Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision
Previous revision
tools:emailsec [2023/04/26 14:06] – [DMARC] darrontools:emailsec [2023/05/18 21:05] (current) – [DKIM] darron
Line 15: Line 15:
 __Zone__ __Zone__
 <code> <code>
-1H IN TXT "v=spf1 a:hostname -all"+1H IN TXT "v=spf1 a:HOSTNAME -all"
 </code> </code>
  
Line 106: Line 106:
 remote_smtp_dkim_DOMAIN: remote_smtp_dkim_DOMAIN:
  driver           = smtp  driver           = smtp
 + helo_data        = HOSTNAME
 + interface        = <;IPV4;IPV6
  dkim_domain      = DOMAIN  dkim_domain      = DOMAIN
  dkim_selector    = dkim  dkim_selector    = dkim
  dkim_private_key = /etc/exim4/private.pem  dkim_private_key = /etc/exim4/private.pem
 </code> </code>
 +
 +For SPF the HOSTNAME must resolve to the specified IP address(es).
  
 The DKIM domain needn't be the same as the sender domain. The DKIM domain needn't be the same as the sender domain.
Line 119: Line 123:
  
 ^Policy^Effect^ ^Policy^Effect^
-|None|Mail delivered normally| +|none|Mail delivered normally| 
-|Quarantine|Mail delivered to spam folder| +|quarantine|Mail delivered to spam folder| 
-|Reject|Mail rejected and not delivered|+|reject|Mail rejected and not delivered|
  
 For reporting, providers such as google send details of e-mails that pass and fail. For google the reports originate from noreply-dmarc-support@google.com. For reporting, providers such as google send details of e-mails that pass and fail. For google the reports originate from noreply-dmarc-support@google.com.
Line 135: Line 139:
 _dmarc IN TXT "v=DMARC1; p=none; rua=mailto:postmaster@DOMAIN" _dmarc IN TXT "v=DMARC1; p=none; rua=mailto:postmaster@DOMAIN"
 </code> </code>
 +
 +Once you are confident that you are sending e-mail from the correct server(s) in with the correct signature(s) then the policy can be made more strict.
  
 __Test__ __Test__