[opendmarc-users] Trouble getting forensic reports

Scott Kitterman sklist at kitterman.com
Tue Jan 15 15:02:26 PST 2013


Using:

opendmarc 1.0.1
opendkim 2.6.8
pypolicyd-spf 1.0
postfix 2.9.3

(Ubuntu 12.04 + backports)

I know I have the basic system set up correctly as I get a DMARC pass for mail 
that should pass:

Authentication-Results: mailout02.controlledmail.com; spf=pass (sender SPF 
authorized) smtp.mailfrom=kitterman.com (client-ip=208.43.65.50; 
helo=mailout03.controlledmail.com; envelope-from=scott at kitterman.com; 
receiver=scott at kitterman.biz)
Authentication-Results: mailout02.controlledmail.com; dmarc=pass 
header.from=kitterman.com
Authentication-Results: mailout02.controlledmail.com; dkim=pass
	reason="1024-bit key; insecure key"
	header.d=kitterman.com header.i=@kitterman.com header.b=fofnVYsg;
	dkim-adsp=pass; dkim-atps=neutral

I have "ForensicReports true" in my /etc/opendmarc.conf.

But if I have mail that fails both SPF and lacks a DKIM signature:

Authentication-Results: mailout02.controlledmail.com; spf=fail (SPF fail - not 
authorized) smtp.mailfrom=kitterman.com (client-ip=72.81.252.22; 
helo=arm.kitterman.com; envelope-from=scott at kitterman.com; 
receiver=scott at kitterman.biz)
Authentication-Results: mailout02.controlledmail.com; dmarc=none 
header.from=kitterman.com
Authentication-Results: mailout02.controlledmail.com; dkim=none
	reason="no signature"; dkim-adsp=none (insecure policy);
	dkim-atps=neutral

I get no forensic report, nor is anything beyond "opendmarc[5817]: 
80A1A20E40FC: none" logged.

Suggestions?

Scott K


More information about the opendmarc-users mailing list