Exploring opendmarc in debian jessie

clownbootUses horrible mysql (my blog) for a database so i just looked at the milter.

Spf needs an ar header so you need to read a man page although that seems to be a bit buggy in debian stable although amavis (my blog) does ar.

It lives on 127.0.0.1:8893 and it appears all those it bloggers do not run opendmarc so there are not many blogs with bad information like for dkim although to call some bloggers technical is perhaps stretching things and many just rehashing not there content only for the advert views.

In debian the conf file is simple and examples can be found however while the software works not all options work.

Using jessie defaults seem to want one host one email server so if like the zoo you have five mta’s hanging off one piece of hardware your doing to need to do some work.

In an hour i got a working opendkim instance and plumbed it in and checking the plumbing was able to get messages in and out as before so i left it like that and see what happens in a weeks time.

Examples include auth and forensicreports Here is one error line

postfix/smtpd[17677]: warning: connect to Milter service inet:127.0.0.1:8893: Connection refused

I also notice with Header_Type = AR you get no spf line appended in the email that’s an unrelated problem with postfix-policyd-spf (my blog) probably that hinders opendmarc.

One site suggested you use the backports repo a suggestion i did not take up and some changes to postfix with extra headers (not ar).

I also created a history file and enabled it and that stubbornly recorded nothing even with a restart.

failI will take a another look at opendmarc in the future but it strikes me as  not worth the bother inbound and the mysql is off-putting.  Could be wrong but that was what a weeks worth of activity recorded.

Email was signed with dkim and was sent and received so our email server was working during the time with the new milter.

This might be a compile it yourself thing for all i know at this stage in Debian or maybe i do not need it.

One response

  1. Pingback: A second attempt at opendmarc | Bananas in the Falklands

by golly but...

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s