[opendmarc-users] Implementation and Testing - Domains are Failing that shouldn't

Mark D. Montgomery II techiem2 at techiem2.net
Sat Aug 24 08:51:27 PDT 2013 

I'm trying to start my implementation of DMARC checking for incoming  
mail and am not sure everything is quite right.

When mail comes in it seems to pass through SPF and DKIM properly.
It appears to be passing through opendmarc properly as well, but I'm  
having a couple issues.

1.  The SoftwareHeader is missing (I noticed this seems to be a known  
issue from looking at the last couple months of list archives).
2.  Domains that it seems SHOULD be actually passing DMARC are failing  
- amazon, twitter, etc., so I'm not sure if something is wrong with my  
implementation or what.

Any help is appreciated.

Thanks.

Mark II



Postfix Configuration:

main.cf
#8891 = OpenDKIM
#8893 = OpenDMARC
smtpd_milters     = inet:localhost:8891
                     inet:localhost:8893
non_smtpd_milters = inet:localhost:8891
                     inet:localhost:8893
master.cf
policyd-spf  unix  -       n       n       -       0       spawn
                    user=nobody argv=/usr/bin/policyd-spf


Amazon Email Headers:

Return-Path:  
<20130823170937173cfcb1ddc9407fbe60a5a241c24219-C2A29PYAN0232S at bounces.amazon.com>
X-Original-To: techiem2 at techiem2.net
Delivered-To: techiem2 at techiem2.net
Received-SPF: Pass (sender SPF authorized) identity=mailfrom;  
client-ip=54.240.15.191; helo=a15-191.smtp-out.amazonses.com;  
envelope-from=20130823170937173cfcb1ddc9407fbe60a5a241c24219-c2a29pyan0232s at bounces.amazon.com;  
receiver=techiem2 at techiem2.net
Authentication-Results: li235-115; dmarc=fail header.from=amazon.com
Received: from a15-191.smtp-out.amazonses.com  
(a15-191.smtp-out.amazonses.com [54.240.15.191])
	by techiem2.net (Postfix) with ESMTP id 70C1374CD5
	for <techiem2 at techiem2.net>; Fri, 23 Aug 2013 13:09:38 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple;
	s=taugkdi5ljtmsua4uibbmo5mda3r2q3v; d=amazon.com; t=1377277777;
	h=Date:From:To:Message-ID:Subject:MIME-Version:Content-Type;
	bh=Z+5fRLeDIYUS7TpEC8TNHt6Qriv3tFzQ45ltZgp6zNM=;
	b=JftSasOAwESBqlPYCpinkqh6sKgGEFu+CljDdWgrJhUBGThRaF5Q2sF4Oi3Tm7lH
	pMfLrNEJuivTYAiU7Rg92vnvpXJRkLi69nIR/pxHU8/nQcUhKpsrByT9ybbTqZPWY0T
	PLYqWr5CG/z34MHKNucHXbiGUnqYZYr+ZS59wodg=
Date: Fri, 23 Aug 2013 17:09:37 +0000
From: "Amazon.com" <store-news at amazon.com>
To: "techiem2 at techiem2.net" <techiem2 at techiem2.net>
Message-ID:  
<00000140ac27163f-ecf29020-5b53-4be1-8264-82adbe79e45e-000000 at email.amazonses.com>
Subject: Blu-ray Deal of the Week: Up to 62% Off "Star Trek: The Original
  Series" and More
MIME-Version: 1.0
Content-Type: multipart/mixed;
	boundary="----=_Part_682248_178112922.1377277777174"
Bounces-to:  
20130823170937173cfcb1ddc9407fbe60a5a241c24219-C2A29PYAN0232S at bounces.amazon.com
X-AMAZON-MAIL-RELAY-TYPE: merchandizing
X-AMAZON-RTE-VERSION: 2.0
X-Original-MessageID:  
<urn.correios.msg.20130823170937173cfcb1ddc9407fbe60a5a241c24219 at 1377277777203.massmail-sender-na-1a-i-1fe2ea63.us-east-1.amazon.com>
X-SES-Outgoing: 2013.08.23-54.240.15.191

opendmarc.dat output:

job 7AF6975A80
reporter techiem2.net
received 1377316379
ipaddr 72.21.212.36
from amazon.com
mfrom bounces.amazon.com
spf -1
pdomain amazon.com
policy 17
rua mailto:dmarc-reports at bounces.amazon.com
pct 100
adkim 114
aspf 114
p 113
sp 0
align_dkim 5
align_spf 5
action 2


-- 
Mark D. Montgomery II
http://www.techiem2.net

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: PGP Digital Signature
URL: <http://www.trusteddomain.org/pipermail/opendmarc-users/attachments/20130824/b2f3649d/attachment.pgp>

More information about the opendmarc-users mailing list