Scappatura Rocco:
> I have one postfix server (say, 'myserver.domain.tld') acting as MX for some
> domains and as SMTP relay for the SASL authenticated user from the same
> domains.
>
> On that server I have enabled DMARC milter (other than I have set up DKIM,
> and it works fine):
>
> milter_protocol = 2
> milter_default_action = accept
> smtpd_milters = inet:localhost:12301,local:opendmarc/opendmarc.sock
> non_smtpd_milters = inet:localhost:12301,local:opendmarc/opendmarc.sock
>
> But after that, all authenticated user that use 'myserver.domain.tld' as
> outgoing mail server (Port TCP25 or TCP465 with SSL), can't send messages
> because receive messages like this:
>
> Jun 8 16:49:59 av6 postfix/cleanup[3049167]: E7A75D6564: milter-reject:
> END-OF-MESSAGE from host-79-3-222-54.business.telecomitalia.it[79.3.222.54]:
> 5.7.1 rejected by DMARC policy for inframail.it; from=<[email protected]>
> to=<[email protected]> proto=ESMTP helo=<DESKTOPT41K2DB>
>
> This is correct because doesn't satisfy for sure SPF policy.. So I think that
> I have to enable DMARC on for incoming email (email destined to domain whose
> value of MX record is 'myserver.domain.tld')..
>
> If I'm right, how I configure DMARC milter in postfix to get this? Otherwise,
> how I have to use DMARC to limit SPAM?
You can override the smtpd_milters setting from /etc/postfix/main.cf,
for example,
smtpd_milters =
unix:spf/spf-milter.sock
unix:opendkim/opendkim.sock
unix:openarc/openarc.sock
unix:opendmarc/opendmarc.sock
unix:spamassassin/spamassassin-milter.sock
...
by specifying just a subset of milters for mail submission in
/etc/postfix/master.cf, for example:
submission inet n - y - - smtpd
...
-o smtpd_milters=unix:opendkim/opendkim.sock
...
