It would be great to create steps for setting up DMARC in MIAB.
I found this site(zytrax), but am struggling with connecting the dots…
1.Create a DMARC resource record of type 'TXT’
2.Name the record _dmarc or (_dmarc.box?)
3.For the Value, define your tags such as
"v=DMARC1; p=reject; pct=100; rua=mailto:email@example.com; aspf=s; adkim=s"
What is Domain-based Message Authentication, Reporting & Conformance(DMARC)?
an email protocol; i.e., policy
the policy you create allows you (the sender) to show that your messages are protected by SPF and/or DKIM
your policy will also help the organisation that receives your message determine if your message “aligns” with what they (the receiver) know about you (the sender).
a policy applies to messages that fail authentication (report, quarantine, reject)
suggestion: if you are confident that none of your legitimate messages are being incorrectly quarantined, apply a “reject” policy
MIAB already supports DMARC out-of-the-box, so what are you trying to achieve here?
Given that you are posting 4 topics in under an hour, this looks a lot more like spamming.
Or are you trying to use all this for a domain not hosted on MIAB or something?
I meant no offence, I just genuinely wondered what the purpose was of this, because MIAB supports SPF, DKIM and DMARC out of the box without any manual configuration being necessary.
I do agree that spoofing and being marked as a safe sender is a major problem, however, I don’t understand how this would solve that problem, because it is already supported out-of-the-box.
Of course you might be using a relay host of some sorts, but then these are just general tutorials of building your own mailserver instead of using a turnkey setup like MIAB. I appreciate that the tutorials explain into detail what is happening in MIAB, but without you having to configure it manually.
If you directly apply them to MIAB, I figure these would only cause conflict with existing applications.
Instructions of successful setups of MIAB with relay hosts or smart hosts or how to set up MIAB as a relay host or smart host would be very much appreciated though.
I think that if you read your message again, you should be able to see that your tone is aggressive. Accusations of spamming should not be thrown around on a public forum, nor should anyone take them lightly.
Firstly, spamming involves providing people with irrelevant information. Anyone who has custom records will need to set up these records - correctly. The MIAB instruction guide acknowledges that people may use custom records. No relay host is required under this scenario.
Second, spamming is an activity whereby someone receives messages that they did not ask for. People are unlikely to see these posts unless they are trying to understand in detail what MIAB is doing; i.e., via an active search.
Well as I said, I meant no offence. I could have put “spamming” between quotation marks, meaning “overflowing with links containing general information without providing specific context in a short period of time by creating multiple topics about more or less the same problem”. I am not as fluent in English, so my writing style might be a bit direct. But let’s get back ontopic.
I just couldn’t figure out what the exact relevance was to MIAB specifically, given that your link is not a step-by-step tutorial. It just globally describes various protocols.
A tutorial about e.g. relay host or using MIAB as such could be useful for newbie users or people who might want to use a relay host because they are, for example, using a server in a bad IP range or who use appliances requiring the use of MIAB as a smart host.
I mention this because mail coming from for example some logging services without going through MIAB, will be marked as spam / spoofed by Gmail and other providers.
Yes, but doesn’t the “External DNS” page in the admin control panel give us copy-and-paste instructions, complete with elaboration on what each DNS record does? If newbie users would copy the tutorial you link, which gives people information about things already included in MIAB, I think they would probably just break their install. That is why I was wondering, purely out of interest and maybe able to add other useful information.
This was purely meant out of interest. MIAB does this automatically right? It also does if you use external name servers. That’s why I am wondering what problem you are trying to solve.
I don’t understand what you mean with “I found this site, but am struggling with connecting the dots…” given that it has this functionality already. What problems are you facing?
In SMTP, mail is sent in units called envelopes. First the address of the envelope sender is sent, followed by one or more envelope recipient addresses. Finally the actual message is sent, headers and body together. Note that the final recipient sees only the headers and body.
Replies go to the header sender (spammer)
Bounces go to the envelope sender address (innocent party)
DMARC validates the message sender
Random hint: Spam filters are more likely to flag your email if your email is addressed to your recipient’s email address and not their name so you should include the recipient’s name and the email address in your message.
I am not sure I understand your question, but I would assume that the SPF and DMARC records in the External DNS menu of the admin panel would reflect what the records would be under the standard default configuration.