Create firststeps-dmarc_reporting.md
Dieser Commit ist enthalten in:
Dmitriy Alekseev
GitHub
Ursprung
13ee064707
Commit
1f8f8ed98b
1 geänderte Dateien mit 53 neuen und 0 gelöschten Zeilen
53
docs/firststeps-dmarc_reporting.md
Normale Datei
53
docs/firststeps-dmarc_reporting.md
Normale Datei
|
|
@ -0,0 +1,53 @@
|
|||
DMARC Reporting done via Rspamd DMARC Module.
|
||||
|
||||
Offical configuration options and documentation can be found here: https://rspamd.com/doc/modules/dmarc.html
|
||||
|
||||
**Important:**
|
||||
1. Before use config examples from this document please adjust them, change `example.com` and `Example` to your actual data
|
||||
2. DMARC reporting require additional attention, especially at first days
|
||||
3. Your reports for all server will be send from one reporting domain. Recommended to use parent domain of your `MAILCOW_HOSTNAME`, f.e:
|
||||
- if your `MAILCOW_HOSTNAME=mail.example.com` then Reporting `domain = "example.com";`
|
||||
- set `email` from same domain also, `email = "noreply-dmarc@example.com";`
|
||||
4. This optional, but recomended step: create `noreply-dmarc` email user in mailcow to handle bounces.
|
||||
- Go to mailcow admin UI → Configuration → Mail Setup → Mailboxes → Add mailbox → Create mailbox `noreply-dmarc`, please choose correct domain
|
||||
- In case you want silently discard bounces: login in SOGo from this account and go to Preferences → Mail → Filters → Create Filter → Add action → Provide name, f.e: `noreply` and add action: Discard the message and save filter
|
||||
- In case you plan to resend a copy of reports to yourself: you need add condition to previous filter example `From is not noreply-dmarc@example.com`
|
||||
|
||||
## Enable DMARC Reports
|
||||
Create or edit file in `data/conf/rspamd/local.d/dmarc.conf` and set content to:
|
||||
```
|
||||
reporting = true;
|
||||
send_reports = true;
|
||||
report_settings {
|
||||
org_name = "Example";
|
||||
domain = "example.com";
|
||||
email = "noreply-dmarc@example.com";
|
||||
from_name = "Example DMARC Report";
|
||||
smtp = "postfix";
|
||||
smtp_port = 25;
|
||||
helo = "rspamd";
|
||||
retries = 3;
|
||||
hscan_count = 1500
|
||||
}
|
||||
```
|
||||
|
||||
## Disable DMARC Reports
|
||||
To disable reports set `send_reports` to `false`
|
||||
|
||||
## Send a copy reports to yourself
|
||||
To get copy of own generated reports you can add `additional_address = "noreply-dmarc@pnnsoft.com";` in `report_settings` section.
|
||||
This useful in case:
|
||||
- you want to check that your DMARC Reports send correctly, e.g.: check that they signed by DKIM, etc.
|
||||
- you want to analyze own reports to get statics data, f.e: use with ParseDMARC or other analytic system
|
||||
|
||||
## DMARC Force actions
|
||||
This module also allows to enable force actions based on sender DMARC policy to reject or quarantine emails which has failed policy.
|
||||
This good from security point, but not allow whitelist broken senders. This up to your choice enable it or not.
|
||||
|
||||
To enable it, add to end of `data/conf/rspamd/local.d/dmarc.conf`:
|
||||
```
|
||||
actions {
|
||||
quarantine = "add_header";
|
||||
reject = "reject";
|
||||
}
|
||||
```
|
||||
Laden …
In neuem Issue referenzieren