docker-dmarc-report icon indicating copy to clipboard operation
docker-dmarc-report copied to clipboard

Published 20 hours ago verified publisher icon gutmensch

Support for MTA-STS reports

Open kimdre opened this issue 1 year ago • 4 comments

For some time now, part of the reports I receive regularly are SMTP-TLS (MTA-STS) reports in JSON format (generally from google.com). Would it be possible to add support for this report format?

{
   "organization-name":"Google Inc.",
   "date-range":{
      "start-datetime":"2023-10-06T00:00:00Z",
      "end-datetime":"2023-10-06T23:59:59Z"
   },
   "contact-info":"[email protected]",
   "report-id":"2023-10-06T00:00:00Z_mydomain.com",
   "policies":[
      {
         "policy":{
            "policy-type":"sts",
            "policy-string":[
               "version: STSv1",
               "mode: enforce",
               "max_age: 259200",
               "mx: mail.mydomain.com",
               "mx: *.mydomain.com"
            ],
            "policy-domain":"mydomain.com",
            "mx-host":[
               "mail.mydomain.com",
               "*.mydomain.com"
            ]
         },
         "summary":{
            "total-successful-session-count":4,
            "total-failure-session-count":0
         }
      }
   ]
}

kimdre avatar Oct 08 '23 20:10 kimdre

This additional feature would be great and I was coming here to make the same request. This is a great little project and a small enhancement like adding MTA-STS support would be handy.

vipergts450 avatar Oct 11 '23 12:10 vipergts450

Good input, thanks for reporting! "Unfortunately" the code for the parser is just taken from another source https://github.com/techsneeze/dmarcts-report-parser/blob/master/dmarcts-report-parser.pl - a perl script, which is potentially cumbersome to enhance with more functionality, but not impossible. At the moment it would be best to request the feature there and/or contribute via PR.

gutmensch avatar Jan 17 '24 21:01 gutmensch

Seems like there is already a working script, these two PRs just have not been merged yet: https://github.com/techsneeze/dmarcts-report-parser/issues/65#issuecomment-1194639772

gdnmhr avatar Jan 17 '24 22:01 gdnmhr

@kimdre @gdnmhr Thanks again for the pointers! I started rewriting the parser to a more extensible golang application. I think I can add support for RFC8640 and RFC8641 related reports to this. For the unit tests I'd appreciate any possible anonymized reports/payloads (like the one from the original post here) from different sender organizations if you have any as I currently don't have it enabled myself. Also if the data was sent with mime type json or compressed, etc.

gutmensch avatar Jul 05 '24 22:07 gutmensch