oracular (8) opendmarc.8.gz

Provided by: opendmarc_1.4.2-5_amd64 bug

NAME

       opendmarc - DMARC email policy filter for MTAs

SYNOPSIS

       opendmarc   [-A]  [-c  configfile]  [-f]  [-l]  [-n]  [-p  socketspec]  [-P  pidfile]  [-t
       file[,file[...]]]  [-u userid[:group]] [-v] [-V]

DESCRIPTION

       opendmarc implements the proposed DMARC specification for authentication  of  message  and
       reporting of observed traffic.

       opendmarc  uses  the  milter  interface, originally distributed as part of version 8.11 of
       sendmail(8), to provide a DMARC processing service for mail transiting a milter-aware MTA.

       Most, if not all, of the command line options  listed  below  can  also  be  set  using  a
       configuration file.  See the -c option for details.

       opendmarc  relies  on  addition  of  Authentication-Results  fields by upstream filters on
       trusted hosts to collect input to the DMARC algorithm.  It does not itself do DKIM or  SPF
       evaluation.

OPTIONS

       -A     Automatically  re-start  on  failures.   Use  with  caution;  if  the  filter fails
              instantly after it starts, this can cause  a  tight  fork(2)  loop.   This  can  be
              mitigated  using  some  values  in the configuration file to limit restarting.  See
              opendmarc.conf(5).

       -c configfile
              Read the named configuration file.  See the opendmarc.conf(5) man page for details.
              Values in the configuration file are overridden when their equivalents are provided
              on the command line until a configuration reload  occurs.   The  OPERATION  section
              describes  how  reloads are triggered.  The default is to read a configuration file
              from /etc/opendmarc.conf if one exists, or  otherwise  to  apply  defaults  to  all
              values.

       -f     Normally  opendmarc forks and exits immediately, leaving the service running in the
              background.  This flag suppresses that behaviour so that it runs in the foreground.

       -l     Log via calls to syslog(3) any interesting activity.

       -n     Parse the configuration file and  command  line  arguments,  reporting  any  errors
              found,  and  then  exit.   The  exit  value  will be 0 if the filter would start up
              without complaint, or non-zero otherwise.

       -p socketspec
              Specifies  the  socket  that  should  be  established  by  the  filter  to  receive
              connections  from sendmail(8) in order to provide service.  socketspec is in one of
              two forms: local:path which creates a UNIX domain socket at the specified path,  or
              inet:port[@host]  or  inet6:port[@host] which creates a TCP socket on the specified
              port within the specified protocol family.  If the host is not given  as  either  a
              hostname  or  an  IP  address,  the socket will be listening on all interfaces.  If
              neither socket type is specified,  local  is  assumed,  meaning  the  parameter  is
              interpreted  as  a path at which the socket should be created.  If an IP address is
              used, it must be enclosed in square brackets.  This parameter is mandatory.

       -P pidfile
              Specifies a file into which the filter should write its process ID at startup.

       -t file[,file[,...]]
              Reads email messages from the named files  and  processes  them  as  if  they  were
              received by the filter.  The service is not started, and actions normally sent back
              to the MTA will instead be printed on standard output.

       -u userid[:group]
              Attempts to be come the specified userid before starting operations.   The  process
              will  be assigned all of the groups and primary group ID of the named userid unless
              an alternate group is  specified.   See  the  FILE  PERMISSIONS  section  for  more
              information.

       -v     Increase  verbose  output  during  test mode (see -t above).  May be specified more
              than once to request increasing amounts of output.

       -V     Print the version number and supported canonicalization and  signature  algorithms,
              and then exit without doing anything else.

SIGNALS

       Upon  receiving  SIGUSR1,  if the filter was started with a configuration file, it will be
       re-read and the new values used.  Note that any command line overrides provided at startup
       time  will  be lost when this is done.  Also, the following configuration file values (and
       their corresponding command line items, if any) are not  reloaded  through  this  process:
       AutoRestart  (-A),  AutoRestartCount,  AutoRestartRate,  Background,  MilterDebug, PidFile
       (-P), Socket (-p), UMask, UserID (-u).   The  filter  does  not  automatically  check  the
       configuration file for changes and reload.

VERSION

       This man page covers version 1.4.2 of opendmarc.

       Copyright (c) 2012, The Trusted Domain Project.  All rights reserved.

SEE ALSO

       opendmarc.conf(5), sendmail(8)

       Sendmail Operations Guide

       RFC4408 - Sender Policy Framework

       RFC5321 - Simple Mail Transfer Protocol

       RFC5322 - Internet Messages

       RFC5451 - Message Header Field for Indicating Message Authentication Status

       RFC6376 - DomainKeys Identified Mail

       RFC6591 - Authentication Failure Reporting Using the Abuse Reporting Format

                                    The Trusted Domain Project                       opendmarc(8)