subject:"\[dmarc\-discuss\] LinkedIn DKIM validation failure resulting in DMARC fail"

Re: [dmarc-discuss] LinkedIn DKIM validation failure resulting in DMARC fail

2018-10-24 Thread Ivan Kovachev via dmarc-discuss

Forgot to add that in all cases the DKIM signing domain was not the default of 
Microsoft but my own custom domain.


> On 24 Oct 2018, at 10:07, Ivan Kovachev  wrote:
> 
> Hi Roland,
> 
> in my tests only LinkedIn reports back that DKIM failed.
> 
> Both Yahoo and Google report that DKIM passed for automatic reply messages 
> from Office 365. 
> 
> 
> =
> 
> Ivan,
> 
> I've dug into this in the past and confirmed that there is something 
> wrong that no-one seemed to want to do anything about. (I forget the 
> details but (a) LinkedIn does something slightly unusual in sending its 
> invitation (different envelope sender and author domains?), and (b) 
> Office 365 does something odd in sending its bounce (DKIM signing for a 
> Microsoft domain?))
> 
> - Roland
> 
> On 23/10/18 8:15 pm, Ivan Kovachev via dmarc-discuss wrote:
> > Hello all,
> >
> > has anyone noticed that when LinkedIn receives 
> > Out-Of-Office/Automatic-Replies from domains that are fully configured 
> > with DKIM, LinkedIn reports that DKIM failed (signature verification 
> > failed) and DMARC fails?
> >
> > *Scenario.*
> >
> > 1.LinkedIn sends invite to someone @mydomain.com 
> > > (hosted on Office 365 which is 
> > fully configured 
> > with SPF and DKIM)
> > 2.mydomain.com   > > (office 365) sends an automatic 
> > reply back to Linkedin with empty Mail-From (because it is a bounce) 
> > but correctly DKIM signed.
> > 3.LinkedIn sends forensic report back stating that DKIM failed.
> >
> > *However,*
> > when I test the same scenario with GSuite, it verifies correctly and 
> > passes DMARC.
> >
> > 1. GSuite sends invite to someone  @mydomain.com 
> > > (hosted on Office 365)
> > 2. mydomain.com   > > (office 365) sends an 
> > out-of-office reply back to GSuite with empty Mail-From (because it is 
> > a bounce) but correctly DKIM signed.
> > 3. Gsuite correcly verifies the email and DKIM passes.
> >
> >
> > Does the above indicate wrong DKIM validation done at LinkedIn. Why 
> > would they be different? The exactly same scenario was used in both tests.
> >
> > ___
> > dmarc-discuss mailing list
> > dmarc-discuss at dmarc.org 
> > http://www.dmarc.org/mailman/listinfo/dmarc-discuss 
> > 
> >
> > NOTE: Participating in this list means you agree to the DMARC Note Well 
> > terms (http://www.dmarc.org/note_well.html 
> > )
> 

___
dmarc-discuss mailing list
dmarc-discuss@dmarc.org
http://www.dmarc.org/mailman/listinfo/dmarc-discuss

NOTE: Participating in this list means you agree to the DMARC Note Well terms 
(http://www.dmarc.org/note_well.html)

[dmarc-discuss] LinkedIn DKIM validation failure resulting in DMARC fail

2018-10-24 Thread Ivan Kovachev via dmarc-discuss

Hi Roland,

in my tests only LinkedIn reports back that DKIM failed.

Both Yahoo and Google report that DKIM passed for automatic reply messages from 
Office 365. 


=

Ivan,

I've dug into this in the past and confirmed that there is something 
wrong that no-one seemed to want to do anything about. (I forget the 
details but (a) LinkedIn does something slightly unusual in sending its 
invitation (different envelope sender and author domains?), and (b) 
Office 365 does something odd in sending its bounce (DKIM signing for a 
Microsoft domain?))

- Roland

On 23/10/18 8:15 pm, Ivan Kovachev via dmarc-discuss wrote:
> Hello all,
>
> has anyone noticed that when LinkedIn receives 
> Out-Of-Office/Automatic-Replies from domains that are fully configured 
> with DKIM, LinkedIn reports that DKIM failed (signature verification 
> failed) and DMARC fails?
>
> *Scenario.*
>
> 1.LinkedIn sends invite to someone @mydomain.com 
> > (hosted on Office 365 which is 
> fully configured 
> with SPF and DKIM)
> 2.mydomain.com > (office 365) 
> sends an automatic 
> reply back to Linkedin with empty Mail-From (because it is a bounce) 
> but correctly DKIM signed.
> 3.LinkedIn sends forensic report back stating that DKIM failed.
>
> *However,*
> when I test the same scenario with GSuite, it verifies correctly and 
> passes DMARC.
>
> 1. GSuite sends invite to someone  @mydomain.com 
> > (hosted on Office 365)
> 2. mydomain.com > (office 365) 
> sends an 
> out-of-office reply back to GSuite with empty Mail-From (because it is 
> a bounce) but correctly DKIM signed.
> 3. Gsuite correcly verifies the email and DKIM passes.
>
>
> Does the above indicate wrong DKIM validation done at LinkedIn. Why 
> would they be different? The exactly same scenario was used in both tests.
>
> ___
> dmarc-discuss mailing list
> dmarc-discuss at dmarc.org 
> http://www.dmarc.org/mailman/listinfo/dmarc-discuss 
> 
>
> NOTE: Participating in this list means you agree to the DMARC Note Well terms 
> (http://www.dmarc.org/note_well.html )

___
dmarc-discuss mailing list
dmarc-discuss@dmarc.org
http://www.dmarc.org/mailman/listinfo/dmarc-discuss

NOTE: Participating in this list means you agree to the DMARC Note Well terms 
(http://www.dmarc.org/note_well.html)

Re: [dmarc-discuss] LinkedIn DKIM validation failure resulting in DMARC fail

2018-10-24 Thread Roland Turner via dmarc-discuss


Ivan,

I've dug into this in the past and confirmed that there is something 
wrong that no-one seemed to want to do anything about. (I forget the 
details but (a) LinkedIn does something slightly unusual in sending its 
invitation (different envelope sender and author domains?), and (b) 
Office 365 does something odd in sending its bounce (DKIM signing for a 
Microsoft domain?))


- Roland

On 23/10/18 8:15 pm, Ivan Kovachev via dmarc-discuss wrote:

Hello all,

has anyone noticed that when LinkedIn receives 
Out-Of-Office/Automatic-Replies from domains that are fully configured 
with DKIM, LinkedIn reports that DKIM failed (signature verification 
failed) and DMARC fails?


*Scenario.*

1.LinkedIn sends invite to someone @mydomain.com 
 (hosted on Office 365 which is fully configured 
with SPF and DKIM)
2.mydomain.com  (office 365) sends an automatic 
reply back to Linkedin with empty Mail-From (because it is a bounce) 
but correctly DKIM signed.

3.LinkedIn sends forensic report back stating that DKIM failed.

*However,*
when I test the same scenario with GSuite, it verifies correctly and 
passes DMARC.


1. GSuite sends invite to someone  @mydomain.com 
 (hosted on Office 365)
2. mydomain.com  (office 365) sends an 
out-of-office reply back to GSuite with empty Mail-From (because it is 
a bounce) but correctly DKIM signed.

3. Gsuite correcly verifies the email and DKIM passes.


Does the above indicate wrong DKIM validation done at LinkedIn. Why 
would they be different? The exactly same scenario was used in both tests.


___
dmarc-discuss mailing list
dmarc-discuss@dmarc.org
http://www.dmarc.org/mailman/listinfo/dmarc-discuss

NOTE: Participating in this list means you agree to the DMARC Note Well terms 
(http://www.dmarc.org/note_well.html)



___
dmarc-discuss mailing list
dmarc-discuss@dmarc.org
http://www.dmarc.org/mailman/listinfo/dmarc-discuss

NOTE: Participating in this list means you agree to the DMARC Note Well terms 
(http://www.dmarc.org/note_well.html)

[dmarc-discuss] LinkedIn DKIM validation failure resulting in DMARC fail

2018-10-23 Thread Ivan Kovachev via dmarc-discuss

Hello all,

has anyone noticed that when LinkedIn receives Out-Of-Office/Automatic-Replies 
from domains that are fully configured with DKIM, LinkedIn reports that DKIM 
failed (signature verification failed) and DMARC fails?

Scenario.

1.LinkedIn sends invite to someone @mydomain.com  (hosted 
on Office 365 which is fully configured with SPF and DKIM)
2.mydomain.com  (office 365) sends an automatic reply 
back to Linkedin with empty Mail-From (because it is a bounce) but correctly 
DKIM signed. 
3.LinkedIn sends forensic report back stating that DKIM failed.

However,
when I test the same scenario with GSuite, it verifies correctly and passes 
DMARC.

1. GSuite sends invite to someone  @mydomain.com  (hosted 
on Office 365)
2. mydomain.com  (office 365) sends an out-of-office 
reply back to GSuite with empty Mail-From (because it is a bounce) but 
correctly DKIM signed. 
3. Gsuite correcly verifies the email and DKIM passes.


Does the above indicate wrong DKIM validation done at LinkedIn. Why would they 
be different? The exactly same scenario was used in both tests.___
dmarc-discuss mailing list
dmarc-discuss@dmarc.org
http://www.dmarc.org/mailman/listinfo/dmarc-discuss

NOTE: Participating in this list means you agree to the DMARC Note Well terms 
(http://www.dmarc.org/note_well.html)

Re: [dmarc-discuss] LinkedIn DKIM validation failure resulting in DMARC fail

[dmarc-discuss] LinkedIn DKIM validation failure resulting in DMARC fail

Re: [dmarc-discuss] LinkedIn DKIM validation failure resulting in DMARC fail

[dmarc-discuss] LinkedIn DKIM validation failure resulting in DMARC fail

4 matches

Site Navigation

Mail list logo

Footer information