[opendmarc-users] can't extract SPF address from Authentication-Results?
Dan Mahoney, System Admin
danm at prime.gushi.org
Wed Sep 3 22:47:50 PDT 2014
On Wed, 3 Sep 2014, Murray S. Kucherawy wrote:
> On Tue, 26 Aug 2014, Dan Mahoney, System Admin wrote:
>> ug 26 08:20:51 quark-vm opendmarc[25448]: s7Q8KnjJ092103: can't extract SPF
>> address from Authentication-Results
>> Aug 26 08:20:51 quark-vm opendmarc[25448]: s7Q8KnjJ092103:
>> trusteddomain.org none
>>
>> I'm periodically getting this message in my logs. I think it could be
>> because I've got both sid-filter (from Sendmail) and openDKIM adding two
>> separate authentication-results headers -- As well as the older DomainKeys
>> milter, which I should probably rip out.
>
> sid-milter actually generates non-standard Authentication-Results fields.
> Specifically, "smtp.mfrom" is not legal; it should be "smtp.mailfrom". As
> sid-milter is unmaintained these days, you could patch it yourself if you're
> so inclined but an official fix is likely not forthcoming. You could also
> patch opendmarc to accept both forms.
My original reason for wanting sid-milter was so I had the option of
honoring and rejecting at connection-time policies that failed -all.
In the path to try to troubleshoot this, I've since ripped it out, since
opendmarc can get me the same (or at least, a similar thing) if I so
desire it, and you'll find that it's no longer present in the most recent
results I posted.
-Dan
--
More information about the opendmarc-users
mailing list