[opendmarc-users] opendkim 1.3.1 working ok here in most cases; why is this one inbound email failing auth?

Sat Jun 11 12:15:22 PDT 2016

On Sat, Jun 11, 2016, at 11:54 AM, Juri Haberland wrote:
> Well, what about your OpenDMARC config?
> Especially the content of TrustedAuthservIDs would be interesting...

Here it is.  But like I said it's the same as before, and it's working just fine for virtually all inbound email.

cat opendmarc.conf 

	AuthservID dmarc.example.com
	AuthservIDWithJobID true
	Background true
	BaseDirectory /run/opendmarc
	CopyFailuresTo acct+xxx at example.com
	EnableCoreDumps false
	FailureReports true
	FailureReportsBcc acct+xxx at example.com
	FailureReportsOnNone false
	FailureReportsSentBy opendmarc at example.com
	HistoryFile /run/opendmarc/opendmarc.dat
	IgnoreAuthenticatedClients false
	IgnoreHosts /etc/opendmarc/ignore.hosts
	MilterDebug 5
	RecordAllMessages false
	RejectFailures true
	RequiredHeaders true
	Socket local:/run/opendmarc/opendmarc.sock
	SoftwareHeader true
	SPFIgnoreResults false
	SPFSelfValidate false
	Syslog true
	SyslogFacility mail
	TrustedAuthservIDs localhost,example.com,amavis.example.com,amavisd.example.com,av.example.com,dkim.example.com,dmarc.example.com,opendkim.example.com,spf.example.com

> What about log entries specific to this mail?

Rats. Unfortunately I didn't have MilterDebug set high.  It is now, and I have to wait for another one to hit :-/

> > 	Authentication-Results: dmarc.example.com; dmarc=fail header.from=news.united.com
> > 	Authentication-Results: opendkim.example.com/3rRl504yPvz2wZZ; dkim=pass (1024-bit key; unprotected) header.d=news.united.com header.i=MyMileagePlus at news.united.com header.b=Os2MVbHh
> > 	Authentication-Results: spf.example.com; spf=pass (sender SPF authorized) smtp.mailfrom=envfrm.rsys2.com (client-ip=12.130.136.195; helo=omp.news.united.com; envelope-from=united.5765 at envfrm.rsys2.com; receiver=acct+xxx at example.com)
> 
> See the three different AuthservIDs?

Sure, that's how I set it up.

Jason