On 11/11/2023 23:03, Dino Edwards wrote:
most DMARC's I find still use quarantine, what responses are you
seeing for them?
I don't have any p=quarantine examples right now.
the domain you're using now has quarantine policy :)
o dont need to setup amavisd as a milter if its working fine already.
Well, I can see Damien's point here. Originally with OpenDKIM the
Postfix milter was setup in the following order where 8891 is OpenDKIM
and 54321 is OpenDMARC:
smtpd_milters = inet:127.0.0.1:8891, inet:127.0.0.1:54321
So OpenDKIM would insert the authentication headers and OpenDMARC would
parse them. By using the amavis as content_filter i.e. post-queue,
OpenDMARC never sees the authentication headers so it always fails but
in the case of p=none it doesn't make a difference and it passes
anyway.
Unless I'm thinking about it wrong.
That's correct, if you're using only opendmarc just the
inet:127.0.0.1:54321 is needed, thats all you need, are you sure it is
adding sigs on sending? send an email to check-a...@verifier.port25.com
wait a minute then check its results email.
--
Regards,
Noel Butler
This Email, including attachments, may contain legally privileged
information, therefore at all times remains confidential and subject to
copyright protected under international law. You may not disseminate
this message without the authors express written authority to do so.
If you are not the intended recipient, please notify the sender then
delete all copies of this message including attachments immediately.
Confidentiality, copyright, and legal privilege are not waived or lost
by reason of the mistaken delivery of this message.