Am 2014-04-30 12:23, schrieb Axb:
On 04/30/2014 12:10 PM, Django [BOfH] wrote:
HI!
Am 30.04.2014 11:14, schrieb Axb:
Seems to me that amavisd-new would be the better place to handle
this
You ned a mail filter, witch can see (!) SPF-Auth and DKIM-Auth
while
DMARC is checking both results.
So the only really good and best place ist to use Milters[1]:
SMF-SPF-Milter
OpenDKIM-Milter
DMARC-Milter
and
amavisd-new-milter.
Don't mix milters with several policyd-daemon!
Sers
Django
[1] https://dokuwiki.nausch.org/doku.php/centos:mail_c6:mta_13
or none at all - depending on what kind of traffic you handle all
this goo causes more problems than its worth. :)
my unrequested 2 cents
That's corect, it depends on the kind of environement you are living.
If you operate an email sink, then it is ok to just mark emails as spam.
For universities this is different. A lot of students are forwarding
their emails to freemail providers like AOL, Google, Hotmail and Yahoo.
All of them are using DMARC to reject emails. If you are forwarding
emails, which are marked as spam and fail the DMARC check, these emails
will be rejected und you will produce backscatter. Even worse, the
reputation of your mail server will decrease until the server gets
blocked.
If you like DMARC or not, in such a scenario you are forced to react.
--
Michael
