[opendmarc-users] Rejecting DMARC errors
Juri Haberland
juri at sapienti-sat.org
Wed Jun 12 23:17:27 PDT 2019
On 2019-06-12 12:03, Lefteris Tsintjelis wrote:
> Hi, I am having problems with rejecting errors.
>
> 1) When an email arrives without any DKIM signature from a DKIM signed
> domain, OpenDMARC generates an error (dmarc=permerror) but it does not
> reject the email according to domain policy set as reject.
OpenDMARC does not check DKIM by itself - it relies on other software to
do that and expects that other software (e.g. OpenDKIM) to add an
Authentication-Results header with the result of the DKIM check.
> 2) Also, when an email arrives from an older domain using DomainKey
> OpenDMARC is doing the exact same thing, generates an error but email
> is accepted.
DomainKey is obsolete and not part of the DMARC RFC and therefor not
supported by OpenDMARC.
> I want to enforce the policy according to what is set in domain's DNS
> in case 1
>
> In case 2 I would like to accept the email if DomainKey checks
> correctly.
>
> Is this possible with OpenDMARC?
Yes to 1), no to 2). Please tell us more about your configuration...
Cheers,
Juri
More information about the opendmarc-users
mailing list