[opendmarc-users] Is anyone using openedmarc on OSX with postfix

Robert Chalmers robert at chalmers.com.au
Sun Dec 6 05:34:36 PST 2015 

Hi Steve

Well, I have it compiled fine now, thank you for that pointer. … But still can’t start it from the plist. Obviously doing something wrong but damed if i can locate it. Any ideas.

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
        <key>UserName</key>
        <string>_opendmarc</string>
        <key>GroupName</key>
        <string>_opendmarc</string>	
	<key>KeepAlive</key>
	<true/>
	<key>Label</key>
	<string>opendmarc</string>
	<key>ProgramArguments</key>
	<array>
		<string>/usr/local/sbin/opendmarc</string>
		<string>-c</string>
		<string>/usr/local/etc/opendmarc.conf</string>
	</array>
	<key>RunAtLoad</key>
	<true/>
</dict>
</plist>


system.log

robert : TTY=ttys003 ; PWD=/Library/LaunchDaemons ; USER=root ; COMMAND=/bin/launchctl load -w local.opendmarc.plist
Dec  6 13:25:10 zeus com.apple.xpc.launchd[1] (opendmarc): This service is defined to be constantly running and is inherently inefficient.
Dec  6 13:25:10 zeus com.apple.xpc.launchd[1] (opendmarc): Service only ran for 0 seconds. Pushing respawn out by 10 seconds.
Dec  6 13:25:20 zeus opendmarc[30360]: OpenDMARC Filter: Unable to bind to port inet:8893 at localhost: Address already in use
Dec  6 13:25:20 zeus opendmarc[30360]: OpenDMARC Filter: Unable to create listening socket on conn inet:8893 at localhost
Dec  6 13:25:20 zeus com.apple.xpc.launchd[1] (opendmarc[30360]): Service exited with abnormal code: 69
Dec  6 13:25:20 zeus com.apple.xpc.launchd[1] (opendmarc): Service only ran for 0 seconds. Pushing respawn out by 10 seconds.
Dec  6 13:25:26 zeus sudo[30361]:   robert : TTY=ttys003 ; PWD=/Library/LaunchDaemons ; USER=root ; COMMAND=/bin/launchctl unload -w local.opendmarc.plist


opendmarc/opendmarc.conf
The only uncommented bits …

AuthservID HOSTNAME
Socket inet:8893 at localhost
Umask 077
serID _opendmarc


and in postfix/main.cf

###############################
# dkim & dmarc
smtpd_milters = inet:127.0.0.1:8891,inet:127.0.0.1:8893
non_smtpd_milters = inet:127.0.0.1:8891,inet:127.0.0.1:8893
milter_default_action = accept
################################







Robert Chalmers
robert at chalmers.com <mailto:robert at chalmers.com>.au  Quantum Radio: http://tinyurl.com/lwwddov
Mac mini 6.2 - 2012, Intel Core i7,2.3 GHz, Memory:16 GB. El-Capitan 10.11. 2TB Storage made up of - 
Drive 0:HGST HTS721010A9E630. Upper bay. Drive 1:ST1000LM024 HN-M101MBB. Lower Bay



> On 5 Dec 2015, at 23:37, Steve Wardle <steve at swid.co.uk> wrote:
> 
>> On 5 Dec 2015, at 18:51, robert at chalmers.com.au wrote:
>> 
>> Is anyone using this on OSX 10.11?
>> I'm having trouble getting it to start up from  a plist and to compile with-spf
>> 
>> But it seems there are very few people running on OSX with postfix.
>> 
> 
> I originally compiled opendmarc to use libspf2 from http://www.libspf2.org
> 
> cd /usr/local/src/libspf2-1.2.10
> # edit ./src/include/spf_log.h
> # from line 40 down edit the following defines (can’t remember where I got the tip)
> 
> #define SPF_errorf(format, ... ) SPF_errorx( __FILE__, __LINE__, format, ##__VA_ARGS__ )
> #define SPF_warningf(format, ... ) SPF_warningx( __FILE__, __LINE__, format, ##__VA_ARGS__ )
> #define SPF_infof(format, ... ) SPF_infox( __FILE__, __LINE__, format, ##__VA_ARGS__ )
> #define SPF_debugf(format, ... ) SPF_debugx( __FILE__, __LINE__, format, ##__VA_ARGS__ )
> 
> ./configure
> make check
> sudo make install
> 
> # opendmarc from http://sourceforge.net/projects/opendmarc/files/
> 
> cd /usr/local/src/opendmarc-1.3.1
> ./configure --with-spf --with-spf2-include=/usr/local/include/spf2 --with-spf2-lib=/usr/local/lib
> make
> sudo make install
> 
> # to add daemon user opendmarc
> sudo dscl
> cd /Local/Default/
> ls Users uid
> create Users/_opendmarc UserShell /usr/bin/false
> create Users/_opendmarc UniqueID 498
> create Users/_opendmarc PrimaryGroupID 498
> create Users/_opendmarc NFSHomeDirectory /dev/null
> quit
> 
> # ensure /usr/local/etc/opendmarc.conf contains
> 	UMask 077
> 	UserID _opendmarc
> 
> I’ve since compiled opendmarc without libspf2 and switched to using python-policyd-spf for spf checks.
> It allows finer control and provides more informative logging.
> https://launchpad.net/pypolicyd-spf/
> 
> It has a few dependancies one of which needed patching.
> -- 
> Steve
> 
> 
> 
> 
> 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.trusteddomain.org/pipermail/opendmarc-users/attachments/20151206/471340c2/attachment-0001.htm>

More information about the opendmarc-users mailing list