Script choking on malformed report
Closed this issue · 3 comments
Hi there,
I've been processing a load of reports and the script chokes on a malformed comcast report with empty auth_results element:
<auth_results>
</auth_results>
I'm guessing this contravenes the DMARC rfc.
The script returns the following before exiting:
Can't use string ("") as a HASH ref while "strict refs" in use at ./dmarcts-report-parser.pl line 575.
Maybe the script can be fixed to skip such entries instead of exiting.
I would add that the script seems to hang whenever it finds in the mailbox a message that is not a dmarc report at all - eg: delivery error bounces, spam that's been able to reach to the inbox, etc.
It would be good if it would just skip such messages and go on with next ones.
The script also fails if the "reason" child element of "policy_evaluated" section is an empty string:
<policy_evaluated>
<disposition>none</disposition>
<dkim>pass</dkim>
<reason></reason>
<spf>pass</spf>
</policy_evaluated>The error message for this case is
Can't use string ("") as an ARRAY ref while "strict refs" in use at ./dmarcts-report-parser.pl line 598.
I haven't seen further reports of this, or been able to reproduce. Happy to take any pull requests if people see more of this.
@lonestaritaly - That is a totally valid thought and something I've wrestled with. My concern is that it would then potentially, silently skip over DMARC messages it didn't know how to handle. You could end up missing a bunch of reports and not know it. I prefer to filter known valid DMARC report sources to a subfolder and process those. Then the NDR or other random messages are left in the Inbox. I can then sort through and figure out a) Why the garbage messages are there and b) why some DMARC messages aren't getting filtered to the subfolder. Maybe it is something that could be an option/flag? Happy to take Pull requests!