OpenDMARK Check (Ubuntu 18.04): Unterschied zwischen den Versionen

Aus Tutorials
Zur Navigation springen Zur Suche springen
 
(20 dazwischenliegende Versionen desselben Benutzers werden nicht angezeigt)
Zeile 1: Zeile 1:
{{note|Noch in Bearbeitung}}
== Installation ==
== Installation ==


Zeile 11: Zeile 8:


== Konfiguration ==
== Konfiguration ==
Die Datei


<pre>
<pre>
Zeile 16: Zeile 15:
</pre>
</pre>


{{note|27.03.2020}}
bearbeiten und folgende Parameter anpassen bzw. hinzufügen:
 
<pre>
AuthservID OpenDMARC
 
Socket inet:12345@localhost
 
SyslogFacility opendmarc
 
TrustedAuthservIDs mail1.kirner.or.at
 
## Optional
#RejectFailures true
 
## You may want OpenDMARC to ignore SMTP clients that are successfully
## authenticated via SMTP AUTH.
IgnoreAuthenticatedClients true
 
## Causes opendmarc to add a "DMARC-Filter" header field indicating the
## presence of this filter in the path of the message from injection to
## delivery. The product's name, version, and the job ID are included in
## the header field's contents.
SoftwareHeader true
 
## Sets the debug level to be requested from the milter library.
## The default is 0.
#MilterDebug 3
 
## This will reject emails that don't conform to email header standards
## as described in RFC5322. For example, if an incoming email doesn't
## have From: header or date: header, it will be rejected.
RequiredHeaders true
 
## This will cause OpenDMARC to perform a fallback SPF check itself when
## it can find no SPF results in the message header.
SPFSelfValidate true
</pre>
 
Zum Abschluss den Service neustarten:
 
<pre>
sudo systemctl restart opendmarc.service
</pre>
 
== Postfix ==
 
Die Konfigurationsdatei
 
<pre>
sudo vi /etc/postfix/main.cf
</pre>
 
bearbeiten und den Socket <code>inet:12345@localhost</code> hinzufügen:
 
<pre>
## Spamfilter und DKIM-Signaturen via Rspamd / OpenDKIM / OpenDMARC ##
smtpd_milters = inet:localhost:11332, inet:localhost:8892, inet:localhost:12345
non_smtpd_milters = inet:localhost:11332, inet:localhost:8892, inet:localhost:12345
milter_protocol = 6
milter_mail_macros =  i {mail_addr} {client_addr} {client_name} {auth_authen}
milter_default_action = accept
</pre>
 
Danach ''postfix'' neustarten:
 
<pre>
sudo systemctl restart postfix.service
</pre>
 
== Testen ==
 
Von einem anderem Account sich selbst eine Mail schicken und dann sollte im Header folgendes zu sehen sein:
 
[[Datei:DMARC_Check.png]]


== Links ==
== Links ==


[https://www.linuxbabe.com/mail-server/opendmarc-postfix-ubuntu https://www.linuxbabe.com/mail-server/opendmarc-postfix-ubuntu]
[https://www.linuxbabe.com/mail-server/opendmarc-postfix-ubuntu https://www.linuxbabe.com/mail-server/opendmarc-postfix-ubuntu]
[https://blog.schaal-24.de/mail/dmarc-check-unter-debian-wheezy/ https://blog.schaal-24.de/mail/dmarc-check-unter-debian-wheezy/]
[https://blog.schaal-24.de/mail/dmarc-reports-erstellen/ https://blog.schaal-24.de/mail/dmarc-reports-erstellen/]


[http://www.postfix.org/MILTER_README.html http://www.postfix.org/MILTER_README.html]
[http://www.postfix.org/MILTER_README.html http://www.postfix.org/MILTER_README.html]
Zeile 31: Zeile 99:




Zurück zu [[Mailserver einrichten (Ubuntu 18.04)#Einrichtung|Mailserver einrichten]]
Zurück zu [[OpenDMARK (Ubuntu 18.04)|OpenDMARK]]

Aktuelle Version vom 29. März 2020, 12:11 Uhr

Installation

sudo apt-get install -y opendmarc

Bei der Frage Configure database for opendmarc with dbconfig-common? die Antwort NEIN wählen.

Konfiguration

Die Datei

sudo vi /etc/opendmarc.conf

bearbeiten und folgende Parameter anpassen bzw. hinzufügen:

AuthservID OpenDMARC

Socket inet:12345@localhost

SyslogFacility opendmarc

TrustedAuthservIDs mail1.kirner.or.at

## Optional
#RejectFailures true

## You may want OpenDMARC to ignore SMTP clients that are successfully 
## authenticated via SMTP AUTH.
IgnoreAuthenticatedClients true

## Causes opendmarc to add a "DMARC-Filter" header field indicating the 
## presence of this filter in the path of the message from injection to 
## delivery. The product's name, version, and the job ID are included in 
## the header field's contents. 
SoftwareHeader true

## Sets the debug level to be requested from the milter library. 
## The default is 0.
#MilterDebug 3

## This will reject emails that don't conform to email header standards 
## as described in RFC5322. For example, if an incoming email doesn't 
## have From: header or date: header, it will be rejected.
RequiredHeaders true

## This will cause OpenDMARC to perform a fallback SPF check itself when 
## it can find no SPF results in the message header.
SPFSelfValidate true

Zum Abschluss den Service neustarten:

sudo systemctl restart opendmarc.service

Postfix

Die Konfigurationsdatei

sudo vi /etc/postfix/main.cf

bearbeiten und den Socket inet:12345@localhost hinzufügen:

## Spamfilter und DKIM-Signaturen via Rspamd / OpenDKIM / OpenDMARC ##
smtpd_milters = inet:localhost:11332, inet:localhost:8892, inet:localhost:12345
non_smtpd_milters = inet:localhost:11332, inet:localhost:8892, inet:localhost:12345
milter_protocol = 6
milter_mail_macros =  i {mail_addr} {client_addr} {client_name} {auth_authen}
milter_default_action = accept

Danach postfix neustarten:

sudo systemctl restart postfix.service

Testen

Von einem anderem Account sich selbst eine Mail schicken und dann sollte im Header folgendes zu sehen sein:

DMARC Check.png

Links

https://www.linuxbabe.com/mail-server/opendmarc-postfix-ubuntu

http://www.postfix.org/MILTER_README.html

http://www.trusteddomain.org/opendmarc/


Zurück zu OpenDMARK