DMARC Aggregate Report parsing?

DMARC reports arrive an email attachment (.GZ, .ZIP, or rarely .XML file extensions). The steps to process them are:

1) Open the email and export the attachment.

2) Extract the .GZ or .ZIP file to a .XML file

3) Parse the XML file (in my case into SQL)

I have tools to do step 2 and step 3, but the first step is currently a tedious manual process, and I am not a REST API programmer. Does someone have code to do the first step? I would be happy to share my code that pulls the XML into SQL tables.

Zach Sylvester Replied

11/17/2022 at 7:09 AM

Employee Post

Hey Doug,

Thanks for the question. I don't have a script on hand to do this. But it seems like it would be pretty easy to do with python.

Check out this learning material.

https://www.geeksforgeeks.org/how-to-store-xml-data-into-a-mysql-database-using-python/

Please let me know if this helps.

Kind Regards,

Zach Sylvester System/Network Administrator SmarterTools Inc. (877) 357-6278 www.smartertools.com

Douglas Foster Replied

11/17/2022 at 7:36 AM

The XML piece is solved. Microsoft SQL has specific features for importing XML, so the hardest part was learning the correct syntax.

My current problem is automating the process of walking the inbox to export the attachments on new messages.

As it turns out, the ideal tool needs to capture message metadata as well as the attachment, as these values can also be significant for some messages sources. The additional data to be captured is:

The message From address

The subject text, which should be in form: Report Domain: example.com Submitter: google.com Report-ID: <random-unique-string>

I suppose solving this part of the problem would require creating two messages from every email, the attachment file itself and a text file with the metadata and a pointer to the attachment file. Then the import process becomes more complicated as well.

2 Replies

Reply to Thread

Related Knowledge Base Articles

2 Replies

Reply to Thread

Tags

Related Knowledge Base Articles