OpenDMARK Check (Ubuntu 18.04)
Version vom 29. März 2020, 12:10 Uhr von Martin Kirner (Diskussion | Beiträge)
Installation
sudo apt-get install -y opendmarc
Bei der Frage Configure database for opendmarc with dbconfig-common? die Antwort NEIN wählen.
Konfiguration
Die Datei
sudo vi /etc/opendmarc.conf
bearbeiten und folgende Parameter anpassen bzw. hinzufügen:
AuthservID OpenDMARC Socket inet:12345@localhost SyslogFacility opendmarc TrustedAuthservIDs mail1.kirner.or.at ## Optional #RejectFailures true ## You may want OpenDMARC to ignore SMTP clients that are successfully ## authenticated via SMTP AUTH. IgnoreAuthenticatedClients true ## Causes opendmarc to add a "DMARC-Filter" header field indicating the ## presence of this filter in the path of the message from injection to ## delivery. The product's name, version, and the job ID are included in ## the header field's contents. SoftwareHeader true ## Sets the debug level to be requested from the milter library. ## The default is 0. #MilterDebug 3 ## This will reject emails that don't conform to email header standards ## as described in RFC5322. For example, if an incoming email doesn't ## have From: header or date: header, it will be rejected. RequiredHeaders true ## This will cause OpenDMARC to perform a fallback SPF check itself when ## it can find no SPF results in the message header. SPFSelfValidate true
Zum Abschluss den Service neustarten:
sudo systemctl restart opendmarc.service
Postfix
Die Konfigurationsdatei
sudo vi /etc/postfix/main.cf
bearbeiten und den Socket inet:12345@localhost
hinzufügen:
## Spamfilter und DKIM-Signaturen via Rspamd / OpenDKIM / OpenDMARC ## smtpd_milters = inet:localhost:11332, inet:localhost:8892, inet:localhost:12345 non_smtpd_milters = inet:localhost:11332, inet:localhost:8892, inet:localhost:12345 milter_protocol = 6 milter_mail_macros = i {mail_addr} {client_addr} {client_name} {auth_authen} milter_default_action = accept
Danach postfix neustarten:
sudo systemctl restart postfix.service
Testen
Von einem anderem Account sich selbst eine Mail schicken und dann sollte im Header folgendes zu sehen sein:
Links
https://www.linuxbabe.com/mail-server/opendmarc-postfix-ubuntu
https://blog.schaal-24.de/mail/dmarc-check-unter-debian-wheezy/
https://blog.schaal-24.de/mail/dmarc-reports-erstellen/
http://www.postfix.org/MILTER_README.html
http://www.trusteddomain.org/opendmarc/
Zurück zu OpenDMARK