Skip to content

Lightweight Standalone DMARC Report Viewer with IMAP Client

License

Notifications You must be signed in to change notification settings

cry-inc/dmarc-report-viewer

Repository files navigation

DMARC Report Viewer

Build Status No Unsafe License: MIT Dependencies

A lightweight selfhosted standalone DMARC report viewer that automatically fetches input data periodically from an IMAP mailbox.

Ideal for smaller selfhosted mailservers. The application is a single fully statically linked executable written in Rust. It combines a DMARC report parser with an IMAP client and an HTTP server. The HTTP server serves a web UI for easy access and filtering of the reports.

You can run the precompiled executable directly on any Linux, Windows or MacOS system. Alternatively, you can use the tiny 10 MB Docker image to deploy the application. It is also easy to build the application directly from source.

Screenshot of Dashboard

Features

  • Lightweight Docker image for easy deployment
  • Secure IMAP client (TLS & STARTTLS)
  • Automatic fetching of reports from IMAP inbox
  • Robust parsing of XML DMARC reports
  • Embedded HTTP server for web UI
  • Automatic HTTPS via ACME/Let's Encrypt
  • Basic Auth password protection for HTTP server
  • Easy configuration via command line arguments or ENV variables
  • Configurable maximum size of mails (to skip oversized documents)
  • Summary with charts for domains, organizations and passed/failed checks
  • Viewing filtered lists of reports
  • Viewing of individual DMARC reports
  • Export DMARC reports as XML or JSON documents
  • List all mails in the IMAP inbox
  • Viewing of individual mail metadata with a list of extracted reports
  • Show parsing errors for DMARC reports

Changelog

Read the CHANGELOG.md file for a list of all released versions and their corresponding changes.

Run with Docker

The latest version is automatically published as Docker image in the GitHub container registry. You can download the image using the command sudo docker pull ghcr.io/cry-inc/dmarc-report-viewer.

Available Docker Tags

The followng tags are available aside from the versioned tag for all individual releases:

  • latest (Latest stable release)
  • develop (Last build from master branch)

Configuration

List all available configuration parameters with the corresponding environment variables by running this command: sudo docker run --rm ghcr.io/cry-inc/dmarc-report-viewer ./dmarc-report-viewer --help.

You can configure the application with command line arguments or environment variables. For the Docker use case, environment variables are recommended. Do not forget to forward the port for the HTTP server!

Here is an example:

sudo docker run --rm \
  -e IMAP_HOST=imap.mymailserver.com \
  -e [email protected] \
  -e IMAP_PASSWORD=mysecurepassword \
  -e HTTP_SERVER_PORT=8123 \
  -e HTTP_SERVER_USER=webui-user \
  -e HTTP_SERVER_PASSWORD=webui-password \
  -p 8123:8123 \
  ghcr.io/cry-inc/dmarc-report-viewer

IMAP with STARTTLS

By default the IMAP client will attempt to use a TLS encrypted connection using port 993. For STARTTLS set the ENV variables IMAP_STARTTLS=TRUE and IMAP_PORT=143.

HTTPS for UI

By default, the application will start an unencrypted and unsecure HTTP server. It is strongly recommended use the automatic HTTPS feature that will automatically fetch and renew a certificate from Let's Encrypt. This feature uses the TLS-ALPN-01 challenge, which uses the HTTPS port 443 also for the challenge. No port 80 required! Alternatively, you can use an separate HTTPS reverse proxy like Caddy to secure it.

To use the automatic HTTPS feature you need to make sure that the public port exposed to the internet is 443. You should also persist the certificate caching directory on your host file system:

sudo docker run --rm \
  -e IMAP_HOST=imap.mymailserver.com \
  -e [email protected] \
  -e IMAP_PASSWORD=mysecurepassword \
  -e HTTP_SERVER_PORT=8443 \
  -e HTTP_SERVER_USER=webui-user \
  -e HTTP_SERVER_PASSWORD=webui-password \
  -e HTTPS_AUTO_CERT=true \
  -e HTTPS_AUTO_CERT_CACHE=/certs \
  -e [email protected] \
  -e HTTPS_AUTO_CERT_DOMAIN=dmarc.mymailserver.com \
  -v /host/cert/folder:/certs \
  -p 443:8443 \
  ghcr.io/cry-inc/dmarc-report-viewer

Build from Source

  1. Install Rust toolchain (see https://rustup.rs/)
  2. Check out this repository (or download and extract the ZIP file)
  3. Run the command cargo build --release in the folder with this README file
  4. Find the compiled executable in the folder target/release
  5. Use the help argument to list all possible configuration parameters: dmarc-report-viewer --help

Docker Builds (Linux only)

Use the command docker build . --pull --tag dmarc-report-viewer to build the tiny Docker image.

Acknowledgments