A lightweight selfhosted standalone DMARC report viewer that automatically fetches input data periodically from an IMAP mailbox.
Ideal for smaller selfhosted mailservers. The application is a single executable written in Rust. It combines the DMARC report parser with an IMAP client and an HTTP server for easy access of the reports. You can run the executable directly on any Linux, Windows or MacOS system. Alternatively, you can use the tiny 10 MB Docker image to deploy the application.
- Lightweight Docker image for easy deployment
- Secure IMAP client
- Automatic fetching of reports from IMAP inbox
- Robust parsing of XML DMARC reports
- Embedded HTTP server for web UI
- Automatic HTTPS via ACME/Let's Encrypt
- Basic Auth password protection for HTTP server
- Easy configuration via command line arguments or ENV variables
- Configurable maximum size of mails (prevents downloading and parsing)
- Summary with charts for domains, organizations and passed/failed checks
- Viewing filtered lists of reports
- Viewing of individual DMARC reports
- Show all parsing errors for DMARC reports
- List all mails in the IMAP inbox
- Viewing of individual mail metadata with a list of extracted reports
The latest version is always published automatically as Docker image in the GitHub container registry.
You can download the image using the command sudo docker pull ghcr.io/cry-inc/dmarc-report-viewer.
List all available configuration parameters with the corresponding environment variables by running this command:
sudo docker run --rm ghcr.io/cry-inc/dmarc-report-viewer ./dmarc-report-viewer --help.
You can configure the application with command line arguments or environment variables. For the Docker use case, environment variables are recommended. Do not forget to forward the port for the HTTP server!
Here is an example:
sudo docker run --rm \
-e IMAP_HOST=imap.mymailserver.com \
-e [email protected] \
-e IMAP_PASSWORD=mysecurepassword \
-e HTTP_SERVER_PORT=8123 \
-e HTTP_SERVER_USER=webui-user \
-e HTTP_SERVER_PASSWORD=webui-password \
-p 8123:8123 \
ghcr.io/cry-inc/dmarc-report-viewer
By default, the application will start an unencrypted and unsecure HTTP server. It is strongly recommended use the automatic HTTPS feature that will automatically fetch and renew a certificate from Let's Encrypt. This feature uses the TLS-ALPN-01 challenge, which uses the HTTPS port 443 also for the challenge. No port 80 required! Alternatively, you can use an separate HTTPS reverse proxy like Caddy to secure it.
To use the automatic HTTPS feature you need to make sure that the public port exposed to the internet is 443. You should also persist the certificate caching directory on your host file system:
sudo docker run --rm \
-e IMAP_HOST=imap.mymailserver.com \
-e [email protected] \
-e IMAP_PASSWORD=mysecurepassword \
-e HTTP_SERVER_PORT=8443 \
-e HTTP_SERVER_USER=webui-user \
-e HTTP_SERVER_PASSWORD=webui-password \
-e HTTPS_AUTO_CERT=true \
-e HTTPS_AUTO_CERT_CACHE=/certs \
-e [email protected] \
-e HTTPS_AUTO_CERT_DOMAIN=dmarc.mymailserver.com \
-v /host/cert/folder:/certs \
-p 443:8443 \
ghcr.io/cry-inc/dmarc-report-viewer
- Install Rust (see https://rustup.rs/)
- Check out this repository or download and extract the ZIP
- Run the command
cargo build --releasein the folder with this README file - Find the compiled executable in the folder
target/release - Use the help argument to list all possible configuration parameters:
dmarc-report-viewer --help
Use the command docker build . --pull --tag dmarc-report-viewer to build the tiny Docker image.
- https://github.com/bbustin/dmarc_aggregate_parser was used as foundation for the slightly modified DMARC report parser
- Charts.js and Lit as embedded as JavaScript libraries for the UI
- All the other Rust dependencies in Cargo.toml that make this application possible!