User:Paul/sandbox/Install DMARC

From UNPM.org Wiki
< User:Paul
Revision as of 03:05, 21 May 2014 by Paul (talk | contribs) (Created page with "'''WARNING:''' This article is in a user sandbox, indicating it is a rough draft, and as such, is likely incomplete, contains buggy and insecure configurations, and is subject...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

WARNING: This article is in a user sandbox, indicating it is a rough draft, and as such, is likely incomplete, contains buggy and insecure configurations, and is subject to substantial and frequent changes.

Most of the commands in this article require root privileges: 

username@servername:~$ sudo /bin/bash

Install and configure OpenDMARC 

root@servername:~# aptitude install opendmarc
root@servername:~# mkdir /var/spool/postfix/opendmarc/
root@servername:~# chown opendmarc:root /var/spool/postfix/opendmarc
root@servername:~# usermod -G opendmarc postfix
root@servername:~# nano /etc/opendmarc.conf

Change: 

Socket local:/var/spool/postfix/opendmarc/opendmarc.sock

UserID opendmarc:opendmarc

Setting DMARC records

Due to http://tools.ietf.org/html/draft-kucherawy-dmarc-base-04#section-7.1 it is better to use postmaster@example.com as the rua email for example.com, and not postmaster@example.org. The email address, postmaster@example.com, can be set to forward to postmaster@example.org in Postfix Admin.


A major issue with setting p=reject is the impact this setting has on mailing list servers, as it will have the effect of preventing emails sent to the list from being received by list members who use servers which fully support the DMARC standard.

Retrieved from "http://www.unpm.org/wiki/index.php?title=User:Paul/sandbox/Install_DMARC&oldid=218"