OpenDMARK Check (Ubuntu 18.04): Unterschied zwischen den Versionen

Aus Tutorials
Zur Navigation springen Zur Suche springen
 
(12 dazwischenliegende Versionen desselben Benutzers werden nicht angezeigt)
Zeile 1: Zeile 1:
{{note|Noch in Bearbeitung}}
== Installation ==
== Installation ==


Zeile 23: Zeile 20:
AuthservID OpenDMARC
AuthservID OpenDMARC


Socket local:/var/spool/postfix/opendmarc/opendmarc.sock
Socket inet:12345@localhost
 
SyslogFacility opendmarc


TrustedAuthservIDs mail1.kirner.or.at
TrustedAuthservIDs mail1.kirner.or.at
Zeile 33: Zeile 32:
## authenticated via SMTP AUTH.
## authenticated via SMTP AUTH.
IgnoreAuthenticatedClients true
IgnoreAuthenticatedClients true
## Causes opendmarc to add a "DMARC-Filter" header field indicating the
## presence of this filter in the path of the message from injection to
## delivery. The product's name, version, and the job ID are included in
## the header field's contents.
SoftwareHeader true
## Sets the debug level to be requested from the milter library.
## The default is 0.
#MilterDebug 3


## This will reject emails that don't conform to email header standards  
## This will reject emails that don't conform to email header standards  
Zeile 44: Zeile 53:
</pre>
</pre>


Das Verzeichnis für den Socket muss noch angelegt und für den Benutzer ''postfix'' schreibbar gemacht werden:
Zum Abschluss den Service neustarten:


<pre>
<pre>
sudo mkdir -p /var/spool/postfix/opendmarc
sudo systemctl restart opendmarc.service
sudo chown opendmarc:opendmarc /var/spool/postfix/opendmarc
sudo chmod 750 /var/spool/postfix/opendmarc/
sudo adduser postfix opendmarc
</pre>
</pre>


Zum Abschluss den Service neustarten:
== Postfix ==
 
Die Konfigurationsdatei
 
<pre>
sudo vi /etc/postfix/main.cf
</pre>
 
bearbeiten und den Socket <code>inet:12345@localhost</code> hinzufügen:


<pre>
<pre>
sudo systemctl restart opendmarc.service
## Spamfilter und DKIM-Signaturen via Rspamd / OpenDKIM / OpenDMARC ##
smtpd_milters = inet:localhost:11332, inet:localhost:8892, inet:localhost:12345
non_smtpd_milters = inet:localhost:11332, inet:localhost:8892, inet:localhost:12345
milter_protocol = 6
milter_mail_macros =  i {mail_addr} {client_addr} {client_name} {auth_authen}
milter_default_action = accept
</pre>
</pre>


== Postfix ==
Danach ''postfix'' neustarten:


<pre>
<pre>
sudo vi /etc/postfix/main.cf
sudo systemctl restart postfix.service
</pre>
</pre>
== Testen ==
Von einem anderem Account sich selbst eine Mail schicken und dann sollte im Header folgendes zu sehen sein:
[[Datei:DMARC_Check.png]]


== Links ==
== Links ==


[https://www.linuxbabe.com/mail-server/opendmarc-postfix-ubuntu https://www.linuxbabe.com/mail-server/opendmarc-postfix-ubuntu]
[https://www.linuxbabe.com/mail-server/opendmarc-postfix-ubuntu https://www.linuxbabe.com/mail-server/opendmarc-postfix-ubuntu]
[https://blog.schaal-24.de/mail/dmarc-check-unter-debian-wheezy/ https://blog.schaal-24.de/mail/dmarc-check-unter-debian-wheezy/]
[https://blog.schaal-24.de/mail/dmarc-reports-erstellen/ https://blog.schaal-24.de/mail/dmarc-reports-erstellen/]


[http://www.postfix.org/MILTER_README.html http://www.postfix.org/MILTER_README.html]
[http://www.postfix.org/MILTER_README.html http://www.postfix.org/MILTER_README.html]
Zeile 78: Zeile 99:




Zurück zu [[Mailserver einrichten (Ubuntu 18.04)#Einrichtung|Mailserver einrichten]]
Zurück zu [[OpenDMARK (Ubuntu 18.04)|OpenDMARK]]

Aktuelle Version vom 29. März 2020, 12:11 Uhr

Installation

sudo apt-get install -y opendmarc

Bei der Frage Configure database for opendmarc with dbconfig-common? die Antwort NEIN wählen.

Konfiguration

Die Datei

sudo vi /etc/opendmarc.conf

bearbeiten und folgende Parameter anpassen bzw. hinzufügen:

AuthservID OpenDMARC

Socket inet:12345@localhost

SyslogFacility opendmarc

TrustedAuthservIDs mail1.kirner.or.at

## Optional
#RejectFailures true

## You may want OpenDMARC to ignore SMTP clients that are successfully 
## authenticated via SMTP AUTH.
IgnoreAuthenticatedClients true

## Causes opendmarc to add a "DMARC-Filter" header field indicating the 
## presence of this filter in the path of the message from injection to 
## delivery. The product's name, version, and the job ID are included in 
## the header field's contents. 
SoftwareHeader true

## Sets the debug level to be requested from the milter library. 
## The default is 0.
#MilterDebug 3

## This will reject emails that don't conform to email header standards 
## as described in RFC5322. For example, if an incoming email doesn't 
## have From: header or date: header, it will be rejected.
RequiredHeaders true

## This will cause OpenDMARC to perform a fallback SPF check itself when 
## it can find no SPF results in the message header.
SPFSelfValidate true

Zum Abschluss den Service neustarten:

sudo systemctl restart opendmarc.service

Postfix

Die Konfigurationsdatei

sudo vi /etc/postfix/main.cf

bearbeiten und den Socket inet:12345@localhost hinzufügen:

## Spamfilter und DKIM-Signaturen via Rspamd / OpenDKIM / OpenDMARC ##
smtpd_milters = inet:localhost:11332, inet:localhost:8892, inet:localhost:12345
non_smtpd_milters = inet:localhost:11332, inet:localhost:8892, inet:localhost:12345
milter_protocol = 6
milter_mail_macros =  i {mail_addr} {client_addr} {client_name} {auth_authen}
milter_default_action = accept

Danach postfix neustarten:

sudo systemctl restart postfix.service

Testen

Von einem anderem Account sich selbst eine Mail schicken und dann sollte im Header folgendes zu sehen sein:

DMARC Check.png

Links

https://www.linuxbabe.com/mail-server/opendmarc-postfix-ubuntu

http://www.postfix.org/MILTER_README.html

http://www.trusteddomain.org/opendmarc/


Zurück zu OpenDMARK