Make EmailAlert docs and code consistent #98
Conversation
There was a problem hiding this comment.
- The commit message misses one backtick in the line
"Add defaults for subject, host, and port`."
-
baseconfig.pyfile params for emailalert need to be updated.
This may be ignored. I missed Remove EmailAlert configuration from base config #99. -
Should the buffer be checked for an upper limit like 25 Mb by default for size?
cloudmarker/alerts/emailalert.py
Outdated
| :class:`smtplib.SMTP_SSL` documentation for more details on | ||
| this. | ||
|
|
||
| When ``use_ssl`` is ``False` and if ``host`` or ``port`` are not |
cloudmarker/alerts/emailalert.py
Outdated
| username=None, password=None): | ||
| """Create an instance of :class:`EmailAlert` plugin. | ||
|
|
||
| When ``use_ssl` is ``True`` and ``host`` is not specified or |
| smtp.sendmail(self._sender, self._to, message.as_string()) | ||
| smtp.sendmail(self._from_addr, | ||
| self._to_addrs, | ||
| message.as_string()) |
There was a problem hiding this comment.
Most of the other plugins have a success message logged which I personally find very convenient to verify if the method actually succeeded. The other alert, however, does not have it as well. You may choose to add it if you feel it is required.
There was a problem hiding this comment.
I agree. I was trying to keep this change minimal, i.e., just focus on the documentation and necessary code updates. This plugin requires quite a bit of rework to move the SMTP code out to util module and make it consistent with the other plugins. I will do some of it as part of #53. I will address this suggestion of yours while resolving #53.
|
|
||
| Returns: | ||
| smtplib.SMTP or smtplib.SMTP_SSL: An SMTP connection | ||
| with its session ready to send messages. | ||
|
|
||
| """ | ||
| if self._use_ssl: |
There was a problem hiding this comment.
At line 98, with the following config, I ran into an ssl.SSLError.
Config:
alerts:
emailalert:
params:
use_ssl: True
host: smtp.gmail.com
port: 587
from_addr: CloudMarker Alert <no-reply@gmail.com>
to_addrs:
- <recipient@example.com>
subject: Anomaly notification
username: <alice>
password: <alice@123>Exception stack trace:
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.3/Frameworks/Python.framework/Versions/3.7/lib/python3.7/multiprocessing/process.py", line 297, in _bootstrap
self.run()
File "/usr/local/Cellar/python/3.7.3/Frameworks/Python.framework/Versions/3.7/lib/python3.7/multiprocessing/process.py", line 99, in run
self._target(*self._args, **self._kwargs)
File "/Users/git/cloudmarker/cloudmarker/workers.py", line 68, in store_worker
store_plugin.done()
File "/Users/git/cloudmarker/cloudmarker/alerts/emailalert.py", line 79, in done
smtp = self._prepare_smtp_session()
File "/Users/git/cloudmarker/cloudmarker/alerts/emailalert.py", line 98, in _prepare_smtp_session
smtp = smtplib.SMTP_SSL(host=self._host, port=self._port)
File "/usr/local/Cellar/python/3.7.3/Frameworks/Python.framework/Versions/3.7/lib/python3.7/smtplib.py", line 1031, in __init__
source_address)
File "/usr/local/Cellar/python/3.7.3/Frameworks/Python.framework/Versions/3.7/lib/python3.7/smtplib.py", line 251, in __init__
(code, msg) = self.connect(host, port)
File "/usr/local/Cellar/python/3.7.3/Frameworks/Python.framework/Versions/3.7/lib/python3.7/smtplib.py", line 336, in connect
self.sock = self._get_socket(host, port, self.timeout)
File "/usr/local/Cellar/python/3.7.3/Frameworks/Python.framework/Versions/3.7/lib/python3.7/smtplib.py", line 1039, in _get_socket
server_hostname=self._host)
File "/usr/local/Cellar/python/3.7.3/Frameworks/Python.framework/Versions/3.7/lib/python3.7/ssl.py", line 412, in wrap_socket
session=session
File "/usr/local/Cellar/python/3.7.3/Frameworks/Python.framework/Versions/3.7/lib/python3.7/ssl.py", line 853, in _create
self.do_handshake()
File "/usr/local/Cellar/python/3.7.3/Frameworks/Python.framework/Versions/3.7/lib/python3.7/ssl.py", line 1117, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [SSL: UNKNOWN_PROTOCOL] unknown protocol (_ssl.c:1056)
If the use_ssl key is set to False, the mail is successfully sent. This could probably be handled in another PR. There is a solution mentioned here.
There was a problem hiding this comment.
At line 98, with the following config, I ran into an
ssl.SSLError.Config:
alerts: emailalert: params: use_ssl: True host: smtp.gmail.com port: 587
For use_ssl set to True, set port to either 465 or 0 (to choose default port which is 465).
Also, see the docstring in line 26 for more details on this.
There was a problem hiding this comment.
The docstring does not say that use_ssl can only be used for port 465. I'm not sure if someone running into this error would be able to figure out that both the port and use_ssl work together. This is not a breaking change so I'm fine if we don't do error handling here.
I think I ended up testing this the wrong way because of the existing config in base config. Since that config is not meant to exist, this comment may be ignored 😅 .
There was a problem hiding this comment.
I tried to address this by adding more details in the util.send_email() docstring in PR #108. See the following two URLs on the Read the Docs:
Please let me know if this helps of if we need to rework on these docstrings.
| if self._stringbuffer: | ||
| self._body = ''.join(self._stringbuffer) | ||
| message.attach(MIMEText(self._body)) | ||
| body = ''.join(self._stringbuffer) |
There was a problem hiding this comment.
Is it okay to send raw json data in the email body?
There was a problem hiding this comment.
It is not okay to send raw JSON in the email body. I would like record['com']['description'] and record['com']['recommendation'] to be picked out from the event record (record) and formatted neatly in the email alerts. This will be done in a separate pull request.
Hi Nirali, We can do something like this. I would prefer to do this in a separate pull request. By the way, did you come up with the 25 MB limit as an arbitrary limit or did you use some reference to come up with this limit? |
I used this, https://www.outlook-apps.com/maximum-email-size/. |
susam
force-pushed
the
emaildocs
branch
2 times, most recently
from
7eeb81d
to
b019735
Compare
susam
changed the title
The EmailAlert docstrings have been updated to make it look good from a user's perspective. In some places, the docstrings have been fixed to describe the functionality in the code correctly. In some other cases, the code has been updated to be consistent with the updated docstrings. The following changes have been made to the plugin parameters: - Rename `sender` to `from_addr`. - Rename `to` to `to_addrs`. - Remove `body`. - Add defaults for `subject`, `host`, and `port`. The names `from_addr` and `to_addrs` have been picked from the Python `smtplib` documentation. They have done the work of choosing good names, so we just reuse it. The `to_addrs` name has an additional advantage that it hints at the value being a list of addresses. The `body` parameter has been removed because this is not a generic emailer class. This is an alert plugin which will decide its own email content based on the events it receives in its `write()` method. There is never a situation where the email content can be specified via configuration. The defaults for `host` and `port` have also been picked from the Python `smtplib` documentation. They implement sensible default behaviour for these defaults, so we reuse that behaviour by choosing the same defaults.
Make EmailAlert docs and code consistent
The EmailAlert docstrings have been updated to make it look good from a
user's perspective. In some places, the docstrings have been fixed to
describe the functionality in the code correctly. In some other cases,
the code has been updated to be consistent with the updated docstrings.
The following changes have been made to the plugin parameters:
sendertofrom_addr.tototo_addrs.body.subject,host, andport.The names
from_addrandto_addrshave been picked from the Pythonsmtplibdocumentation. They have done the work of choosing good names,so we just reuse it. The
to_addrsname has an additional advantagethat it hints at the value being a list of addresses.
The
bodyparameter has been removed because this is not a genericemailer class. This is an alert plugin which will decide its own email
content based on the events it receives in its
write()method.There is never a situation where the email content can be specified via
configuration.
The defaults for
hostandporthave also been picked from the Pythonsmtplibdocumentation. They implement sensible default behaviour forthese defaults, so we reuse that behaviour by choosing the same
defaults.