Integrate OpenDMARC with Exim to have DMARC checked and report sent out

[SeLLeRoNe]

Hi Alex,

Thank you very much for that, I didn't even realize it wasn't working anymore to be honest.

I have updated the first post and my Makefile version to match those changes.

Thanks a lot
Andrea

 

[SeLLeRoNe]

Hi everyone,

From lasst ESF release there will be a check for the configurations file specifically for this purpose.

I have updated the first post to match those new filesname.

Once me, and hopefully someone else, have tested this a bit, DA will set is a standard part of ESF!

So please update your configuration, basic difference is:
/etc/exim.variables.conf.custom -> /etc/exim.easy_spam_fighter/variables.dmarc.conf
/etc/exim.easy_spam_fighter/check_message.conf.custom.post -> /etc/exim.easy_spam_fighter/dmarc_reports.conf

Now, dmarc_reports.confs sounds wrong because are actually checks, so I have asked John to change it to be check_dmarc.conf , just to follow the existing files structure.

Keep that in mind because it will probably change, I will update this thread once it changes so that you can fix it immediatly.

Thanks
Andrea

 

[SeLLeRoNe]

Okay, John updated the file name.
Now it is check_dmarc.conf
First post updated.

Andrea

 

[aaronmax]

thx for the awesomeness

Now it is check_dmarc.conf
First post updated.

Andrea

this is a great feature to have, looking forward to DA including...

many thanks for the effort in doing this

 

[Imtek]

Any news from DirectAdmin, will they include it in custombuild?

 

[smtalk]

There are plans for it, but we don't personally like the MySQL part of it, because in some cases external MySQL might be used in DA servers, or same MySQL server for multiple boxes, in addition to this, issues with MySQL service could cause interruption of the service as well.

 

[zEitEr]

What if to rewrite the script for sqlite? Will it be a more acceptable variant?

 

[SeLLeRoNe]

Well I would leave the decision to the server admin, sqlite or mysql.
MySQL-wise, DA know from the mysql.conf file where mysql stand, so it shouldn't be such a big problem read from that file and create the db in the right place, and that would work for local and remote mysql instances.

Regarding MySQL interruption that causes disruption on the server I would need to check to be honest

Best regards

 

[zEitEr]

I believe a certain rate of incoming emails might bring issues to a server if Exim is connected to MySQL. Overloaded MySQL will bring a server down.

 

[SeLLeRoNe]

I had to look out my guide so that I can provide a valid response

Eximt is storing the info on a text file (.dat) and it is not doing anything but collect the DMARC data, the script read that file and store those info in MySQL and it is used to send out emails for DMARC.

So technically speaking, that script can use a local or an external server, it can run once every week (but I guess historycal data will be more) and is not continuosly writing in MySQL but once every hour (if you use my crontab).
I don't really see this high-load involved on a script running once every hour (or more often if you think it's required because of your incoming mail queue).

Exim will not fail if MySQL is down, exim will store on a text file the log, what is done with it it's up to a separate script.
Here the part of config for that:
echo "dmarc_history_file=/var/spool/exim/opendmarc.dat" >> /etc/exim.easy_spam_fighter/variables.dmarc.conf


Having the same MySQL server/db for multiple exim instance it is just a very nice plus in my opinion, because at some point you might want to have a ui to check those data and reports and having a centralized area rather than go on each and every server, might be quite better.

Hope this clarify

Best regards

 

[zEitEr]

Thanks Andrea for the clarification. It is now clear.