On 04/30/2014 12:50 PM, Michael Storz wrote:
Am 2014-04-30 12:23, schrieb Axb:
On 04/30/2014 12:10 PM, Django [BOfH] wrote:
HI!
Am 30.04.2014 11:14, schrieb Axb:
Seems to me that amavisd-new would be the better place to handle this
You ned a mail filter, witch can see (!) SPF-Auth and DKIM-Auth while
DMARC is checking both results.
So the only really good and best place ist to use Milters[1]:
SMF-SPF-Milter
OpenDKIM-Milter
DMARC-Milter
and
amavisd-new-milter.
Don't mix milters with several policyd-daemon!
Sers
Django
[1] https://dokuwiki.nausch.org/doku.php/centos:mail_c6:mta_13
or none at all - depending on what kind of traffic you handle all
this goo causes more problems than its worth. :)
my unrequested 2 cents
That's corect, it depends on the kind of environement you are living. If
you operate an email sink, then it is ok to just mark emails as spam.
For universities this is different. A lot of students are forwarding
their emails to freemail providers like AOL, Google, Hotmail and Yahoo.
All of them are using DMARC to reject emails. If you are forwarding
emails, which are marked as spam and fail the DMARC check, these emails
will be rejected und you will produce backscatter. Even worse, the
reputation of your mail server will decrease until the server gets blocked.
if doing alot of forwarding, SRS is probably your friend
If you like DMARC or not, in such a scenario you are forced to react.
discussing the good and band of DMARC iso outside SA' scope and should
be moved to mailop list where the horse is getting beaten to death.
EOT for me
