• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Help to add a DMARC record

General pfSense Questions
5
5
1.1k
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • Z
    zefetorres
    last edited by Dec 12, 2017, 8:53 PM

    Help to add a DMARC record

    I can not send emails, if I can receive.

    mxtool box marks me this error: dmarc dominio.com DNS Record not found

    How do I add a DMARC record in my pfsense?

    1 Reply Last reply Reply Quote 0
    • J
      JKnott
      last edited by Dec 12, 2017, 9:16 PM

      I assume you mean your Internet connection is failing intermittently.  When I had that problem, I wrote a shell script that pinged my ISP's gateway address every minute and recorded the time of failures.

      PfSense running on Qotom mini PC
      i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel Gb Ethernet ports.
      UniFi AC-Lite access point

      I haven't lost my mind. It's around here...somewhere...

      1 Reply Last reply Reply Quote 0
      • J
        johnpoz LAYER 8 Global Moderator
        last edited by Dec 12, 2017, 9:23 PM

        No DMARC is a setting for email domains..

        https://en.wikipedia.org/wiki/DMARC
        Domain-based Message Authentication, Reporting and Conformance (DMARC)

        Are you running bind?  Unbound is not really meant to be an authoritative NS…

        The NS for that domain are listed as
        ;; ANSWER SECTION:
        dominio.com.            3446    IN      NS      ns1.accountsupport.com.
        dominio.com.            3446    IN      NS      ns2.accountsupport.com.

        You would setup the dmarc entries there.. that would have nothing to do with pfsense - unless your actually hosting ns1 and ns2 on pfsense?

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 24.11 | Lab VMs 2.7.2, 24.11

        1 Reply Last reply Reply Quote 0
        • ?
          Guest
          last edited by Dec 13, 2017, 9:29 AM

          As jonPoz said, it gets set up on the authoritative ns. The only side note on that is that if you are running your own mail server behind pfSense and you want to use dkim, then you will more than likely need to add that to the pfSense DNS resolver, otherwise your mailserver will complain.

          If you do want to add dkim, then just search for dkim on this site and you'll find I posted a thread about it.

          1 Reply Last reply Reply Quote 0
          • D
            dhaselhorst
            last edited by Dec 16, 2017, 1:57 PM

            Agree with johnpoz and marjohn56. If you need helping setting up DMARC (and SPF/DKIM), a group and I put together a technical guide at the link below if you are interested. It also has an associated testing guide which walks you through the process of discovering your authoritative nameservers.

            https://www.linuxincluded.com/implementing-spf-dkim-and-dmarc/

            1 Reply Last reply Reply Quote 0
            4 out of 5
            • First post
              4/5
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.