[opendmarc-users] opendkim 1.3.1 working ok here in most cases; why is this one inbound email failing auth?
jasonsu at mail-central.com
jasonsu at mail-central.com
Sat Jun 11 10:03:11 PDT 2016
I run opendmarc
opendmarc -V
opendmarc: OpenDMARC Filter v1.3.1
SMFI_VERSION 0x1000001
libmilter version 1.0.1
Active code options:
WITH_SPF
as a milter on
postconf mail_version
mail_version = 3.1.1
It's been working ok for awhile now. Almost all inbound mail's properly checked, acted on, etc. I.e., DMARC passes/fails when it should.
In a few instances, it's a mystery. E.g., I received an auth failure report from my opendmarc instance
This is an authentication failure report for an email message received from IP
127.0.0.1 on Fri, 10 Jun 2016 09:35:01 -0700 (PDT).
Feedback-Type: auth-failure
Version: 1
User-Agent: OpenDMARC-Filter/1.3.1
Auth-Failure: dmarc
Authentication-Results: dmarc.example.com; dmarc=fail header.from=news.united.com
Original-Envelope-Id: 3rRl504yPvz2wZZ
Original-Mail-From: united.5765 at envfrm.rsys2.com
Source-IP: 127.0.0.1 (localhost)
Reported-Domain: news.united.com
DKIM-Filter: OpenDKIM Filter v2.10.3 example.com 3rRl504yPvz2wZZ
Authentication-Results: opendkim.example.com/3rRl504yPvz2wZZ;
dkim=pass (1024-bit key; unprotected) header.d=news.united.com header.i=MyMileagePlus at news.united.com header.b=Os2MVbHh
X-Virus-Status: Clean
X-Virus-Scanned: clamav-milter devel-clamav-0.99-beta1-499-g09b1357 at av.example.com
X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on
example.com
Received: from example.com ([127.0.0.1])
by amavis.example.com (example.com [127.0.0.1]) (amavisd-new, port 42000)
with ESMTP id Y8d_1kx9Mncu
for <acct+xxx at example.com>;
Fri, 10 Jun 2016 09:35:00 -0700 (PDT)
Authentication-Results: spf.example.com; spf=pass (sender SPF authorized) smtp.mailfrom=envfrm.rsys2.com (client-ip=12.130.136.195; helo=omp.news.united.com; envelope-from=united.5765 at envfrm.rsys2.com; receiver=acct+xxx at example.com)
Received: from omp.news.united.com (omp.news.united.com [12.130.136.195])
by example.com (Postfix) with ESMTP
for <acct+xxx at example.com>; Fri, 10 Jun 2016 16:22:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; s=united; d=news.united.com;
h=MIME-Version:Content-Type:Content-Transfer-Encoding:Date:To:From:Reply-To:Subject:List-Unsubscribe:Message-ID; i=MyMileagePlus at news.united.com;
bh=FiDxLwgUxCIm2yazeNmeALBGr1Y=;
b=Os2MVbHhUTq7PCf9Ypx1WTwAcYUyVrsph5X9jQshTtBsP+FjGK6yXgjtYKMHv0BvpB0LuaZP47T1
w4O4MIbsn4p9Jsg1jtpyRXawNrZlVNTxx7w1csD/F1PtPJr2JncIsohO4BqspvJ71A5cQ7J7zzK1
G0LZHIn/lBzOw3Z+VqI=
DomainKey-Signature: a=rsa-sha1; c=nofws; q=dns; s=united; d=news.united.com;
b=k5kuDz7ai+KcfKE+veVACm1Ji0MtD13fVQiBX8Rej38QqRNbdFIXfkjD52z9MfCxREfT1wDm/ekU
jowNzs/d7a1B7rmo3Q2gzM49pB2jG9+ESV1LxyrJ6GozLgnsYBP2RvItgpr7EhL69matYEXOq+Al
TSANfWkjxYbHPU0JixA=;
Received: by omp.news.united.com id hbgur81607gn for <acct+xxx at example.com>; Fri, 10 Jun 2016 16:22:58 -0700 (envelope-from <united.5765 at envfrm.rsys2.com>)
X-CSA-Complaints: whitelist-complaints at eco.de
Received: by omp.news.united.com id hbgur41607gr for <acct+xxx at example.com>; Fri, 10 Jun 2016 16:22:58 -0700 (envelope-from <united.5765 at envfrm.rsys2.com>)
X-CSA-Complaints: whitelist-complaints at eco.de
MIME-Version: 1.0
Content-Type: text/html;
charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Date: Fri, 10 Jun 2016 16:22:58 -0700
To: acct+xxx at example.com
From: "MileagePlus Statement" <MyMileagePlus at news.united.com>
Reply-To: "MileagePlus Statement" <MileagePlus_NoReply at united.com>
Subject: June monthly statement: 250,000 bonus miles offer for MileagePlus members
Feedback-ID: 5...:9...:oraclersys
List-Unsubscribe: <https://news.united.com/pub/optout/UnsubscribeOneStepConfirmAction?YES=true&_ri_=X...>, <mailto:unsubscribe-Y... at imh.rsys2.com?subject=List-Unsubscribe>
X-sgxh1: i...u
X-rext: 5.interact2.E...s
X-cid: united.2...
Message-ID: <0... at omp.news.united.com>
I am unclear as to why that's failed.
I'd like to learn what to look for to figure this out.
Is it my config, or the sender's that's the problem?
Jason
More information about the opendmarc-users
mailing list