[opendmarc-users] Failures for ebay.com / Whitelist
Andy Wylde
andy at chillercity.com
Thu Sep 22 16:42:52 PDT 2022
Hi,
I am running opendmarc with good success, except one issue . ebay at ebay.com
<mailto:ebay at ebay.com> . It consistently fails, my logs are full of tens
of thousands of failures in just a day. I checked their SPF record and it
looks OK, although they include a bunch of different SPFs, and I am
wondering if the overall length is an issue. I am just wondering if anyone
else has seen this issue? This is an example of the failure.
Sep 22 16:20:51 inbound-1-mx opendmarc[1753868]: 262787C018A: SPF(mailfrom):
ebay at ebay.com <mailto:ebay at ebay.com> fail
Sep 22 16:20:51 inbound-1-mx postfix/pickup[1753676]: 74AC67C0DC8: uid=114
from=<opendmarc>
Sep 22 16:20:51 inbound-1-mx opendmarc[1753868]: ignoring connection from
localhost
Sep 22 16:20:51 inbound-1-mx opendmarc[1753868]: 262787C018A: ebay.com fail
Sep 22 16:20:51 inbound-1-mx postfix/cleanup[1754085]: 262787C018A:
milter-reject: END-OF-MESSAGE from mxphxpool2018.ebay.com[66.211.184.113]:
5.7.1 rejected by DMARC policy for ebay.com; from=<ebay at ebay.com
<mailto:ebay at ebay.com> > to=<greg at azbreaker.com <mailto:greg at azbreaker.com>
> proto=ESMTP helo=<mxphxpool2018.ebay.com>
Sep 22 16:20:51 inbound-1-mx postfix/smtpd[1754120]: disconnect from
mxphxpool2018.ebay.com[66.211.184.113] ehlo=2 starttls=1 mail=1 rcpt=1
data=0/1 commands=5/6
66.211.184.113 is included in their SPF record.
ebay.com. 357 IN TXT "v=spf1
include:c._spf.ebay.com include:p._spf.ebay.com include:p2._spf.ebay.com
~all"
c._spf.ebay.com. 600 IN TXT "v=spf1 ip4:205.201.137.229
ip4:66.135.215.0/24 ip4:66.211.184.0/23 ip4:66.135.222.1
ip4:205.201.128.0/20 ip4:198.2.128.0/18 ip4:66.135.202.0/27
ip4:216.113.172.0/25 ip4:216.113.160.0/24 ip4:216.113.175.0/24
ip4:148.105.8.0/21 include:ces._spf.ebay.com" " ~all"
The members messaging from eBay works fine and passes the test, as does
pretty much every other legitimate sender.
Since it was just this one domain, I tried the whitelist option shown in the
example file:
DomainWhitelist ebay.com
but it failed with a "Invalid Parameter" message and not much else. I
haven't put much more effort into this option at this time.
opendmarc: OpenDMARC Filter v1.3.2
SMFI_VERSION 0x1000001
libmilter version 1.0.1
Active code options:
WITH_SPF
WITH_SPF2
Just wondering if anyone else has encountered this issue and/or has any
insight. Thanks in advance.
Andy Wylde
Chiller City Corporation
563 W 3rd Ave
Mesa AZ 85210
www.chillercity.com <http://www.chillercity.com>
480-889-1092
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.trusteddomain.org/pipermail/opendmarc-users/attachments/20220922/bff432ae/attachment.htm>
More information about the opendmarc-users
mailing list