[opendmarc-users] dmarc fail on internal emails
Juri Haberland
juri at sapienti-sat.org
Thu Apr 20 14:23:52 PDT 2017
[ please keep the conversation on the list ]
On 20.04.2017 22:21, Ian Evans wrote:
> On Thu, Apr 20, 2017 at 3:54 PM, Juri Haberland <juri at sapienti-sat.org>
> wrote:
>> Try to send some mail from Google to your domain and look at the result...
>>
> As mentioned in my original email, I've done that and it passes. Passes
> other dmarc checkers as well. It's just the internal email.
Sorry, but no, you wrote:
> If I send a message from user1 at example.com to a gmail address and check the
> headers, I get a pass on the dmarc check.
That just means that your SPF and DKIM signing setup is correct - but do
you validate external mail correctly?
>> > IMHO it doesn't make any sense to check internal mail for SPF/DKIM/DMARC.
>> > But if you insist, please send your opendmarc.conf for a review.
> AuthservID carson.digitalhit.com
> TrustedAuthservIDs carson.digitalhit.com
Ok, good. Does Amavis use the same AuthservID?
>> > DMARC-Filter: OpenDMARC Filter v1.2.0 mail.example.com 0F56E2009D7
>>
>> That is an ancient version - 1.3.2 was just recently releases. Please
>> upgrade, as there where many important bug fixes (1.2.0 was released three
>> years ago!).
>>
>
> Currently on Trusty Tahr 14.04.Is it safe to add the following PPA to get
> the latest?
>
> https://launchpad.net/~kumy/+archive/ubuntu/opendmarc
Well, that is 1.3.1 - seems there is no pre-compiled 1.3.2 package
available for Ubuntu. I recommend to compile it from source for now - or
try to re-build a 1.3.2 package from Zesty on Trusty.
I might build a 1.3.2 package over the next weekend for you, if you would
like to wait, and create a new ppa for it.
Juri
More information about the opendmarc-users
mailing list