dmarc

package

v1.0.0 Latest Latest Go to latest Published: Apr 8, 2022 License: GPL-3.0 Imports: 11 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/firefart/dmarcsyslogforwarder

Links

Open Source Insights

Documentation ¶

Index ¶

func ConvertToSyslogJSON(filename string, report XMLReport, dns *dns.CachedDNSResolver, ...) ([][]byte, error)
func ConvertToSyslogXML(filename string, report XMLReport, dns *dns.CachedDNSResolver, ...) ([][]byte, error)
type PolicyOverrideReason
type Record
type SyslogEntry
type SyslogPolicyEvaluated
type SyslogPolicyOverrideReason
type SyslogPolicyPublished
type SyslogResultDKIM
type SyslogResultSPF
type XMLReport
- func ReadFile(ctx context.Context, filename string, content []byte) (string, *XMLReport, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func ConvertToSyslogJSON ¶

func ConvertToSyslogJSON(filename string, report XMLReport, dns *dns.CachedDNSResolver, eventID, eventCategory string) ([][]byte, error)

func ConvertToSyslogXML ¶

func ConvertToSyslogXML(filename string, report XMLReport, dns *dns.CachedDNSResolver, eventID, eventCategory string) ([][]byte, error)

Types ¶

type PolicyOverrideReason ¶

type PolicyOverrideReason struct {
	Type    string `xml:"type"`
	Comment string `xml:"comment"`
}

PolicyOverrideReason represents the reason element of a DMARC report

type Record ¶

type Record struct {
	Row struct {
		SourceIP        string `xml:"source_ip"`
		Count           int    `xml:"count"`
		PolicyEvaluated struct {
			Disposition string                 `xml:"disposition"`
			Dkim        string                 `xml:"dkim"`
			Spf         string                 `xml:"spf"`
			Reason      []PolicyOverrideReason `xml:"reason"`
		} `xml:"policy_evaluated"`
	} `xml:"row"`
	Identifiers struct {
		EnvelopeTo   string `xml:"envelope_to"`
		HeaderFrom   string `xml:"header_from"`
		EnvelopeFrom string `xml:"envelope_from"`
	} `xml:"identifiers"`
	AuthResults struct {
		Spf struct {
			Domain string `xml:"domain"`
			Scope  string `xml:"scope"`
			Result string `xml:"result"`
		} `xml:"spf"`
		Dkim struct {
			Domain      string `xml:"domain"`
			Selector    string `xml:"selector"`
			Result      string `xml:"result"`
			HumanResult string `xml:"human_result"`
		} `xml:"dkim"`
	} `xml:"auth_results"`
}

Record represents the record element of a DMARC report

type SyslogEntry ¶

type SyslogEntry struct {
	XMLName          xml.Name              `xml:"syslog_entry" json:"-"`                                    // for xml serialisation
	EventID          string                `xml:"event_id,omitempty" json:"event_id,omitempty"`             // SIEM specific
	EventCategory    string                `xml:"event_category,omitempty" json:"event_category,omitempty"` // SIEM specific
	Version          string                `xml:"version" json:"version"`
	Domain           string                `xml:"domain" json:"domain"`
	DateBegin        int64                 `xml:"date_begin" json:"date_begin"`
	DateEnd          int64                 `xml:"date_end" json:"date_end"`
	ReportID         string                `xml:"report_id" json:"report_id"`
	OrgName          string                `xml:"org_name" json:"org_name"`
	Email            string                `xml:"email" json:"email"`
	ExtraContactInfo string                `xml:"extra_contact_info" json:"extra_contact_info"`
	Errors           []string              `xml:"errors>error" json:"errors"`
	SourceIP         string                `xml:"source_ip" json:"source_ip"`
	SourceDNS        []string              `xml:"source_dns>dns" json:"source_dns"`
	SourceDNSString  string                `xml:"source_dns_string" json:"source_dns_string"`
	Count            int                   `xml:"count" json:"count"`
	EnvelopeTo       string                `xml:"envelope_to" json:"envelope_to"`
	HeaderFrom       string                `xml:"header_from" json:"header_from"`
	EnvelopeFrom     string                `xml:"envelope_from" json:"envelope_from"`
	PolicyPublished  SyslogPolicyPublished `xml:"policy_published" json:"policy_published"`
	PolicyEvaluated  SyslogPolicyEvaluated `xml:"policy_evaluated" json:"policy_evaluated"`
	ResultSpf        SyslogResultSPF       `xml:"result_spf" json:"result_spf"`
	ResultDkim       SyslogResultDKIM      `xml:"result_dkim" json:"result_dkim"`
}

type SyslogPolicyEvaluated ¶

type SyslogPolicyEvaluated struct {
	Disposition string                       `xml:"disposition" json:"disposition"`
	Dkim        string                       `xml:"dkim" json:"dkim"`
	Spf         string                       `xml:"spf" json:"spf"`
	Reason      []SyslogPolicyOverrideReason `xml:"reason" json:"reason"`
}

type SyslogPolicyOverrideReason ¶

type SyslogPolicyOverrideReason struct {
	Type    string `xml:"type" json:"type"`
	Comment string `xml:"comment" json:"comment"`
}

type SyslogPolicyPublished ¶

type SyslogPolicyPublished struct {
	Domain string `xml:"domain" json:"domain"`
	Adkim  string `xml:"adkim" json:"adkim"`
	Aspf   string `xml:"aspf" json:"aspf"`
	P      string `xml:"p" json:"p"`
	Sp     string `xml:"sp" json:"sp"`
	Pct    string `xml:"pct" json:"pct"`
	Fo     string `xml:"fo" json:"fo"`
}

type SyslogResultDKIM ¶

type SyslogResultDKIM struct {
	Domain      string `xml:"domain" json:"domain"`
	Selector    string `xml:"selector" json:"selector"`
	Result      string `xml:"result" json:"result"`
	HumanResult string `xml:"human_result" json:"human_result"`
}

type SyslogResultSPF ¶

type SyslogResultSPF struct {
	Domain string `xml:"domain" json:"domain"`
	Scope  string `xml:"scope" json:"scope"`
	Result string `xml:"result" json:"result"`
}

type XMLReport ¶

type XMLReport struct {
	Version        string `xml:"version"`
	ReportMetadata struct {
		OrgName          string `xml:"org_name"`
		Email            string `xml:"email"`
		ExtraContactInfo string `xml:"extra_contact_info"`
		ReportID         string `xml:"report_id"`
		DateRange        struct {
			Begin int64 `xml:"begin"`
			End   int64 `xml:"end"`
		} `xml:"date_range"`
		Error []string `xml:"error"`
	} `xml:"report_metadata" `
	PolicyPublished struct {
		Domain string `xml:"domain"`
		Adkim  string `xml:"adkim"`
		Aspf   string `xml:"aspf"`
		P      string `xml:"p"`
		Sp     string `xml:"sp"`
		Pct    string `xml:"pct"`
		Fo     string `xml:"fo" `
	} `xml:"policy_published"`
	Records []Record `xml:"record"`
}

Report represents the top element of a DMARC report https://tools.ietf.org/html/rfc7489#appendix-C also see report.xsd in this repository

func ReadFile ¶

func ReadFile(ctx context.Context, filename string, content []byte) (string, *XMLReport, error)

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL