OpenDMARK Check (Ubuntu 18.04)

Aus Tutorials
Zur Navigation springen Zur Suche springen

Installation

sudo apt-get install -y opendmarc

Bei der Frage Configure database for opendmarc with dbconfig-common? die Antwort NEIN wählen.

Konfiguration

Die Datei

sudo vi /etc/opendmarc.conf

bearbeiten und folgende Parameter anpassen bzw. hinzufügen:

AuthservID OpenDMARC

Socket inet:12345@localhost

SyslogFacility opendmarc

TrustedAuthservIDs mail1.kirner.or.at

## Optional
#RejectFailures true

## You may want OpenDMARC to ignore SMTP clients that are successfully 
## authenticated via SMTP AUTH.
IgnoreAuthenticatedClients true

## Causes opendmarc to add a "DMARC-Filter" header field indicating the 
## presence of this filter in the path of the message from injection to 
## delivery. The product's name, version, and the job ID are included in 
## the header field's contents. 
SoftwareHeader true

## Sets the debug level to be requested from the milter library. 
## The default is 0.
#MilterDebug 3

## This will reject emails that don't conform to email header standards 
## as described in RFC5322. For example, if an incoming email doesn't 
## have From: header or date: header, it will be rejected.
RequiredHeaders true

## This will cause OpenDMARC to perform a fallback SPF check itself when 
## it can find no SPF results in the message header.
SPFSelfValidate true

Zum Abschluss den Service neustarten:

sudo systemctl restart opendmarc.service

Postfix

Die Konfigurationsdatei

sudo vi /etc/postfix/main.cf

bearbeiten und den Socket inet:12345@localhost hinzufügen:

## Spamfilter und DKIM-Signaturen via Rspamd / OpenDKIM / OpenDMARC ##
smtpd_milters = inet:localhost:11332, inet:localhost:8892, inet:localhost:12345
non_smtpd_milters = inet:localhost:11332, inet:localhost:8892, inet:localhost:12345
milter_protocol = 6
milter_mail_macros =  i {mail_addr} {client_addr} {client_name} {auth_authen}
milter_default_action = accept

Danach postfix neustarten:

sudo systemctl restart postfix.service

Testen

Von einem anderem Account sich selbst eine Mail schicken und dann sollte im Header folgendes zu sehen sein:

DMARC Check.png

Links

https://www.linuxbabe.com/mail-server/opendmarc-postfix-ubuntu

https://blog.schaal-24.de/mail/dmarc-check-unter-debian-wheezy/

https://blog.schaal-24.de/mail/dmarc-reports-erstellen/

http://www.postfix.org/MILTER_README.html

http://www.trusteddomain.org/opendmarc/


Zurück zu OpenDMARK