Merge pull request #6 from userjack6880/dev

Dev to Main 0-α2

Author: userjack6880

.github/ISSUE_TEMPLATE/bug_report.md

@@ -24,7 +24,8 @@ A clear and concise description of what you expected to happen.
 If applicable, add screenshots to help explain your problem.
 
 **Software Version**
-[ ] Version 0 Alpha 1
+[] Version 0 Alpha 2
+[] Version 0 Alpha 1
 
 **Server (please complete the following information):**
 - Server OS [e.g. CentOS 7.3]

.github/ISSUE_TEMPLATE/critical_report.md

@@ -24,7 +24,8 @@ A clear and concise description of what you expected to happen.
 If applicable, add screenshots to help explain your problem.
 
 **Software Version**
-[ ] Version 0 Alpha 1
+[] Version 0 Alpha 2
+[] Version 0 Alpha 1
 
 **Server (please complete the following information):**
 - Server OS [e.g. CentOS 7.3]

README.md

@@ -8,7 +8,7 @@ A Perl based tool to parse DMARC reports, based on John Levine's [rddmarc](http:
 
 Open Report Parser is a fork of [techsneeze's dmarcts-report-parser](https://github.com/techsneeze/dmarcts-report-parser), and was forked to more closely match the needs of [Open DMARC Analyzer](https://github.com/userjack6880/Open-DMARC-Analyzer).
 
-Open Report Parser Version 0 Alpha 1 (0-α1) is an [Anomaly \<Codebase\>](https://systemanomaly.com/codebase) project by John Bradley ([email protected]).
+Open Report Parser Version 0 Alpha 1 (0-α2) is an [Anomaly \<Codebase\>](https://systemanomaly.com/codebase) project by John Bradley ([email protected]).
 
 # Minimum Requirements
 
@@ -93,21 +93,26 @@ innodb_file_per_table	= true
 
 # Configuration Options
 
-**Debug Options**
+**Script Options**
 
 ```perl
 $debug = 0;
 $delete_reports = 0;
+#$dmarc_only = 0;                           
+# if set to 1, do not process tls reports, if set to -1 do not process
+# dmarc reports - defaults to 1 for legacy support
+# this is ignored for all methods except IMAP, use --tls to process
+# TLS reports for other methods
 ```
 
 **Database Options**
 
 ```perl
-#$dbtype = 'mysql';                         # Supported types - mysql, postgres - defaults to mysql if unset
+#$dbtype = 'mysql'; # Supported types - mysql, postgres - defaults to mysql if unset
 $dbname = 'dmarc';
 $dbuser = 'dmarc';
 $dbpass = 'password';
-$dbhost = 'dbhost';                         # Set the hostname if we can't connect to the local socket.
+#$dbhost = 'dbhost'; # Set the hostname if we can't connect to the local socket.
 $dbport = '3306';
 ```
 
@@ -118,33 +123,40 @@ $imapserver       = 'imap.server';
 $imapuser         = 'username';
 $imappass         = 'password';
 $imapport         = '143';
-$imapssl          = '0';                    # If set to 1, remember to change server port to 993 and disable imaptls.
-$imaptls          = '0';                    # Enabled as the default and best-practice.
-$tlsverify        = '0';                    # Enable verify server cert as the default and best-practice.
-$imapignoreerror  = '0';                    # set it to 1 if you see an "ERROR: message_string() 
-                                            # expected 119613 bytes but received 81873 you may 
-                                            # need the IgnoreSizeErrors option" because of malfunction
-                                            # imap server as MS Exchange 2007, ...
-$imapreadfolder   = 'dmarc';
-
-# If $imapmovefolder is set, processed IMAP messages will be moved (overruled by
+$imapssl          = '0'; # If set to 1, remember to change server port to 993 and disable imaptls.
+$imaptls          = '0';
+$tlsverify        = '0';
+$imapignoreerror  = '0'; # recommended if you use MS Exchange 2007, ...
+
+$imapdmarcfolder  = 'dmarc';
+$imaptlsfolder    = 'tls';
+
+# If $imapxxxproc is set, processed IMAP messages will be moved (overruled by
 # the --delete option!)
-$imapmovefolder = 'dmarc/processed';
+# $imapdmarcproc = 'dmarc.Processed';
+# $imaptlsproc   = 'tls.Processed';
+
+# If $imapxxxerr is set, IMAP messages that fail will be moved. If unset, failed messages
+# will move to $imapdmarcproc (if it is set). Overruled by the --delete option!
+# $imapdmarcerr = 'dmarc.notProcessed';
+# $imaptlserr   = 'tls.notProcessed';
 ```
 
 These settings are ignored when using the -m flag.
 
 **XML Storage Options**
 
 ```perl
-# maximum size of XML files to store in database, long files can cause transaction aborts
+# maximum size of XML/JSON files to store in database, long files can cause transaction aborts
 $maxsize_xml = 50000;
+$maxsize_json = 50000;
 
-# store XML as base64 encopded gzip in database (save space, harder usable)
+# store XML/JSON as base64 encopded gzip in database (save space, harder usable)
 $compress_xml = 0;
+$compress_json = 0;
 ```
 
-**Processing Failure Action***
+**Processing Failure Action**
 
 ```perl
 # if there was an error during file processing (message does not contain XML or ZIP parts, 
@@ -161,7 +173,7 @@ Note: Be sure to use the proper hierarchy separator for your server in all folde
 # Usage
 
 ```
-./dmarcts-report-parser.pl [OPTIONS] [PATH]
+./report-parser.pl [OPTIONS] [PATH]
 ```
 
 PATH can be the filename of a single file or a list of files - wildcard expression are allowed.
@@ -171,27 +183,35 @@ PATH can be the filename of a single file or a list of files - wildcard expressi
 One of the following source options must be provided:
 
 ```
-      -i : Read reports from messages on IMAP server as defined in the config file.
-      -m : Read reports from mbox file(s) provided in PATH.
-      -e : Read reports from MIME email file(s) provided in PATH.
-      -x : Read reports from xml file(s) provided in PATH.
-      -z : Read reports from zip file(s) provided in PATH.
+        -i : Read reports from messages on IMAP server as defined in the 
+             config file. 
+        -m : Read reports from mbox file(s) provided in PATH. 
+        -e : Read reports from MIME email file(s) provided in PATH. 
+        -x : Read reports from xml file(s) provided in PATH. 
+        -j : Read reports from json files(s) provided in PATH. 
+        -z : Read reports from zip file(s) provided in PATH. 
 ```
 
 The following options are always allowed:
 
 ```
-      -d : Print debug info.
-      -r : Replace existing reports rather than failing.
---delete : Delete processed message files (the XML is stored in the database for later reference).
-  --info | Print out number of XML files or emails processed.
+        -d : Print debug info. 
+        -r : Replace existing reports rather than skipping them. 
+  --delete : Delete processed message files (the XML is stored in the 
+             database for later reference). 
+    --info : Print out number of XML files or emails processed. 
+     --tls : Force TLS-Only Mode. 
 ```
 
+Currently, processing of both DMARC and TLS reports during the same run is only supported from IMAP. All other sources will *always* default to DMARC reports unless the `--tls` flag is provided at runtime.
+
 # Latest Changes
 
-## 0-α1
-- Fork renamed
-- Incorporate changes made to original repository after fork ([commit 51ba1de](https://github.com/userjack6880/Open-Report-Parser/commit/51ba1de8521559647ebe4b8a1db291c26b572de4))
+## 0-α2
+- Fixed errors in previous release incorporating postgres support related to table creation.
+- Added MTA-TLS report support.
+- More useful debug output.
+- Code consolodation (eg, subroutine repetative code).
 
 # Tested System Configurations
 | OS          | Perl      | SQL             |
@@ -208,7 +228,8 @@ Support will be provided as outlined in the following schedule. For more details
 
 | Version                             | Support Level    | Released         | End of Support   | End of Life      |
 | ----------------------------------- | ---------------- | ---------------- | ---------------- | ---------------- |
-| Version 1 Alpha 1                   | Full Support     | TBD              | TBD              | TBD              |
+| Version 1 Alpha 2                   | Full Support     | 26 April 2023    | TBD              | TBD              |
+| Version 1 Alpha 1                   | Critical Support | 19 April 2023    | 26 April 2023    | TBD              |
 
 # Contributing
 

dbx_mysql.pl

@@ -110,6 +110,40 @@
       table_options           => "",
       indexes                 => [],
       },
+    "tls" => {
+      column_definitions      => [
+        "serial"              , "int"           , "unsigned NOT NULL AUTO_INCREMENT",
+        "mindate"             , "timestamp"     , "NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP",
+        "maxdate"             , "timestamp"     , "NULL",
+        "domain"              , "varchar(255)"  , "NOT NULL",
+        "org"                 , "varchar(255)"  , "NOT NULL",
+        "reportid"            , "varchar(255)"  , "NOT NULL",
+        "email"               , "varchar(255)"  , "NULL",
+        "policy_mode"         , "varchar(20)"   , "NULL",
+        "summary_success"     , "int"           , "NULL",
+        "summary_failure"     , "int"           , "NULL",
+        "raw_json"            , "mediumtext"    , "",
+        ],
+      additional_definitions  => "PRIMARY KEY (serial), UNIQUE KEY domain(domain, reportid)",
+      table_options           => "ROW_FORMAT=COMPRESSED",
+      indexes                 => [],
+      },
+    "tlsrecord" => {
+      column_definitions      => [
+        "id"                  , "int"           , "unsigned NOT NULL AUTO_INCREMENT PRIMARY KEY",
+        "serial"              , "int"           , "unsigned NOT NULL",
+        "send_ip"             , "int"           , "unsigned",
+        "send_ip6"            , "binary(16)"    , "",
+        "recv_ip"             , "int"           , "unsigned",
+        "recv_ip6"            , "binary(16)"    , "",
+        "recv_mx"             , "varchar(255)"  , "",
+        "type"                , "varchar(255)"  , "",
+        "count"               , "int"           , "unsigned NOT NULL",
+        ],
+      additional_definitions  => "KEY serial (serial, send_ip), KEY serial6 (serial, send_ip6)",
+      table_options           => "",
+      indexes                 => [],
+      }
     },
 
   add_column => sub {

dbx_postgres.pl

@@ -115,6 +115,45 @@
         "CREATE INDEX rptrecord_idx_serial6 ON rptrecord (serial, ip6);",
         ],
       },
+    "tls" => {
+      column_definitions      => [
+        "serial"              , "bigint"                      , "GENERATED ALWAYS AS IDENTITY",
+        "mindate"             , "timestamp without time zone" , "NOT NULL",
+        "maxdate"             , "timestamp without time zone" , "NULL",
+        "domain"              , "character varying(255)"      , "NOT NULL",
+        "org"                 , "character varying(255)"      , "NOT NULL",
+        "reportid"            , "character varying(255)"      , "NOT NULL",
+        "email"               , "character varying(255)"      , "NULL",
+        "policy_mode"         , "character varying(20)"       , "NULL",
+        "summary_success"     , "integer"                     , "NULL",
+        "summary_failure"     , "integer"                     , "NULL",
+        "raw_json"            , "text"                        , "",
+        ],
+      additional_definitions  => "PRIMARY KEY (serial)",
+      table_options           => "",
+      indexes                 => [
+        "CREATE UNIQUE INDEX tls_uidx_domain ON tls (domain, reportid);"
+        ],
+      },
+    "tlsrecord" => {
+      column_definitions      => [
+        "id"                  , "bigint"                  , "GENERATED ALWAYS AS IDENTITY",
+        "serial"              , "bigint"                  , "NOT NULL",
+        "send_ip"             , "bigint"                  , "",
+        "send_ip6"            , "bytea"                   , "",
+        "recv_ip"             , "bigint"                  , "",
+        "recv_ip6"            , "bytea"                   , "",
+        "recv_mx"             , "character varying(255)"  , "",
+        "type"                , "character varying(255)"  , "",
+        "count"               , "integer"                 , "NOT NULL",
+        ],
+      additional_definitions  => "PRIMARY KEY (id)",
+      table_options           => "",
+      indexes                 => [
+        "CREATE INDEX tlsrecord_idx_serial ON tlsrecord (serial, ip);",
+        "CREATE INDEX tlsrecord_idx_serial6 ON tlsrecord (serial, ip6);",
+        ],
+      }
     },
 
   add_column => sub {

docs/CHANGELOG.md

@@ -2,4 +2,10 @@
 
 ## 0-α1
 - Fork renamed
-- Incorporate changes made to original repository after fork ([commit 51ba1de](https://github.com/userjack6880/Open-Report-Parser/commit/51ba1de8521559647ebe4b8a1db291c26b572de4))
+- Incorporate changes made to original repository after fork ([commit 51ba1de](https://github.com/userjack6880/Open-Report-Parser/commit/51ba1de8521559647ebe4b8a1db291c26b572de4))
+
+## 0-α2
+- Fixed errors in previous release incorporating postgres support related to table creation.
+- Added MTA-TLS report support.
+- More useful debug output.
+- Code consolodation (eg, subroutine repetative code).

docs/SECURITY.md

@@ -20,4 +20,5 @@ Open DMARC Analyzer Version Security Support
 
 | Version                    | Supported | End of Life      |
 | -------------------------- | --------- | ---------------- |
+| Version 0 Alpha 2          | YES       | TBD              |
 | Version 0 Alpha 1          | YES       | TBD              |

docs/SUPPORT.md

@@ -4,7 +4,8 @@ Due to the limited time available to developrs to maintain support, dates must b
 
 | Version                             | Support Level    | Released         | End of Support   | End of Life      |
 | ----------------------------------- | ---------------- | ---------------- | ---------------- | ---------------- |
-| Version 1 Alpha 1                   | Full Support     | TBD              | TBD              | TBD              |
+| Version 1 Alpha 2                   | Full Support     | 26 April 2023    | TBD              | TBD              |
+| Version 1 Alpha 1                   | Critical Support | 19 April 2023    | 26 April 2023    | TBD              |
 
 # Support Cycle
 

report-parser.conf.pub

@@ -62,40 +62,48 @@
 
 $debug = 0;
 $delete_reports = 0;
+#$dmarc_only = 0;                           
+# if set to 1, do not process tls reports, if set to -1 do not process
+# dmarc reports - defaults to 1 for legacy support
+# this is ignored for all methods except IMAP, use --tls to process
+# TLS reports for other methods
 
-#$dbtype = 'mysql';                         # Supported types - mysql, postgres - defaults to mysql if unset
+#$dbtype = 'mysql'; # Supported types - mysql, postgres - defaults to mysql if unset
 $dbname = 'dmarc';
 $dbuser = 'dmarc';
 $dbpass = 'password';
-$dbhost = 'dbhost';                         # Set the hostname if we can't connect to the local socket.
+#$dbhost = 'dbhost'; # Set the hostname if we can't connect to the local socket.
 $dbport = '3306';
 
 $imapserver       = 'imap.server';
 $imapuser         = 'username';
 $imappass         = 'password';
 $imapport         = '143';
-$imapssl          = '1';                    # If set to 1, remember to change server port to 993 and disable imaptls.
-$imaptls          = '0';                    # Enabled as the default and best-practice.
-$tlsverify        = '1';                    # Enable verify server cert as the default and best-practice.
-$imapignoreerror  = '0';                    # set it to 1 if you see an "ERROR: message_string() 
-                                            # expected 119613 bytes but received 81873 you may 
-                                            # need the IgnoreSizeErrors option" because of malfunction
-                                             # imap server as MS Exchange 2007, ...
-$imapreadfolder   = 'dmarc';
+$imapssl          = '0'; # If set to 1, remember to change server port to 993 and disable imaptls.
+$imaptls          = '0';
+$tlsverify        = '0';
+$imapignoreerror  = '0'; # recommended if you use MS Exchange 2007, ...
 
-# If $imapmovefolder is set, processed IMAP messages will be moved (overruled by
+$imapdmarcfolder  = 'dmarc';
+$imaptlsfolder    = 'tls';
+
+# If $imapxxxproc is set, processed IMAP messages will be moved (overruled by
 # the --delete option!)
-# $imapmovefolder = 'dmarc/processed';
+# $imapdmarcproc = 'dmarc.Processed';
+# $imaptlsproc   = 'tls.Processed';
 
-# If $imapmovefoldererr is set, IMAP messages that fail will be moved. If unset, failed messages
-# will move to $imapmovefolder (if it is set). Overruled by the --delete option!
-# $imapmovefoldererr = 'Inbox.notProcessed';
+# If $imapxxxerr is set, IMAP messages that fail will be moved. If unset, failed messages
+# will move to $imapdmarcproc (if it is set). Overruled by the --delete option!
+# $imapdmarcerr = 'dmarc.notProcessed';
+# $imaptlserr   = 'tls.notProcessed';
 
-# maximum size of XML files to store in database, long files can cause transaction aborts
+# maximum size of XML/JSON files to store in database, long files can cause transaction aborts
 $maxsize_xml = 50000;
+$maxsize_json = 50000;
 
-# store XML as base64 encopded gzip in database (save space, harder usable)
+# store XML/JSON as base64 encopded gzip in database (save space, harder usable)
 $compress_xml = 0;
+$compress_json = 0;
 
 # if there was an error during file processing (message does not contain XML or ZIP parts, 
 # or a database error) the parser reports an error and does not delete the file, even if