The expert in malicious email detection
=> Voir le dossier docs pour avoir la documentation du projet.
build-push-check-action : https://forge.cpe.granux.fr/sentimail/build-push-check-action
SentiMail performs three types of analyses on the email:
- Analysis of the sender's IP
- Analysis of the sender's domain
- Analysis of the sender domain's SPF
- Link analysis
- Spelling analysis
- Keyword analysis
- Typo-squatting analysis
- Unusual characters analysis
- Analysis of attachment hashes
- Analysis of attachment file types
For more informations about the technical specifications, please refer to the technical specifications. For more informations about the security plan, please refer to the security plan.
Django
Django REST Framework
RabbitMQ
PostgreSQL
Minio
Docker 
Kubernetes
Traefik
CrowdSec
SonarQube
Harbor- Clone the repository
- Copy the
sample.envfile to.envand fill in the variables - Run
docker compose up -d --build - Open
http://localhost:8000in your browser
- Generate a new API key
- Use the API key in the header of your request:
- Key:
Authorization - Value:
Token <API_KEY>
- Key:
POST /api/submit/Content-Type: multipart/form-data Body:
- Key:
file - Value:
<mail_file>
| Code | Description |
|---|---|
200 |
OK |
400 |
Bad Request |
401 |
Unauthorized |
500 |
Internal Server Error |
curl --location 'http://<ip>/api/submit/' \
--header 'Authorization: Token <API_KEY>' \
--form 'file=@"</path/mail_file>"'{
"uuid": "1574c5a7-2860-4659-a538-6210d074fb3d"
}GET /api/analysis/<uuid>/| Code | Description |
|---|---|
200 |
OK |
400 |
Bad Request |
401 |
Unauthorized |
404 |
Not Found |
500 |
Internal Server Error |
curl --location 'http://<ip>/api/analysis/1574c5a7-2860-4659-a538-6210d074fb3d' \
--header 'Authorization: Token 27cdb16b2189fdc09f008fd901f54306f155697a'{
"uuid": "1574c5a7-2860-4659-a538-6210d074fb3d",
"created_at": "2023-12-14T10:41:45.989923Z",
"user": "anonymous",
"isReady": false,
"responseMetadataIp": "IP is not malicious",
"responseMetadataDomain": "Mail is not malicious",
"responseMetadataSPF": "SPF record is valid"
}GET /api/result/<uuid>/| Code | Description |
|---|---|
200 |
OK |
400 |
Bad Request |
401 |
Unauthorized |
404 |
Not Found |
500 |
Internal Server Error |
curl --location 'http://<ip>/api/result/1574c5a7-2860-4659-a538-6210d074fb3d' \
--header 'Authorization: Token 27cdb16b2189fdc09f008fd901f54306f155697a'{
"uuid": "1574c5a7-2860-4659-a538-6210d074fb3d",
"created_at": "2023-12-14T10:41:45.989923Z",
"user": "anonymous",
"isReady": false,
"responseMetadataIp": "IP is not malicious",
"responseMetadataDomain": "Mail is not malicious",
"responseMetadataSPF": "SPF record is valid"
}PATCH /api/analysis/<uuid>/| Code | Description |
|---|---|
200 |
OK |
400 |
Bad Request |
401 |
Unauthorized |
404 |
Not Found |
500 |
Internal Server Error |
curl --location --request PATCH 'http://<ip>/api/analysis/0b3cf9d0-fcb3-4bf6-9a29-33abcaab4826/' \
--header 'Content-Type: application/json' \
--header 'Authorization: Token 27cdb16b2189fdc09f008fd901f54306f155697a' \
--data '{
"responseMetadataIp": "IP not found in database",
"responseMetadataDomain": "Mail is not malicious",
"responseMetadataSPF": "SPF record is invalid"
}'{
"uuid": "0b3cf9d0-fcb3-4bf6-9a29-33abcaab4826",
"created_at": "2023-12-14T10:41:45.989923Z",
"user": "anonymous",
"isReady": false,
"responseMetadataIp": "IP not found in database",
"responseMetadataDomain": "Mail is not malicious",
"responseMetadataSPF": "SPF record is invalid"
}