fetching reports from mailbox

[llsnndlldkm]

Hi,

First, I think you are running the only php based DMARC project that I've come across that is solid.

Second, although the web interface admin panel says it connects to the mailbox for dmarc reports and lists the number of unseen reports in green, the reports are not loaded automatically into the database. I have set up a CRON-job to run the scripts listed in the readme file like so:

cd /var/www/dir/htdocs/dmarc && /usr/bin/php utils/fetch_reports.php

I have enabled debug messages, and the mailbox cleaner script results in the error No such host as host.domain.de (-1)" Previously, when I set the mail server to localhost, I received the message Certificate failure for localhost: Hostname mismatch: /CN=host.domain.de (-1)"

Can you help getting the reports imported automatically?

Kind regards,

Mark

[liuch]

Hi,

Thank you for your kind words! I'm glad that my project was useful to you.

I'm confused because both the web interface and the utils use the same code to access to the mail server. This error is thrown by the php function imap_open: it cannot resolve your domain name. So I think it is due to the difference in the environment for the web server and for your CRON-job. Maybe the user from which you are launching the task does not have DNS available? Try to check it out. You can also add your mail domain name to /etc/hosts or use localhost as your domain name. In this case, you will most likely need to set novalidate-cert to true in the configuration file (see config/conf.sample.php for details).

Good luck!

[llsnndlldkm]

Thank you for your solution to my problem, it worked like a charm. Thanks again for your great project.

[liuch]

You're welcome! Could you tell me which way did you use?

[llsnndlldkm]

Since the DNS from my host is working, I have set the novalidate-cert to true in config/conf.php

[liuch]

Thank you.

[llsnndlldkm]

Since TLS reports are similar to Dmarc reports, maybe it’s an idea to add this functionality to the project?

Verstuurd vanaf mijn mobiel.

Op 19 nov. 2021 om 15:18 heeft Aleksey Andreev @.***> het volgende geschreven:

 Thank you.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or unsubscribe. Triage notifications on the go with GitHub Mobile for iOS or Android.

[liuch]

I didn't even know about TLS reports. This must be thought out. Thank you for sharing this idea.

[llsnndlldkm]

Hi, I receive an email containing a reporter.com!domain.com!1234567890!1234567890!001.json.gz file (after the last ! the number seems to differ depending on the reporting entity) with the unzipped contents:

{"organization-name":"Google @.***","report-id":"2021-11-22T00:00:00Z_domain.com","policies":[{"policy":{"policy-type":"sts","policy-string":["version: STSv1","mode: testing","mx: alt1.aspmx.l.google.com","mx: aspmx3.googlemail.com","mx: aspmx.l.google.com","mx: alt2.aspmx.l.google.com","mx: aspmx2.googlemail.com","max_age: 604800"],"policy-domain":"domain.com"},"summary":{"total-successful-session-count":34,"total-failure-session-count":0}}]}

Hope this helps.

Op 22 nov. 2021, om 14:46 heeft Aleksey Andreev @.***> het volgende geschreven:

I didn't even know about TLS reports. This must be thought out. Thank you for sharing this idea. — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or unsubscribe. Triage notifications on the go with GitHub Mobile for iOS or Android.

[liuch]

Thank you. I have already found this RFC: https://datatracker.ietf.org/doc/html/rfc8460, and in the near future I plan to study it in details.

[tobsowo]

Thank you. I have already found this RFC: https://datatracker.ietf.org/doc/html/rfc8460, and in the near future I plan to study it in details.

@liuch Just found this app and I must appreciate effort you have put into this. I noticed that most DMARC analysers has not implemented TLS Report and it will be a good add to this app.

Thank you.

[williamdes]

See #50 to track this feature I would like it too