On 21/12/17 05:43, A. Schulze via dmarc-discuss wrote:
Am 20.12.2017 um 18:44 schrieb Roland Turner via dmarc-discuss:
What HELO/EHLO hostname is being presented?
I'm out of office for the next days and have no access to that data.
From what I remember it's the hostname of the sending system, a rDNS related
to Microsoft.
Why do you think, the EHLO is important?
SPF tests both:
* the domain in the email address provided in MAIL FROM; and
* the hostname provided in HELO/EHLO
in part to deal intelligently with the empty return paths used in
automated notifications of non-delivery, delivery-status, and delivery.
I doubt that this will solve your problem, but note that your assertion
that SPF could never been aligned wasn't supported by the information
that you quoted.
The actual answer to your problem will therefore turn on DKIM. Have you
explored whether the organisations whose DSNs are failing DMARC also
have the rest of their email failing DMARC? The use of the
${customer}.onmicrosoft.com domain to sign is consistent with domains
for which DKIM signing hasn't been turned on. (It could also be a
DSN-handling bug of course.)
- Roland
_______________________________________________
dmarc-discuss mailing list
dmarc-discuss@dmarc.org
http://www.dmarc.org/mailman/listinfo/dmarc-discuss
NOTE: Participating in this list means you agree to the DMARC Note Well terms
(http://www.dmarc.org/note_well.html)