diff --git a/CHANGELOG.md b/CHANGELOG.md index 4bc6188..6c63eb7 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,9 @@ +6.9.0 +----- + +- Use system nameservers instead of Cloudflare by default +- Parse aggregate report records with missing SPF domains + 6.8.2 ----- diff --git a/docs/index.rst b/docs/index.rst index 2a39526..1632ce5 100644 --- a/docs/index.rst +++ b/docs/index.rst @@ -83,8 +83,7 @@ CLI help -o OUTPUT, --output OUTPUT write output files to the given directory -n NAMESERVERS [NAMESERVERS ...], --nameservers NAMESERVERS [NAMESERVERS ...] - nameservers to query (default is Cloudflare's - nameservers) + nameservers to query -t DNS_TIMEOUT, --dns_timeout DNS_TIMEOUT number of seconds to wait for an answer from DNS (default: 2.0) @@ -201,16 +200,6 @@ The full set of configuration options are: - ``message`` - str: The email message (Default: Please see the attached parsedmarc report.) -.. warning:: - - It is **strongly recommended** to **not** use the ``nameservers`` setting. - By default, ``parsedmarc`` uses `Cloudflare's public resolvers`_, - which are much faster and more reliable than Google, Cisco OpenDNS, or - even most local resolvers. - - The ``nameservers`` option should only be used if your network blocks DNS - requests to outside resolvers. - .. warning:: ``save_aggregate`` and ``save_forensic`` are separate options because diff --git a/parsedmarc/__init__.py b/parsedmarc/__init__.py index 59afac1..ee853bd 100644 --- a/parsedmarc/__init__.py +++ b/parsedmarc/__init__.py @@ -33,7 +33,7 @@ from parsedmarc.utils import is_outlook_msg, convert_outlook_msg from parsedmarc.utils import timestamp_to_human, human_timestamp_to_datetime from parsedmarc.utils import parse_email -__version__ = "6.8.2" +__version__ = "6.9.0" logging.basicConfig( format='%(levelname)8s:%(filename)s:%(lineno)d:' @@ -86,10 +86,6 @@ def _parse_report_record(record, offline=False, nameservers=None, Returns: OrderedDict: The converted record """ - if nameservers is None: - nameservers = ["1.1.1.1", "1.0.0.1", - "2606:4700:4700::1111", "2606:4700:4700::1001", - ] record = record.copy() new_record = OrderedDict() new_record_source = get_ip_address_info(record["row"]["source_ip"], @@ -168,6 +164,8 @@ def _parse_report_record(record, offline=False, nameservers=None, if type(auth_results["spf"]) != list: auth_results["spf"] = [auth_results["spf"]] for result in auth_results["spf"]: + if "domain" not in result: + result["domain"] = None new_result = OrderedDict([("domain", result["domain"])]) if "scope" in result and result["scope"] is not None: new_result["scope"] = result["scope"] diff --git a/parsedmarc/cli.py b/parsedmarc/cli.py index be9b6c5..f6adf46 100644 --- a/parsedmarc/cli.py +++ b/parsedmarc/cli.py @@ -161,8 +161,7 @@ def _main(): arg_parser.add_argument("-o", "--output", help="write output files to the given directory") arg_parser.add_argument("-n", "--nameservers", nargs="+", - help="nameservers to query " - "(default is Cloudflare's nameservers)") + help="nameservers to query") arg_parser.add_argument("-t", "--dns_timeout", help="number of seconds to wait for an answer " "from DNS (default: 2.0)", diff --git a/samples/aggregate/zoho.com!example.com!1581753600!1581840000.xml b/samples/aggregate/zoho.com!example.com!1581753600!1581840000.xml new file mode 100644 index 0000000..58db164 --- /dev/null +++ b/samples/aggregate/zoho.com!example.com!1581753600!1581840000.xml @@ -0,0 +1,227 @@ + + + + zoho.com + noreply-dmarc@zoho.com + https://www.zoho.com/mail/help/adminconsole/dmarc-policy.html + e2cb5d97-dcbb-470f-b2dd-45519a2abbb3 + + 1581753600 + 1581840000 + + + + example.com + r + r +

none

+ 100 + 0 + + + + 216.71.146.18 + 1 + + none + fail + fail + + + + example.com + + + + pass + example.com + s1 + + + example.com + pass + mfrom + + + + + + 216.71.143.97 + 1 + + none + fail + fail + + + + example.com + + + + pass + example.com + s1 + + + none + helo + + + + + + 216.71.146.224 + 1 + + none + fail + fail + + + + example.com + + + + pass + example.com + s1 + + + example.com + pass + mfrom + + + + + + 216.71.143.87 + 1 + + none + fail + fail + + + + example.com + + + + pass + example.com + s1 + + + example.com + pass + mfrom + + + + + + 216.71.143.62 + 1 + + none + fail + fail + + + + example.com + + + + pass + example.com + s1 + + + example.com + pass + mfrom + + + + + + 216.71.143.52 + 1 + + none + fail + fail + + + + example.com + + + + pass + example.com + s1 + + + none + helo + + + + + + 216.71.148.142 + 1 + + none + fail + fail + + + + example.com + + + + pass + example.com + s1 + + + example.com + pass + mfrom + + + + + + 216.71.148.247 + 2 + + none + fail + fail + + + + example.com + + + + pass + example.com + s1 + + + example.com + pass + mfrom + + + + diff --git a/setup.py b/setup.py index a5e05b0..0405c27 100644 --- a/setup.py +++ b/setup.py @@ -14,7 +14,7 @@ from setuptools import setup from codecs import open from os import path -__version__ = "6.8.2" +__version__ = "6.9.0" description = "A Python package and CLI for parsing aggregate and " \ "forensic DMARC reports"