dmarc_report 1.0

data/bin/install-dmarc_report.rb

@@ -0,0 +1,126 @@
+#!/usr/bin/env ruby
+
+# = install-dmarc_report.rb
+#
+# Author::    Dirk Meyer
+# Copyright:: Copyright (c) 2023 Dirk Meyer
+# License::   Distributes under the same terms as Ruby
+# SPDX-FileCopyrightText: 2023 Dirk Meyer
+# SPDX-License-Identifier: Ruby
+#
+# Installs a working directory for DMARC reports
+#
+
+require 'fileutils'
+
+bindir = File.dirname( File.expand_path( __FILE__ ) )
+user_dir = Gem.user_dir
+
+def install_sample( src, dest )
+  return unless File.exist?( src )
+
+  if File.exist?( dest )
+    warn "skipped: #{dest}"
+    return
+  end
+
+  FileUtils.copy_file( src, dest, verbose: true )
+end
+
+[ 'config', 'rules' ].each do |dir|
+  FileUtils.mkdir_p( dir )
+end
+
+[ 'examples', "#{user_dir}/gems/dmarc_report-*/examples" ].each do |dir|
+  list = Dir.glob( dir )
+  next if list.empty?
+
+  dir2 = list.last
+  [ 'config/*', 'rules/*', '*' ].each do |dir3|
+    list3 = Dir.glob( "#{dir2}/#{dir3}" )
+    list3.each do |file|
+      next unless File.exist?( file )
+      next if File.directory?( file )
+
+      target = file.sub( /^.*\/examples\//, '' )
+      install_sample( file, target )
+    end
+  end
+end
+
+[ '.', "#{user_dir}/gems/dmarc_report-*" ].each do |dir|
+  list = Dir.glob( dir )
+  next if list.empty?
+
+  dir2 = list.last
+  [ 'README.md', '' ].each do |dir3|
+    list3 = Dir.glob( "#{dir2}/#{dir3}" )
+    list3.each do |file|
+      next unless File.exist?( file )
+      next if File.directory?( file )
+
+      target = file.sub( /^.*\//, '' )
+      install_sample( file, target )
+    end
+  end
+end
+
+Dir.glob( 'config/*.yml' ).each do |file|
+  File.chmod( 0o600, file )
+end
+
+datadir = File.expand_path( '.' )
+
+run = "#!/bin/sh
+# SPDX-FileCopyrightText: 2023 Dirk Meyer
+# SPDX-License-Identifier: Ruby
+
+bindir=\"#{bindir}\"
+datadir=\"#{datadir}\"
+cd \"${datadir}\" || exit 69
+
+PATH=\"${PATH}:#{bindir}\"
+export PATH
+
+mkdir -p log DMARC/in DMARC/seen DMARC/ripmime DMARC/zips DMARC/xml DMARC/old
+\"${bindir}/dmarc_imap.rb\" > log/dmarc_imap.log
+\"${bindir}/dmarc_ripmime.rb\" > log/dmarc_ripmime.log
+\"${bindir}/dmarc_report.rb\" > log/dmarc_report.log
+\"${bindir}/dmarc_dns.rb\"
+
+# get config
+. ./dmarc-profile.sh
+
+if test \"${EXPIRE_DAYS}\" != \"\"
+then
+	find DMARC/xml -name '*.xml' -and -mtime \"+${EXPIRE_DAYS}\" \
+		-exec mv '{}' 'DMARC/old/' ';'
+fi
+
+if test \"${RSYNC_TARGET}\" != \"\"
+then
+	rsync -a dmarc-report.csv dmarc-dns.json \"${RSYNC_TARGET}\"
+fi
+exit 0
+# eof
+"
+
+File.write( 'run-dmarc.sh', run )
+File.chmod( 0o755, 'run-dmarc.sh' )
+puts 'writing run-dmarc.sh'
+
+crontab = `crontab -l`
+unless crontab.include?( 'dmarc' )
+  crontab << \
+    "# crontab for dmarc_report\n" \
+    "#minute\thour\tmday\tmonth\twday\tcommand\n" \
+    "#13\t8,12,18\t*\t*\t*\t#{datadir}/run-dmarc.sh\n" \
+    "#\n"
+  File.write( 'crontab.new', crontab )
+  system( 'crontab crontab.new' )
+  puts 'writing crontab'
+end
+
+exit 0
+#
+# eof

data/bin/rename_rfc.rb

@@ -0,0 +1,44 @@
+#!/usr/bin/env ruby
+
+# = rename_rfc
+#
+# Author::    Dirk Meyer
+# Copyright:: Copyright (c) 2023 - 2023 Dirk Meyer
+# License::   Distributes under the same terms as Ruby
+# SPDX-FileCopyrightText: 2023-2023 Dirk Meyer
+# SPDX-License-Identifier: Ruby
+#
+# Rename RFC2047 encoden filenames to UTF-8
+#
+
+# dependecies:
+# gem install --user-install new_rfc_2047
+
+require 'rfc_2047'
+
+def save_decode( key, text )
+  return nil if text.nil?
+
+  begin
+    text = Rfc2047.decode( text )
+  rescue Encoding::CompatibilityError => e
+    warn "Encoding::CompatibilityError #{e}"
+    warn "in #{key}: #{text}"
+  rescue StandardError => e
+    warn e
+    warn "in #{key}: #{text}"
+  end
+  text
+end
+
+dir = 'DMARC/seen'
+Dir.entries( dir ).each do |file|
+  file2 = save_decode( 'filename', file )
+  next  if file2 == file
+
+  puts file
+  File.rename( "#{dir}/#{file}", "#{dir}/#{file2}" )
+end
+
+exit 0
+# eof

data/examples/config/dmarc.yml

@@ -0,0 +1,13 @@
+# dmarc.yml
+
+host: smtp.example.com
+port: 993
+# ca_file: root.crt
+login: username
+password: plain-password
+folder: INBOX
+rules: rules/dmarc.yml
+create_folder: true
+translate_slash: false
+
+# eof

data/examples/dmarc-profile.sh

@@ -0,0 +1,7 @@
+#!/bin/sh
+
+EXPIRE_DAYS="365"
+
+RSYNC_TARGET="server.example.com:"
+
+# eof

data/examples/rules/dmarc.yml

@@ -0,0 +1,33 @@
+# dmarc.yml
+-
+  subject: 'Report Domain: '
+  save:
+    dir: 'DMARC/in'
+    move: 'DMARC/parsed'
+-
+  subject: 'Report domain: '
+  save:
+    dir: 'DMARC/in'
+    move: 'DMARC/parsed'
+-
+  subject: 'DMARC Report'
+  save:
+    dir: 'DMARC/in'
+    move: 'DMARC/parsed'
+-
+  subject: 'DMARC report'
+  save:
+    dir: 'DMARC/in'
+    move: 'DMARC/parsed'
+-
+  subject: 'Dmarc aggregate report'
+  save:
+    dir: 'DMARC/in'
+    move: 'DMARC/parsed'
+-
+  subject: 'DMARC Forensic Report'
+  save:
+    dir: 'DMARC/in'
+    move: 'DMARC/parsed'
+
+# eof

data/lib/xmltohash.rb

@@ -0,0 +1,61 @@
+#
+# https://gist.github.com/huy/819999#file-hash-from_xml
+# USAGE: Hash.from_xml(YOUR_XML_STRING)require 'rubygems'
+require 'nokogiri'
+# modified from http://stackoverflow.com/questions/1230741/convert-a-nokogiri-document-to-a-ruby-hash/1231297#1231297
+
+# extend standard class
+class Hash
+  class << self
+    def from_xml( xml_io )
+      result = Nokogiri::XML( xml_io )
+      { result.root.name.to_sym => xml_node_to_hash( result.root ) }
+    rescue StandardError => e
+      # raise your custom exception here
+      raise e
+    end
+
+    def xml_node_to_hash( node )
+      # If we are at the root of the document, start the hash
+      return node.content.to_s unless node.element?
+
+      result_hash = {}
+      if node.attributes != {}
+        attributes = {}
+        node.attributes.each_key do |key|
+          attributes[ node.attributes[ key ].name.to_sym ] = node.attributes[ key ].value
+        end
+      end
+      return attributes unless node.children.size.positive?
+
+      node.children.each do |child|
+        result = xml_node_to_hash( child )
+
+        if child.name == 'text'
+          unless child.next_sibling || child.previous_sibling
+            return result unless attributes
+
+            result_hash[ child.name.to_sym ] = result
+          end
+        elsif result_hash[ child.name.to_sym ]
+
+          if result_hash[ child.name.to_sym ].is_a?( Object::Array )
+            result_hash[ child.name.to_sym ] << result
+          else
+            result_hash[ child.name.to_sym ] = [ result_hash[ child.name.to_sym ] ] << result
+          end
+        else
+          result_hash[ child.name.to_sym ] = result
+        end
+      end
+      if attributes
+        # add code to remove non-data attributes e.g. xml schema, namespace here
+        # if there is a collision then node content supersets attributes
+        result_hash = attributes.merge( result_hash )
+      end
+      result_hash
+    end
+  end
+end
+
+# eof

metadata

@@ -0,0 +1,106 @@
+--- !ruby/object:Gem::Specification
+name: dmarc_report
+version: !ruby/object:Gem::Version
+  version: '1.0'
+platform: ruby
+authors:
+- Dirk Meyer
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2023-12-23 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: new_rfc_2047
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.0.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.0.0
+- !ruby/object:Gem::Dependency
+  name: nokogiri
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.15.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.15.0
+description: Fetch DMARC report mails via IMAP and extract and convert the data to
+  CSV.
+email:
+executables:
+- dmarc_dns.rb
+- dmarc_imap.rb
+- dmarc_ripmime.rb
+- dmarc_report.rb
+- rename_rfc.rb
+- dmarc_dump.rb
+- install-dmarc_report.rb
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- ".rubocop.yml"
+- CHANGELOG.md
+- LICENSE.txt
+- README.md
+- bin/dmarc_dns.rb
+- bin/dmarc_dump.rb
+- bin/dmarc_imap.rb
+- bin/dmarc_report.rb
+- bin/dmarc_ripmime.rb
+- bin/install-dmarc_report.rb
+- bin/rename_rfc.rb
+- examples/config/dmarc.yml
+- examples/dmarc-profile.sh
+- examples/rules/dmarc.yml
+- lib/xmltohash.rb
+homepage: https://rubygems.org/gems/dmarc-report
+licenses:
+- MIT
+metadata: {}
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.4.19
+signing_key:
+specification_version: 4
+summary: fetch and parse DMARC reports
+test_files: []