- Always use Cloudflare's nameservers by default instead of Google's +- Avoid re-downloading the Geolite2 database (and tripping their DDoS protection) +- Add `geoipupdate` to install instructions + 6.1.4 ----- diff --git a/docs/index.rst b/docs/index.rst index 97b6bf9..d961e45 100644 --- a/docs/index.rst +++ b/docs/index.rst @@ -465,19 +465,24 @@ On Debian or Ubuntu systems, run: .. code-block:: bash - sudo apt-get install python3-pip - + sudo apt-get install -y python3-pip geoipupdate On CentOS systems, run: .. code-block:: bash - sudo yum install -y python34-setuptools + sudo yum install -y python34-setuptools GeoIP-Update sudo easy_install-3.4 pip + sudo geoipupdate Python 3 installers for Windows and macOS can be found at https://www.python.org/downloads/ +.. note:: + + Windows users should also download a copy of Maxmind's free + `GeoLite2-Country.mmdb`_ to ``C:\GeoIP\GeoLite2-Country.mmdb``. + To install or upgrade to the latest stable release of ``parsedmarc`` on macOS or Linux, run @@ -1346,6 +1351,8 @@ Indices and tables .. _Modern Auth/multi-factor authentication: http://davmail.sourceforge.net/faq.html +.. _GeoLite2-Country.mmdb:https://geolite.maxmind.com/download/geoip/database/GeoLite2-Country.tar.gz + .. _download the latest portable Linux version of pypy3: https://github.com/squeaky-pl/portable-pypy#portable-pypy-distribution-for-linux .. _Elasticsearch: https://www.elastic.co/guide/en/elasticsearch/reference/current/rpm.html diff --git a/parsedmarc/__init__.py b/parsedmarc/__init__.py index 1da952e..619e39d 100644 --- a/parsedmarc/__init__.py +++ b/parsedmarc/__init__.py @@ -38,7 +38,7 @@ from parsedmarc.utils import is_outlook_msg, convert_outlook_msg from parsedmarc.utils import timestamp_to_human, human_timestamp_to_datetime from parsedmarc.utils import parse_email -__version__ = "6.1.4" +__version__ = "6.1.5" logging.basicConfig( format='%(levelname)8s:%(filename)s:%(lineno)d:' @@ -98,7 +98,9 @@ def _parse_report_record(record, nameservers=None, dns_timeout=2.0): OrderedDict: The converted record """ if nameservers is None: - nameservers = ["8.8.8.8", "4.4.4.4"] + nameservers = ["1.1.1.1", "1.0.0.1", + "2606:4700:4700::1111", "2606:4700:4700::1001", + ] record = record.copy() new_record = OrderedDict() new_record_source = get_ip_address_info(record["row"]["source_ip"], diff --git a/parsedmarc/utils.py b/parsedmarc/utils.py index 1ef8ec1..40fd836 100644 --- a/parsedmarc/utils.py +++ b/parsedmarc/utils.py @@ -261,7 +261,7 @@ def get_ip_address_country(ip_address): Returns: str: And ISO country code associated with the given IP address """ - def download_country_database(location=".GeoLite2-Country.mmdb"): + def download_country_database(location="GeoLite2-Country.mmdb"): """Downloads the MaxMind Geolite2 Country database Args: @@ -281,7 +281,8 @@ def get_ip_address_country(ip_address): shutil.rmtree(tar_dir) system_paths = ["/usr/local/share/GeoIP/GeoLite2-Country.mmdb", - "/usr/share/GeoIP/GeoLite2-Country.mmdb"] + "/usr/share/GeoIP/GeoLite2-Country.mmdb" + "C:\\GeoIP\\GeoLite2-Country.mmdb"] db_path = None for system_path in system_paths: @@ -296,7 +297,7 @@ def get_ip_address_country(ip_address): else: db_age = datetime.now() - datetime.fromtimestamp( os.stat(db_path).st_mtime) - if db_age > timedelta(days=60): + if db_age > timedelta(days=7): download_country_database() db_path = db_path diff --git a/setup.py b/setup.py index 0b93b08..5bd11f3 100644 --- a/setup.py +++ b/setup.py @@ -14,7 +14,7 @@ from setuptools import setup from codecs import open from os import path -__version__ = "6.1.4" +__version__ = "6.1.5" description = "A Python package and CLI for parsing aggregate and " \ "forensic DMARC reports"