How to Parse DMARC Reports via IMAP
After my recent post about "How to Parse DMARC Reports", I decided to find a way to directly query an IMAP folder to parse reports. I have started with John Levine's rddmarc script, and modified it to connect to an IMAP server.
In the process of working on this, I also discovered that some receivers are sending their DMARC reports as multipart attachments. The original rddmarc script did not seem to handle this condition well, so I added this capability as well.
The script assumes you have already setup the database aspects already detailed in : How to Parse DMARC Reports
You can download the script here : imap-dmarcts.txt
OR... you can follow these steps...
mv imap-dmarcts imap-dmarcts
chmod 755 imap-dmarcts
Next, you'll want to edit the script (near the top) changing these settings as necessary:
my $imapserver = 'mail.example.com:143';
my $imapuser = 'dmarcreports';
my $imappass = 'xxx';
my $mvfolder = 'processed';
my $readfolder = 'Inbox';
my $dbname = 'dmarc';
my $dbuser = 'dmarc';
my $dbpass = 'xxx';
You'll see that you need to put the appropriate IMAP server settings, as well as the source folder and what folder to put them in once processed. In my example, I am looking in the Inbox, and then moving to a "processed" folder. You will also need to edit the database destination.
Once the settings are changed, you can simply run the script:
You may want to use the DMARC Web Reporting Tool to display your parsed reports.
Drupal theme by Kiwi Themes.