diff --git a/.vscode/settings.json b/.vscode/settings.json index 64c5fba6..f7b3ce93 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -97,9 +97,12 @@ "Servernameone", "setuptools", "smartquotes", + "SMTPTLS", "sourcetype", "STARTTLS", "tasklist", + "tlsa", + "tlsrpt", "toctree", "TQDDM", "tqdm", @@ -114,6 +117,7 @@ "Vhcw", "viewcode", "virtualenv", + "WBITS", "webmail", "Wettbewerber", "Whalen", diff --git a/parsedmarc/__init__.py b/parsedmarc/__init__.py index 344100c9..3e538dbe 100644 --- a/parsedmarc/__init__.py +++ b/parsedmarc/__init__.py @@ -217,9 +217,11 @@ def _parse_smtp_tls_failure_details(failure_details): ) if "sending-mta-ip" in failure_details: - new_failure_details["sending_mta_ip"] = failure_details["sending-mta-ip"] + new_failure_details["sending_mta_ip"] = failure_details[ + "sending-mta-ip"] if "receiving-ip" in failure_details: - new_failure_details["receiving_ip"] = failure_details["receiving-ip"] + new_failure_details["receiving_ip"] = failure_details[ + "receiving-ip"] if "receiving-mx-hostname" in failure_details: new_failure_details["receiving_mx_hostname"] = failure_details[ "receiving-mx-hostname"] @@ -366,10 +368,10 @@ def parsed_smtp_tls_reports_to_csv(reports): """ fields = ["organization_name", "begin_date", "end_date", "report_id", - "result_type", "successful_session_count", "failed_session_count", - "policy_domain", "policy_type", "policy_strings", - "mx_host_patterns", "sending_mta_ip", "receiving_ip", - "receiving_mx_hostname", "receiving_mx_helo", + "result_type", "successful_session_count", + "failed_session_count", "policy_domain", "policy_type", + "policy_strings", "mx_host_patterns", "sending_mta_ip", + "receiving_ip", "receiving_mx_hostname", "receiving_mx_helo", "additional_info_uri", "failure_reason_code"] csv_file_object = StringIO(newline="\n") @@ -463,7 +465,7 @@ def parse_aggregate_report_xml(xml, ip_db_path=None, offline=False, new_report_metadata["report_id"] = report_id date_range = report["report_metadata"]["date_range"] if int(date_range["end"]) - int(date_range["begin"]) > 2*86400: - _error = "Timespan > 24 hours - RFC 7489 section 7.2" + _error = "Time span > 24 hours - RFC 7489 section 7.2" errors.append(_error) date_range["begin"] = timestamp_to_human(date_range["begin"]) date_range["end"] = timestamp_to_human(date_range["end"]) diff --git a/parsedmarc/cli.py b/parsedmarc/cli.py index d1c505ca..a7b13310 100644 --- a/parsedmarc/cli.py +++ b/parsedmarc/cli.py @@ -18,10 +18,9 @@ from tqdm import tqdm from parsedmarc import get_dmarc_reports_from_mailbox, watch_inbox, \ - parse_report_file, get_dmarc_reports_from_mbox, elastic, opensearch, kafkaclient, \ - splunk, save_output, email_results, ParserError, __version__, \ - InvalidDMARCReport, s3, syslog, loganalytics - + parse_report_file, get_dmarc_reports_from_mbox, elastic, opensearch, \ + kafkaclient, splunk, save_output, email_results, ParserError, \ + __version__, InvalidDMARCReport, s3, syslog, loganalytics from parsedmarc.mail import IMAPConnection, MSGraphConnection, GmailConnection from parsedmarc.mail.graph import AuthMethod @@ -1067,8 +1066,9 @@ def process_reports(reports_): opts.opensearch_password, opts.opensearch_apiKey, timeout=opts.opensearch_timeout) - opensearch.migrate_indexes(aggregate_indexes=[os_aggregate_index], - forensic_indexes=[os_forensic_index]) + opensearch.migrate_indexes( + aggregate_indexes=[os_aggregate_index], + forensic_indexes=[os_forensic_index]) except opensearch.OpenSearchError: logger.exception("OpenSearch Error") exit(1) diff --git a/parsedmarc/elastic.py b/parsedmarc/elastic.py index 4b0093ce..07c3f9e6 100644 --- a/parsedmarc/elastic.py +++ b/parsedmarc/elastic.py @@ -746,7 +746,8 @@ def save_smtp_tls_report_to_elasticsearch(report, ip_address=ip_address, receiving_ip=receiving_ip, receiving_mx_helo=receiving_mx_helo, - failed_session_count=failure_detail["failed_session_count"], + failed_session_count=failure_detail[ + "failed_session_count"], sending_mta_ip=sending_mta_ip, receiving_mx_hostname=receiving_mx_hostname, additional_information_uri=additional_information_uri, diff --git a/parsedmarc/opensearch.py b/parsedmarc/opensearch.py index 3b1f3eb1..ae444372 100644 --- a/parsedmarc/opensearch.py +++ b/parsedmarc/opensearch.py @@ -239,7 +239,7 @@ def set_hosts(hosts, use_ssl=False, ssl_cert_path=None, Sets the OpenSearch hosts to use Args: - hosts (str|list): A single hostname or URL, or list of hostnames or URLs + hosts (str|list): A hostname or URL, or list of hostnames or URLs use_ssl (bool): Use an HTTPS connection to the server ssl_cert_path (str): Path to the certificate chain username (str): The username to use for authentication @@ -406,10 +406,10 @@ def save_aggregate_report_to_opensearch(aggregate_report, "with a date range of {3} UTC to {4} UTC already " "exists in " "OpenSearch".format(report_id, - org_name, - domain, - begin_date_human, - end_date_human)) + org_name, + domain, + begin_date_human, + end_date_human)) published_policy = _PublishedPolicy( domain=aggregate_report["policy_published"]["domain"], adkim=aggregate_report["policy_published"]["adkim"], @@ -542,11 +542,9 @@ def save_forensic_report_to_opensearch(forensic_report, raise AlreadySaved("A forensic sample to {0} from {1} " "with a subject of {2} and arrival date of {3} " "already exists in " - "OpenSearch".format(to_, - from_, - subject, - arrival_date_human - )) + "OpenSearch".format( + to_, from_, subject, arrival_date_human + )) parsed_sample = forensic_report["parsed_sample"] sample = _ForensicSampleDoc(