pyrua: DMARC Report Toolset

Pyrua is a Python toolset for working with DMARC aggregate reports (RUA reports). It consists of three tools:

• pyrua.analyzer parses aggregate reports and generates statistics.
• pyrua.validator validates reports against an XML Schema Definition (XSD). Its purpose is to identify syntax errors in aggregate reports.
• pyrua.xmlextract extracts XML documents from emails or compressed files.

What pyrua is not: pyrua does not provide integrations into mail servers. It does not perform DMARC message validation and does not generate reports.

Features

• Supports compressed .gz or .zip reports.
• Supports .eml (RFC 5322) files with reports included in the body or as MIME multipart attachment.
• Works on files or folders with reports. Ignores everything that is not XML.
  • Limitation: support for retrieving reports from an IMAP inbox will be added later.
• XSD validator:
  • Adds a missing XML namespace declaration on the fly, which basically every reporter omits but which is necessary for XML Schema validation.
  • Validates reports against an XSD file.

Usage

$ python3 -m pyrua.validator schema/rua.xsd report.xml
Validating report.xml ... OK

Caveats with XSD Validation

• DMARC RFC 7489 points to the XML target namespace http://dmarc.org/dmarc-xml/0.1, which happens to contain a rua.xsd file. This is not the XML Schema from RFC 7489, but an older one. However, many reporters use the old schema. The most prominent difference is the lack of the <version> field.
• Pyrua ships with rfc7489.xsd, which (unsurprisingly) is the XML Schema from RFC 7489. However, the RFC 7489 schema is broken due to an incomplete namespace declaration.
• Both schemata use an improper regex for IP addresses, which will trigger validation errors on valid IPv6 addresses.

Bottom line: Both schemata are garbage. Use rua_fixed.xsd or rfc7489_fixed.xsd instead.

Other Usages

$ python3 -m pyrua.xmlextract report.eml

See example input and output.

$ python3 -m pyrua.analyzer reports-folder/

See example output.

Installation

Prerequisites

• Python 3
• lxml
• publicsuffix2 (only for pyrua.analyzer)

Download

• pyrua-0.3.tar.gz