Re: [dmarc-discuss] DSN from microsoftonline.com

2017-12-21 Thread A. Schulze via dmarc-discuss 


Am 21.12.2017 um 02:03 schrieb Roland Turner via dmarc-discuss:

Hello Roland,

> Have you explored whether the organisations whose DSNs are failing DMARC also 
> have the rest of their email failing DMARC?
at least I didn't have seen messages from those organisations with non empty 
RFC5231.MailFrom

> The use of the ${customer}.onmicrosoft.com domain to sign is consistent with 
> domains for which DKIM signing hasn't been turned on. (It could also be a 
> DSN-handling bug of course.)
Ah!
maybe Terry can have a look at this!

Andreas
___
dmarc-discuss mailing list
dmarc-discuss@dmarc.org
http://www.dmarc.org/mailman/listinfo/dmarc-discuss

NOTE: Participating in this list means you agree to the DMARC Note Well terms 
(http://www.dmarc.org/note_well.html)

Re: [dmarc-discuss] DSN from microsoftonline.com

2017-12-21 Thread A. Schulze via dmarc-discuss 


Am 21.12.2017 um 01:37 schrieb Brandon Long via dmarc-discuss:
> For bounces (ie, empty MAIL FROM), the EHLO argument is used for the SPF 
> lookup, so it is technically possible for there to be a valid SPF record.

Hello Brandon,

I wasn't aware of that. But https://tools.ietf.org/html/rfc7489#section-3.1 is 
pretty clear:

while [SPF] can authenticate either the domain that appears in the
RFC5321.MailFrom (MAIL FROM) portion of [SMTP] or the RFC5321.EHLO/HELO 
domain, or both

and here are the requested rDNS / HELO informations:
   
RFC5321.MailFrom <>
RFC5322.From 
DKIM-Signature   d=${customer}.onmicrosoft.com

client   
mail-db5eur01hn0241.outbound.protection.outlook.com[104.47.2.241]
ehlo EUR01-DB5-obe.outbound.protection.outlook.com
or
client   
mail-ve1eur01hn0213.outbound.protection.outlook.com[104.47.1.213]
ehlo EUR01-VE1-obe.outbound.protection.outlook.com

> That said, I wouldn't bet on it.  I know there's still an open bug to create 
> the DNS SPF records for our EHLO hostnames at Google, it was just never a 
> high priority.  Plus, it wouldn't really help the DMARC case because our 
> DSN's come from @googlemail.com  for some reason I was 
> never clear on but our EHLO hostnames are google.com .

looks like there is the same challenge as on your side :-)

Andreas

___
dmarc-discuss mailing list
dmarc-discuss@dmarc.org
http://www.dmarc.org/mailman/listinfo/dmarc-discuss

NOTE: Participating in this list means you agree to the DMARC Note Well terms 
(http://www.dmarc.org/note_well.html)

Re: [dmarc-discuss] DSN from microsoftonline.com

2017-12-21 Thread Roland Turner via dmarc-discuss 

On 21/12/17 05:43, A. Schulze via dmarc-discuss wrote


Am 20.12.2017 um 18:44 schrieb Roland Turner via dmarc-discuss:

What HELO/EHLO hostname is being presented?

I'm out of office for the next days and have no access to that data.
 From what I remember it's the hostname of the sending system, a rDNS related 
to Microsoft.

Why do you think, the EHLO is important?

Andreas
___
dmarc-discuss mailing list
dmarc-discuss@dmarc.org
http://www.dmarc.org/mailman/listinfo/dmarc-discuss

NOTE: Participating in this list means you agree to the DMARC Note Well terms 
(http://www.dmarc.org/note_well.html)



___
dmarc-discuss mailing list
dmarc-discuss@dmarc.org
http://www.dmarc.org/mailman/listinfo/dmarc-discuss

NOTE: Participating in this list means you agree to the DMARC Note Well terms 
(http://www.dmarc.org/note_well.html)