Create DMARC-Reports 1

After the DMARC Records checks in DMARC check on Debian Wheezy, I show how reports can be created and sent.

First, we need a mysql database and a user to save the DMARC checks. Invoke mysql and run:

CREATE DATABASE opendmarc;
CREATE USER 'opendmarc'@'127.0.0.1' IDENTFIED BY 'top_secret';
GRANT ALL PRIVILEGES ON opendmarc.* TO 'opendmarc'@'127.0.0.1' IDENTIFIED BY 'top_secret';
FLUSH PRIVILEGES;
quit;


Thereafter, the structure for the table is generated:

mysql opendmarc -u opendmarc_user -ptop_secret < /usr/share/doc/opendmarc/mkdb.mysql

I have a simple script that imported via cronjobs the data in the database and creates reports daily and deletes entries that are older than 90 days.
The variables must be defined only if they differ from the default values (eg. Other SQL user or a remote server).

#!/bin/bash
# Script to create DMARC reports
#
# Created: 12/03/2014
# Version: 1.0
# Author: Florian Schaal (info@schaal-24.de)
#
# Copyright (c) 2014 Florian Schaal (info@schaal-24.de.)
# All rights reserved.
#
# This script is free software
# you can redistribute it and/or modify it under
# the terms of the GNU General Public License.
# See http://www.fsf.org/licensing/licenses/gpl.html
#
# This script is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY;
# without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

case $1 in
import)
if [ -e $DAT_FILE ]; then
/usr/sbin/opendmarc-import < $DAT_FILE &> /dev/null
fi
;;
report)
if [ ! -d "$REPORT_DIR" ]; then mkdir -p $REPORT_DIR; fi
cd $REPORT_DIR
/usr/sbin/opendmarc-reports --day --keepfiles --verbose --report-email $REPORT_EMAIL
;;
expire)
/usr/sbin/opendmarc-expire --expire=90
;;
*)
echo use "import", "report" or "expire"
;;
esac


And the crontab looks like this:

# dmarc
0 */2 * * * /root/scripts/dmarc.sh import
15 0 * * * /root/scripts/dmarc.sh report
0 1 * * * /root/scripts/dmarc.sh expire