dmarc-server-setup.md: Adjust ..
This commit is contained in:
@@ -1,4 +1,3 @@
|
|||||||
|
|
||||||
# DMARC-Server-Sammelsystem – Einrichtung und Betrieb
|
# DMARC-Server-Sammelsystem – Einrichtung und Betrieb
|
||||||
|
|
||||||
## 📖 Präambel
|
## 📖 Präambel
|
||||||
@@ -34,7 +33,7 @@ Alle Dateien werden unter `/var/lib/dmarc` abgelegt:
|
|||||||
Verzeichnisse anlegen:
|
Verzeichnisse anlegen:
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
sudo install -d -o root -g root -m 750 /var/lib/dmarc/{reports,processed,exports,logs}
|
sudo install -d -o vmail -g vmail -m 750 /var/lib/dmarc/{reports,processed,exports,logs}
|
||||||
sudo install -d -o root -g root -m 750 /usr/local/lib/dmarc
|
sudo install -d -o root -g root -m 750 /usr/local/lib/dmarc
|
||||||
```
|
```
|
||||||
|
|
||||||
@@ -83,7 +82,7 @@ dmarc-reports@oopen.de reports@oopen.de, dmarc-pipe:
|
|||||||
Dann:
|
Dann:
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
sudo postmap /etc/postfix/virtual
|
sudo postmap /etc/postfix/virtual_alias_maps
|
||||||
sudo systemctl reload postfix
|
sudo systemctl reload postfix
|
||||||
```
|
```
|
||||||
|
|
||||||
@@ -115,6 +114,7 @@ oopen.de._report._dmarc.oopen.de. IN TXT "v=DMARC1"
|
|||||||
## 🧰 3. Sammelskript `/usr/local/bin/dmarc-collect.sh`
|
## 🧰 3. Sammelskript `/usr/local/bin/dmarc-collect.sh`
|
||||||
|
|
||||||
**Datei anlegen:**
|
**Datei anlegen:**
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
sudo tee /usr/local/bin/dmarc-collect.sh >/dev/null <<'EOF'
|
sudo tee /usr/local/bin/dmarc-collect.sh >/dev/null <<'EOF'
|
||||||
#!/usr/bin/env bash
|
#!/usr/bin/env bash
|
||||||
@@ -166,10 +166,12 @@ fi
|
|||||||
|
|
||||||
EOF
|
EOF
|
||||||
sudo apt install -y ripmime
|
sudo apt install -y ripmime
|
||||||
sudo install -m 750 -o vmail -g vmail /usr/local/bin/dmarc-collect.sh
|
sudo chown vmail:vmail /usr/local/bin/dmarc-collect.sh
|
||||||
|
sudo chmod 750 /usr/local/bin/dmarc-collect.sh
|
||||||
```
|
```
|
||||||
|
|
||||||
Inhalt von `dmarc-collect.sh`:
|
Inhalt von `dmarc-collect.sh`:
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
#!/usr/bin/env bash
|
#!/usr/bin/env bash
|
||||||
set -euo pipefail
|
set -euo pipefail
|
||||||
@@ -217,7 +219,6 @@ else
|
|||||||
echo "$(date -Is) no usable attachment in message" >> "$LOGF"
|
echo "$(date -Is) no usable attachment in message" >> "$LOGF"
|
||||||
exit 0
|
exit 0
|
||||||
fi
|
fi
|
||||||
|
|
||||||
```
|
```
|
||||||
|
|
||||||
---
|
---
|
||||||
@@ -247,6 +248,7 @@ sudo chmod 750 /usr/local/lib/dmarc/daily-run.sh
|
|||||||
```
|
```
|
||||||
|
|
||||||
Cronjob anlegen:
|
Cronjob anlegen:
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
echo '17 3 * * * root /usr/local/lib/dmarc/daily-run.sh' | sudo tee /etc/cron.d/dmarc-daily >/dev/null
|
echo '17 3 * * * root /usr/local/lib/dmarc/daily-run.sh' | sudo tee /etc/cron.d/dmarc-daily >/dev/null
|
||||||
```
|
```
|
||||||
@@ -256,6 +258,7 @@ echo '17 3 * * * root /usr/local/lib/dmarc/daily-run.sh' | sudo tee /etc/cron.d/
|
|||||||
## 🧮 5. Auswertungsskript `/usr/local/bin/dmarc-scan.sh`
|
## 🧮 5. Auswertungsskript `/usr/local/bin/dmarc-scan.sh`
|
||||||
|
|
||||||
Installation:
|
Installation:
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
sudo apt install -y xmlstarlet unzip gzip
|
sudo apt install -y xmlstarlet unzip gzip
|
||||||
sudo tee /usr/local/bin/dmarc-scan.sh >/dev/null <<'EOF'
|
sudo tee /usr/local/bin/dmarc-scan.sh >/dev/null <<'EOF'
|
||||||
@@ -568,6 +571,7 @@ sudo chmod 750 /usr/local/bin/dmarc-scan.sh
|
|||||||
Beschreibung: Das Skript liest XML/ZIP/GZ-Reports, zeigt eine Tabelle pro Report, schreibt eine Records-CSV (mit `--append` fortsetzbar) und exportiert Top-Listen als CSV in `--outdir`.
|
Beschreibung: Das Skript liest XML/ZIP/GZ-Reports, zeigt eine Tabelle pro Report, schreibt eine Records-CSV (mit `--append` fortsetzbar) und exportiert Top-Listen als CSV in `--outdir`.
|
||||||
|
|
||||||
**Wichtige Parameter:**
|
**Wichtige Parameter:**
|
||||||
|
|
||||||
- `--domain DOMAIN` (Filter)
|
- `--domain DOMAIN` (Filter)
|
||||||
- `--csv PFAD` (Records-CSV)
|
- `--csv PFAD` (Records-CSV)
|
||||||
- `--append` (anhängen statt überschreiben)
|
- `--append` (anhängen statt überschreiben)
|
||||||
@@ -575,6 +579,7 @@ Beschreibung: Das Skript liest XML/ZIP/GZ-Reports, zeigt eine Tabelle pro Report
|
|||||||
- `--outdir PFAD` (Top-CSV Ziel)
|
- `--outdir PFAD` (Top-CSV Ziel)
|
||||||
|
|
||||||
**Beispiel:**
|
**Beispiel:**
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
dmarc-scan.sh /var/lib/dmarc/reports/2025/11/12 --domain fluechtlingsrat-brandenburg.de --csv /var/lib/dmarc/exports/records.csv --append --top 25 --outdir /var/lib/dmarc/exports/
|
dmarc-scan.sh /var/lib/dmarc/reports/2025/11/12 --domain fluechtlingsrat-brandenburg.de --csv /var/lib/dmarc/exports/records.csv --append --top 25 --outdir /var/lib/dmarc/exports/
|
||||||
```
|
```
|
||||||
|
|||||||
Reference in New Issue
Block a user