diff --git a/iRedMail/ChangeLog b/iRedMail/ChangeLog
index a4e4ea4a..e19447a4 100644
--- a/iRedMail/ChangeLog
+++ b/iRedMail/ChangeLog
@@ -1,4 +1,8 @@
iRedMail-1.0-beta2:
+ * Removed OpenDMARC integration due to internal bug which caused incorrect
+ email rejection. Bug reported to upstream:
+ https://github.com/trusteddomainproject/OpenDMARC/issues/50
+
* Fixed issues:
- Improper postrotate command for log files on Linux.
@@ -16,12 +20,6 @@ iRedMail-1.0-beta1:
* Drop support for OpenBSD ldapd backend.
* Improvements:
- + OpenDMARC integration on Linux and FreeBSD.
-
- Unfortunately the latest OpenBSD release (6.5) doesn't offer
- binary package for opendmarc, but 6.6 does. We have to wait for
- OpenBSD 6.6 to enable OpenDMARC integration.
-
+ Dovecot:
- Enable quota-status service. Postfix can query this service and
reject email immediately if user's mailbox is over quota.
diff --git a/iRedMail/conf/global b/iRedMail/conf/global
index 62d8f47d..418426f1 100644
--- a/iRedMail/conf/global
+++ b/iRedMail/conf/global
@@ -111,9 +111,6 @@ export MLMMJADMIN_BIND_HOST="${LOCAL_ADDRESS}"
export MLMMJADMIN_SERVER_ADDRESS="${MLMMJADMIN_SERVER_ADDRESS:=${MLMMJADMIN_BIND_HOST}}"
# For managesieve service and software.
export USE_MANAGESIEVE='YES'
-# OpenDMARC
-export OPENDMARC_BIND_HOST="${LOCAL_ADDRESS}"
-export OPENDMARC_PORT="${OPENDMARC_PORT:=8893}"
# vmail user/group name, uid and gid.
export SYS_USER_VMAIL='vmail'
@@ -123,10 +120,6 @@ export SYS_GROUP_VMAIL='vmail'
export SYS_USER_NETDATA='netdata'
export SYS_GROUP_NETDATA='netdata'
-# dmarc
-export SYS_USER_DMARC='opendmarc'
-export SYS_GROUP_DMARC='opendmarc'
-
# Specify UID/GID for system accounts. Required if you have multiple LDA/LMTP
# servers access same mailbox storage. e.g. cluster environment.
# vmail
diff --git a/iRedMail/conf/opendmarc b/iRedMail/conf/opendmarc
deleted file mode 100644
index 54867301..00000000
--- a/iRedMail/conf/opendmarc
+++ /dev/null
@@ -1,42 +0,0 @@
-#!/usr/bin/env bash
-
-# Author: Zhang Huangbin (zhb _at_ iredmail.org)
-
-#---------------------------------------------------------------------
-# This file is part of iRedMail, which is an open source mail server
-# solution for Red Hat(R) Enterprise Linux, CentOS, Debian and Ubuntu.
-#
-# iRedMail is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# iRedMail is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with iRedMail. If not, see .
-#---------------------------------------------------------------------
-#
-# ---------- OPENDMARC -----------
-#
-export OPENDMARC_RC_SCRIPT_NAME='opendmarc'
-
-export DMARC_DB_NAME='dmarc'
-export DMARC_DB_USER="${DMARC_DB_USER:=dmarc}"
-
-export OPENDMARC_CONF='/etc/opendmarc.conf'
-export OPENDMARC_CONF_DIR='/etc/opendmarc'
-export OPENDMARC_SPOOL_DIR='/var/spool/opendmarc'
-
-if [ X"${DISTRO}" == X'FREEBSD' ]; then
- export OPENDMARC_CONF='/usr/local/etc/mail/opendmarc.conf'
- export OPENDMARC_CONF_DIR='/usr/local/etc/opendmarc'
-fi
-
-export OPENDMARC_CONF_IGNORE_HOSTS="${OPENDMARC_CONF_DIR}/ignore.hosts"
-export OPENDMARC_CONF_PUBLIC_SUFFIX_LIST="${OPENDMARC_CONF_DIR}/public_suffix_list.dat"
-export OPENDMARC_CONF_HISTORY_FILE="${OPENDMARC_SPOOL_DIR}/opendmarc.dat"
-export OPENDMARC_PID_FILE='/var/run/opendmarc/opendmarc.pid'
diff --git a/iRedMail/dialog/optional_components.sh b/iRedMail/dialog/optional_components.sh
index 9c71269e..654cde1c 100644
--- a/iRedMail/dialog/optional_components.sh
+++ b/iRedMail/dialog/optional_components.sh
@@ -28,17 +28,6 @@
# Note: item_descrition must be concatenated by '_'.
export LIST_OF_OPTIONAL_COMPONENTS=''
-# OpenDMARC
-export DIALOG_SELECTABLE_OPENDMARC='YES'
-if [ X"${DISTRO}" == X'OPENBSD' ]; then
- # OpenBSD 6.5 doesn't have binary package for opendmarc, but 6.6 does.
- export DIALOG_SELECTABLE_OPENDMARC='NO'
-fi
-
-if [ X"${DIALOG_SELECTABLE_OPENDMARC}" == X'YES' ]; then
- LIST_OF_OPTIONAL_COMPONENTS="${LIST_OF_OPTIONAL_COMPONENTS} DMARC Domain-based_Message_Authentication,_Reporting_and_Conformance on"
-fi
-
# Fail2ban
export DIALOG_SELECTABLE_FAIL2BAN='YES'
if [ X"${DISTRO}" == X'FREEBSD' -o X"${DISTRO}" == X'OPENBSD' ]; then
diff --git a/iRedMail/functions/opendmarc.sh b/iRedMail/functions/opendmarc.sh
deleted file mode 100644
index b978068f..00000000
--- a/iRedMail/functions/opendmarc.sh
+++ /dev/null
@@ -1,83 +0,0 @@
-#!/usr/bin/env bash
-
-# Author: Zhang Huangbin (zhb _at_ iredmail.org)
-
-#---------------------------------------------------------------------
-# This file is part of iRedMail, which is an open source mail server
-# solution for Red Hat(R) Enterprise Linux, CentOS, Debian and Ubuntu.
-#
-# iRedMail is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# iRedMail is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with iRedMail. If not, see .
-#---------------------------------------------------------------------
-
-opendmarc_config()
-{
- ECHO_INFO "Configure OpenDMARC."
-
- if [ X"${DISTRO}" == X'FREEBSD' ]; then
- add_sys_user_group ${SYS_USER_OPENDMARC} ${SYS_GROUP_OPENDMARC}
- fi
-
- backup_file ${OPENDMARC_CONF}
- mkdir -p ${OPENDMARC_CONF_DIR} >> ${INSTALL_LOG} 2>&1
-
- ECHO_DEBUG "Copy opendmarc config file: ${OPENDMARC_CONF}."
- cp -f ${SAMPLE_DIR}/opendmarc/opendmarc.conf ${OPENDMARC_CONF} >> ${INSTALL_LOG} 2>&1
-
- ECHO_DEBUG "Update ${OPENDMARC_CONF}."
- perl -pi -e 's#PH_SYS_USER_OPENDMARC#$ENV{SYS_USER_OPENDMARC}#g' ${OPENDMARC_CONF}
- perl -pi -e 's#PH_SYS_GROUP_OPENDMARC#$ENV{SYS_GROUP_OPENDMARC}#g' ${OPENDMARC_CONF}
- perl -pi -e 's#PH_IREDMAIL_SYSLOG_FACILITY#$ENV{IREDMAIL_SYSLOG_FACILITY}#g' ${OPENDMARC_CONF}
- perl -pi -e 's#PH_OPENDMARC_PID_FILE#$ENV{OPENDMARC_PID_FILE}#g' ${OPENDMARC_CONF}
-
- perl -pi -e 's#PH_OPENDMARC_PORT#$ENV{OPENDMARC_PORT}#g' ${OPENDMARC_CONF}
- perl -pi -e 's#PH_OPENDMARC_BIND_HOST#$ENV{OPENDMARC_BIND_HOST}#g' ${OPENDMARC_CONF}
-
- perl -pi -e 's#PH_OPENDMARC_CONF_IGNORE_HOSTS#$ENV{OPENDMARC_CONF_IGNORE_HOSTS}#g' ${OPENDMARC_CONF}
- perl -pi -e 's#PH_OPENDMARC_CONF_HISTORY_FILE#$ENV{OPENDMARC_CONF_HISTORY_FILE}#g' ${OPENDMARC_CONF}
- perl -pi -e 's#PH_OPENDMARC_CONF_PUBLIC_SUFFIX_LIST#$ENV{OPENDMARC_CONF_PUBLIC_SUFFIX_LIST}#g' ${OPENDMARC_CONF}
- perl -pi -e 's#PH_HOSTNAME#$ENV{HOSTNAME}#g' ${OPENDMARC_CONF}
-
- ECHO_DEBUG "Copy public_suffix_list.dat."
- cd ${OPENDMARC_CONF_DIR}
- rm -f public_suffix_list.dat &>/dev/null
- cp -f ${SAMPLE_DIR}/opendmarc/public_suffix_list.dat.bz2 .
- bunzip2 public_suffix_list.dat.bz2
-
- ECHO_DEBUG "Generate ${OPENDMARC_CONF_IGNORE_HOSTS}."
- touch ${OPENDMARC_CONF_IGNORE_HOSTS}
-
- ECHO_DEBUG "Add default ignore host: 127.0.0.1."
- if ! grep '^127.0.0.1\>' ${OPENDMARC_CONF_IGNORE_HOSTS} &>/dev/null; then
- echo '127.0.0.1' > ${OPENDMARC_CONF_IGNORE_HOSTS}
- fi
-
- ECHO_DEBUG "Create ${OPENDMARC_SPOOL_DIR}."
- mkdir -p ${OPENDMARC_SPOOL_DIR} &>/dev/null
- chown ${SYS_USER_OPENDMARC}:${SYS_GROUP_OPENDMARC} ${OPENDMARC_SPOOL_DIR}
-
- # Add postfix alias for OpenDMARC daemon user.
- add_postfix_alias ${SYS_USER_OPENDMARC} ${SYS_USER_ROOT}
-
- ECHO_DEBUG "Enable OpenDMARC integration."
-
- cat ${SAMPLE_DIR}/postfix/main.cf.opendmarc >> ${POSTFIX_FILE_MAIN_CF}
- perl -pi -e 's#PH_OPENDMARC_BIND_HOST#$ENV{OPENDMARC_BIND_HOST}#g' ${POSTFIX_FILE_MAIN_CF}
- perl -pi -e 's#PH_OPENDMARC_PORT#$ENV{OPENDMARC_PORT}#g' ${POSTFIX_FILE_MAIN_CF}
-
- if [ X"${DISTRO}" == X'FREEBSD' ]; then
- service_control enable 'opendmarc_enable' 'YES' >> ${INSTALL_LOG} 2>&1
- fi
-
- echo 'export status_opendmarc_config="DONE"' >> ${STATUS_FILE}
-}
diff --git a/iRedMail/functions/optional_components.sh b/iRedMail/functions/optional_components.sh
index 01d87356..18c724e0 100644
--- a/iRedMail/functions/optional_components.sh
+++ b/iRedMail/functions/optional_components.sh
@@ -10,10 +10,6 @@ optional_components()
# iRedAPD.
check_status_before_run iredapd_setup
- # DMARC
- [ X"${USE_DMARC}" == X'YES' -a X"${DISTRO}" != X'OPENBSD' ] && \
- check_status_before_run opendmarc_config
-
# iRedAdmin.
[ X"${USE_IREDADMIN}" == X'YES' ] && check_status_before_run iredadmin_setup
diff --git a/iRedMail/functions/packages.sh b/iRedMail/functions/packages.sh
index 341248c3..8dedd2a3 100644
--- a/iRedMail/functions/packages.sh
+++ b/iRedMail/functions/packages.sh
@@ -241,13 +241,6 @@ install_all()
PKG_SCRIPTS="${PKG_SCRIPTS} ${CLAMAV_CLAMD_SERVICE_NAME} ${CLAMAV_FRESHCLAMD_RC_SCRIPT_NAME} ${AMAVISD_RC_SCRIPT_NAME}"
fi
- # OpenDMARC
- if [ X"${DISTRO}" != X'OPENBSD' ]; then
- # OpenBSD 6.5 doesn't have opendmarc package yet, but 6.6 does.
- ENABLED_SERVICES="${ENABLED_SERVICES} ${OPENDMARC_RC_SCRIPT_NAME}"
- ALL_PKGS="${ALL_PKGS} opendmarc"
- fi
-
# mlmmj: mailing list manager
ALL_PKGS="${ALL_PKGS} mlmmj"
if [ X"${DISTRO}" == X'RHEL' ]; then
diff --git a/iRedMail/functions/packages_freebsd.sh b/iRedMail/functions/packages_freebsd.sh
index 3f0592ef..97b92632 100644
--- a/iRedMail/functions/packages_freebsd.sh
+++ b/iRedMail/functions/packages_freebsd.sh
@@ -523,9 +523,6 @@ EOF
ALL_PORTS="${ALL_PORTS} security/amavisd-new"
- # OpenDMARC
- ALL_PORTS="${ALL_PORTS} mail/opendmarc"
-
# Postfix. REQUIRED.
cat > /var/db/ports/mail_postfix/options <