Comments (8)
tierpod
commented on June 19, 2024
Hi @planetahuevo ! You are welcome, I'm glad that my little project can be useful for somebody.
I'm thought about adding weekly/monthly reports, but still can't decide how to do it.
Each dmarc report contains data for one day. At the moment each dmarc report parses independently. So, example of my workflow is: crontab executes dmarc-report-converter every day and saves HTMLs without any aggregation. I've configured nginx to serve this files.
If we want to make weekly/monthly reports, we have two ways:
- Execute dmarc-report-converter every week/month (not days). In that case, it have to aggregate data from many dmarc reports in memory and make complex HTMLs.
- Use external database to store daily data. In that case, I have to add dependency on database, and write web application for visualize reports from this database. I think, it is quite complex way.
Also, dmarc-report-converter can render reports as json. So there is another way - save data to elasticsearch and use kibana for visualize data.
I will appreciate if you can give me ideas about it.
from dmarc-report-converter.
planetahuevo
commented on June 19, 2024
Hi!
I have been thinking about this for a while, before I found your project, so this is what I think:
- Using a external database makes no sense. It complicates the project, the server, the backups, etc. We already have the data on the reports, so we do not need to store the data again.
- Monthly reports looks ok, but I think it wonΒ΄t be necessary, a weekly report is good enough and that makes everything easy.
We can also take another approach, instead of using a date to select the reports, which will force your system to scan all of them, find the ones you want and discard the rest, it makes more sense to extend your tool to scan multiple reports at once, with a number of reports.
For example. If you do nothing, it will work as it is now, take the report and generate the html.
But you could add a flag (for example --multiple=7) that indicate to the system that it need to collect 7 reports and generate the html after that.
I am not sure how the system works now, but you could limit the number to the total of reports to process, or you could get all reports (as the system does now) and create one html after 7 reports.
If there are less than the number, you just process all of them.
Another alternative that I like less, is to just mark the flag without number, and then the system process all reports and generate 1 html with all the info.
One important thing here, is to make sure that we put together all reports from the same domain so we do not mix.
I am not a developer, so I have no idea how can you do this in GO, but I suppose that you can add them to memory and when you have 7 of the same domain, you generate the report for that domain.
You will also need to create another filename on the config for multiple reports, but appart from that, config can be the same.
About elasticsearch, there is already another github project that use that with Kibana, I found it much more complicated that this.
One more thing. There is a flag on the DMARC reports that allow to change the frequency of the reports. ri=
I have setup mine today to a 7 days report, so maybe we can get the 7 days report directly from the source, and that will solve the problem. :)
We will need to wait 7 days to see what happen.
I would love to be able to help you with the code, but I know nothing about go.
from dmarc-report-converter.
tierpod
commented on June 19, 2024
Thank you for reply!
There is a flag on the DMARC reports that allow to change the frequency of the reports. ri=
As I understand from rfc, provider of reports can ignore this option :(
DMARC implementations MUST be able to provide daily reports and SHOULD be able to provide hourly reports when requested. However, anything other than a daily report is understood to be accommodated on a best-effort basis.
But you could add a flag (for example --multiple=7) that indicate to the system that it need to collect 7 reports and generate the html after that.
It is interesting idea π
I will think about that issue and will try to implement one of these methods.
from dmarc-report-converter.
planetahuevo
commented on June 19, 2024
Great :)
On the meantime the daily ones are great.
from dmarc-report-converter.
tierpod
commented on June 19, 2024
I am testing new version now. I had to change some internal logic to achieve this functionality. When I make sure that everything works as expected, I will release new version and will write upgrade notes.
from dmarc-report-converter.
planetahuevo
commented on June 19, 2024
Amazing. I have been a little busy on the past months but I would love to help you testing this. Let me know if you need help with that.
from dmarc-report-converter.
tierpod
commented on June 19, 2024
If you want to test it and can build new version from sources, have a look at issue#14-2 branch
Please read UPGRADING.md, you have to update templates and edit configuration file.
from dmarc-report-converter.
tierpod
commented on June 19, 2024
The branch was merged, new release v0.5
from dmarc-report-converter.
Related Issues (20)
- Limit number or time of reverse lookup when lookup_addr = True
- Add "total pass/failed messages"
- Add html_static.template (without jquery)
- Setup instructions not working HOT 5
- Thank you! HOT 2
- Only delete mails if attachements are succesfully saved to tmp location HOT 2
- Templates should just be part of the compiled binary, ideally. HOT 6
- XML syntax error HOT 12
- Date field request HOT 2
- imap: can't read next part: unhandled charset "utf-ascii" HOT 2
- Now option not working HOT 2
- option to output logs to stderr instead of stdout HOT 2
- Configuration on nginx not working HOT 2
- Most dmarc reports from Comcast cannot be read HOT 6
- ReadParseGZIP: unsupported MimeTypeGZIP HOT 1
- Unable to deploy HOT 2
- Add tests
- Improve log messages
- Error invalid char ':' on first line of install HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. πππ
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google β€οΈ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from dmarc-report-converter.