diff --git a/CHANGELOG.md b/CHANGELOG.md index a4b3918..b0a0fd1 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,15 +6,22 @@ All user visible changes to this project will be documented in this file. This p -## [1.4.2-r35] · 2024-??-?? (unreleased) -[1.4.2-r35]: /../../tree/1.4.2-r35 +## [1.4.2-r36] · 2024-03-12 +[1.4.2-r36]: /../../tree/1.4.2-r36 + +[Diff](/../../compare/1.4.2-r35...1.4.2-r36) -[Diff](/../../compare/1.4.2-r35...) +### Added + +- Sending reports support via [`msmtp`]. ([#10], [#9]) ### Security updated - [Debian Linux] "bookworm" 20240311 (12.5): +[#9]: /../../issues/9 +[#10]: /../../pull/10 + @@ -653,6 +660,7 @@ All user visible changes to this project will be documented in this file. This p [`libspf2`]: https://www.libspf2.org +[`msmtp`]: https://marlam.de/msmtp [Alpine Linux]: https://www.alpinelinux.org [Debian Linux]: https://www.debian.org [OpenDMARC]: https://github.com/trusteddomainproject/OpenDMARC diff --git a/Dockerfile.tmpl.php b/Dockerfile.tmpl.php index 8b42913..10a2dbd 100644 --- a/Dockerfile.tmpl.php +++ b/Dockerfile.tmpl.php @@ -35,9 +35,11 @@ && apk add --no-cache \ libmilter libspf2 \ + msmtp \ && apt-get install -y --no-install-recommends --no-install-suggests \ libmilter1.0.1 libspf2-2 \ + msmtp-mta \ \ # Install tools for building diff --git a/README.md b/README.md index 3f72718..f3faef3 100644 --- a/README.md +++ b/README.md @@ -77,6 +77,25 @@ To see default OpenDMARC configuration of this Docker image just run: docker run --rm instrumentisto/opendmarc cat /etc/opendmarc/opendmarc.conf ``` +#### Sending reports + +This image comes with [`msmtp` MTA][30] preinstalled, which can be used to send reports when requested via the [`ruf` tag inside a DMARC record][32]. + +For this to happen, in `opendmarc.conf` set `FailureReports true` and `FailureReportsSentBy` to your (probably `noreply`) sender address. Then, put an `/etc/msmtprc` configuration file that looks like this: +``` +defaults +logfile - + +account default +host +port +from +``` + +Apart from substituting your MTA hostname/port and your sender address (again), consider adding TLS and authentication if you're touching untrusted network. See the [`msmtp` man page][31] for details. + +Make sure to avoid mail loops, which can happen if processing a report mails violates its own [DMARC][11] rules, causing more reports. + @@ -168,6 +187,9 @@ If you have any problems with or questions about this image, please contact us t [20]: http://skarnet.org/software/s6/overview.html [21]: https://github.com/just-containers/s6-overlay [22]: https://github.com/just-containers/s6-overlay#usage +[30]: https://marlam.de/msmtp +[31]: https://marlam.de/msmtp/msmtp.html +[32]: https://dmarc.org/overview#odd_row [90]: https://github.com/instrumentisto/opendmarc-docker-image [91]: https://github.com/instrumentisto/opendmarc-docker-image/blob/main/LICENSE.md [92]: https://sourceforge.net/p/opendmarc/code/ci/master/tree/LICENSE diff --git a/alpine/Dockerfile b/alpine/Dockerfile index 8624135..3875c39 100644 --- a/alpine/Dockerfile +++ b/alpine/Dockerfile @@ -17,6 +17,7 @@ RUN apk update \ # Install OpenDMARC dependencies && apk add --no-cache \ libmilter libspf2 \ + msmtp \ \ # Install tools for building && apk add --no-cache --virtual .tool-deps \ diff --git a/debian/Dockerfile b/debian/Dockerfile index 8641c83..3dffd18 100644 --- a/debian/Dockerfile +++ b/debian/Dockerfile @@ -18,6 +18,7 @@ RUN apt-get update \ # Install OpenDMARC dependencies && apt-get install -y --no-install-recommends --no-install-suggests \ libmilter1.0.1 libspf2-2 \ + msmtp-mta \ \ # Install tools for building && toolDeps=" \ diff --git a/tests/main.bats b/tests/main.bats index 4d36e30..92cd46e 100644 --- a/tests/main.bats +++ b/tests/main.bats @@ -72,3 +72,16 @@ '/sbin/syslogd --help' [ "$status" -eq 0 ] } + + +@test "sendmail: is present" { + run docker run --rm --pull never --entrypoint sh $IMAGE -c \ + 'which sendmail' + [ "$status" -eq 0 ] +} + +@test "sendmail: runs ok" { + run docker run --rm --pull never --entrypoint sh $IMAGE -c \ + 'sendmail --help' + [ "$status" -eq 0 ] +}