[opendmarc-users] OpenDMARC ignoring DKIM result, debugging

list at ptld.com list at ptld.com
Fri Oct 1 09:04:53 PDT 2021


> Oct 01 17:03:13 mouflon opendkim[50486]: D473D525A2: DKIM verification 
> successful
> Oct 01 17:03:13 mouflon opendmarc[50891]: D473D525A2 ignoring 
> Authentication-Results at 6 from medusa.blackops.org
> Oct 01 17:03:14 mouflon opendmarc[50891]: D473D525A2: SPF(mailfrom): 
> trusteddomain.org pass
> Oct 01 17:03:15 mouflon opendmarc[50891]: D473D525A2: trusteddomain.org 
> pass

> Authentication-Results: mouflon; dmarc=fail (p=none dis=none) 
> header.from=comcast.net
> Authentication-Results: mouflon; spf=fail smtp.mailfrom=groups.io
> Authentication-Results: mouflon; dkim=pass (1024-bit key) 
> header.d=groups.io header.i=@groups.io header.b=OZOfLbUX


Nothing is wrong, many mailing list are not setup right. What you are 
seeing is an alignment issue between the envelope and header from. You 
have a situation where you are getting an email from ???@groups.io but 
it was sent from blackops.org / trusteddomain.org

SPF passed for trusteddomain.org, but the email header From: is 
???@groups.io. Even though SPF passed, it passed for the wrong domain. 
It didn't pass for groups.io which is who the email is from. As you see 
in the logs spf=fail for groups.io.

Same issue for dkim, dkim passed for groups.io but the mail was received 
from medusa.blackops.org

When it says DKIM verfication successful, its just reporting that it 
found a signature and the signature is valid, but doesn't mean its the 
right signature needed based on who is sending that email.


More information about the opendmarc-users mailing list