Awesome
Open DMARC Analyzer
Open DMARC Analyzer is an Open Source DMARC Report Analyzer to be used with DMARC reports that have been parsed by Open Report Parser.
Open DMARC Analyzer was written because there didn't seem to be a full-featured self-hosted report analyzer that provided enough details to make heads or tails of a large volume of DMARC reports that come into medium to large-sized organizations. While other solutions required paid subscriptions or have part of it hosted on AWS, Open DMARC Analyzer will run on any webserver that supports PHP 7.4+ and MariaDB 10.5+.
Open DMARC Analyzer Version 1 is an Anomaly <Codebase> project by John Bradley (john@systemanomaly.com)
Minimum Requirements
- Apache 2 or equivalent
- PHP 5 (PHP 7+ required for phpWhois)
- PHP PDO
- MariaDB 10.5 (or equivalent) or PostgreSQL 13
- A database that is pre-populated with data from Open Report Parser
Dependencies
One of the following 2 packages are required to be installed.
It is highly recommended that you install this package using composer. Instructions are found on the package's git page. This is required, and will replace most GeoIP data if you disable the MaxMind DB reader package. This package will require PHP 7 or newer.
PLEASE NOTE: if you are using the jsmitty12/phpWhois package, it does not support PHP 8 properly. Please remove it and use the newer kevinoo/phpWhois package.
A note on this dependency - I've tried to write the one refrence to this external project as optional as possible, and it can almost completely be configured from config.php, due to the limitation of php namespace, I haven't come across a way that won't require you to dig deeper into the code if you happen to chose a compatible library to replace this MaxMind one. If you do wish to replace this library with another compatible one, the line in question is located in includes\functions.php
:
$reader = new MaxMind\Db\Reader(GEO_DB);
It is highly recommended that you install this package using composer. Instructions are found on the package's git page.
You will also need the GeoLite2 database from MaxMind (or any other compatible DB). It can be obtained from here. Open DMARC Analyzer makes use of the GeoLite2 City database.
The MaxMind library is not distributed with this project, and is ultimately an optional feature to the project as a whole, unless you are using PHP 5.
Setting up Open DMARC Analyzer
Obtaining Open DMARC Analyzer through git
is probably the easiest way, in addition to doing occasional pulls to get up-to-date versions.
git clone https://github.com/userjack6880/Open-DMARC-Analyzer.git
Optionally, a zip file of the latest release can be downloaded.
Once downloaded and installed in a desired directory, install either jsmitty12's phpWhois package or the MaxMind DB Reader package through composer. Rename config.php.pub
to config.php
and edit the configuration for your environment (see the next section on Configuration Options for details). Finally, run install.php
to create the database view used by this software package.
install.php
should remove itself and mysql.sql
once complete. If permissions aren't given, install.php
may not delete those files. It is recommended to manually delete these.
Configuration Options
Database Options
define('DB_HOST', 'localhost');
define('DB_USER', 'dmarc');
define('DB_PASS', 'password');
define('DB_NAME', 'dmarc');
define('DB_PORT', '3306'); // default port 3306, 5432 for pgsql
define('DB_TYPE', 'mysql'); // supported mysql and pgsql
Debug Settings
define('DEBUG', 1);
Not Currently Used
Template Settings
define('TEMPLATE','openda');
This will load the visual templated located templates/
. Simply name the directory the template is located in. Do not use a trailing slash.
Package Loader
define('AUTO_LOADER','vendor/autoload.php');
Should not need to change this setting unless using a non-standard composer installation.
GeoIP2 Settings
define('GEO_ENABLE', 1);
define('GEO_DB', 'includes/geolite2.mmdb');
Allows you to select between jsmitty12's phpWhois package and the MaxMind DB Reader package. The default is to use the MaxMind DB Reader package, as it provides the most relevant data to the user. To fall back to the jsmitty12's phpWhois package, change the GEO_ENABLE
option to 0
.
The second option, GEO_DB
is used in conjunction with the MaxMind DB Reader package. The path to the MaxMind GeoIP database is relative to the root of the software package.
Date Range
define('DATE_RANGE', '-1w');
Defines the standard starting date range for data presented. All pages where dates are relevant start at a certain point and end at the time the page is loaded. This option defines where that starting point is, and the increment by which that starting date is changed.
Valid date signifiers are m
, w
, and d
for "month", "week", and "day".
Tested System Configurations
OS | HTTP | PHP | SQL |
---|---|---|---|
Debian 11.6 | Apache 2.4.56 | 8.2.5 | MariaDB 10.5.18 |
Debian 11.6 | Apache 2.4.56 | 8.2.5 | PostgreSQL 13.9 |
Debian 11.6 | Apache 2.4.56 | 7.4.33 | MariaDB 10.5.18 |
Debian 11.6 | Apache 2.4.56 | 7.4.33 | PostgreSQL 13.9 |
CentOS 7.6.1810 | Apache 2.4.6 | 5.4.16 | MariaDB 5.5.65 |
If you have a system configuration not listed, and would like to contribue this data, please provide feedback.
Release Cycle and Versioning
At release, End of Support and End of Life will be determined based on what will be in the next version. Versioning is under the Anomaly Versioning Scheme (2022), as outlined in VERSIONING
under docs
.
Support
Support will be provided as outlined in the following schedule. For more details, see SUPPORT
.
Version | Released | End of Support | End of Life |
---|---|---|---|
Version 1 (Stable) | 15 May 2023 | 15 May 2024 | 31 December 2024 |
Contributing
Public contributions are encouraged. Please review CONTRIBUTING
under docs
for contributing procedures. Additionally, please take a look at our CODE_OF_CONDUCT
. By participating in this project you agree to abide by the Code of Conduct.
Contributors
Primary Contributors
- John Bradley - Initial Work
Thanks to all who contributed and have given feedback.
Licenses and Copyrights
Copyright © 2023 John Bradley (userjack6880). Open DMARC Analyzer is released under GNU GPLv3. See LICENSE
.