Git/email-toolbox-wiki
1
0
Fork 0
mirror of https://github.com/internetstandards/toolbox-wiki.git synced 2024-11-22 02:51:36 +01:00
Code Issues Packages Projects Releases Wiki Activity

Update DMARC-how-to.md

Browse Source
This commit is contained in:
Dennis Baaten 2019-08-26 11:27:25 +02:00 committed by GitHub
parent 53f2e895a4
commit 5fc87c8c04
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
DMARC-how-to.md
View File

@ -64,7 +64,7 @@ DMARC for outbound e-mail traffic can be accomplished by publishing a DMARC poli
DMARC for inbound e-mail traffic can be accomplished by setting up OpenDMARC and integrate it with Postfix. DMARC for inbound e-mail traffic can be accomplished by setting up OpenDMARC and integrate it with Postfix.
### Set up OpenDMARC ### Set up OpenDMARC
Make sure the file **/etc/opendmarc.conf** has a least the following configuration options. Make sure the file **/etc/opendmarc.conf** has a least the following configuration parameters.
AuthservID mail.example.nl AuthservID mail.example.nl
PidFile /var/run/opendmarc/opendmarc.pid PidFile /var/run/opendmarc/opendmarc.pid
@ -78,6 +78,8 @@ Make sure the file **/etc/opendmarc.conf** has a least the following configurati
HistoryFile /var/run/opendmarc/opendmarc.dat HistoryFile /var/run/opendmarc/opendmarc.dat
Socket inet:54321@localhost Socket inet:54321@localhost
For more information about these configuration parameters, take a look at [its man page](https://manpages.debian.org/unstable/opendmarc/opendmarc.conf.5.en.html).
Make sure the file **/etc/opendmarc/ignore.hosts** contains all hosts that you trust. The e-mail coming from these hosts will not be checked by OpenDMARC: Make sure the file **/etc/opendmarc/ignore.hosts** contains all hosts that you trust. The e-mail coming from these hosts will not be checked by OpenDMARC:
127.0.0.1 127.0.0.1
@ -92,7 +94,7 @@ Make sure the default file **/etc/default/opendmarc** contains:
PIDFILE=$RUNDIR/opendmarc.pid PIDFILE=$RUNDIR/opendmarc.pid
### Integrate with Postfix ### Integrate with Postfix
Now we need to tell Postfix to use OpenDMARC as a mail filter in order to use its functionality. This is done by making sure that **/etc/postfix/main.cf** contains the configuration values as listed below. Notice that the DKIM check (localhost:12301) is done _before_ DMARC (localhost:54321) since DMARC relies on the DKIM results. Now we need to tell Postfix to use OpenDMARC as a mail filter in order to use its functionality. This is done by making sure that **/etc/postfix/main.cf** contains the configuration parameters as listed below. Notice that the DKIM check (localhost:12301) is done _before_ DMARC (localhost:54321) since DMARC relies on the DKIM results.
smtpd_milters = inet:localhost:12301,inet:localhost:54321 smtpd_milters = inet:localhost:12301,inet:localhost:54321
non_smtpd_milters = inet:localhost:12301,inet:localhost:54321 non_smtpd_milters = inet:localhost:12301,inet:localhost:54321