[opendmarc-users] dmarc fail on internal emails
Juri Haberland
juri at sapienti-sat.org
Fri Apr 21 15:36:21 PDT 2017
On 21.04.2017 23:40, Ian Evans wrote:
> As a note to your previous email, I'm not insisting on testing internal
> emails. The config in the tutorial didn't have a way shown to turn that
> off. If it's a best practice how do I stop those tests on example.com to
> example.com emails. I'll turn it off in a flash once I know.
Something like:
in (Postfix-)master.cf:
submission inet [...]
[...]
-o smtpd_milters=inet:localhost:12345
[...]
assuming that OpenDKIM listens on port 12345.
And in opendmarc.conf:
IgnoreAuthenticatedClients true
Besides internal mail:
You need to set PublicSuffixList in opendmarc.conf and get the current
public list from https://publicsuffix.org/list/public_suffix_list.dat
And if you haven't done it already, set
Header_Type = AR
in /etc/postfix-policyd-spf-python/policyd-spf.conf, as OpenDMARC 1.3.1 has
a bug parsing the Received-SPF header.
Juri
More information about the opendmarc-users
mailing list