3.9.0 - Multiple bug fixes

2026-05-20 02:45:24 +00:00 · 2018-09-06 11:10:18 -04:00
parent f19d623d7d
commit bcde4bebd5
5 changed files with 96 additions and 31 deletions
@@ -1,3 +1,12 @@
+3.9.0
+-----
+
+- Reduce IMAP `IDLE` refresh rate to 5 minutes to avoid session timeouts in 
+Gmail
+- Fix parsing of some forensic/failure/ruf reports
+- Include email subject in all warning messages
+- Fix example NGINX configuration in the installation documentation
+
 3.8.2
 -----

@@ -296,6 +296,29 @@ On Debian or Ubuntu systems, run:

    $ sudo apt-get install libemail-outlook-message-perl

+DNS performance
+---------------
+
+You can often improve performance by providing one or more local nameservers
+to the CLI or function calls, as long as those nameservers return the same
+records as the public DNS.
+
+
+.. note::
+
+   If you do not specify any nameservers, Cloudflare's public nameservers are
+   used by default, **not the system's default nameservers**.
+
+   This is done to avoid a situation where records in a local nameserver do
+   not match records in the public DNS.
+
+Testing multiple report analyzers
+---------------------------------
+
+If you would like to test parsedmarc and another report processing solution
+at the same time, you can have up to two mailto URIs each in the rua and ruf
+tags tgs in your DMARC record, separated by commas.
+
 Documentation
 =============

@@ -313,6 +313,22 @@ On Debian or Ubuntu systems, run:
    $ sudo apt-get install libemail-outlook-message-perl


+DNS performance
+---------------
+
+You can often improve performance by providing one or more local nameservers
+to the CLI or function calls, as long as those nameservers return the same
+records as the public DNS.
+
+
+.. note::
+
+   If you do not specify any nameservers, Cloudflare's public nameservers are
+   used by default, **not the system's default nameservers**.
+
+   This is done to avoid a situation where records in a local nameserver do
+   not match records in the public DNS.
+
 Testing multiple report analyzers
 ---------------------------------

@@ -327,7 +343,7 @@ To set up visual dashboards of DMARC data, install Elasticsearch and Kibana.

 .. note::

-    Elasticsearch/Kibana 6+ is required
+    Elasticsearch/Kibana 6 is required

 .. code-block:: bash

@@ -403,37 +419,39 @@ Create the web server configuration

 .. code-block:: nginx

-    server {
-        listen 443 ssl http2;
-        ssl_certificate /etc/nginx/ssl/kibana.crt;
-        ssl_certificate_key /etc/nginx/ssl/kibana.key;
-        ssl_dhparam /etc/nginx/ssl/dhparam.pem;
-        ssl_session_timeout 1d;
-        ssl_session_cache shared:SSL:50m;
-        ssl_session_tickets off;
+   server {
+       listen 443 ssl http2;
+       ssl_certificate /etc/nginx/ssl/kibana.crt;
+       ssl_certificate_key /etc/nginx/ssl/kibana.key;
+       ssl_session_timeout 1d;
+       ssl_session_cache shared:SSL:50m;
+       ssl_session_tickets off;

-        ssl_protocols TLSv1.2;
-        ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHAC   ssl_prefer_server_ciphers on;

-        # Uncomment this next line if you are using a signed, trusted cert
-        #add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";
-        add_header X-Frame-Options SAMEORIGIN;
-        add_header X-Content-Type-Options nosniff;
-        auth_basic "Login required";
-        auth_basic_user_file /etc/nginx/htpasswd;
+       # modern configuration. tweak to your needs.
+       ssl_protocols TLSv1.2;
+       ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
+       ssl_prefer_server_ciphers on;

-        location / {
-            proxy_pass http://127.0.0.1:5601;
-            proxy_set_header Host $host;
-            proxy_set_header X-Real-IP $remote_addr;
-            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-        }
-    }
+       # Uncomment this next line if you are using a signed, trusted cert
+       #add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";
+       add_header X-Frame-Options SAMEORIGIN;
+       add_header X-Content-Type-Options nosniff;
+       auth_basic "Login required";
+       auth_basic_user_file /etc/nginx/htpasswd;

-    server {
-        listen 80;
-        return 301 https://$host$request_uri;
-    }
+       location / {
+           proxy_pass http://127.0.0.1:5601;
+           proxy_set_header Host $host;
+           proxy_set_header X-Real-IP $remote_addr;
+           proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+       }
+   }
+
+   server {
+       listen 80;
+       return 301 https://$host$request_uri;
+   }


 Enable the nginx configuration for Kibana:
@@ -43,7 +43,7 @@ import imapclient.exceptions
 import dateparser
 import mailparser

-__version__ = "3.8.2"
+__version__ = "3.9.0"

 logger = logging.getLogger(__name__)
 logger.setLevel(logging.INFO)
@@ -981,7 +981,10 @@ def parse_report_email(input_, nameservers=None, timeout=6.0):
            payload = payload[0].__str__()
        if content_type == "message/feedback-report":
            try:
-                feedback_report = b64decode(payload).__str__()
+                if "Feedback-Type" in payload:
+                    feedback_report = payload
+                else:
+                    feedback_report = b64decode(payload).__str__()
                feedback_report = feedback_report.lstrip("b'").rstrip("'")
                feedback_report = feedback_report.replace("\\r", "")
                feedback_report = feedback_report.replace("\\n", "\n")
@@ -1018,6 +1021,18 @@ def parse_report_email(input_, nameservers=None, timeout=6.0):
        except (TypeError, ValueError, binascii.Error):
            pass

+        except InvalidAggregateReport as e:
+            error = 'Message with subject "{0}" ' \
+                    'is not a valid ' \
+                    'aggregate DMARC report: {1}'.format(subject, e)
+            raise InvalidAggregateReport(error)
+
+        except InvalidForensicReport as e:
+            error = 'Message with subject "{0}" ' \
+                    'is not a valid ' \
+                    'forensic DMARC report: {1}'.format(subject, e)
+            raise InvalidForensicReport(error)
+
        except FileNotFoundError as e:
            error = 'Unable to parse message with subject "{0}": {1}' .format(
                subject, e)
@@ -14,7 +14,7 @@ from setuptools import setup
 from codecs import open
 from os import path

-__version__ = "3.8.2"
+__version__ = "3.9.0"
 description = "A Python package and CLI for parsing aggregate and " \
              "forensic DMARC reports"