OpenDMARK Check (Ubuntu 18.04): Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
(Die Seite wurde neu angelegt: „{{note|Noch in Bearbeitung}} == Links == [https://blog.schaal-24.de/mail/dmarc-reports-erstellen/ https://blog.schaal-24.de/mail/dmarc-reports-erstellen/]…“) |
(→Links) |
||
| (27 dazwischenliegende Versionen desselben Benutzers werden nicht angezeigt) | |||
| Zeile 1: | Zeile 1: | ||
== Installation == | |||
<pre> | |||
sudo apt-get install -y opendmarc | |||
</pre> | |||
Bei der Frage ''Configure database for opendmarc with dbconfig-common?'' die Antwort ''NEIN'' wählen. | |||
== Konfiguration == | |||
Die Datei | |||
<pre> | |||
sudo vi /etc/opendmarc.conf | |||
</pre> | |||
bearbeiten und folgende Parameter anpassen bzw. hinzufügen: | |||
<pre> | |||
AuthservID OpenDMARC | |||
Socket inet:12345@localhost | |||
SyslogFacility opendmarc | |||
TrustedAuthservIDs mail1.kirner.or.at | |||
## Optional | |||
#RejectFailures true | |||
## You may want OpenDMARC to ignore SMTP clients that are successfully | |||
## authenticated via SMTP AUTH. | |||
IgnoreAuthenticatedClients true | |||
## Causes opendmarc to add a "DMARC-Filter" header field indicating the | |||
## presence of this filter in the path of the message from injection to | |||
## delivery. The product's name, version, and the job ID are included in | |||
## the header field's contents. | |||
SoftwareHeader true | |||
## Sets the debug level to be requested from the milter library. | |||
## The default is 0. | |||
#MilterDebug 3 | |||
## This will reject emails that don't conform to email header standards | |||
## as described in RFC5322. For example, if an incoming email doesn't | |||
## have From: header or date: header, it will be rejected. | |||
RequiredHeaders true | |||
## This will cause OpenDMARC to perform a fallback SPF check itself when | |||
## it can find no SPF results in the message header. | |||
SPFSelfValidate true | |||
</pre> | |||
Zum Abschluss den Service neustarten: | |||
<pre> | |||
sudo systemctl restart opendmarc.service | |||
</pre> | |||
== Postfix == | |||
Die Konfigurationsdatei | |||
<pre> | |||
sudo vi /etc/postfix/main.cf | |||
</pre> | |||
bearbeiten und den Socket <code>inet:12345@localhost</code> hinzufügen: | |||
<pre> | |||
## Spamfilter und DKIM-Signaturen via Rspamd / OpenDKIM / OpenDMARC ## | |||
smtpd_milters = inet:localhost:11332, inet:localhost:8892, inet:localhost:12345 | |||
non_smtpd_milters = inet:localhost:11332, inet:localhost:8892, inet:localhost:12345 | |||
milter_protocol = 6 | |||
milter_mail_macros = i {mail_addr} {client_addr} {client_name} {auth_authen} | |||
milter_default_action = accept | |||
</pre> | |||
Danach ''postfix'' neustarten: | |||
<pre> | |||
sudo systemctl restart postfix.service | |||
</pre> | |||
== Testen == | |||
Von einem anderem Account sich selbst eine Mail schicken und dann sollte im Header folgendes zu sehen sein: | |||
[[Datei:DMARC_Check.png]] | |||
== Links == | == Links == | ||
[https:// | [https://www.linuxbabe.com/mail-server/opendmarc-postfix-ubuntu https://www.linuxbabe.com/mail-server/opendmarc-postfix-ubuntu] | ||
[http://www.postfix.org/MILTER_README.html http://www.postfix.org/MILTER_README.html] | |||
[http://www.trusteddomain.org/opendmarc/ http://www.trusteddomain.org/opendmarc/] | |||
Zurück zu [[ | Zurück zu [[OpenDMARK (Ubuntu 18.04)|OpenDMARK]] | ||
Aktuelle Version vom 29. März 2020, 12:11 Uhr
Installation
sudo apt-get install -y opendmarc
Bei der Frage Configure database for opendmarc with dbconfig-common? die Antwort NEIN wählen.
Konfiguration
Die Datei
sudo vi /etc/opendmarc.conf
bearbeiten und folgende Parameter anpassen bzw. hinzufügen:
AuthservID OpenDMARC Socket inet:12345@localhost SyslogFacility opendmarc TrustedAuthservIDs mail1.kirner.or.at ## Optional #RejectFailures true ## You may want OpenDMARC to ignore SMTP clients that are successfully ## authenticated via SMTP AUTH. IgnoreAuthenticatedClients true ## Causes opendmarc to add a "DMARC-Filter" header field indicating the ## presence of this filter in the path of the message from injection to ## delivery. The product's name, version, and the job ID are included in ## the header field's contents. SoftwareHeader true ## Sets the debug level to be requested from the milter library. ## The default is 0. #MilterDebug 3 ## This will reject emails that don't conform to email header standards ## as described in RFC5322. For example, if an incoming email doesn't ## have From: header or date: header, it will be rejected. RequiredHeaders true ## This will cause OpenDMARC to perform a fallback SPF check itself when ## it can find no SPF results in the message header. SPFSelfValidate true
Zum Abschluss den Service neustarten:
sudo systemctl restart opendmarc.service
Postfix
Die Konfigurationsdatei
sudo vi /etc/postfix/main.cf
bearbeiten und den Socket inet:12345@localhost hinzufügen:
## Spamfilter und DKIM-Signaturen via Rspamd / OpenDKIM / OpenDMARC ##
smtpd_milters = inet:localhost:11332, inet:localhost:8892, inet:localhost:12345
non_smtpd_milters = inet:localhost:11332, inet:localhost:8892, inet:localhost:12345
milter_protocol = 6
milter_mail_macros = i {mail_addr} {client_addr} {client_name} {auth_authen}
milter_default_action = accept
Danach postfix neustarten:
sudo systemctl restart postfix.service
Testen
Von einem anderem Account sich selbst eine Mail schicken und dann sollte im Header folgendes zu sehen sein:
Links
https://www.linuxbabe.com/mail-server/opendmarc-postfix-ubuntu
http://www.postfix.org/MILTER_README.html
http://www.trusteddomain.org/opendmarc/
Zurück zu OpenDMARK