MailServer | wiki bubu IT

DKIM, SPF und DMARC-Konfiguration für lists.bubuit.net

Problemstellung

E-Mails, die von lists.bubuit.net gesendet wurden, wurden von Gmail und anderen Mailservern mit folgendem Fehler abgelehnt:

opendkim

YEAR=$(date +'%Y')
DOMTLD=DOM.TLD
mkdir /etc/opendkim/keys/$DOMTLD
cd /etc/opendkim/keys/$DOMTLD
opendkim-genkey -s $YEAR -d $DOMTLD
chown opendkim:opendkim *.private
/etc/opendkim.conf

cat /etc/opendkim/keys/$DOMTLD/$YEAR.txt

mail._domainkey    IN    TXT    ( "v=DKIM1; h=sha256; k=rsa; " "p=...

vim /etc/opendkim/SigningTable

sendmail_test.sh

#!/bin/bash
# Script Name: sendmail_test.sh
# Version: 03
# Description: This script sends a test email using sendmail. The recipient's email address is the first argument.
#              It logs messages to the console only.

# Check if an argument (email address) is provided
if [ -z "$1" ]; then
    TO="root"
else
    TO="$1"
fi

# Email details
SUBJECT="Postfix Test"
FROM="$(whoami)@$(hostname)"
BODY="This is the email body!"

# Function to send email
send_email() {
    if !


  
      
      
  
    Tags
          
              script
          MailServer


    




  

      
      
            
  spamassassin


      
            https://wiki.debian.org/DebianSpamAssassin 
ai spamassassin spamass-milter re2c pyzor libmail-spamassassin-perl libarchive-zip-perl libidn2-dev libgeo-ip-perl libgeoip-dev perl-doc cpanminus
cpanm IP::Country::Fast Compress::Zlib Geo::IP Net::LibIDN2 Mail::SpamAssassin Digest::SHA1 Net::LibIDN2 IP::Country::DB_File Encode::Detect::Detector Net::Patricia Net::CIDR::Lite Devel::Cycle Test::More
sa-update
sa-compile
spamassassin --lint -D
/etc/default/spamd
/etc/default/sp
      
    
  
      
      
  
    Tags
          
              MailServer
          spam
              
      

    
  



    




  

      
      
            
  SPF


      
            ai postfix-policyd-spf-python
Create DNS txt record
v=spf1 mx -all
      
    
  
      
      
  
    Tags
          
              MailServer
              
      

      
                



          
  
    
  



    




  

      
      
            
  postfix dovecot sasl install


      
            ai postfix postfix-pcre dovecot-core dovecot-imapd sasl2-bin libsasl2-modules
      
    
  
      
      
  
    Tags
          
              MailServer
              
      

    
  



    




  

      
      
            
  15-mailboxes.conf


      
            namespace inbox {
 # These mailboxes are widely used and could perhaps be created automatically:
 mailbox Drafts {
    auto = subscribe
   special_use = \Drafts
 }
 mailbox Important {
    auto = subscribe
   special_use = \Important 
 }
 mailbox Archive {
    auto = subscribe
   special_use = \Archive
 }
 mailbox Junk {
    auto = subscribe
   special_use = \Junk
 }
 mailbox Trash {
    auto = subscribe
   special_use = \Trash
 }
 # For \Sent mailboxes there are two widely used nam

      
    

  
      
      
  
    Tags
          
              MailServer
              
      

    
  



    




  

      
      
            
  DMARC record


      
            A DMARC policy allows a sender to indicate that their emails are protected by SPF and/or DKIM, and give instruction if neither of those authentication methods passes. Please be sure you have a DKIM and SPF set before using DMARC.
You do not have a DMARC record, please add a TXT record to your domain _dmarc.DOM.TLD with the following value:
v=DMARC1; p=none
      
    
  
      
      
  
    Tags
          
              MailServer
              
      

    
  



    




  

      
      
            
  mail client autoconfig


      
            /var/www/srvip/mail/config-v1.1.xml
<?xml version="1.0" encoding="UTF-8"?>
      
    
  
      
      
  
    Tags
          
              MailServer
              
      

      
                



          
  
    
  



    




  

      
      
            
  pflogsum


      
            crontab -e
59 23 * * *    /usr/sbin/pflogsumm -d today /var/log/mail.log | mail -s "pflogsum daily Report `date`" log@DOM.TLD
0 1 * * mon    /usr/sbin/pflogsumm /var/log/mail.log.1 | mail -s "pflogsum weekly Report `date`" log@DOM.TLD
      
    
  
      
      
  
    Tags
          
              MailServer
          analytics
              
      

    
  



    




  

      
      
            
  mailman


      
            sys
vim /etc/hosts
apt install apache2 php-{bcmath,common,curl,fpm,gd,intl,mbstring,mysql,soap,xml,xsl,zip,cli}
ai mailman3-full postfix
vim /etc/mailman3/mailman.cfg
apache
cp /etc/mailman3/apache.conf /etc/apache2/sites-available/mailman.conf
vim /etc/apache2/sites-available/mailman.conf
a2ensite mailman
a2dissite 000-default.conf
      
    
  
      
      
  
    Tags
          
              MailServer
          APPs
              
      

      
                



          
  
    
  



    




  

      
      
            
  add mail user 


      
            adduser USERNAME --shell /usr/sbin/nologin
vim /etc/postfix/virtual
postmap /etc/postfix/virtual
vim /etc/postfix/virtual_domains
postmap /etc/postfix/virtual_domains
postfix reload
IMAP over TLS
mail.DOM.TLD 993
TLS on dedicated port
SMTP over TLS
mail.DOM.TLD 587
TLS on dedicated port
      
    
  
      
      
  
    Tags
          
              MailServer
              
      

      
                



                



          
  
    
  



    




  

      
      
            
  /etc/opendkim.conf


      
            # Log to syslog
Syslog            yes
SyslogSuccess           Yes
LogWhy                  Yes
# Required to use local socket with MTAs that access the socket as a non-
# privileged user (e.g. Postfix)
UMask            002
      
    
  
      
      
  
    Tags
          
              MailServer