[exim] Re: dmarc_history_file - incomplete data logged for s…

Góra strony
Delete this message
Reply to this message
Autor: Victor Ustugov
Data:  
Dla: Mackenzie Taiaroa via Exim-users
Nowe tematy: [exim] Re: dmarc_history_file - incomplete data logged for spf and dkim, [exim] Re: dmarc_history_file - incomplete data logged for spf and dkim, [exim] Re: dmarc_history_file - incomplete data logged for spf and dkim, [exim] Re: dmarc_history_file - incomplete data logged for spf and dkim
Temat: [exim] Re: dmarc_history_file - incomplete data logged for spf and dkim
Mackenzie Taiaroa via Exim-users wrote on 19.06.2023 07:24:
> Hi Victor,
>
> Thanks very much for your response. We're using libopendmarc.x86_64 version
> 1.4.2. Unfortunately libopendmarc 1.3.2 isn't available for our server. Are
> you aware of how libopendmarc 1.4.2 can work with Exim to generate reports?


Yes, I am.

> (I appreciate this is a bit of a broad stroke).
>
> The errors we receive when trying to import the data to the opendmarc
> database are:
>
> Jun 19 14:13:46 hostname.com dmarc-report.sh[1174664]: opendmarc-import:
> failed to insert message: Column 'arc' cannot be null
> Jun 19 14:13:46 hostname.com dmarc-report.sh[1174664]: Use of uninitialized
> value $dkim_result in string eq at /usr/sbin/opendmarc-import line>
> Jun 19 14:13:46 hostname.com dmarc-report.sh[1174664]: opendmarc-import:
> updating at line 424
>
> I've checked the corresponding line in /usr/sbin/opendmarc-import and
> opendmarc-import is looking for multiple values for DKIM, while our history
> reports 0. Having no results for ARC authentication also causes failures
> during import but I understand ARC is not officially supported by Exim
> currently, am I correct in assuming Exim will not log any ARC results
> either?


opendmarc-import expectes strings with "row" and "row_policy" in the
first column of the input.

As I see exim does not provide any info about arc and arc_policy in
dmarc_history_file even with support included.

As far as I know, there is no information about verification of ARC
signatures in the DMARC aggregate reports of Google, Microsoft and other
major mail systems.

So I decided to just exclude the result of the ARC signature
verification from the report.

I have altered table `messages` to allow NULL value in the fields `arc`
and `arc_policy` and applied patch
https://mta.org.ua/opendmarc/patches/opendmarc-1.4.2-disable-arc/patch-src__opendmarc-1.4.2-disable-arc.patch


The next issue is that opendmarc-import from opendmarc 1.4.x expects an
extra column in the string containing the DKIM signature verification
information. It expects DKIM selector.

This patch might be helpful:

https://mta.org.ua/exim-4.94-conf/patches/exim-4.96-fix-opemdmarc-1.4.x-history_file/patch-src__exim-4.96-fix-opemdmarc-1.4.x-history_file.patch


> Thanks again,
> Mackenzie Taiaroa
>
> On Sat, 10 Jun 2023 at 03:38, Victor Ustugov via Exim-users <
> exim-users@???> wrote:
>
>> Mackenzie via Exim-users wrote on 07.06.2023 05:39:
>>> Hi therem
>>
>> Hi
>>
>>> Hoping someone can help me get to the bottom of this one. I'm in the
>> process of configuring Exim to process inbound DMARC validation and hope to
>> configure DMARC reporting using the Exim DMARC history file in combination
>> with OpenDmarc.
>>>
>>> Exim is validating SPF/DKIM and DMARC as expected in inbound email (well
>> as far as I can tell), however for some reason our DMARC history file isn't
>> being populated with complete authentication results. Below is a example
>> DMARC history log entry for message 1q6haa-00FZGj-13, as you can see Exim
>> hasn't populated the SPF and DKIM authentication results:
>>>
>>> job 1q6haa-00FZGj-13
>>> reporter test.hostname.com.au
>>> received 1686099833
>>> ipaddr 209.85.210.41
>>> from gmail.com
>>> mfrom gmail.com
>>> spf 0
>>> dkim gmail.com 0
>>> pdomain gmail.com
>>> policy 15
>>> rua mailto:mailauth-reports@google.com
>>> pct 100
>>> adkim 114
>>> aspf 114
>>> p 110
>>> sp 113
>>> align_dkim 4
>>> align_spf 4
>>> action 2
>>
>> What version of libopendmarc do you use?
>>
>> The data above is not compatible with libopendmarc 1.4.x.
>>
>>
>> >From my understanding Exim's dmarc_history_file provides all data
>> required to generate DMARC reports using OpenDmarc however the data logged
>> by Exim in my example is not enough information for DMARC report
>> generation, so I suspect the issue is within my Exim configuration although
>> I'm at a complete loss to where this configuration is incomplete or
>> inaccurate. What am I missing here? Please help!
>>
>> What kind of problems did you encounter?
>>
>> Are you getting any error messages when importing the contents of a
>> dmarc_history_file with opendmarc-import?
>>
>> --
>> Best wishes Victor Ustugov
>> mailto:victor@corvax.kiev.ua
>> public GnuPG/PGP key: https://victor.corvax.kiev.ua/corvax.asc
>>
>> --
>> ## subscription configuration (requires account):
>> ##
>> https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
>> ## unsubscribe (doesn't require an account):
>> ## exim-users-unsubscribe@???
>> ## Exim details at http://www.exim.org/
>> ## Please use the Wiki with this list - http://wiki.exim.org/
>>
>



--
Best wishes Victor Ustugov
mailto:victor@corvax.kiev.ua
public GnuPG/PGP key: https://victor.corvax.kiev.ua/corvax.asc

--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@???
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/