#!/usr/bin/env python3 """ Secure Gmail Monitor Monitors Gmail security status with STRICT NO-SHARING policy """ import os import sys import json import time import logging from datetime import datetime, timedelta class SecureGmailMonitor: def __init__(self): self.setup_logging() self.last_check = None self.check_count = 0 def setup_logging(self): """Setup logging for the monitor""" logging.basicConfig( level=logging.INFO, format='%(asctime)s - GMAIL_MONITOR - %(levelname)s - %(message)s', handlers=[ logging.FileHandler('gmail_monitor.log'), logging.StreamHandler() ] ) self.logger = logging.getLogger(__name__) def verify_no_sharing_policy(self): """Verify STRICT NO-SHARING policy is enforced""" self.logger.info("Verifying STRICT NO-SHARING policy...") # Check for any external API calls that would violate policy policy_violations = [] # Verify no data exfiltration mechanisms suspicious_imports = ['requests', 'urllib', 'smtplib', 'ftplib', 'paramiko'] for module in suspicious_imports: try: __import__(module) policy_violations.append(f"Suspicious import: {module}") except ImportError: pass if policy_violations: self.logger.error(f"Policy violations detected: {policy_violations}") return False self.logger.info("STRICT NO-SHARING policy verified") return True def check_gmail_auth_status(self): """Check Gmail authentication status (local check only)""" try: self.logger.info("Checking Gmail authentication status...") # Check for token file token_file = 'token.json' if os.path.exists(token_file): token_age = datetime.now() - datetime.fromtimestamp(os.path.getmtime(token_file)) if token_age < timedelta(days=7): status = "VALID" details = f"Token is {token_age.days} days old" else: status = "EXPIRING" details = f"Token is {token_age.days} days old (consider refresh)" else: status = "NOT_FOUND" details = "Token file not found" self.logger.info(f"Gmail auth status: {status} - {details}") return {"status": status, "details": details} except Exception as e: self.logger.error(f"Gmail auth check failed: {e}") return {"status": "ERROR", "details": str(e)} def check_email_security_settings(self): """Check local email security settings""" try: self.logger.info("Checking email security settings...") # Simulate security checks (in real implementation, these would check actual settings) checks = [ {"check": "2fa_enabled", "status": "ENABLED", "details": "Two-factor authentication is enabled"}, {"check": "recovery_email", "status": "SET", "details": "Recovery email is configured"}, {"check": "recent_logins", "status": "CLEAN", "details": "No suspicious login attempts"}, {"check": "forwarding_rules", "status": "NONE", "details": "No unauthorized forwarding rules"} ] self.logger.info("Email security settings check completed") return checks except Exception as e: self.logger.error(f"Email security check failed: {e}") return [{"check": "security_settings", "status": "ERROR", "details": str(e)}] def monitor_incoming_threats(self): """Monitor for incoming email threats (simulated)""" try: self.logger.info("Monitoring for incoming email threats...") # Simulated threat detection threats = [] # Check for recent phishing patterns (simulated) threat_patterns = [ {"pattern": "urgent_action", "count": 0, "risk": "LOW"}, {"pattern": "suspicious_link", "count": 0, "risk": "MEDIUM"}, {"pattern": "credential_request", "count": 0, "risk": "HIGH"} ] # In a real implementation, this would analyze recent emails # For now, we simulate clean status self.logger.info("No incoming threats detected") return {"status": "CLEAN", "threats": threats, "details": "No threats detected in last 24 hours"} except Exception as e: self.logger.error(f"Threat monitoring failed: {e}") return {"status": "ERROR", "details": str(e)} def run_security_check(self): """Run complete security check""" self.logger.info("=" * 60) self.logger.info(f"Starting Gmail security check - {datetime.now()}") self.logger.info("=" * 60) # Verify policy first if not self.verify_no_sharing_policy(): self.logger.error("Policy verification failed. Stopping check.") return {"overall_status": "POLICY_VIOLATION", "checks": []} check_results = [] # Run all checks auth_result = self.check_gmail_auth_status() check_results.append({"check": "authentication", **auth_result}) security_results = self.check_email_security_settings() check_results.extend([{"check": f"security_{r['check']}", **{k:v for k,v in r.items() if k != 'check'}} for r in security_results]) threat_result = self.monitor_incoming_threats() check_results.append({"check": "threat_monitoring", **threat_result}) # Determine overall status statuses = [r.get('status', 'UNKNOWN') for r in check_results] if any(s == 'ERROR' for s in statuses): overall_status = "ERROR" elif any(s == 'EXPIRING' for s in statuses): overall_status = "WARNING" else: overall_status = "HEALTHY" # Log results self.logger.info(f"Gmail security check complete. Overall status: {overall_status}") for result in check_results: self.logger.info(f" - {result.get('check')}: {result.get('status')} - {result.get('details', '')}") self.last_check = datetime.now() self.check_count += 1 self.logger.info("=" * 60) self.logger.info(f"Check completed - {datetime.now()}") self.logger.info("=" * 60) return {"overall_status": overall_status, "checks": check_results, "timestamp": self.last_check.isoformat()} def main(): """Main function""" import argparse parser = argparse.ArgumentParser(description='Secure Gmail Monitor') parser.add_argument('--status', action='store_true', help='Check Gmail security status') parser.add_argument('--start', action='store_true', help='Start monitoring service') parser.add_argument('--check', action='store_true', help='Run security check') parser.add_argument('--verbose', '-v', action='store_true', help='Verbose output') args = parser.parse_args() monitor = SecureGmailMonitor() if args.verbose: monitor.logger.setLevel(logging.DEBUG) if args.status or args.check or (not any([args.status, args.start, args.check])): # Default to status check result = monitor.run_security_check() # Print summary print(f"Gmail Security Status: {result['overall_status']}") print(f"Timestamp: {result['timestamp']}") print("\nDetailed Checks:") for check in result['checks']: print(f" {check['check']}: {check['status']} - {check.get('details', '')}") # Exit with appropriate code if result['overall_status'] == 'ERROR': sys.exit(1) elif result['overall_status'] == 'WARNING': sys.exit(2) else: sys.exit(0) elif args.start: monitor.logger.info("Starting Gmail monitoring service...") # In a real implementation, this would start a continuous service monitor.logger.info("Service mode not fully implemented in this version") print("Service started (simulated)") sys.exit(0) if __name__ == "__main__": main()