Contents
- How to install and configure OpenDMARC Filter on Debian.
- Install OpenDMARC.
- Auto-start OpenDMARC at system boot.
- Edit OpenDMARC config file.
- Create file ignore.hosts in OpenDMARC directory, add your local IPs and change file permission.
- Create folder OpenDMARC in postfix working directory and change permission.
- Add user postfix to group opendmarc.
- Add alias opendramc to root for mail system.
- Edit main configuration file for Postfix and add theses parameters.
- Testing.
How to install and configure OpenDMARC Filter on Debian.
Important!
Tested:Debian 10
Postfix version 3.4.8
OpenDMARC Filter v1.3.2
Install OpenDMARC.
sudo apt install opendmarc
Auto-start OpenDMARC at system boot.
sudo systemctl enable opendmarc
Edit OpenDMARC config file.
sudo nano /etc/opendmarc.conf
Delete hash end edit parameters near:
AuthservID OpenDMARC TrustedAuthservIDs mail.domain.com domain.com RejectFailures true PidFile /run/opendmarc/opendmarc.pid IgnoreAuthenticatedClients true RequiredHeaders true Socket local:/var/spool/postfix/opendmarc/opendmarc.sock IgnoreHosts /etc/opendmarc/ignore.hosts HistoryFile /run/opendmarc/opendmarc.dat
Create file ignore.hosts in OpenDMARC directory, add your local IPs and change file permission.
sudo mkdir -p /etc/opendmarc/ignore.hosts sudo nano /etc/opendmarc/ignore.hosts 127.0.0.0/8 ::1/128 localhost 192.168.0.0/24 sudo chown opendmarc:opendmarc -R /etc/opendmarc/ignore.hosts
Create folder OpenDMARC in postfix working directory and change permission.
sudo mkdir -p /var/spool/postfix/opendmarc sudo chown opendmarc:opendmarc /var/spool/postfix/opendmarc -R
Add user postfix to group opendmarc.
sudo adduser postfix opendmarc
Add alias opendramc to root for mail system.
sudo nano /etc/aliases opendmarc: root
sudo systemctl restart opendmarc
Edit main configuration file for Postfix and add theses parameters.
sudo nano /etc/postfix/main.cf
# Milter configuration milter_default_action = accept milter_protocol = 6 smtpd_milters = local:opendmarc/opendmarc.sock non_smtpd_milters = $smtpd_milters
If you already use another milter add local:opendmarc/opendmarc.sock after coma:
smtpd_milters = local:opendkim/opendkim.sock, local:opendmarc/opendmarc.sock
sudo systemctl restart postfix
Testing.
tail -n 1000 /var/log/mail.log |grep opendmarc
date:time hostname opendmarc[1313]: OpenDMARC Filter v1.3.2 starting () date:time hostname opendmarc[1313]: additional trusted authentication services: domain.com, mail.domain.com date:time hostname opendmarc[1313]: 4F5D6C0926: dmarc.yahoo.com pass date:time hostname opendmarc[1313]: ignoring connection from localhost
Notice
Support my work by donation. Thank You.