Hello, I had installed dkim-latest_ispconfig3.tar.gz, and now I want add DMARC in my server. I use DNSs Services of my ISP provaider, Linode DNS Manager. I found this tutorial, but I wonder what is the best way to implement DMARC http://www.stevejenkins.com/blog/20...h-postfix-or-sendmail-for-rhel-centos-fedora/ Regards Nestor
If you have already installed dkim-latest_ispconfig3 you can use the dmarc-wizard. just enabled dns and create a dmarc for a domain and afterwards insert the records on linode. the wizard is similar to http://www.kitterman.com/dmarc/assistant.html I don´t think that you really need a dmarc-check. AFAIK dmarc is valid if dkim OR spf passes. So a dkim-signed mail will pass the check even if the spf-record fails.
Hello, Florian Because some of my clients, on [email protected] in my production SERVER sofihacloud.com.ar, until now ISPConfig 3.0.5.4 sp5 Says This is the mail system at host mail.sofihacloud.com.ar. I'm sorry to have to inform you that your message could not be delivered to one or more recipients. It's attached below. For further assistance, please send mail to postmaster. If you do so, please include this problem report. You can delete your own text from the attached returned message. The mail system <[email protected]>: host gmail-smtp-in.l.google.com[2607:f8b0:4003:c0c::1b] said: 550-5.7.1 [2600:3c00::f03c:91ff:fe70:19fd 12] Our system has detected that 550-5.7.1 this message is likely unsolicited mail. To reduce the amount of spam 550-5.7.1 sent to Gmail, this message has been blocked. Please visit 550 5.7.1 https://support.google.com/mail/answer/188131 for more information. x205si2794710oix.80 - gsmtp (in reply to end of DATA command) Let me explain my idea, If I installed DKIM and DMARC would solve this problem, so I started with sofiha-isp.com is a test server once worked OK, do the same on the production server Regards Nestor
Hello, again DMARC Assistant Results DMARC record for: sofiha-isp.com Record should be published at _dmarc.sofiha-isp.com v=DMARC1; p=none; rua=mailto:[email protected] Is it ok? Regards Nestor
You can use this record. But you should use p=none for testing only. If your setup works, change the policy later. I have also an account on dmarcian.com to the dmarc-reports in a readables format.
Hello, again What's the policy for production environment? quarantine or reject from what I can see GMAIL using reject Regards Nestor