They should publish an SPF record for mail.modernwebsite.pl. Publishing SPF to support HELO checks has been recommended since before RFC 4408. I'm pretty sure that avoids the problem. You'd get an SPF pass and it would align.
Scott K On May 26, 2019 7:00:56 PM UTC, Dilyan Palauzov <dilyan.palau...@aegee.org> wrote: >Hello John, > >at SMTP level the server communicates EHLO mail.modernwebsite.pl and >ENVFROM:<>. There is no TXT record for so SPF >fails and cannot align. > >The email itself contains “From: mailer-dae...@modernwebsite.pl (Mail >Delivery System)” without DKIM signature. ⇒ DMARC validation fails. > >You can give it a try and send yourself a message to >“postmas...@modernwebsite.pl”, the answer will be ><templ...@modernwebsite.pl> (expanded from ><postmas...@modernwebsite.pl>): > unknown user: "template" > >Unfortunately I had another loop back in September 2018. I do not >remember the details. Given that this can happen again to somebody >else, it is better to have recommendation sending the message-specific > >reports with FROM:<> or NOTIFY=NEVER, or at least some text >elaborating on the attack. > >Regards > Дилян > > > > >----- Message from John Levine <jo...@taugh.com> --------- > Date: 26 May 2019 10:44:39 -0400 > From: John Levine <jo...@taugh.com> >Subject: Re: [dmarc-ietf] Is there any recommendation to send DMARC >message-specific failure reports FROM:<> ? > To: dmarc@ietf.org > Cc: dilyan.palau...@aegee.org > > >> In article >> <20190526050958.horde.6vaaxrzkglqyej4uov0v...@webmail.aegee.org> you > >> write: >>> Hello John, >>> >>> in case of modernwebsite.pl: >>> >>> DNS TXT _dmarc.modernwebsite.pl is "v=DMARC1; p=reject; pct=100; >>> rua=mailto:postmas...@modernwebsite.pl; >>> ruf=mailto:postmas...@modernwebsite.pl; aspf=s;adkim=s;" >>> >>> Emails to postmas...@modernwebsite.pl are answered with “Undelivered >>> Mail Returned to Sender”. The answers do not align to the DMARC >>> policy reject, so a new message-specific failure repot is sent. >> >> Just out of curiosity, where do the reports come from? I see their >> SPF record says "mx a". >> >> _______________________________________________ >> dmarc mailing list >> dmarc@ietf.org >> https://www.ietf.org/mailman/listinfo/dmarc > > >----- End message from John Levine <jo...@taugh.com> ----- > > >_______________________________________________ >dmarc mailing list >dmarc@ietf.org >https://www.ietf.org/mailman/listinfo/dmarc _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
