Am 09.09.20 um 07:59 schrieb Miroslav Geisselreiter via dmarc-discuss:
> I had similar problem for CentOS 7. I downloaded
> https://sourceforge.net/projects/opendmarc/ and this package contains
> database schema. I use default db MariaDB.
openDMARC was moved to GitHub long ago.
So you may
A. Schulze via dmarc-discuss:
the element will be present in tomorrow's reports.
lesson learned when running docker containers:
fixes inside a container are volatile, rebuild the container at all to
make /permanent/ changes...
it will take some more days...
happy weekend!
Andreas
Am 19.04.2018 um 08:30 schrieb Juri Haberland via dmarc-discuss:
> [btw. the SPF result seems wrong: "none" instead of "pass" for a mail from
> the opendmarc-users ML]
RFC5321.MailFrom for messages from opendmarc-users is "f...@trusteddomain.org".
That generate "spf=pass
Am 19.04.2018 um 12:32 schrieb Alessandro Vesely via dmarc-discuss:
> I had that. However, I missed the element inside .
the element will be present in tomorrow's reports.
> Although this is optional, I think that's the reason why I don't "see" your
> reports.
There is a SHOULD in
Hello @all,
since some days aggregated reports we generate using an other software: rspamd
These reports are invisible at dmarcian.com. I would like to ask the
group to review
my reports if they are syntactical valid.
Thanks!
Andreas
___
Am 11.04.2018 um 16:07 schrieb Ivan Kovachev via dmarc-discuss:
> Hello guys,
>
> I have three questions for you that I am unsure about and hoping that someone
> at Microsoft will be able to help:
>
> First two questions are related to Mimecast acting as inbound security
> gateway to O365:
>
Hello,
I found messages from the domain "service.com". The DMARC record say
p=reject. But these messages pass my MX while OpenDMARC clearly say
"dmarc=fail".
It took some time until I noticed "pct=0": "apply the policy to 0% of
all messages".
Why a domainowner do that? Why the spec
Terry Zink via dmarc-discuss:
I'm not sure I follow what the problem is.
AFAIK, we send NDRs from postmaster@ and then use the customer's
default domain. Most customers have this set to *.onmicrosoft.com
which they get when they sign up for the service, and then some flip
it to their
Am 21.12.2017 um 02:03 schrieb Roland Turner via dmarc-discuss:
Hello Roland,
> Have you explored whether the organisations whose DSNs are failing DMARC also
> have the rest of their email failing DMARC?
at least I didn't have seen messages from those organisations with non empty
Am 21.12.2017 um 01:37 schrieb Brandon Long via dmarc-discuss:
> For bounces (ie, empty MAIL FROM), the EHLO argument is used for the SPF
> lookup, so it is technically possible for there to be a valid SPF record.
Hello Brandon,
I wasn't aware of that. But
Am 20.12.2017 um 18:44 schrieb Roland Turner via dmarc-discuss:
> What HELO/EHLO hostname is being presented?
I'm out of office for the next days and have no access to that data.
>From what I remember it's the hostname of the sending system, a rDNS related
>to Microsoft.
Why do you think, the
Hello,
we use to send a portion of messages requesting delivery status
notification on success.
In general DSN messages tend to not pass DMARC very often, but as we
request DSN on success explicit
we monitor them.
Now I noticed a pattern on DSN sent from Microsoft.
RFC5321.MailFrom <>
Am 01.02.2017 um 15:11 schrieb Jim Popovitch via dmarc-discuss:
> I'm running postfix and AFAIK it's only sending 7bit.
>
> postfix postscreen
> postfix smtpD
> postfix local -> mailman
> mailman 8bit -> postfix:587 pickup
> postfix cleanup (converts
Jim Popovitch via dmarc-discuss:
I'd bet a few beers that the DKIM failures are due to those companies
injecting inbound msg headers before processing DMARC checks.
an other option: the MX server don't announce 8BITMIME. You send 8-BIT
and your sending MTA recode down to 7-BIT. DKIM
Am 30.01.2017 um 21:40 schrieb SheridanJ West via dmarc-discuss:
> I encountered a opendmarc bug that required adsp records
don't waste your time with ADSP, forget it.
it's deprecated and in fact dead
Andreas
___
dmarc-discuss mailing list
Petr Novák via dmarc-discuss:
data
354 end data with .
From: ad...@a.prnk.cz
test mail.
.
looks invalid to me.
there should be an empty line between "From" an "test mail"...
Andreas
___
dmarc-discuss mailing list
dmarc-discuss@dmarc.org
Mitchell Kuch via dmarc-discuss:
Does it make sense to publish a DMARC record to signal that a host
should never send email? Can said record be published without an
accompanying DKIM record?
See
http://www.m3aawg.org/documents/en/m3aawg-protecting-parked-domains-best-common-practices
Roland Turner via dmarc-discuss:
ARC directly addresses (2). Unlike the measures for interoperating
with earlier schemes, adding an ARC-* header set does not in any way
impede or alter the traditional operation of mailing lists.
Consequently: if list operators perceive benefit in
Hello,
Kurt just mention adoption in his last message.
Adoption is a good point, I've two questions:
1)
are there implementation available as open source?
I'm aware Google has some code. I guess there are other implementers
otherwise the inter-op events wouldn't make sense.
The protocol is
Am 13.05.2016 um 23:10 schrieb Scott Kitterman via dmarc-discuss:
I think RFC 7489, paragraph 3.1.2 is very explicit about this. It is supposed
to pass and if it doesn't it's a bug.
you mean "RFC5321.HELO identity is not ... used exept when required to "fake" an
otherwise null
Am 13.05.2016 um 22:35 schrieb Terry Zink via dmarc-discuss:
In Office 365 it would. Others' implementations may vary.
"may or may not" - is that really the intention of DMARC?
Andreas
___
dmarc-discuss mailing list
dmarc-discuss@dmarc.org
Am 09.05.2016 um 22:42 schrieb Franck Martin via dmarc-discuss:
RFC7489.MAILFROM is RFC5321.MailFrom if it is not empty, otherwise it is
postmaster@
Hello Franck,
does that mean a message could pass DMARC if
- it's send from a host sending "mail.example.com" as HELO parameter
- have an
Am 29.04.2016 um 11:15 schrieb A. Schulze via dmarc-discuss:
I like to point to that open topic without any answer I hoped to get from Google
nobody could clarify?
Andreas
___
dmarc-discuss mailing list
dmarc-discuss@dmarc.org
http://www.dmarc.org
A. Schulze via dmarc-discuss:
I like to point to that open topic without any answer I hoped to get
from Google
simple setup:
gmail user send with RFC5322.From *@googlemail.com via google using a
smartphone.
the user authenticate as *@gmail.com for submission.
dkim signing domain
Hello,
I noticed a message with this RFC5322.From:
From: Lastname, Firstname
the message was authenticated by SPF and DKIM but opendmarc rejected finally.
Is this From really valid? I would quote the displayname.
If it's valid, I hit a bug in OpenDMARC.
If it's invalid,
Roland Turner via dmarc-discuss:
That question has rather a large answer, parts of which span a
decade of work on email authentication. It might perhaps be simpler
to address the situation that's concerning you. Are you facing a
specific situation for which this creates a problem?
Roland Turner via dmarc-discuss:
Yes. In all of the cases above, the Organizational Domain for both
RFC5322.From and the DKIM/SPF authentication is example.com,
consequently they match in relaxed mode. The same would be true for:
- RFC5322.From: a.example.com
- DKIM or SPF authentication
Hello,
I have a question about DMARC alignments.
the usual case:
- RFC5322.From: sub.example.com
- DKIM or SPF authentication identifier: example.com
-> this is aligned in relax mode.
But:
- RFC5322.From: example.com
- DKIM or SPF authentication identifier: sub.example.com
Is this a
A. Schulze via dmarc-discuss:
maybe someone could give qq.com a tipp: every message MUST include a
date header.
that's true for dmarc reports too. Also adding message-id header is
good practice.
sample: https://andreasschulze.de/tmp/dmarc-report_from_qq_dot_com.txt
Brotman, Alexander:
I'm checking with the development group responsible to see if this
was an error on our side, or what might have happened. Are you able
to share the target domain so they can try to track down what
happened?
Hi Alexander,
the target domain is datev.de. But the
Hello,
I noticed last week rddmarc fail to read aggregated reports from Comcast.
They send an unusual Content-Type: application-x-gzip;
No idea if that's right or wrong. The attached patch extend rddmarc to import
these reports.
Andreas
Index: tmp/rddmarc
Alec Peterson via dmarc-discuss:
Why force the report generator to do something that could be done
when the report is received, if desired?
because
- the MTA already did the rDNS job
- I send the failure reports to myself. I still "see" the Source-IP
field which has not so much
Hello,
last days I wrote to a address u...@gmail.com
The answer was quarantained as the dmarc check failed.
This ist the reply I receved:
Authentication-Results: mail.example.org; dmarc=fail
header.from=googlemail.com
Authentication-Results: mail.example.org;
dkim=pass (2048-bit key;
Hello,
in Dublin I asked $subject to numerous people. Yes, if you could
whitelist was the common answer.
OK, that was my job for the last weeks. Here is a summary.
OpenDMARC has the ability to send FailureReports. Usually these
Reports are sent to the Domain owner.
Franck Martin told me
Tomki Camp via dmarc-discuss:
in 7.3.1 there is a required entry ‘SPF-DNS’, for which I can’t find any
definition reference.
https://datatracker.ietf.org/doc/rfc7489/?include_text=1
I guess, it should say SPF-Domain ...
Andreas
___
Hello John,
John Levine via dmarc-discuss:
It looks fine.
in which sense?
- RFC5322.From is amazon.DE
- SPF pass for bounces.amazon.COM
- DKIM pass for amazonses.COM
so neither SPF nor DKIM is aligned. according to the published record
the message should be quarantined:
$ opendmarc-check
Hello,
someone from amazon Germany may be interested.
Again: I guess it's a legit message from amazon, otherwise let me know ...
Authentication-Results: idvmailin13.datevnet.de;
dkim=pass (1024-bit key; unprotected) header.d=amazonses.com
header.i=@amazonses.com header.b=IGahw/4Y
Hi,
like just mentioned in jabber I like to know if and how you handle the
situation
where inbound message should be reported back to the sender
while the sender is clearly not a good guy.
Franck martin suggest to not send every dmarc report by
- blacklisting
- report volume
other
Dorai Ashok S A via dmarc-discuss:
In the last few weeks, I have started receiving DMARC reports from
google.com with DKIM success for an unauthorized sender. Does this
mean my signing keys are compromised (or) is there any other
explanation in DMARC for this?
Hello,
It's never wrong to send all outbound messages through a content filter.
since some weeks I do this for my generated aggregated DMARC reports, too.
Surprise: some reports are blocked by my own filter!
That happen on reports for domains that are listed somewhere.
(Spamhaus DBL,
Arnaud de Prelle via dmarc-discuss:
Received-SPF: Pass (icecube.pnzone.net: domain of
bounces.amazon.com designates 54.240.0.150 as permitted sender)
client-ip=54.240.0.150;
envelope-from=2014092923kdlu8dn...@bounces.amazon.com;
helo=a0-150.smtp-out.eu-west-1.amazonses.com;
Hello,
I noticed the second time spam directed to the address
I use to use only for sending dmarc reports. It's not the address public
availabe as part of
my dmarc record but my decicated sender address of reports!
Looks like I have to reject anything but empty sender for messages to my report
Andreas Schulze:
s/make send/make sense/
:-/
___
dmarc-discuss mailing list
dmarc-discuss@dmarc.org
http://www.dmarc.org/mailman/listinfo/dmarc-discuss
NOTE: Participating in this list means you agree to the DMARC Note Well terms
43 matches
Mail list logo