Package: opendmarc
Version: 1.3.2-6
Upgraded server stretch (9) to buster (10)
Opendmarc was functioning prior to buster
In systemdd
/lib/systemd/system# cat opendmarc.service
[Unit]
Description=OpenDMARC Milter
Documentation=man:opendmarc(8) man:opendmarc.conf(5)
After=network.target nss-lookup.target
[Service]
Type=forking
PIDFile=/var/run/opendmarc/opendmarc.pid
User=opendmarc
ExecStart=/usr/sbin/opendmarc
Restart=on-failure
ExecReload=/bin/kill -USR1 $MAINPID
[Install]
WantedBy=multi-user.target
The package prefers form install
dpkg.log:2019-07-19 14:39:29 configure opendmarc:i386 1.3.2-6 <none>
dpkg.log:2019-07-19 14:39:29 status unpacked opendmarc:i386 1.3.2-6
dpkg.log:2019-07-19 14:40:09 conffile /etc/default/opendmarc keep
dpkg.log:2019-07-19 14:40:24 conffile /etc/opendmarc.conf keep
dpkg.log:2019-07-19 14:40:24 status half-configured opendmarc:i386 1.3.2-6
dpkg.log:2019-07-19 14:40:27 status installed opendmarc:i386 1.3.2-6
[/usr/lib/tmpfiles.d/opendmarc.conf:1] Line references path below
legacy directory /var/run/, updating /var/run/opendmarc →
/run/opendmarc; please update the tmpfiles.d/ drop-in file
accordingly.
Should not the systemd file be /run instead of /var/run ?
That's the easy problem but in postfix the opendmarc deamon does not
seem to write to the history file for import into sql
cat /etc/opendmarc.conf
# This is a basic configuration that can easily be adapted to suit a standard
# installation. For more advanced options, see opendkim.conf(5) and/or
# /usr/share/doc/opendmarc/examples/opendmarc.conf.sample.
## AuthservID (string)
## defaults to MTA name
#
# AuthservID name
## ForensicReports { true | false }
## default "false"
##
# ForensicReports true
PidFile /run/opendmarc/opendmarc.pid
## RejectFailures { true | false }
## default "false"
##
RejectFailures false
## Syslog { true | false }
## default "false"
##
## Log via calls to syslog(3) any interesting activity.
#
Syslog true
## SyslogFacility facility-name
## default "mail"
##
## Log via calls to syslog(3) using the named facility. The facility names
## are the same as the ones allowed in syslog.conf(5).
#
# SyslogFacility mail
## TrustedAuthservIDs string
## default HOSTNAME
##
## Specifies one or more "authserv-id" values to trust as relaying true
## upstream DKIM and SPF results. The default is to use the name of
## the MTA processing the message. To specify a list, separate each entry
## with a comma. The key word "HOSTNAME" will be replaced by the name of
## the host running the filter as reported by the gethostname(3) function.
#
TrustedAuthservIDs
mail2.sheridanwest.eu,mail2.sheridanwest.com,mail2.alanwest.eu,mail2.alanwest.com
## UMask mask
## default (none)
##
## Requests a specific permissions mask to be used for file creation. This
## only really applies to creation of the socket when Socket specifies a
## UNIX domain socket, and to the HistoryFile and PidFile (if any); temporary
## files are normally created by the mkstemp(3) function that enforces a
## specific file mode on creation regardless of the process umask. See
## umask(2) for more information.
#
UMask 0002
## UserID user[:group]
## default (none)
##
## Attempts to become the specified userid before starting operations.
## The process will be assigned all of the groups and primary group ID of
## the named userid unless an alternate group is specified.
#
UserID opendmarc:opendmarc
SPFSelfValidate true
#blog.schaal-24.de/mail/dmarc-check-unter-debian-wheezy/?lang=en
AuthservIDWithJobID true
BaseDirectory /run/opendmarc
CopyFailuresTo abuse@
FailureReportsBcc technical_dmarc@
FailureReportsOnNone true
#FailureReportsSentBy noreply-dmarc-rep...@schaal-24.de
#HistoryFile opendmarc.log
#/var/run/opendmarc/opendmarc.log
IgnoreAuthenticatedClients true
#`Socket inet:8893@localhost
#@127.0.0.1
Socket local:/run/opendmarc/opendmarc.sock
#SPFIgnoreResults true
RecordAllMessages true
MilterDebug 1
AuthservID mail2.sheridanwest.com
RejectFailures False
Syslog true
SyslogFacility mail
TrustedAuthservIDs mail2.example.com
AutoRestart true
PublicSuffixList /usr/share/publicsuffix/
#PublicSuffixList /etc/effective_tld_names.dat
IgnoreHosts /etc/dmarcignorehosts
AutoRestartRate 10/1h
RejectFailures false
Syslog true
#PidFile /var/run/opendmarc/opendmarc.pid
HistoryFile opendmarc.log
#'HistoryFile crazy
#RecordAllMessages 1
SoftwareHeader 1
Jul 28 16:10:02 localhost postfix/pickup[10942]: 7B13EBD4A82: uid=135
from=<opendmarc>
Jul 28 16:10:02 localhost postfix/qmgr[25701]: 7B13EBD4A82:
from=<opendm...@mail2.example.com>, size=827, nrcpt=1 (queue active)
Jul 28 16:10:02 localhost postfix/local[21579]: 7B13EBD4A82:
to=<opendm...@mail2.example.com>, orig_to=<opendmarc>, relay=local,
delay=0.21, delays=0.2/0.01/0/0, dsn=2.0.0, status=sent (delivered to
mailbox)
Jul 28 16:15:08 localhost postfix/pickup[21599]: 332F6BD4A82: uid=135
from=<opendmarc>
Jul 28 16:15:08 localhost postfix/qmgr[25701]: 332F6BD4A82:
from=<opendm...@mail2.example.com>, size=1316, nrcpt=1 (queue active)
Jul 28 16:15:08 localhost postfix/local[22142]: 332F6BD4A82:
to=<opendm...@mail2.example.com>, orig_to=<opendmarc>, relay=local,
delay=0.14, delays=0.13/0.01/0/0, dsn=2.0.0, status=sent (delivered to
mailbox)
Jul 28 21:45:31 localhost opendmarc[11818]: OpenDMARC Filter: mi_stop=1
Jul 28 21:45:31 localhost opendmarc[11818]: OpenDMARC Filter v1.3.2
terminating with status 0, errno = 0
Jul 28 21:45:37 localhost opendmarc[9315]: OpenDMARC Filter v1.3.2 starting ()
Jul 28 21:45:37 localhost opendmarc[9315]: additional trusted
authentication services: mail2.example.com
ls -la /run/opendmarc/
total 12
drwxr-x--- 2 opendmarc opendmarc 140 Jul 29 16:15 .
drwxr-xr-x 48 root root 1400 Jul 29 15:47 ..
-rw------- 1 opendmarc opendmarc 6954 Jul 29 16:15 Mailbox
-rw-r--r-- 1 opendmarc opendmarc 0 Jul 28 16:10 opendmarc.import.dat
-rw-r--r-- 1 opendmarc opendmarc 0 Jul 29 16:10 opendmarc.log
-rw-r--r-- 1 opendmarc opendmarc 5 Jul 28 21:45 opendmarc.pid
srwxrwxr-x 1 opendmarc opendmarc 0 Jul 28 21:45 opendmarc.sock
echo sql import
mv ${WORK_DIR}/opendmarc.log ${WORK_DIR}/opendmarc.import.dat -f
cat /dev/null > ${WORK_DIR}/opendmarc.log
/usr/sbin/opendmarc-import --dbhost=${DB_SERVER} --dbuser=${DB_USER}
--dbpasswd=${DB_PASS} --dbname=${DB_NAME} --verbose <
${WORK_DIR}/opendmarc.import.dat
etc/dmarcimport #daily dmarc importer to sql
sql import
opendmarc-import: started at Sun Jul 28 16:10:02 2019
opendmarc-import: connected to database
opendmarc-import: terminating at Sun Jul 28 16:10:02 2019
opendmarc-reports: started at Sun Jul 28 16:15:02 2019
opendmarc-reports: selected 969 domain(s)
opendmarc-reports: terminating at Sun Jul 28 16:15:03 2019
Confused while with nothing to import its correct (see run/opendmarc
ls) it leaves me with questions as to what is ring and what is wrong
S West.
