[opendmarc-users] Fwd: DMARC configuration confusion

Selcuk Yazar selcuk.yazar at gmail.com
Thu Dec 28 04:23:34 PST 2017


Hi ,

thank you for your helps and clues

now it's working with these settings :)

AuthservID mail.mydomain.com
 AutoRestart true
 AutoRestartRate 10/1h
 FailureReportsSentBy bidb at mydomain.com
 IgnoreAuthenticatedClients true
 IgnoreMailFrom mydomain.com
PublicSuffixList /etc/opendmarc/effective_tld_names.dat
RejectFailures true
Socket inet:8893 at localhost
SoftwareHeader true
SPFIgnoreResults true
SPFSelfValidate true
Syslog true
UMask 007
UserID opendmarc:mail

Happy new year!

On Thu, Dec 28, 2017 at 2:36 PM, Dominic Raferd <dominic at timedicer.co.uk>
wrote:

> On 28 December 2017 at 10:07, Selcuk Yazar <selcuk.yazar at gmail.com> wrote:
> >
> >
> >
> > Hi,
> >
> > when i sent email to gmail the header fields like below.
> >
> > Authentication-Results: mx.google.com;
> >        dkim=pass header.i=@mydomain.com header.s=m1 header.b=e719fQme;
> >        dkim=pass header.i=@mydomain.com header.s=m1 header.b=DvTnKUjy;
> >        dkim=pass header.i=@mydomain.com header.s=m1 header.b=e719fQme;
> >        dkim=pass header.i=@mydomain.com header.s=m1 header.b=DvTnKUjy;
> >        spf=pass (google.com: domain of selcukyazar at mydomain.com
> designates
> > IP_ADDRESS as permitted sender) smtp.mailfrom=selcukyazar at mydomain.com;
> >        dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE)
> > header.from=mydomain.com
> > ....
> > DMARC-Filter: OpenDMARC Filter v1.3.2 mail.mydomain.com 85CAD7BB56E
> > Authentication-Results: mail.mydomain.com; dmarc=fail (p=quarantine
> > dis=none) header.from=mydomain.com
> > Authentication-Results: mail.mydomain.com; spf=fail
> > smtp.mailfrom=selcukyazar at mydomain.com
> >
> > Actually i'm not an MTA expert. But when i check our DMARC record for
> DNS on
> > net everything is ok. On our server OpenDmarc filter v.1.3.2. When i try
> to
> > set RejectDFailures true, i cannot send emails to outside ? (Because i
> > wantto reject spoofed emails)
> >
> > i 'm stuck here.
>
> RejectFailures should not result in your own outgoing emails being
> rejected, if this happens then you have not configured opendmarc
> correctly. You might need to post the active lines of your
> opendmarc.conf. This is a (slightly simplified) version of mine (runs
> under Ubuntu), suitable if:
> - you have opendmarc 1.3.2+
> - all your own outgoing mails are either generated on the mailserver
> or come via SMTP AUTH
> - no outsider emails should come via SMTP AUTH
> - you have a current public_suffix_list.dat file in the specified
> location - this is likely provided by the distro
>
> /etc/opendmarc.conf:
> PidFile /var/run/opendmarc/opendmarc.pid
> RejectFailures true
> UMask 0002
> UserID opendmarc:opendmarc
> PublicSuffixList /usr/share/publicsuffix/public_suffix_list.dat
> IgnoreAuthenticatedClients true
> SPFIgnoreResults True
> SPFSelfValidate True
> _______________________________________________
> opendmarc-users mailing list
> opendmarc-users at trusteddomain.org
> http://www.trusteddomain.org/mailman/listinfo/opendmarc-users
>



-- 
Selçuk YAZAR
http://www.selcukyazar.blogspot.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.trusteddomain.org/pipermail/opendmarc-users/attachments/20171228/b5667607/attachment-0001.htm>


More information about the opendmarc-users mailing list