Integrate OpenDMARC with Exim to have DMARC checked and report sent out

Would you like DA to include DMARC Analysis and Reporting?

  • Yes

    Votes: 61 100.0%

  • No

    Votes: 0 0.0%

  • Don't care

    Votes: 0 0.0%
  • Total voters
    61
Hi Alex,

Thank you very much for that, I didn't even realize it wasn't working anymore to be honest.

I have updated the first post and my Makefile version to match those changes.

Thanks a lot
Andrea
 
Hi everyone,

From lasst ESF release there will be a check for the configurations file specifically for this purpose.

I have updated the first post to match those new filesname.

Once me, and hopefully someone else, have tested this a bit, DA will set is a standard part of ESF!

So please update your configuration, basic difference is:
/etc/exim.variables.conf.custom -> /etc/exim.easy_spam_fighter/variables.dmarc.conf
/etc/exim.easy_spam_fighter/check_message.conf.custom.post -> /etc/exim.easy_spam_fighter/dmarc_reports.conf

Now, dmarc_reports.confs sounds wrong because are actually checks, so I have asked John to change it to be check_dmarc.conf , just to follow the existing files structure.

Keep that in mind because it will probably change, I will update this thread once it changes so that you can fix it immediatly.

Thanks
Andrea
 
There are plans for it, but we don't personally like the MySQL part of it, because in some cases external MySQL might be used in DA servers, or same MySQL server for multiple boxes, in addition to this, issues with MySQL service could cause interruption of the service as well.
 
Well I would leave the decision to the server admin, sqlite or mysql.
MySQL-wise, DA know from the mysql.conf file where mysql stand, so it shouldn't be such a big problem read from that file and create the db in the right place, and that would work for local and remote mysql instances.

Regarding MySQL interruption that causes disruption on the server I would need to check to be honest :)

Best regards
 
I believe a certain rate of incoming emails might bring issues to a server if Exim is connected to MySQL. Overloaded MySQL will bring a server down.
 
I had to look out my guide so that I can provide a valid response :)

Eximt is storing the info on a text file (.dat) and it is not doing anything but collect the DMARC data, the script read that file and store those info in MySQL and it is used to send out emails for DMARC.

So technically speaking, that script can use a local or an external server, it can run once every week (but I guess historycal data will be more) and is not continuosly writing in MySQL but once every hour (if you use my crontab).
I don't really see this high-load involved on a script running once every hour (or more often if you think it's required because of your incoming mail queue).

Exim will not fail if MySQL is down, exim will store on a text file the log, what is done with it it's up to a separate script.
Here the part of config for that:
echo "dmarc_history_file=/var/spool/exim/opendmarc.dat" >> /etc/exim.easy_spam_fighter/variables.dmarc.conf


Having the same MySQL server/db for multiple exim instance it is just a very nice plus in my opinion, because at some point you might want to have a ui to check those data and reports and having a centralized area rather than go on each and every server, might be quite better.

Hope this clarify

Best regards
 
Are there still plans to integrate this with DirectAdmin?

I added it to https://feedback.directadmin.com/b/...xim-to-have-dmarc-checked-and-report-sent-out just to give this some more visibility. Make sure to vote if you're interested as well.

Als added this: https://feedback.directadmin.com/b/feature-requests/automatically-parse-dmarc-reports-and-display-statistics-directly-in-directadmin request to be able to see reports sent to your DirectAdmin domains displayed in the DirectAdmin interface.
 
Last edited:
tristan said:
Are there still plans to integrate this with DirectAdmin?

I added it to https://feedback.directadmin.com/b/...xim-to-have-dmarc-checked-and-report-sent-out just to give this some more visibility. Make sure to vote if you're interested as well.

Als added this: https://feedback.directadmin.com/b/feature-requests/automatically-parse-dmarc-reports-and-display-statistics-directly-in-directadmin request to be able to see reports sent to your DirectAdmin domains displayed in the DirectAdmin interface.
Click to expand...

Wold love to see this too, voted on it!
 
Hi. Is there any issue with the latest exim version 4.95? I get an error...
Code: 
dmarc.c:463:5: error: too few arguments to function ‘opendmarc_policy_store_dkim’
     libdm_status = opendmarc_policy_store_dkim(dmarc_pctx, US sig->domain, dkim_result, US"");
     ^
In file included from dmarc.h:14:0,
                 from exim.h:555,
                 from dmarc.c:14:
/usr/include/opendmarc/dmarc.h:125:20: note: declared here
 OPENDMARC_STATUS_T opendmarc_policy_store_dkim(DMARC_POLICY_T *pctx, u_char *domain, u_char *selector, int result, u_char *human_result);

Looks like the number of arguments for opendmarc_policy_store_dkim changed...
 
please check here:

Exim 4.95

Full changelog; https://github.com/Exim/exim/blob/master/doc/doc-txt/ChangeLog New Exim release 4.95 with multiple security fixes.
forum.directadmin.com forum.directadmin.com
 
You must log in or register to reply here.
Back
Top