Macs R We via Mailman-Users writes: > Mail sent by [email protected] is entirely > successful (except to spoofed incoming mail). Mail sent by > [email protected] gets rejected by any recipient > domain that cares about DMARC.
I assume that those addresses are those in the From header field of the message. (If this assumption is incorrect, we need to know what domain is in the From field.) Those *usually* match the "envelope sender" which is reported in MTA logs, but sometimes are different. DMARC "From alignment" doesn't care who the envelope sender is; it demands a valid signature from the domain of the address in From. Do you have DKIM _domainkey records (one for each) and public keys (can be the same key but must be configured in DNS separately) for both domains? This looks to me like the server is unconditionally set to sign all mail for the firearmspolitics.org domain. You need to configure your signing software to check the author (From field) and sign for that domain. > I really don't understand what's going on, as the DMARC policies of > firearmspolitics.org and server.wickenburg.us are identical (at > least to my knowledge). Although the error messages mention DMARC policy, the real issue is that "authentication checks" failed. Since the domains are the expected domains of the senders, signature verification is failing. Most likely that is due to unconditional signing by one domain, but it could also be due to a misconfigured server that modifies signed material after signing (eg, a legal disclaimer footer). -- GNU Mailman consultant (installation, migration, customization) Sirius Open Source https://www.siriusopensource.com/ Software systems consulting in Europe, North America, and Japan ------------------------------------------------------ Mailman-Users mailing list -- [email protected] To unsubscribe send an email to [email protected] https://mail.python.org/mailman3/lists/mailman-users.python.org/ Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: https://www.mail-archive.com/[email protected]/ https://mail.python.org/archives/list/[email protected]/ Member address: [email protected]
