Skip to content

dragoangel/parsedmarc-dockerized

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

33 Commits
nginx
nginx
 
 
parsedmarc
parsedmarc
 
 
LICENSE
LICENSE
 
 
ParceDMARC-Sample.png
ParceDMARC-Sample.png
 
 
README.md
README.md
 
 
docker-compose.yml
docker-compose.yml
 
 

Repository files navigation

📧 parsedmarc-dockerized

ℹ️ Info

This stack includes:

  • ParseDMARC image to analizing reports (builded from Dockerfile, use pypy image)
  • Elasticsearch & Kibana to store and visualize parsed data
  • Nginx to handle basic authorization and SSL offloading

🛡️ Security note

Please note that the Fail2Ban technique is not implemented, so posting this project on the Internet 🌐 can be risky.

You yourself are responsible for your actions.

The author recommends restricting Nginx access only to trusted IP addresses.

The project is delivered as is without any warranty.

To update parsedmarc:

cd parsedmarc-dockerized
docker-compose build --no-cache --pull parsedmarc
docker-compose pull
docker-compose up -d

⚙️ How-to deploy from scratch

First of all you need to have 🐳 Docker and :octocat: Docker Compose.

  1. Learn how to install Docker and Docker Compose. Quick installation for most operation systems:
  • Docker
curl -sSL https://get.docker.com/ | CHANNEL=stable sh
# After the installation process is finished, you may need to enable the service and make sure it is started (e.g. CentOS 7)
systemctl enable docker.service
systemctl start docker.service
  • Docker-Compose
curl -L https://github.com/docker/compose/releases/download/1.29.2/docker-compose-Linux-x86_64 > /usr/local/bin/docker-compose
chmod +x /usr/local/bin/docker-compose
  1. Clone the master branch of the repository.
git clone https://github.com/dragoangel/parsedmarc-dockerized
cd parsedmarc-dockerized
  1. Change [imap] configuration and tweak parsedmarc/parsedmarc.ini to your needs. Syntax and description avaible here
[imap]
host = imap.example.com
user = [email protected]
password = somepassword
  1. Enable IP geolocation by installing GeoIP Update software. And edit docker-compose.yml to enable access to the MaxMind databases on your host system.
volumes:
  - ./parsedmarc/parsedmarc.ini:/etc/parsedmarc.ini:z
  - /path/to/GeoIP:/usr/share/GeoIP
  1. Create nginx/htpasswd to provide Basic-Authentification for Nginx. Change dnf to your package manager and anyusername to your needs. In end you will be prompted to enter password to console.
dnf install -y httpd-tools
htpasswd -c nginx/htpasswd anyusername
  1. Generate & put your SSL keypair kibana.crt and kibana.key to nginx/ssl folder.

There are to many posible solutuins like Let's Encrypt, private PKI or self-hosted certificates.

It all up to you what to use. Note: for Let's Encrypt you need modify nginx configs to support it. You can use local ACME or modify docker-compose image.

  1. Create needed folders and configure permissions.
mkdir -p elasticsearch/data
chown 1000:0 elasticsearch/data
chmod 755 elasticsearch/data
chown -R 0:101 nginx/*
chmod 640 nginx/htpasswd
chmod 640 nginx/ssl/kibana.key

  1. Tune vm.max_map_count on your OS, original how-to avaible here.

  2. Start stack.

docker-compose up -d
  1. Download & Import Kibana Saved Objects export.ndjson.

Go to https://parsedmarc.example.com/app/management/kibana/objects click on Import.

Import downloaded export.ndjson with override.

Dashboard Sample

ParceDMARC-Sample

About

Self-hosted open source DMARC report processing services

Resources

Readme

License

GPL-3.0 license
Activity

Stars

75 stars

Watchers

6 watching

Forks

23 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 6

Languages