Benutzer-Werkzeuge
fortgeschrittene:postfix-rspamd
Unterschiede
Hier werden die Unterschiede zwischen zwei Versionen gezeigt.
| Beide Seiten, vorherige Überarbeitung Vorherige Überarbeitung Nächste Überarbeitung | Vorherige Überarbeitung | ||
|
fortgeschrittene:postfix-rspamd [2025/08/30 12:02] ingo_wichmann [Voraussetzung] |
fortgeschrittene:postfix-rspamd [2025/08/31 12:06] (aktuell) ingo_wichmann [DKIM & DMARC] |
||
|---|---|---|---|
| Zeile 60: | Zeile 60: | ||
| journalctl -f --facility=mail | journalctl -f --facility=mail | ||
| -> ''milter-header-warning'' | -> ''milter-header-warning'' | ||
| + | |||
| milter_header_checks in Produktion wieder aus machen: | milter_header_checks in Produktion wieder aus machen: | ||
| postconf -# milter_header_checks | postconf -# milter_header_checks | ||
| + | === Spam-Test Mail schicken === | ||
| + | <file txt GTUBE> | ||
| + | This is the GTUBE, the | ||
| + | Generic | ||
| + | Test for | ||
| + | Unsolicited | ||
| + | Bulk | ||
| + | |||
| + | |||
| + | If your spam filter supports it, the GTUBE provides a test by which you | ||
| + | can verify that the filter is installed correctly and is detecting incoming | ||
| + | spam. You can send yourself a test mail containing the following string of | ||
| + | characters (in upper case and with no white spaces and line breaks): | ||
| + | |||
| + | XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X | ||
| + | |||
| + | You should send this test mail from an account outside of your network. | ||
| + | </file> | ||
| + | |||
| + | swaks -f test@example.com -t ingo@iw-1.lxht.de --body @GTUBE | ||
| ===== rspamd controller & WebUI ===== | ===== rspamd controller & WebUI ===== | ||
| rspamadm configwizard checks controller | rspamadm configwizard checks controller | ||
| Zeile 76: | Zeile 97: | ||
| rspamadm configwizard checks dkim | rspamadm configwizard checks dkim | ||
| + | * DKIM-Selector z.B. ''dkim2025'' | ||
| * "//Use domain from authenticated user for sign//" wählen | * "//Use domain from authenticated user for sign//" wählen | ||
| - | * RR in [[bind]] zone eintragen | ||
| - | * DMARC RR in [[bind]] zone eintragen: ''_dmarc.example.com TXT "v=DMARC1; p=none; rua=mailto:user1@example.com"'' | ||
| - | chown _rspamd /var/lib/rspamd/dkim/iw.lxht.de.dkim.key* | + | chown _rspamd /var/lib/rspamd/dkim/example.com.dkim2025.key |
| + | |||
| + | Public-Key für RR aus Key erzeugen: | ||
| + | openssl ec -in /var/lib/rspamd/dkim/example.com.dkim2025.key -pubout -outform der | openssl base64 -A | fold -w 200 | while read chunk; do echo "\"$chunk\""; done | ||
| + | |||
| + | * RR in [[bind]] zone eintragen: ''dkim2025._domainkey.example.com. TXT "v=DKIM1; k=rsa; p=" "MII..."'' | ||
| + | * DMARC RR in [[bind]] zone eintragen: ''_dmarc.example.com TXT "v=DMARC1; p=none; rua=mailto:user1@example.com"'' | ||
| Konfiguration prüfen: | Konfiguration prüfen: | ||
| - | dig +short dkim._domainkey.example.com TXT | + | dig +short dkim2025._domainkey.example.com TXT |
| dig +short _dmarc.example.com TXT | dig +short _dmarc.example.com TXT | ||
| rspamadm configdump dkim_signing | rspamadm configdump dkim_signing | ||
fortgeschrittene/postfix-rspamd.1756555367.txt.gz · Zuletzt geändert: 2025/08/30 12:02 von ingo_wichmann
Seiten-Werkzeuge
Falls nicht anders bezeichnet, ist der Inhalt dieses Wikis unter der folgenden Lizenz veröffentlicht: CC Attribution-Noncommercial-Share Alike 4.0 International
