Ajout de ce qu’il faut pour DMARC/DKIM

mail.yml

@@ -3,5 +3,6 @@
       - postfix
       - dovecot
       - opendkim
+      - opendmarc
       - spamassassin
       - mailman

roles/opendkim/tasks/main.yml

@@ -7,8 +7,8 @@
       - opendkim-tools
 
 - name: main configuration files
-  copy:
+  template:
-      src: ./files/opendkim.conf
+      src: opendkim.conf
       dest: /etc/opendkim.conf
   notify:
       - restart opendkim

roles/opendkim/templates/opendkim.conf

@@ -4,7 +4,8 @@ MilterDebug             1
 Syslog                  yes
 UMask                   002
 OversignHeaders         From
-
+Mode                    sv
 KeyTable                /etc/dkim/KeyTable
 SigningTable            /etc/dkim/SigningTable
 PidFile                 /var/run/opendkim/opendkim.pid
+Nameservers             {{ ansible_facts['dns']['nameservers']|join(',') }}

roles/opendmarc/files/opendmarc.conf

@@ -0,0 +1,9 @@
+Socket inet:8892@localhost
+FailureReports false
+PidFile /var/run/opendmarc/opendmarc.pid
+PublicSuffixList /usr/share/publicsuffix
+RejectFailures false
+Syslog true
+SyslogFacility mail
+UMask 0002
+UserID opendmarc

roles/opendmarc/handlers/main.yml

@@ -0,0 +1,4 @@
+- name: restart opendmarc
+  service:
+      name: opendmarc
+      state: restarted

roles/opendmarc/tasks/main.yml

@@ -0,0 +1,11 @@
+- name: install opendmarc
+  package:
+      name: opendmarc
+      state: present
+
+- name: opendmarc config file
+  copy:
+      src: ./files/opendmarc.conf
+      dest: /etc/opendmarc.conf
+  notify:
+      - restart opendmarc