Opendmarc setup

From HyperSecurity Wiki
Revision as of 12:46, 31 May 2021 by Srapaz (talk | contribs) (Created page with "== DNS Settings == Append the following to any DNS zone file record: _dmarc.domain.com. 3600 IN TXT "v=DMARC1; p=reject; sp=reject; adkim=s; aspf=s; rua=mailto:postmaster@dom...")
(diff) ←Older revision | view current revision (diff) | Newer revision→ (diff)
Jump to: navigation, search

DNS Settings

Append the following to any DNS zone file record: 

_dmarc.domain.com. 3600 IN TXT "v=DMARC1; p=reject; sp=reject; adkim=s; aspf=s; rua=mailto:postmaster@domain.com; ruf=mailto:postmaster@misoswap.exchange; rf=afrf; pct=100; ri=86400"


Init Script

#!/bin/sh
rm -rf /var/spool/postfix/var/run/opendmarc/*
/usr/sbin/opendmarc -p local:/var/spool/postfix/var/run/opendmarc/opendmarc.sock -c /etc/opendmarc.conf -u opendmarc -P /var/spool/postfix/var/run/opendmarc/opendmarc.pid


Files

/etc/opendmarc.conf
/etc/opendmarc/ignore.hosts

Config files

/etc/opendmarc.conf 

FailureReports true
PidFile /var/spool/postfix/var/run/opendmarc/opendmarc.pid
RejectFailures true
Socket local:/var/spool/postfix/var/run/opendmarc/opendmarc.sock
Syslog true
UMask 0002
UserID opendmarc:opendmarc
PublicSuffixList /usr/share/publicsuffix/
IgnoreAuthenticatedClients true
IgnoreHosts /etc/opendmarc/ignore.hosts

/etc/opendmarc/ignore.hosts 

localhost
127.0.0.0/8
23.95.173.121

Confirm the following group: 

opendmarc:opendmarc

If not found, then run the following: 

useradd opendmarc

Confirm the following is write/read for opendmarc 

/var/spool/postfix/var/run/opendmarc/

If not, then run the following as root: 

mkdir -p /var/spool/postfix/var/run/opendmarc/
chmod -R opendmarc.postfix /var/spool/postfix/var/run/opendmarc/
Retrieved from "http://www.hypersecuresolutions.com/wiki/index.php?title=Opendmarc_setup&oldid=2563"