Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
opendmarc(8)		    System Manager's Manual		  opendmarc(8)

NAME
       opendmarc - DMARC email policy filter for MTAs

SYNOPSIS
       opendmarc  [-A] [-c configfile] [-f] [-l] [-n] [-p socketspec] [-P pid-
       file] [-t file[,file[...]]]  [-u	userid[:group]]	[-v] [-V]

DESCRIPTION
       opendmarc implements the	proposed DMARC specification  for  authentica-
       tion of message and reporting of	observed traffic.

       opendmarc  uses the milter interface, originally	distributed as part of
       version 8.11 of sendmail(8), to provide a DMARC processing service  for
       mail transiting a milter-aware MTA.

       Most,  if not all, of the command line options listed below can also be
       set using a configuration file.	See the	-c option for details.

       opendmarc relies	on addition of Authentication-Results  fields  by  up-
       stream  filters	on  trusted  hosts to collect input to the DMARC algo-
       rithm.  It does not itself do DKIM or SPF evaluation.

OPTIONS
       -A     Automatically re-start on	failures.  Use with  caution;  if  the
	      filter  fails  instantly after it	starts,	this can cause a tight
	      fork(2) loop.  This can be mitigated using some  values  in  the
	      configuration file to limit restarting.  See opendmarc.conf(5).

       -c configfile
	      Read  the	 named	configuration file.  See the opendmarc.conf(5)
	      man page for details.  Values  in	 the  configuration  file  are
	      overridden  when	their  equivalents are provided	on the command
	      line until a configuration reload	occurs.	 The OPERATION section
	      describes	how reloads are	triggered.  The	default	is to  read  a
	      configuration file from /usr/local/etc/opendmarc.conf if one ex-
	      ists, or otherwise to apply defaults to all values.

       -f     Normally opendmarc forks and exits immediately, leaving the ser-
	      vice  running  in	the background.	 This flag suppresses that be-
	      haviour so that it runs in the foreground.

       -l     Log via calls to syslog(3) any interesting activity.

       -n     Parse the	configuration file and command line arguments, report-
	      ing any errors found, and	then exit.  The	exit value will	 be  0
	      if the filter would start	up without complaint, or non-zero oth-
	      erwise.

       -p socketspec
	      Specifies	the socket that	should be established by the filter to
	      receive  connections  from  sendmail(8) in order to provide ser-
	      vice.  socketspec	is in one of two forms:	local:path which  cre-
	      ates   a	 UNIX	domain	 socket	 at  the  specified  path,  or
	      inet:port[@host] or inet6:port[@host] which creates a TCP	socket
	      on the specified port within the specified protocol family.   If
	      the host is not given as either a	hostname or an IP address, the
	      socket  will  be listening on all	interfaces.  If	neither	socket
	      type is specified, local is assumed, meaning  the	 parameter  is
	      interpreted as a path at which the socket	should be created.  If
	      an  IP  address is used, it must be enclosed in square brackets.
	      This parameter is	mandatory.

       -P pidfile
	      Specifies	a file into which the filter should write its  process
	      ID at startup.

       -t file[,file[,...]]
	      Reads  email messages from the named files and processes them as
	      if they were  received  by  the  filter.	 The  service  is  not
	      started,	and actions normally sent back to the MTA will instead
	      be printed on standard output.

       -u userid[:group]
	      Attempts to be come the specified	userid before starting	opera-
	      tions.   The process will	be assigned all	of the groups and pri-
	      mary group ID of the named userid	unless an alternate  group  is
	      specified.   See	the FILE PERMISSIONS section for more informa-
	      tion.

       -v     Increase verbose output during test mode (see -t above).	May be
	      specified	more than once to request increasing amounts  of  out-
	      put.

       -V     Print the	version	number and supported canonicalization and sig-
	      nature algorithms, and then exit without doing anything else.

SIGNALS
       Upon  receiving SIGUSR1,	if the filter was started with a configuration
       file, it	will be	re-read	and the	new values used.  Note that  any  com-
       mand  line overrides provided at	startup	time will be lost when this is
       done.  Also, the	following configuration	file values (and their	corre-
       sponding	 command  line	items,	if  any) are not reloaded through this
       process:	AutoRestart  (-A),  AutoRestartCount,  AutoRestartRate,	 Back-
       ground,	MilterDebug,  PidFile  (-P),  Socket (-p), UMask, UserID (-u).
       The filter does not automatically  check	 the  configuration  file  for
       changes and reload.

VERSION
       This man	page covers version 1.4.2 of opendmarc.

COPYRIGHT
       Copyright (c) 2012, The Trusted Domain Project.	All rights reserved.

SEE ALSO
       opendmarc.conf(5), sendmail(8)

       Sendmail	Operations Guide

       RFC4408 - Sender	Policy Framework

       RFC5321 - Simple	Mail Transfer Protocol

       RFC5322 - Internet Messages

       RFC5451	-  Message  Header Field for Indicating	Message	Authentication
       Status

       RFC6376 - DomainKeys Identified Mail

       RFC6591 - Authentication	Failure	Reporting Using	 the  Abuse  Reporting
       Format

			  The Trusted Domain Project		  opendmarc(8)

Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=opendmarc&sektion=8&manpath=FreeBSD+Ports+14.3.quarterly>

home | help