How to Parse DMARC Reports via IMAP

UPDATE : As of March 9, 2016, imap-dmarcts has been renamed to dmarcts-report-parser! We’ve also moved the code to GitHub to better facilitate contributions from our users!

After my recent post about “How to Parse DMARC Reports“, I decided to find a way to directly query an IMAP folder to parse reports. I have started with John Levine’s rddmarc script, and modified it to connect to an IMAP server.

In the process of working on this, I also discovered that some receivers are sending their DMARC reports as multipart attachments. The original rddmarc script did not seem to handle this condition well, so I added this capability as well.

The script assumes you have already setup the database aspects already detailed in : How to Parse DMARC Reports

You can download the script here : dmarcts-report-parser.pl

OR… you can follow these steps…


wget https://github.com/techsneeze/dmarcts-report-parser/raw/master/dmarcts-report-parser.pl
chmod 755 dmarcts-report-parser.pl

Next, you’ll want to either edit the script or have a separate file named “dmarcts-report-parser.conf” (template) with the following information:


####################################################################
### configuration ##################################################
####################################################################

# If IMAP access is not used, config options starting with $imap
# do not need to be set and are ignored.

$debug = 0;
$delete_reports = 0;

$dbname = 'dmarc';
$dbuser = 'dmarc';
$dbpass = 'xxx';
$dbhost = ''; # Set the hostname if we can't connect to the local socket.

$imapserver = 'mail.example.com:143';
$imapuser = 'dmarcreports';
$imappass = 'xxx';
$imapssl = '0'; # If set to 1, remember to change server port to 993.
$imaptls = '1'; # Enabled as the default and best-practice.
$imapreadfolder = 'Inbox';

# If $imapmovefolder is set, processed IMAP messages
# will be moved (overruled by the --delete option!)
$imapmovefolder = 'Inbox.processed';

You’ll see that you need to put the appropriate IMAP server settings, as well as the source folder and what folder to put them in once processed. In my example, I am looking in the Inbox, and then moving to a “processed” folder. You will also need to edit the database destination.

Once the settings are changed, you can simply run the script:

./dmarcts-report-parser.pl

You may want to use the DMARC Web Reporting Tool to display your parsed reports.

Also available via GitHub repository :

5 thoughts on “How to Parse DMARC Reports via IMAP

  1. Pingback: How to Parse DMARC Reports – TechSneeze.com

    1. superdave Post author

      All of those links worked for me just now. You may want to try again, or try a different network/computer.

      I’d prefer to let him be the source of truth for those, as he has made tweaks over time.

Leave a Reply

Your email address will not be published. Required fields are marked *