[opendmarc-users] Can I tell why a specific message failed?
Murray S. Kucherawy
msk at blackops.org
Wed Sep 3 22:11:56 PDT 2014
On Tue, 26 Aug 2014, Dan Mahoney, System Admin wrote:
> I have a situation where both SPF and DKIM have passed, but OpenDMARC is
> reporting a failure: (I've disabled rejections after this)
>
> I'm seeing this from Amazon:
>
> [...]
> Authentication-Results: prime.gushi.org; sender-id=pass
> header.from=vfe-campaign-response at amazon.com; spf=pass
> smtp.mfrom=20140826073255e320c3a9a223476394902deef6865931-C398FS1YF5K0F5 at bounces.amazon.com
> [...]
> Authentication-Results: prime.gushi.org; dkim=pass
> reason="1024-bit key; unprotected key"
> header.d=amazonses.com header.i=@amazonses.com header.b=IILVBN7v;
> dkim-adsp=pass
>
> Any ideas?
My guess is that opendmarc doesn't know it should be consuming
prime.gushi.org's Authentication-Results fields. The DKIM result gets
ignored anyway because it's unaligned, btu the SPF result should be
working.
When the service starts, it will log the list of trusted authentication
services. Is prime.gushi.org in that list?
-MSK
More information about the opendmarc-users
mailing list