Email Header Validation¶

This IBM Resilient Function package can be used to analyze DKIM and ARC headers on a RFC822 formatted email. This email can be provide via a Resilient Attachment, Resilient Artifact, or string. Once the analysis is complete, the user is informed if the headers authenticate or not through a Resilient Note.

To install in development mode:¶

pip install -e ./fn_email_header_validation/

To uninstall:¶

pip uninstall fn_email_header_validation

To package for distribution:¶

python ./fn_email_header_validation/setup.py sdist

The resulting .tar.gz file can be installed using

pip install <filename>.tar.gz

How to use the function¶

Import the necessary customization data into the Resilient platform:
```
 resilient-circuits customize
```
This creates the following customization components:
- Function inputs:
  - email_header_validation_target_email
  - artifact_id
  - attachment_id
  - optional_incident_id
- Message Destination: fn_email_header_validation
- Function: email_header_validation_using_dkimarc
- Workflows:
  - example_of_email_header_validation_using_dkimarc_artifact
  - example_of_email_header_validation_using_dkimarc_attachment
- Rule: Email Header Avalidation Using DKIM/ARC
Start Resilient Circuits:
```
resilient-circuits run
```
Trigger the rule.