Am 21.02.2015 um 09:06 schrieb Robert Schetterer:
Am 21.02.2015 um 08:43 schrieb Joachim Fahrner:
Hallo,
bei Mailinglisten wird das DMARC wirklich zum Problem. Habe mich jetzt auf einer Liste angemeldet die nicht DMARC-konform ist und prompt werden da Mails abgewiesen. Kriegt man das irgendwie in den Griff, ohne DMARC komplett zu deaktivieren?
nur wenn du eine Art whitelisting vorschaltest wuerde ich aber nicht tun, oeffentliche Listen sollten sich schlichtweg DMARC konform verhalten
das hier koennte helfen
http://manpages.ubuntu.com/manpages/saucy/man5/opendmarc.conf.5.html
IgnoreHosts (string) Specifies the path to a file that contains a list of hostnames, IP addresses, and/or CIDR expressions identifying hosts whose SMTP connections are to be ignored by the filter. If not specified, defaults to "127.0.0.1" only.
IgnoreMailFrom (string) Gives a list of domain names whose mail (based on the From: domain) is to be ignored by the filter. The list should be comma-separated. Matching against this list is case- insensitive. The default is an empty list, meaning no mail is ignored.
Feb 20 06:28:35 s2 postfix/postscreen[20427]: CONNECT from [8.8.178.116]:46715 to [78.46.184.248]:25 Feb 20 06:28:35 s2 postfix/postscreen[20427]: PASS OLD [8.8.178.116]:46715 Feb 20 06:28:36 s2 postfix/smtpd[20429]: connect from mx2.freebsd.org[8.8.178.116] Feb 20 06:28:37 s2 postfix/smtpd[20429]: Anonymous TLS connection established from mx2.freebsd.org[8.8.178.116]: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits) Feb 20 06:28:39 s2 policyd-spf[20438]: None; identity=helo; client-ip=8.8.178.116; helo=mx2.freebsd.org; envelope-from=owner-freebsd-current@freebsd.org; receiver=jf@fahrner.name Feb 20 06:28:39 s2 policyd-spf[20438]: Pass; identity=mailfrom; client-ip=8.8.178.116; helo=mx2.freebsd.org; envelope-from=owner-freebsd-current@freebsd.org; receiver=jf@fahrner.name Feb 20 06:28:39 s2 postfix/smtpd[20429]: 7224534141: client=mx2.freebsd.org[8.8.178.116] Feb 20 06:28:39 s2 postfix/cleanup[20440]: 7224534141: message-id=464530409.2420401.1424409908005.JavaMail.yahoo@mail.yahoo.com Feb 20 06:28:39 s2 opendkim[3180]: 7224534141: mx2.freebsd.org [8.8.178.116] not internal Feb 20 06:28:39 s2 opendkim[3180]: 7224534141: not authenticated Feb 20 06:28:40 s2 opendkim[3180]: 7224534141: bad signature data Feb 20 06:28:40 s2 opendmarc[3192]: 7224534141: authres: s2.fahrner.name;#012#011dkim=fail reason="no signature error" (2048-bit key; insecure) header.d=yahoo.com header.i=@yahoo.com header.b=Bk3hfdot;#012#011dkim-adsp=unknown (insecure policy); dkim-atps=neutral Feb 20 06:28:40 s2 opendmarc[3192]: 7224534141: recvspf: Pass (sender SPF authorized) identity=mailfrom; client-ip=8.8.178.116; helo=mx2.freebsd.org; envelope-from=owner-freebsd-current@freebsd.org; receiver=jf@fahrner.name Feb 20 06:28:40 s2 postfix/pickup[19499]: A037634145: uid=118 from=<opendmarc> Feb 20 06:28:40 s2 postfix/cleanup[20444]: A037634145: message-id=20150220052840.A037634145@s2.fahrner.name Feb 20 06:28:40 s2 opendmarc[3192]: 7224534141: yahoo.com fail Feb 20 06:28:40 s2 opendkim[3180]: A037634145: DKIM-Signature header added (s=mail, d=fahrner.name) Feb 20 06:28:40 s2 postfix/cleanup[20440]: 7224534141: milter-reject: END-OF-MESSAGE from mx2.freebsd.org[8.8.178.116]: 5.7.1 rejected by DMARC policy for yahoo.com; from=owner-freebsd-current@freebsd.org to=jf@fahrner.name proto=ESMTP helo=<mx2.freebsd.org>
Best Regards MfG Robert Schetterer
Best Regards MfG Robert Schetterer