[opendmarc-users] opendkim 1.3.1 working ok here in most cases; why is this one inbound email failing auth?
jasonsu at mail-central.com
jasonsu at mail-central.com
Sat Jun 11 12:15:22 PDT 2016
On Sat, Jun 11, 2016, at 11:54 AM, Juri Haberland wrote:
> Well, what about your OpenDMARC config?
> Especially the content of TrustedAuthservIDs would be interesting...
Here it is. But like I said it's the same as before, and it's working just fine for virtually all inbound email.
cat opendmarc.conf
AuthservID dmarc.example.com
AuthservIDWithJobID true
Background true
BaseDirectory /run/opendmarc
CopyFailuresTo acct+xxx at example.com
EnableCoreDumps false
FailureReports true
FailureReportsBcc acct+xxx at example.com
FailureReportsOnNone false
FailureReportsSentBy opendmarc at example.com
HistoryFile /run/opendmarc/opendmarc.dat
IgnoreAuthenticatedClients false
IgnoreHosts /etc/opendmarc/ignore.hosts
MilterDebug 5
RecordAllMessages false
RejectFailures true
RequiredHeaders true
Socket local:/run/opendmarc/opendmarc.sock
SoftwareHeader true
SPFIgnoreResults false
SPFSelfValidate false
Syslog true
SyslogFacility mail
TrustedAuthservIDs localhost,example.com,amavis.example.com,amavisd.example.com,av.example.com,dkim.example.com,dmarc.example.com,opendkim.example.com,spf.example.com
> What about log entries specific to this mail?
Rats. Unfortunately I didn't have MilterDebug set high. It is now, and I have to wait for another one to hit :-/
> > Authentication-Results: dmarc.example.com; dmarc=fail header.from=news.united.com
> > Authentication-Results: opendkim.example.com/3rRl504yPvz2wZZ; dkim=pass (1024-bit key; unprotected) header.d=news.united.com header.i=MyMileagePlus at news.united.com header.b=Os2MVbHh
> > Authentication-Results: spf.example.com; spf=pass (sender SPF authorized) smtp.mailfrom=envfrm.rsys2.com (client-ip=12.130.136.195; helo=omp.news.united.com; envelope-from=united.5765 at envfrm.rsys2.com; receiver=acct+xxx at example.com)
>
> See the three different AuthservIDs?
Sure, that's how I set it up.
Jason
More information about the opendmarc-users
mailing list