Closed Blason closed 1 year ago
I'm open to the idea, if you're interested in submitting a PR. I would expect that the new functionality would detect .json files and if the .json file contains the required fields of the MTA-STS report (as denoted in RFC 8460) then that json content would be appended to a new output file called mta-sts.log. Then your filebeat and/or logstash modules would need to be configured to parse that log.
Thanks for the feedback and I am working on modifying script however since I am not much pro in python hence facing lot of difficulties but I guess it would much easier. Yes I definitely would like to file PR for deriving mta-sts.log from the same script.
Hey Buddy!! Any luck on code part? I am still having difficulty incorporating my codes and script is not working
I'm not working on any code for this.
Closing due to no activity for nearly a year.
Hi there,
I am using this python script to fetch the dmarc messages however I am using same email id for mta-sts reprting. My MTA-STS reports since are now sent to same email Id and those are in a zip format as well. However zip file contains the json file and this script seems only accepting xml data. Can we modify the application to accept json data as well once unzipped?
Here is error I am getting -
2022-05-18 09:04:13,064 - dmarc2logstash - INFO - Decompressing gzip data 2022-05-18 09:04:13,065 - dmarc2logstash - WARNING - Skipping attachment that does not appear to conform to a DMARC aggregate report 2022-05-18 09:04:13,065 - dmarc2logstash - INFO - Preserving email message since it is not a DMARC report; messageIdx=417; messageSubject="Report Domain: isecurenet.in Submitter: microsoft.com Report-ID: