From ac559873c389419017174e0aef46236733403261 Mon Sep 17 00:00:00 2001
From: Jim Hague <jim.hague@acm.org>
Date: Thu, 22 Aug 2024 13:26:37 +0100
Subject: [PATCH] Add DMARC report parser configuration.

---
 .../dmarc_reports/dmarcts-report-parser.conf  | 49 +++++++++++++++++++
 states/dmarc_reports/init.sls                 |  8 +++
 2 files changed, 57 insertions(+)
 create mode 100644 states/dmarc_reports/dmarcts-report-parser.conf

diff --git a/states/dmarc_reports/dmarcts-report-parser.conf b/states/dmarc_reports/dmarcts-report-parser.conf
new file mode 100644
index 0000000..9c846fe
--- /dev/null
+++ b/states/dmarc_reports/dmarcts-report-parser.conf
@@ -0,0 +1,49 @@
+################################################################################
+### configuration ##############################################################
+################################################################################
+
+# If IMAP access is not used, config options starting with $imap do not need to
+# be set and are ignored.
+
+$debug = 0;
+$delete_reports = 0;
+
+# Supported types: mysql, Pg. If unset, defaults to mysql
+#$dbtype = 'mysql';
+$dbname = 'dmarc';
+$dbuser = 'dmarc';
+$dbpass = 'password';
+$dbhost = 'dbhost'; # Set the hostname if we can't connect to the local socket.
+$dbport = '3306';
+
+$imapserver       = 'localhost';
+$imapuser         = 'dmarc';
+$imappass         = '{{ pillar['dmarcts']['user_pw'] }}';
+$imapport         = '993';
+$imapssl          = '1';        # If set to 1, remember to change server port to 993 and disable imaptls.
+$imaptls          = '0';        # Enabled as the default and best-practice.
+$tlsverify        = '1';        # Enable verify server cert as the default and best-practice.
+$imapignoreerror  = '0';          # set it to 1 if you see an "ERROR: message_string()
+                                # expected 119613 bytes but received 81873 you may
+                                # need the IgnoreSizeErrors option" because of malfunction
+                                # imap server as MS Exchange 2007, ...
+$imapreadfolder   = 'Inbox';
+
+# If $imapmovefolder is set, processed IMAP messages will be moved (overruled by
+# the --delete option!)
+$imapmovefolder = 'Inbox.processed';
+
+# If $imapmovefoldererr is set, IMAP messages that fail will be moved. If unset, failed messages
+# will move to $imapmovefolder (if it is set). Overruled by the --delete option!
+$imapmovefoldererr = 'Inbox.notProcessed';
+
+# maximum size of XML files to store in database, long files can cause transaction aborts
+$maxsize_xml = 50000;
+# store XML as base64 encopded gzip in database (save space, harder usable)
+$compress_xml = 0;
+
+# if there was an error during file processing (message does not contain XML or ZIP parts,
+# or a database error) the parser reports an error and does not delete the file, even if
+# delete_reports is set (or --delete is given). Deletion can be enforced by delete_failed,
+# however not for database errors.
+$delete_failed = 0;
diff --git a/states/dmarc_reports/init.sls b/states/dmarc_reports/init.sls
index 0186cc6..8ce862a 100644
--- a/states/dmarc_reports/init.sls
+++ b/states/dmarc_reports/init.sls
@@ -21,3 +21,11 @@ dmarcts:
     - grant: all privileges
     - database: dmarcts.*
     - user: dmarcts
+
+/etc/dmarcts-report-parser.conf:
+  file.managed:
+    - source: salt://dmarcts-report-parser/dmarcts-report-parser.conf
+    - template: jinja
+    - user: dmarc
+    - group: dmarc
+    - mode: 600