Command-line analyze and display of DMARC reports
Licensed under the MIT.
dmarc-rs
is a small command-line utility to analyze and display in a usable manner the content of the DMARC XML reports sent by the various email providers around the globe. Should work properly on UNIX (FreeBSD, Linux, etc.) and Windows systems. This is a Rust port of the Go version utility.
- Unix (tested on FreeBSD, Linux and macOS)
- Windows
- cmd.exe
- Powershell
The package is named dmarc_rs
to distinguish it from the Go version but the binary will remain the same (dmarc-cat
) and can totally replace it.
As with many Rust utilities, a simple
cargo install dmarc-rs
is enough to fetch, build and install.
On Windows systems, the above cargo
command should work directly in a Powershell window.
I will insert here references to the binary packages in different distributions when available.
The main XML parsing stuff is done by serde
& associates and CLI handling is done with clap
:
dmarc-rs
uses the following crates to enable reading zip & gzip files:
It also use the following crates for DNS resolving/threading from the report.
and a few other helper crates, especially if you want to run the tests.
SYNOPSIS
dmarc-cat 0.2.0
Ollivier Robert <[email protected]>
Rust utility to decode and display DMARC reports.
USAGE:
dmarc-cat [OPTIONS] [FILES]...
ARGS:
<FILES>... Filenames (possibly none or -)
OPTIONS:
-D, --debug debug mode
-h, --help Print help information
-j, --jobs <JOBS> Use this many parallel jobs for resolving IP [default: 6]
-N, --no-resolve Do not resolve IP to names
-t, --input-type <ITYPE> Specify the type of input data
-v, --verbose Verbose mode
-V, --version Display version and exit
Example:
$ dmarc-cat /tmp/yahoo.com\!keltia.net\!1518912000\!1518998399.xml
Reporting by: Yahoo! Inc. โ [email protected]
From 2018-02-18 01:00:00 +0100 CET to 2018-02-19 00:59:59 +0100 CET
Domain: keltia.net
Policy: p=none; dkim=r; spf=r
Reports(1):
IP Count From RFrom RDKIM RSPF
88.191.250.24 1 keltia.net keltia.net neutral pass
The full XML grammar is available here and there is a local
copy in the doc/
directory in the source.
The report has several columns:
IP
is matching IP addressCount
is the number of times this IP was presentFrom
is theFrom:
header valueRFrom
is the envelopeFrom
valueRDKIM
is the result from DKIM checkingRSPF
is the result from SPF checking
The file sent by MTAs can differ in format, some providers send zip files with both csv and XML files, some directly send compressed XML files. This utility should handle the different format but you will have to use -t TYPE
if you want to read from standard input.
Tests are available as unit-tests for the library part and as integration tests for the CLI interaction (see tests/cli.rs
).
Please see CONTRIBUTING.md for some simple rules.
I use Git Flow for this package so please use something similar or the usual github workflow.
- Fork it ( https://github.com/keltia/dmarc-rs/fork )
- Checkout the develop branch (
git checkout develop
) - Create your feature branch (
git checkout -b my-new-feature
) - Commit your changes (
git commit -am 'Add some feature'
) - Push to the branch (
git push origin my-new-feature
) - Create a new Pull Request