lib

package
v0.0.0-...-4caf64e Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: May 30, 2024 License: Apache-2.0 Imports: 19 Imported by: 3

Documentation

Index

Constants

View Source
const MAX_ROWS = 2500

Variables

View Source
var (
	DB       *sql.DB
	ARRTable = os.Getenv("ARRTable")
	ARTable  = os.Getenv("ARTable")

	// variables that are settable from outside routines:
	// SetMaxIdleConns maximum number of idle connections to DB
	SetMaxIdleConns = 4

	// SetMaxOpenConns maximum number of open connections to DB
	SetMaxOpenConns = 16

	AppName string

	DBreporting *runner.DB

	SessionReady = false
	Sess         *session.Session
	SvcSNS       *sns.SNS
	SvcLambda    *lambda.Lambda

	SnsRegion    = os.Getenv("AWS_REGION")
	LambdaRegion = os.Getenv("AWS_REGION")
	DreTable     = "dmarc_reporting_entries"
	RecordChunk  = 10000
	AwsConfig    = aws.Config{
		Credentials: credentials.NewChainCredentials(
			[]credentials.Provider{
				&credentials.EnvProvider{},
				&ec2rolecreds.EC2RoleProvider{
					ExpiryWindow: 5 * time.Minute,
				},
			},
		),
	}
)

Functions

func GetDmarcChartData

func GetDmarcChartData(start, end, domain string) (chartReturn, error)

func GetDmarcReportGeneral

func GetDmarcReportGeneral(startdate, endate, domain string) getSummaryReturn

func GetDomainList

func GetDomainList() pq.StringArray

GetDomainList returns the array of domains users have set up the dmarc policy for

func GetOrgDomain

func GetOrgDomain(domain string) (orgDomain string, err error)

GetOrgDomain returns the org domain for the input domain according to the mechanisms of code in the publicsuffix package

func GetReportingDB

func GetReportingDB() *runner.DB

func GetTheRunner

func GetTheRunner(prefix string) (theRunner *runner.DB)

func InitDBRunner

func InitDBRunner(prefix string) (db *runner.DB)

func InitSQLDB

func InitSQLDB(prefix string) (sqlDB *sql.DB)

InitSQLDB is a non-runner DB init for migrating code away from runner.DB

func QSummary

func QSummary(domain string, start int64, end int64) ([]DmarcReportingSummary, DomainSummaryCounts)

QSummary is a summary view of dmarc evaluations per sender Possible cases to consider: 1. Sender company name is resolved -> use name 2. Sender domain but not name is resolved -> use domain 3. Sender domain and name both unresolved -> use IP

Types

type AggregateReport

type AggregateReport struct {
	MessageId         string                  `db:"MessageId"`
	Organization      string                  `xml:"report_metadata>org_name" db:"Organization"`
	Email             string                  `xml:"report_metadata>email" db:"Email"`
	ExtraContact      string                  `xml:"report_metadata>extra_contact_info" db:"ExtraContact"` // minOccurs="0"
	ReportID          string                  `xml:"report_metadata>report_id" db:"ReportID"`
	RawDateRangeBegin string                  `xml:"report_metadata>date_range>begin" db:"RawDateRangeBegin"`
	RawDateRangeEnd   string                  `xml:"report_metadata>date_range>end" db:"RawDateRangeEnd"`
	DateRangeBegin    int64                   `db:"DateRangeBegin"`
	DateRangeEnd      int64                   `db:"DateRangeEnd"`
	Errors            []string                `xml:"report_metadata>error" db:"Errors"`
	Domain            string                  `xml:"policy_published>domain" db:"Domain"`
	AlignDKIM         string                  `xml:"policy_published>adkim" db:"AlignDKIM"` // minOccurs="0"
	AlignSPF          string                  `xml:"policy_published>aspf" db:"AlignSPF"`   // minOccurs="0"
	Policy            string                  `xml:"policy_published>p" db:"Policy"`
	SubdomainPolicy   string                  `xml:"policy_published>sp" db:"SubdomainPolicy"`
	Percentage        int                     `xml:"policy_published>pct" db:"Percentage"`
	FailureReport     string                  `xml:"policy_published>fo" db:"FailureReport"`
	Records           []AggregateReportRecord `xml:"record" db:"Records"`
}

type AggregateReportRecord

type AggregateReportRecord struct {
	SourceIP           string           `xml:"row>source_ip" db:"SourceIP"`
	Count              int64            `xml:"row>count" db:"Count"`
	Disposition        string           `xml:"row>policy_evaluated>disposition" db:"Disposition"` // ignore, quarantine, reject
	EvalDKIM           string           `xml:"row>policy_evaluated>dkim" db:"EvalDKIM"`           // pass, fail
	EvalSPF            string           `xml:"row>policy_evaluated>spf" db:"EvalSPF"`             // pass, fail
	POReason           []POReason       `xml:"row>policy_evaluated>reason" db:"POReason"`
	HeaderFrom         string           `xml:"identifiers>header_from" db:"HeaderFrom"`
	EnvelopeFrom       string           `xml:"identifiers>envelope_from" db:"EnvelopeFrom"`
	EnvelopeTo         string           `xml:"identifiers>envelope_to" db:"EnvelopeTo"` // min 0
	AuthDKIM           []DKIMAuthResult `xml:"auth_results>dkim" db:"AuthDKIM"`         // min 0
	AuthSPF            []SPFAuthResult  `xml:"auth_results>spf" db:"AuthSPF"`
	AggregateReport_id string           `db:"AggregateReport_id"`
	RecordNumber       int64            `db:"RecordNumber"`
}

type ChartContainer

type ChartContainer struct {
	Full []result `json:"full"`
	Pass []result `json:"pass"`
	Fail []result `json:"fail"`
}

ChartContainer structure of result

func GetDmarcDatedWeeklyChart

func GetDmarcDatedWeeklyChart(domain string, start, end int64) (ChartContainer, error)

GetDmarcDatedWeeklyChart returns the weekly dmarc data

type DBConnectInfo

type DBConnectInfo struct {
	// contains filtered or unexported fields
}

type DBHandle

type DBHandle struct {
	DB *sql.DB
	// contains filtered or unexported fields
}

type DKIMAuthResult

type DKIMAuthResult struct {
	Domain             string `xml:"domain" db:"Domain"`
	Selector           string `xml:"selector" db:"Selector"`
	Result             string `xml:"result" db:"Result"`
	HumanResult        string `xml:"human_result" db:"HumanResult"`
	AggregateReport_id string `db:"AggregateReport_id"`
	RecordNumber       int64  `db:"RecordNumber"`
}

type DMARCStats

type DMARCStats struct {
	MessageCount         int64
	DispositionPassCount int64
	SPFAlignedCount      int64
	DKIMAlignedCount     int64
	FullyAlignedCount    int64
	SourceType           string
}

type DmarcDailyBuckets

type DmarcDailyBuckets struct {
	Day     int64
	Passing int64
	Failing int64
}

type DmarcReportingDefault

type DmarcReportingDefault struct {
	SourceIP      string   `json:"source_ip" db:"source_ip"`
	ESP           string   `json:"esp" db:"esp"`
	HostName      string   `json:"host_name" db:"host_name"`
	DomainName    string   `json:"domain_name" db:"domain_name"`
	Country       string   `json:"country" db:"country"`
	MessageCount  int64    `json:"message_count" db:"message_count"`
	Disposition   string   `json:"disposition" db:"disposition"`
	EvalDKIM      string   `json:"eval_dkim" db:"eval_dkim"`
	EvalSPF       string   `json:"eval_spf" db:"eval_spf"`
	ReverseLookup []string `json:"reverse_lookup" db:"reverse_lookup"`
}

DmarcReportingDefault structure used to

func (DmarcReportingDefault) Label

func (d DmarcReportingDefault) Label() (source string, sourceType string)

type DmarcReportingForwarded

type DmarcReportingForwarded struct {
	SourceIP         string   `json:"source_ip" db:"source_ip"`
	ESP              string   `json:"esp" db:"esp"`
	DomainName       string   `json:"domain_name" db:"domain_name"`
	HostName         string   `json:"host_name" db:"host_name"`
	ReverseLookup    []string `json:"reverse_lookup" db:"reverse_lookup"`
	Country          string   `json:"country" db:"country"`
	MessageCount     int64    `json:"message_count" db:"message_count"`
	Disposition      string   `json:"disposition" db:"disposition"`
	EvalDKIM         string   `json:"eval_dkim" db:"eval_dkim"`
	EvalSPF          string   `json:"eval_spf" db:"eval_spf"`
	HeaderFrom       string   `json:"header_from" db:"header_from"`
	EnvelopeFrom     string   `json:"envelope_from" db:"envelope_from"`
	EnvelopeTo       string   `json:"envelope_to" db:"envelope_to"`
	AuthDKIMDomain   []string `json:"auth_dkim_domain" db:"auth_dkim_domain"`
	AuthDKIMSelector []string `json:"auth_dkim_selector" db:"auth_dkim_selector"`
	AuthDKIMResult   []string `json:"auth_dkim_result" db:"auth_dkim_result"`
	AuthSPFDomain    []string `json:"auth_spf_domain" db:"auth_spf_domain"`
	AuthSPFScope     []string `json:"auth_spf_scope" db:"auth_spf_scope"`
	AuthSPFResult    []string `json:"auth_spf_result" db:"auth_spf_result"`
	POReason         []string `json:"po_reason" db:"po_reason"`
	POComment        []string `json:"po_comment" db:"po_comment"`
	Count            int64    `json:"count,omitempty" db:"count"` // used with queries involving SUM(message_count) AS count
}

DmarcReportingForwarded structure feeds the data used to generate detail table

func GetDmarcReportDetail

func GetDmarcReportDetail(startdate, endate, domain, source, sourcetype string) []DmarcReportingForwarded

GetDmarcReportDetail returns the dmarc report details used to be shown on detail panel

type DmarcReportingFull

type DmarcReportingFull struct {
	MessageId         string   `json:"message_id" db:"message_id"`
	RecordNumber      int64    `json:"record_number" db:"record_number"`
	Domain            string   `json:"domain" db:"domain"`
	Policy            string   `json:"policy" db:"policy"`
	SubdomainPolicy   string   `json:"subdomain_policy" db:"subdomain_policy"`
	AlignDKIM         string   `json:"align_dkim" db:"align_dkim"`
	AlignSPF          string   `json:"align_spf" db:"align_spf"`
	Pct               int      `json:"pct" db:"pct"`
	SourceIP          string   `json:"source_ip" db:"source_ip"`
	ESP               string   `json:"esp" db:"esp"`
	OrgName           string   `json:"org_name" db:"org_name"`
	OrgId             string   `json:"org_id" db:"org_id"`
	HostName          string   `json:"host_name" db:"host_name"`
	DomainName        string   `json:"domain_name" db:"domain_name"`
	HostnameMatchesIP string   `json:"host_name_matches_ip" db:"host_name_matches_ip"`
	City              string   `json:"city" db:"city"`
	State             string   `json:"state" db:"state"`
	Country           string   `json:"country" db:"country"`
	Longitude         string   `json:"longitude" db:"longitude"`
	Latitude          string   `json:"latitude" db:"latitude"`
	ReverseLookup     []string `json:"reverse_lookup" db:"reverse_lookup"`
	MessageCount      int64    `json:"message_count" db:"message_count"`
	Disposition       string   `json:"disposition" db:"disposition"`
	EvalDKIM          string   `json:"eval_dkim" db:"eval_dkim"`
	EvalSPF           string   `json:"eval_spf" db:"eval_spf"`
	HeaderFrom        string   `json:"header_from" db:"header_from"`
	EnvelopeFrom      string   `json:"envelope_from" db:"envelope_from"`
	EnvelopeTo        string   `json:"envelope_to" db:"envelope_to"`
	AuthDKIMDomain    []string `json:"auth_dkim_domain" db:"auth_dkim_domain"`
	AuthDKIMSelector  []string `json:"auth_dkim_selector" db:"auth_dkim_selector"`
	AuthDKIMResult    []string `json:"auth_dkim_result" db:"auth_dkim_result"`
	AuthSPFDomain     []string `json:"auth_spf_domain" db:"auth_spf_domain"`
	AuthSPFScope      []string `json:"auth_spf_scope" db:"auth_spf_scope"`
	AuthSPFResult     []string `json:"auth_spf_result" db:"auth_spf_result"`
	POReason          []string `json:"po_reason" db:"po_reason"`
	POComment         []string `json:"po_comment" db:"po_comment"`
	StartDate         int64    `json:"start_date" db:"start_date"`
	EndDate           int64    `json:"end_date" db:"end_date"`
	LastUpdate        string   `json:"last_update" db:"last_update"`
	Id                int64    `json:"id" db:"id"`

} // DmarcReportingFull

DmarcReportingFull ...

type DmarcReportingSummary

type DmarcReportingSummary struct {
	Source               string `json:"source"` // could be name, domain_name, or IP
	TotalCount           int64  `json:"total_count"`
	DispositionPassCount int64  `json:"pass_count"`
	SPFAlignedCount      int64  `json:"spf_aligned_count"`
	DKIMAlignedCount     int64  `json:"dkim_aligned_count"`
	FullyAlignedCount    int64  `json:"fully_aligned_count"`
	SourceType           string `json:"source_type"`
}

DmarcReportingSummary structure used on summary table

type DmarcReportingSummaryList

type DmarcReportingSummaryList []DmarcReportingSummary

func (DmarcReportingSummaryList) Len

func (DmarcReportingSummaryList) Less

func (d DmarcReportingSummaryList) Less(i, j int) bool

func (DmarcReportingSummaryList) Swap

func (d DmarcReportingSummaryList) Swap(i, j int)

type DomainSummaryCounts

type DomainSummaryCounts struct {
	ReportCount       int64 `json:"report_count"`
	MessageCount      int64 `json:"message_count"`
	DKIMAlignedCount  int64 `json:"dkim_aligned_count"`
	SPFAlignedCount   int64 `json:"spf_aligned_count"`
	FullyAlignedCount int64 `json:"fully_aligned_count"`
}

DomainSummaryCounts structure used on calculating the whole volume and passing rate in the time range of one domain

type POReason

type POReason struct {
	Reason             string `xml:"type" db:"Reason"`
	Comment            string `xml:"comment" db:"Comment"`
	AggregateReport_id string `db:"AggregateReport_id"`
	RecordNumber       int64  `db:"RecordNumber"`
}

type SBGeo

type SBGeo struct {
	OrgName           string `json:"org_name" db:"org_name"`
	OrgID             string `json:"org_id" db:"org_id"`
	OrgCategory       string `json:"org_category" db:"org_category"`
	Hostname          string `json:"hostname" db:"hostname"`
	DomainName        string `json:"domain_name" db:"domain_name"`
	HostnameMatchesIP string `json:"hostname_matches_ip" db:"hostname_matches_ip"`
	City              string `json:"city" db:"city"`
	State             string `json:"state" db:"state"`
	Country           string `json:"country" db:"country"`
	Longitude         string `json:"longitude" db:"longitude"`
	Latitude          string `json:"latitude" db:"latitude"`
}

type SPFAuthResult

type SPFAuthResult struct {
	Domain             string `xml:"domain" db:"Domain"`
	Scope              string `xml:"scope" db:"Scope"`
	Result             string `xml:"result" db:"Result"`
	AggregateReport_id string `db:"AggregateReport_id"`
	RecordNumber       int64  `db:"RecordNumber"`
}

type Values

type Values struct {
	Value *int64 `db:"Value" json:"value"`
}

type Volume

type Volume struct {
	Name  int64 `json:"name"`
	Value int64 `json:"value"`
}

Volume Name is the timestamp, Value is the pass/fail quantity on that day

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL