[opendmarc-users] pct=0 question
Dominic Raferd
dominic at timedicer.co.uk
Wed Nov 11 07:36:32 PST 2020
On 11/11/2020 14:45, Dominic Raferd wrote:
> On 11/11/2020 13:31, Sistemisti Posta wrote:
>> On 11/11/2020 13:19, Dominic Raferd has written:
>> [...]
>>> I redirect mails that would have failed like this (this is for
>>> postfix):
>>>
>>> milter_header_checks.pcre:/^Authentication-Results:
>>> my_authserv_id.*dmarc=fail \(p=reject/ REDIRECT dmarcfail at localhost
>>
>> Thank you Dominic to point this.
>>
>> I'm not sure to understand. I follow your example with "p=reject" and
>> RejectFailures=true.
>>
>> See at
>> https://github.com/trusteddomainproject/OpenDMARC/blob/master/opendmarc/opendmarc.c
>> on line 3121:
>>
>> if (ret != SMFIS_TEMPFAIL && ret != SMFIS_REJECT)
>> {
>> snprintf(header, sizeof header,
>> [...]
>>
>> So, with RejectFailures=true the header will not be written to the
>> mail... and the milter_header_check will not find it.
>
> I can tell you it works, I use it (opendmarc 1.3.2).
>
For clarification: as I see it, there are reporting differences between
- the added Authentication-Results header which reports the action that
*would* have happened ignoring the setting of RejectFailures (in your
example: fail)
- the entry in syslog which reports the outcome of the DMARC test
irrespective of subsequent treatment i.e. pass/fail/none (in your
example: fail)
- the 'action' field in the HistoryFile which reports what was
*actually* done (in your example: pass)
More information about the opendmarc-users
mailing list