Prevent sending "DMARC aggregate reports"

Questions and answers about how to do stuff
Post Reply
ManFarang
Posts: 16
Joined: 06 Jan 2020 10:22

Prevent sending "DMARC aggregate reports"

Post by ManFarang »

Hi,

I'm a newbie on efa-project so please excuse my maybe silly and easy to answer question.

I have the server up and running now for about 2 weeks. Was pretty easy based on the supplied VM.
After some configuration problems with my internet provider ("man in the middle") mail routing/filtering now works pretty nicely.

My problem:
from time to time the server tries to send out "DMARC aggregate reports" (example):
...
To: d@rua.agari.com
From: no-reply@mydomain.net
Subject: Report Domain: mail.paypal.com Submitter: mydomain.net Report-ID: mail.paypal.com-1578528537@mydomain.net
...

all of these mail time out:

09/01/20 13:46:43 efaproject 06:37:38 deferred (connect to etl.cp.prod.agari.com[52.32.121.40]:25: Connection timed out)
09/01/20 12:36:43 efaproject 05:27:38 deferred (connect to etl.cp.prod.agari.com[52.32.121.40]:25: Connection timed out)
09/01/20 11:26:44 efaproject 04:17:39 deferred (connect to etl.cp.prod.agari.com[52.32.121.40]:25: Connection timed out)
09/01/20 10:16:44 efaproject 03:07:39 deferred (connect to etl.cp.prod.agari.com[52.32.121.40]:25: Connection timed out)
09/01/20 09:06:43 efaproject 01:57:38 deferred (connect to etl.cp.prod.agari.com[52.32.121.40]:25: Connection timed out)
09/01/20 08:06:42 efaproject 00:57:37 deferred (connect to etl.cp.prod.agari.com[34.210.170.165]:25: Connection timed out)
09/01/20 07:36:42 efaproject 00:27:37 deferred (connect to etl.cp.prod.agari.com[34.212.14.175]:25: Connection timed out)
09/01/20 07:21:44 efaproject 00:12:39 deferred (connect to etl.cp.prod.agari.com[34.212.14.175]:25: Connection timed out)
09/01/20 07:10:35 efaproject 00:01:30 deferred (connect to etl.cp.prod.agari.com[34.212.14.175]:25: Connection timed out)

I don't want my server to be classified as kind of a spammer (the server is used inbound only!). Therefore I would like to totally suppress these messages.

But I have no idea how to do that :-(

Anyone who can advice what to configure to achieve this goal?

Help is very much appreciated.

Thx, Man
User avatar
shawniverson
Posts: 3644
Joined: 13 Jan 2014 23:30
Location: Indianapolis, Indiana USA
Contact:

Re: Prevent sending "DMARC aggregate reports"

Post by shawniverson »

This is normal, and reports are sent based on the remote party dmarc policy.

However, if you still want to turn off opendmarc:

Code: Select all

sudo systemctl stop opendmarc
sudo systemctl disable opendmarc
sudo mv /etc/cron.daily/eFa-Daily-DMARC ~
sudo mv /etc/cron.weekly/eFa-Weekly-DMARC ~
ManFarang
Posts: 16
Joined: 06 Jan 2020 10:22

Re: Prevent sending "DMARC aggregate reports"

Post by ManFarang »

thanks for your help.

Will give it a try.

rgds, man
ManFarang
Posts: 16
Joined: 06 Jan 2020 10:22

Re: Prevent sending "DMARC aggregate reports"

Post by ManFarang »

disabling opendmarc killed my STARTTLS...

opendmarc stopped/disabled:

send a testmail...

SERVER -> CLIENT: 220 efaproject.mpconsult.net ESMTP Postfix
CLIENT -> SERVER: EHLO tools.wormly.com
SERVER -> CLIENT: 250-efaproject.mpconsult.net
250-PIPELINING
250-SIZE 133169152
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250 SMTPUTF8
CLIENT -> SERVER: STARTTLS
SERVER -> CLIENT: 454 4.3.0 Try again later
SMTP ERROR: STARTTLS command failed: 454 4.3.0 Try again later
2020-01-18 14:42:03 SMTP Error: Could not connect to SMTP host.
CLIENT -> SERVER: QUIT
SERVER -> CLIENT: 221 2.0.0 Bye
Connection: closed
2020-01-18 14:42:03 SMTP connect() failed. https://github.com/PHPMailer/PHPMailer/ ... leshooting


opendmarc enabled/started:

SERVER -> CLIENT: 220 efaproject.mpconsult.net ESMTP Postfix
CLIENT -> SERVER: EHLO tools.wormly.com
SERVER -> CLIENT: 250-efaproject.mpconsult.net
250-PIPELINING
250-SIZE 133169152
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250 SMTPUTF8
CLIENT -> SERVER: STARTTLS
SERVER -> CLIENT: 220 2.0.0 Ready to start TLS
CLIENT -> SERVER: EHLO tools.wormly.com
SERVER -> CLIENT: 250-efaproject.mpconsult.net
250-PIPELINING
250-SIZE 133169152
250-ETRN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250 SMTPUTF8
CLIENT -> SERVER: MAIL FROM:
SERVER -> CLIENT: 250 2.1.0 Ok
CLIENT -> SERVER: RCPT TO:
SERVER -> CLIENT: 250 2.1.5 Ok
CLIENT -> SERVER: DATA
SERVER -> CLIENT: 354 End data with .
CLIENT -> SERVER: Date: Sat, 18 Jan 2020 14:59:48 +0000
CLIENT -> SERVER: To: MyAddress
CLIENT -> SERVER: From: Wormly SMTP Test
CLIENT -> SERVER: Subject: Wormly SMTP Test Message
CLIENT -> SERVER: Message-ID:
CLIENT -> SERVER: MIME-Version: 1.0
CLIENT -> SERVER: Content-Type: text/plain; charset=iso-8859-1
CLIENT -> SERVER:
CLIENT -> SERVER: This message was sent using the Wormly SMTP testing tool by this user:
CLIENT -> SERVER: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.117 Safari/537.36 OPR/66.0.3515.36
CLIENT -> SERVER: 183.88.8.239
CLIENT -> SERVER:
CLIENT -> SERVER: .
SERVER -> CLIENT: 250 2.0.0 Ok: queued as 480Lgr1tdKz8DQk
CLIENT -> SERVER: QUIT
SERVER -> CLIENT: 221 2.0.0 Bye
Connection: closed
chrisbruce
Posts: 9
Joined: 12 Feb 2020 22:37

Re: Prevent sending "DMARC aggregate reports"

Post by chrisbruce »

@ManFarang

Did you find a solution to disabling opendmarc that didn't kill your TLS?
User avatar
shawniverson
Posts: 3644
Joined: 13 Jan 2014 23:30
Location: Indianapolis, Indiana USA
Contact:

Re: Prevent sending "DMARC aggregate reports"

Post by shawniverson »

Whoops, we need to remove the milter for opendmarc from /etc/postfix/main.cf

Looks at smtpd_milters and non_smtpd_milters and remove the one for port 8893
User avatar
shawniverson
Posts: 3644
Joined: 13 Jan 2014 23:30
Location: Indianapolis, Indiana USA
Contact:

Re: Prevent sending "DMARC aggregate reports"

Post by shawniverson »

Oh, by the way, option 16 in eFa-Configure disables this (duh, I forgot myself! :lol: )
Post Reply