Re: dmarc reports - action required?
Thank you both for clearifying this. Now I can relax and may find anything useful to do with these reports. Please have a nice weekend. Kind regards, Michael p.s. Sorry Paul, I pressed the wrong button. :/ Am 26.11.2021 um 19:44 schrieb Paul Pace: On 11/26/21 8:57 AM, Michael Taubert wrote: Hi everyone! Recently I've received some dmarc reports from various hosts like google, yahoo, and so on. Are these reports of any use or just information for me? I mean, is there any action required when I got reports of failed dkim or spf? All the addresses in these reports does not belong to my mail server. So I think they just use my domain in the header to spam around. Well, at least, they trying to. I feel a bit lost as I don't know what to do about these reports. Thanks in advance. Kind regards, Michael I would guess these are aggregate reports being sent because the DMARC TXT record instructs them to: $ dig +short txt _dmarc.arachnodroid.de "v=DMARC1;p=none;pct=100;rua=mailto:postmas...@arachnodroid.de;; The aggregate reports are sent based on a time period. From RFC 7489 7.2[1]: > Visibility comes in the form of daily (or more frequent) Mail Receiver-originated feedback reports that contain aggregate data on message streams relevant to the Domain Owner. This information includes data about messages that passed DMARC authentication as well as those that did not. Paul [1] https://datatracker.ietf.org/doc/html/rfc7489#section-7.2
dmarc reports - action required?
Hi everyone! Recently I've received some dmarc reports from various hosts like google, yahoo, and so on. Are these reports of any use or just information for me? I mean, is there any action required when I got reports of failed dkim or spf? All the addresses in these reports does not belong to my mail server. So I think they just use my domain in the header to spam around. Well, at least, they trying to. I feel a bit lost as I don't know what to do about these reports. Thanks in advance. Kind regards, Michael
AW: hello! ... and first question
Hi Dam! Did you try to add „example—com“ to your virtual Domains table? E.g. https://www.opensmtpd.org/faq/example1.html Best regards, Michael Von: Damiano Venturin Gesendet: Dienstag, 22. Mai 2018 01:16 An: misc@opensmtpd.org Betreff: hello! ... and first question Hello, this is Dam I'm in the process of freeing myself from Gmail and I'm trying to configure my debian vm as a mailserver using OpenSMTPD. Back in the days I was used to run my own mailserver with Postfix (then I don't know what happened to me and I moved to 3rd party services) but this is my first time with OpenSMTPD so I'm really trying to learn how to configure it properly. So far so good I've to say. Chess Griffin's guide has been of great help. There is one thing that I've noticed: if the local user contains @ in the name, OpenSTMD can't route an incoming email properly. I'm not sure if this something expected or a bug or if I'm missing something. So this is the scenario: d...@venturin.net sends an email to u...@example.com (123.123.123.123) which is is mapped on the server as user@example--com. So this is what you see in my /etc/opensmtd/vuser: u...@example.com: user@example--com As you can see from the log below, the incoming email is accepted, goes through clamsmtp filtering process (listening on 127.0.0.1:10025) smtpd[2794]: b22a8aceadaec265 smtp event=connected address=209.35.192.171 host=mail-pf1-f171.google.com smtpd[2794]: b22a8aceadaec265 smtp event=message msgid=9c2da050 from=to= size=2847 ndest=1 proto=ESMTP smtpd[2794]: b22a8aceadaec265 smtp event=closed reason=quit smtpd[2794]: b22a8ad7d4f8e7b8 mta event=connecting address=smtp://127.0.0.1:10025 host=localhost smtpd[2794]: b22a8ad7d4f8e7b8 mta event=connected smtpd[2794]: b22a8ad89531da2b smtp event=connected address=127.0.0.1 host=localhost smtpd[2794]: b22a8ad89531da2b smtp event=message msgid=9a2845eb from= to= size=3043 ndest=1 proto=ESMTP I think that now OpenSMTPD tries to send back a receipt to the email server which has sent the email. Am I right? Accordingly to the configuration, the message is sent again to clamsmtp which is listening on 127.0.0.1:10027 smtpd[2794]: b22a8ae0d78126ae mta event=connecting address=smtp://127.0.0.1:10027 host=localhost smtpd[2794]: b22a8ad7d4f8e7b8 mta event=delivery evpid=9c2da05070285532 from= to= rcpt=<-> source=127.0.0.1 relay= 127.0.0.1 (localhost) delay=11s result=Ok stat=250 2.0.0: 9a2845eb Message accepted for delivery smtpd[2794]: b22a8ae0d78126ae mta event=connected But then something happens: all of the sudden the recipient is no more u...@example.com but user@example--com (which is the name of the real local user) smtpd[2794]: b22a8ae11170b5b4 smtp event=connected address=127.0.0.1 host=localhost smtpd[2794]: b22a8ae11170b5b4 smtp event=message msgid=f33aeeec from= to= size=3243 ndest=1 proto=ESMTP smtpd[2794]: b22a8ae0d78126ae mta event=delivery evpid=9a2845eb454ddf26 from= to= rcpt= source=127.0.0.1 relay=127.0.0.1 (localhost) delay=5s result=Ok stat=250 2.0.0: f33aeeec Message accepted for delivery smtpd[2794]: b22a8ad89531da2b smtp event=closed reason=quit smtpd[2794]: b22a8ad7d4f8e7b8 mta event=closed reason=quit messages=1 smtpd[2794]: smtp-out: Failed to resolve MX for [relay:example--com]: Domain does not exist Of course the domain example--com is not found smtpd[2794]: mta event=delivery evpid=f33aeeecc889f968 from= to= rcpt=<-> source=- relay=example-- info delay=5s result=PermFail stat=Domain does not exist smtpd[2794]: b22a8aeac0c27769 smtp event=connected address=local host=localhost smtpd[2794]: b22a8aeac0c27769 smtp event=message msgid=57f4cae9 from=<> to= size=4459 ndest=1 proto=ESMTP smtpd[2794]: b22a8aeac0c27769 smtp event=closed reason=quit smtpd[2794]: b22a8ae11170b5b4 smtp event=message msgid=e121e32c from=<> to= size=4660 ndest=1 proto=ESMTP smtpd[2794]: b22a8ae0d78126ae mta event=delivery evpid=57f4cae9a970f282 from=<> to= rcpt=<-> source=127.0.0.1 relay=127.0.0.1 (loc alhost) delay=1s result=Ok stat=250 2.0.0: e121e32c Message accepted for delivery smtpd[2794]: b22a8ae11170b5b4 smtp event=closed reason=quit smtpd[2794]: b22a8ae0d78126ae mta event=closed reason=quit messages=2 smtpd[2794]: b22a8af88282d316 mta event=connecting address=smtp+tls://66.102.1.27:25 host=wb-in-f27.1e100.net smtpd[2794]: b22a8af88282d316 mta event=connected smtpd[2794]: b22a8af88282d316 mta event=starttls ciphers=version=TLSv1.2, cipher=ECDHE-RSA-AES128-GCM-SHA256, bits=128 smtpd[2794]: smtp-out: Server certificate verification succeeded on session b22a8af88282d316 smtpd[2794]: b22a8af88282d316 mta event=delivery evpid=e121e32cb085713e from=<> to= rcpt=<->
AW: Greylist-like support
e.g. https://github.com/ajdiaz/opensmtpd-filter-spam additional filters can be found here https://github.com/OpenSMTPD/OpenSMTPD-extras/tree/751c7b6b56a13a2381485daf0f97dd7fc0da289e/extras/filters Best regards, Michael Von: Reio Remma Gesendet: Samstag, 7. April 2018 09:35 An: misc@opensmtpd.org Betreff: Re: Greylist-like support On 07.04.2018 3:49, Christopher van de Sande wrote: > Been managing my personal email on my own for a good 10 years now > using Postfix, and recently I've come to learn about OpenSMTPD. I've > installed it on a test domain and am quite pleased with it. I'm > thinking about switching over it for my main email. > > One thing I've come to learn that is critical to spam management is > greylisting. Even the act the "slowing down" a spam message by 60 > seconds gives DNSBL's time to get updated, so by the time SpamAssassin > checks the message, it correctly labels it as spam. The combination of > postgrey and spamassassin has been fantastic for me for the last few > years. > > I'm looking for either a greylist solution or anything that can delay > an email for a short time. I know it will work with OpenBSD's spamd, > but I was hoping I could find a linux solution. > > Thanks, > Chris I've been pondering the exact same thing the last few days. I've been looking at rspamd, but I'm not keen on switching, since I just migrated from an old QMail system and am using amavisd-new/spamassassin now. A little disappointed that amavisd-new doesn't have greylisting built in. Good luck, Reio -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org