[opendmarc-users] OpenDMARC useless with Postfix

Robert Schetterer rs at sys4.de
Thu Sep 18 22:03:02 PDT 2014 

Am 19.09.2014 um 04:57 schrieb Murray S. Kucherawy:
> On Thu, 18 Sep 2014, Urban Loesch wrote:
>> Postfix does not pass the first header line to the milter, but it passes
>> all other header lines inserted by milters to the milters they came
>> after.
>>
>> This seems a normal behaviour according to sendmail milter
>> specification. I read about it some weeks ago as I had the same
>> problem. But can't find the link anymore.
> 
> If you're talking about the Received field that's added by the receiving
> MTA, it's not passed to filters because it's added to the message after
> all the filters have seen the message.  This is because, when milter was
> added to sendmail, milter processing came before the place in the code
> where that field was added.  Postfix is simply doing what sendmail does
> so that filters get the same behaviour in either environment.
> 
> OpenDMARC was built at first to consume Authentication-Results fields
> rather than do its own verifications because there are already such
> feature-rich DKIM and SPF implementations that repeating all that work
> inside OpenDMARC seemed (and, to me, still seems) rather silly.  At this
> point would actually be easier code-wise to add DMARC to OpenDKIM than
> add DKIM to OpenDMARC, unless the DKIM support is extremely rudimentary
> (as is the new SPF support).
> 
> At any rate, after all this time, this is the first report that
> OpenDMARC is "useless".  Several sites (including at least one very big
> one) have been running it paired with separate SPF and DKIM filters for
> some time and it appears to be working fine.  I'm happy to hear about
> how your setup is different and figure out how to get it working for
> you, but calling it useless isn't really very believable to me.
> 
> -MSK
> _______________________________________________
> opendmarc-users mailing list
> opendmarc-users at trusteddomain.org
> http://www.trusteddomain.org/mailman/listinfo/opendmarc-users

Hi Murray, the biggest problem seems to be there is no good short clear
doku in how to setup opendmarc milter with postfix including most made
failures or known bugs. As reported the dmarc rfc is not easy reading
sometimes too.

The opendmarc milter seems to need other milters as "helpers" to work
with postfix, this is "unusual", and it took me two days get this to
know, i would expect doing every software its own complete job.

At last it fits to the picture that opendmarc list brake dmarc.

I have no criticts about software/standards working as designed. also
bugs may happen,
but there seems still work to do in documentation.
I guess the intention of the subject "useless" was in waking up the list
for support.



Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

More information about the opendmarc-users mailing list