Initial fork

prbinu · Nov 17, 2016 · 20291c6 · 20291c6
1 parent c025974
commit 20291c6
Show file tree

Hide file tree

Showing 8 changed files with 57 additions and 3,901 deletions.
diff --git a/.gitignore b/.gitignore
@@ -0,0 +1,2 @@
+var/
+pwd
diff --git a/README.md b/README.md
@@ -83,6 +83,17 @@ Options:
 Example:
   % dmarc-convertor.sh -u dmarc@example.com -P ./pwd -s imap.example.com -p 993 -c ./cacert.pem
 ```
+
+The
+
+```
+	dmarcReportProcessor.service
+	dmarcReportProcessor.timer
+```
+
+shows a possible systemd call to execute the report collection. The env RUAFOLDER defines the IMAP folder where the reports are.
+
+
 *NOTE* The above script expects `imap-client.py` and `dmarc-parser.py` available in $ROOT/bin. You may change the path by modifiying `dmarc-convertor.sh`. 
 
 Tested on python 2.7
diff --git a/dmarc-parser.py → bin/dmarc-parser.py b/dmarc-parser.py → bin/dmarc-parser.py
diff --git a/imap-client.py → bin/imap-client.py b/imap-client.py → bin/imap-client.py
@@ -130,7 +130,7 @@ def main():
 
   if args.pwdfile:
     infile = open(args.pwdfile, 'r')
-    firstline = infile.readline()
+    firstline = infile.readline().strip()
     args.pwd = firstline
   else:
     args.pwd = getpass.getpass()  

diff --git a/cacert.pem b/cacert.pem
diff --git a/dmarc-convertor.sh b/dmarc-convertor.sh
@@ -12,14 +12,15 @@
 # 3. Convert dmarc xml files to line oriented format for splunk
 #
 
-ROOT='/'
-DMARC_ROOT="${ROOT}/var/dmarc-report-processor"
+ROOT='/usr/local/dmarc-report-processor'
+DMARC_ROOT="${ROOT}/var"
 ATTACH="${DMARC_ROOT}/attach_raw"
 XML="${DMARC_ROOT}/dmarc_xml"
 DMARC_SPLUNK="${DMARC_ROOT}/dmarc_splunk"
 
 os=`uname`
-ydate=`date -d "yesterday 13:00 " '+%d-%h-%Y'`
+ydate=`date -d "yesterday 00:00 " '+%d-%h-%Y'`
+#ydate=`date -d "1 week ago 13:00 " '+%d-%h-%Y'`
 if [ "$os" == "Darwin" ]
 then
   ydate=`date -v-1d +%d-%h-%Y`
@@ -55,7 +56,7 @@ EOF
 }
 
 OPTIND=1
-while getopts "hs:p:u:P:" opt; do
+while getopts "hs:p:u:P:c:" opt; do
 case "$opt" in
   h)
     dmarc_help
@@ -107,19 +108,27 @@ d_search="SINCE \"${ydate}\" BEFORE \"${tdate}\""
 #1
 echo "Step 1: Fetch dmarc reports from mailbox"
 echo "----------------------------------------"
-${ROOT}/bin/imap-client.py --attachmentsonly -s "${d_host}" -c "${d_cert}" --port "${d_port}"  -u "${d_user}" -o ${ATTACH}/${ydate} -f inbox --pwdfile "${d_pwd}" -S "${d_search}"
+${ROOT}/bin/imap-client.py --attachmentsonly -s "${d_host}" -c "${d_cert}" --port "${d_port}"  -u "${d_user}" -o ${ATTACH}/${ydate} -f ${RUAFOLDER} --pwdfile "${d_pwd}" -S "${d_search}"
 if [ "$?" -ne "0" ]
 then
   echo "Error: imap-client mail attachment fetch failed; exiting ..."
   exit 1
 fi
 
 #2
+shopt -s nullglob
+files=( "${ATTACH}/${ydate}"/*.zip )
+if [ "${#files[@]}" -eq "0" ]
+then
+        echo "No new reports found. Exiting ..."
+        exit 0
+fi
+
 echo "Step 2: Unzipping files"
 echo "-----------------------"
 mkdir "${XML}/${ydate}"
 rm -rf "${XML}/${ydate}/*" 2> /dev/null
-for f in "${ATTACH}/${ydate}"/*; do
+for f in "${files[@]}"; do
   echo "$f"
   extn="${f##*.}"
   if [ "$extn" == "zip" ]

diff --git a/dmarcReportProcessor.service b/dmarcReportProcessor.service
@@ -0,0 +1,14 @@
+### DMARC Report Processor ###
+#
+
+[Unit]
+Description=DMARC Report Processor Service
+After=syslog.target network.target
+
+[Service]
+User=root
+Environment=RUAEMAIL=dmarc@example.com
+Environment=IMAPSERVER=msa.example.com
+Environment=RUAFOLDER=INBOX/rua
+Environment=PWDFILE=/usr/local/dmarc-report-processor/pwd
+ExecStart=/usr/local/dmarc-report-processor/dmarc-convertor.sh -u ${RUAEMAIL} -s ${IMAPSERVER} -P ${PWDFILE} -c /etc/pki/tls/certs/ca-bundle.crt
diff --git a/dmarcReportProcessor.timer b/dmarcReportProcessor.timer
@@ -0,0 +1,14 @@
+### DMARC Report Processor timer ###
+#
+# DMARC Report Processor take RUA Report
+# and manage them for you!
+
+[Unit]
+Description=DMARC Report Processor timer
+After=syslog.target network.target
+
+[Timer]
+OnCalendar=daily
+
+[Install]
+WantedBy=rsyslog.service