[opendmarc-users] pct=0 question

Dominic Raferd dominic at timedicer.co.uk
Wed Nov 11 04:19:27 PST 2020


On 11/11/2020 10:30, Sistemisti Posta wrote:
> Il 10/11/2020 22:00, Juri Haberland ha scritto:
>> The "p=" in the parenthesis describe, what policy was discovered/set by
>> the sender domain ("quarantine" in your example), and "dis=" describes
>> the disposition, meaning what policy OpenDMARC actually applied. In your
>> example this is "none" as you expected.
>
> Hi,
>
>  thanks for all the answer. So I lack of an information. I have to 
> better explain my case.
> I have not set 'RejectFailures true' in opendmarc.conf then the action 
> will always be pass in History, and the disposition will always be none.
>
> Let suppose
>
> _dmarc.example.com TXT is  "v=DMARC1\; p=quarantine\; pct=100 ..."
>
> In this case I will always see
>
>      dmarc=fail (p=quarantine dis=none)
>
> And let suppose
>
> _dmarc.example.com TXT is  "v=DMARC1\; p=quarantine\; pct=0 ..."
>
> In this case I will always see the same
>
>      dmarc=fail (p=quarantine dis=none)
>
> I will never see the... "expected disposition" by protocol, that is 
> "quarantine" with pct=100, "none" with pct=0 and the OpenDMARC choice 
> with all other pcts.
>
> Why do I ask this?
>
> Let suppose I don't want to reject mails at milter stage. I use 
> Spamassassin to filter the mail reading the OpenDMARC AR header 
> result. In the AR header I will never see the expected disposition.

I redirect mails that would have failed like this (this is for postfix):

milter_header_checks.pcre:/^Authentication-Results: 
my_authserv_id.*dmarc=fail \(p=reject/ REDIRECT dmarcfail at localhost

If you want to use SA to do filtering then check that, with your setup, 
when headers are added by opendmarc they are readable by SA.



More information about the opendmarc-users mailing list