FreeBSD Open DMARC の変更点

• 追加された行はこの色です。
• 削除された行はこの色です。
• FreeBSD Open DMARC へ行く。
• FreeBSD Open DMARC の差分を削除

#author("2022-08-09T17:50:04+09:00","default:kuji","kuji")
#author("2022-08-09T17:50:32+09:00","default:kuji","kuji")
CONTENTS
#contents
----
Lastmodified　&lastmod;
----
*Open DMARC [#o2097502]
 portinstall mail/opendmarc

/etc/rc.conf
 opendmarc_enable="YES"
 opendmarc_socketspec="/var/run/opendmarc/socket"

**/usr/local/etc/mail/opendmarc.conf  の編集 [#hf76cfdc]

/usr/local/etc/mail/にサンプルファイルがあるのでコピー
 ## opendmarc.conf -- configuration file for OpenDMARC filter
 ##
 ## Copyright (c) 2012-2015, The Trusted Domain Project.  All rights reserved.
 
 AutoRestart ture
 BaseDirectory /var/run/opendmarc
 IgnoreHosts /usr/local/etc/mail/opendmarc_ignore.hosts
 IgnoreMailFrom smb.net
 Socket local:/var/run/opendmarc/socket
 SPFSelfValidate true
 UMask 002

**IgnoreHostsの編集 [#m0077c52]
/usr/local/etc/mail/opendmarc_ignore.hosts
 localhost
 ::1
 2001:db8::/32
 127.0.0.0/8
 192.168.1.0/24
**postfixの設定変更 [#mf6d95e6]
/usr/local/etc/postfix/main.cf

3行目のみ追加
 # mail filter
 smtpd_milters = 
	unix:/var/run/milteropendkim/socket
	unix:/var/run/opendmarc/socket               ←　この行
 non_smtpd_milters = $smtpd_milters
 milter_default_action = accept


**policyd-spf設定削除 [#x4e53413]
今回、opendmarcのspf評価を使用するためpolicyd-spfの設定を削除する。

/usr/local/etc/postfix/main.cf
 # policyd-spf
 #policyd-spf_time_limit = 3600
 #       check_policy_service unix:private/policyd-spf

/usr/local/etc/postfix/master.cf
 #policyd-spf  unix  -    n       n       -       0       spawn
 #   user=nobody argv=/usr/local/bin/policyd-spf

**DNSにTXTレコード追加 [#k539ba6d]
/usr/local/etc/namedb/master/smb.net.zone

 _dmarc          IN TXT "v=DMARC1; p=none; sp=none; ri=3600;  rua=mailto:postmaster@smb.net;   ruf=mailto:postmaster@smb.net"

**起動 [#dd023283]

 # service opendmarc start
 Starting opendmarc.
 # service postfix restart
 postfix/postfix-script: stopping the Postfix mail system
 postfix/postfix-script: starting the Postfix mail system


***Mail header [#q6326238]
       dkim=pass header.i=@kuji-clinic.net header.s=kuji-clinic.net header.b=v1em8NmM;
       dkim=pass header.i=@kuji-clinic.net header.s=kuji-clinic.net header.b=v1em8NmM;
       spf=pass (google.com: best guess record for domain of root@g7.kuji-clinic.net designates 210.255.122.215 as permitted sender) smtp.mailfrom=root@g7.kuji-clinic.net;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kuji-clinic.net


----
Total access &counter(total);：本日 &counter(today);：昨日 &counter(yesterday);
#counter([total|today|yesterday]);