Integrate OpenDMARC with Exim to have DMARC checked and report sent out

Would you like DA to include DMARC Analysis and Reporting?

  • Yes

    Votes: 38 100.0%
  • No

    Votes: 0 0.0%
  • Don't care

    Votes: 0 0.0%

  • Total voters
    38

SeLLeRoNe

Super Moderator
Joined
Oct 9, 2004
Messages
6,789
Location
A Coruña, Spain
Hi Alex,

Thank you very much for that, I didn't even realize it wasn't working anymore to be honest.

I have updated the first post and my Makefile version to match those changes.

Thanks a lot
Andrea
 

SeLLeRoNe

Super Moderator
Joined
Oct 9, 2004
Messages
6,789
Location
A Coruña, Spain
Hi everyone,

From lasst ESF release there will be a check for the configurations file specifically for this purpose.

I have updated the first post to match those new filesname.

Once me, and hopefully someone else, have tested this a bit, DA will set is a standard part of ESF!

So please update your configuration, basic difference is:
/etc/exim.variables.conf.custom -> /etc/exim.easy_spam_fighter/variables.dmarc.conf
/etc/exim.easy_spam_fighter/check_message.conf.custom.post -> /etc/exim.easy_spam_fighter/dmarc_reports.conf

Now, dmarc_reports.confs sounds wrong because are actually checks, so I have asked John to change it to be check_dmarc.conf , just to follow the existing files structure.

Keep that in mind because it will probably change, I will update this thread once it changes so that you can fix it immediatly.

Thanks
Andrea
 

smtalk

Administrator
Staff member
Joined
Aug 22, 2006
Messages
8,347
Location
LT, EU
There are plans for it, but we don't personally like the MySQL part of it, because in some cases external MySQL might be used in DA servers, or same MySQL server for multiple boxes, in addition to this, issues with MySQL service could cause interruption of the service as well.
 

SeLLeRoNe

Super Moderator
Joined
Oct 9, 2004
Messages
6,789
Location
A Coruña, Spain
Well I would leave the decision to the server admin, sqlite or mysql.
MySQL-wise, DA know from the mysql.conf file where mysql stand, so it shouldn't be such a big problem read from that file and create the db in the right place, and that would work for local and remote mysql instances.

Regarding MySQL interruption that causes disruption on the server I would need to check to be honest :)

Best regards
 

zEitEr

Super Moderator
Joined
Apr 11, 2005
Messages
13,902
Location
GMT +7.00
I believe a certain rate of incoming emails might bring issues to a server if Exim is connected to MySQL. Overloaded MySQL will bring a server down.
 

SeLLeRoNe

Super Moderator
Joined
Oct 9, 2004
Messages
6,789
Location
A Coruña, Spain
I had to look out my guide so that I can provide a valid response :)

Eximt is storing the info on a text file (.dat) and it is not doing anything but collect the DMARC data, the script read that file and store those info in MySQL and it is used to send out emails for DMARC.

So technically speaking, that script can use a local or an external server, it can run once every week (but I guess historycal data will be more) and is not continuosly writing in MySQL but once every hour (if you use my crontab).
I don't really see this high-load involved on a script running once every hour (or more often if you think it's required because of your incoming mail queue).

Exim will not fail if MySQL is down, exim will store on a text file the log, what is done with it it's up to a separate script.
Here the part of config for that:
echo "dmarc_history_file=/var/spool/exim/opendmarc.dat" >> /etc/exim.easy_spam_fighter/variables.dmarc.conf


Having the same MySQL server/db for multiple exim instance it is just a very nice plus in my opinion, because at some point you might want to have a ui to check those data and reports and having a centralized area rather than go on each and every server, might be quite better.

Hope this clarify

Best regards
 
Top