I've ranted before about #DMARC and whether it's worth private mail-server admins implementing.
Today's rant: the reference implementation, https://github.com/trusteddomainproject/OpenDMARC, has been abandoned for ~4 years, and its maintainers, http://www.trusteddomain.org/, are completely AWOL.
Linux distro maintainers have had to do proxy maintenance themselves, picking and choosing patches from pull requests submitted to the project to add to their distributions.
This sucks.
#FOSS #SMTP #OpenDMARC #TrustedDomainProject

Hat sich jemand mal mit opendmarc-reports auseinander gesetzt?
Könnte man dieses auch selbst machen um anderen Mailservern den Report zu senden?
#dmarc #opendmarc #reports

In case you missed CVE-2023-42118 or think it does not apply because you do not use #Exim: the bug is in libspf2 and the fixes are available at https://github.com/shevek/libspf2/pull/44 and https://github.com/shevek/libspf2/pull/47 If you use #opendmarc with #libspf2 then make sure to rebuild it after rebuilding libspf2. Or just install your distro's updates #security #devops

Struggling with OpenDMARC's reporting features? The instructions from the Trusted Domain Project are a bit imprecise and lead easily to insecure implementations. Here's a small Bash script and a couple of SystemD units to help you with a more secure automation of DMARC reports.

#dmarc #opendmarc #infosec

https://github.com/oh2fih/OpenDMARC-Reports

Hey #infosecPeople & #postmaster & #emailExperts what would be the best (as more stable/safe/RFC-compliant…) #DMARC filter for #postfix ? (inbound, obviously)

Until recently I was using policyd-spf as a policy service + #openDKIM & #openDMARC as milters and now I've disabled policyd-spf to do #SPF checking inside openDMARC.
I'm contemplating the idea of switching to Fastmail's authentication_milter but it looks like a very high maintenance piece of software.
Tell me about your choice(s)!

Three billion phishing emails sent each day make #DMARC critical for today's mail servers, says #ZDNet -- that's right, and thanks to an early grant from Euro-NGO #NLnet it's long been available via #OpenDMARC https://www.zdnet.com/article/three-billion-phishing-emails-are-sent-every-day-but-one-change-could-make-life-much-harder-for-scammers/