I've been reviewing some DMARC failures reported in data from mail.ru. In this case the From domain is a subdomain of the main company domain (e.g. sub.example.com), the DKIM signature is d= the main company domain (e.g. example.com), and the DMARC record is the org domain record as well (e.g. _dmarc.example.com). The feedback is that the raw DKIM signature is valid, but not aligned. Reports from other providers, e.g. Google, use the signature for DMARC pass.
It seems like perhaps mail.ru is looking for strict DKIM identity alignment even though relaxed is the default (and the DMARC record in question doesn't specify adkim). Does anyone have a contact there that they can raise the issue? Scott K _______________________________________________ dmarc-discuss mailing list dmarc-discuss@dmarc.org http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)