On Wed, 26 Jan 2022, Renaud Allard via mailop wrote:
On 1/26/22 13:12, Andrew C Aitchison via mailop wrote:
On Wed, 26 Jan 2022, Renaud Allard via mailop wrote:
I am getting DMARC rejections at infomaniak.com. There seems to be an
issue in their DMARC verifications. I tested DMARC sending to gmail which
confirms me DMARC is OK for that domain.
Is there anyone here from infomaniak who can check this issue?
Jan 26 12:28:02 isildur smtpd[8927]: 7d3268f1d44f2cad mta delivery
evpid=b037b0d7d3e854e6 from=<********@waucquez.org>
to=<*****@avocats-verbruggen.be> rcpt=<-> source="192.168.254.2"
relay="83.166.143.58 (mx02.infomaniak.com)" delay=2s result="PermFail"
stat="550 5.7.1 rejected by DMARC policy for waucquez.org"
# host _dmarc.waucquez.org
_dmarc.waucquez.org is an alias for _dmarc.arnor.org.
# host -t any _dmarc.arnor.org.
_dmarc.arnor.org descriptive text "v=DMARC1; p=reject; sp=reject; pct=100;"
Looks to me that infomaniak are doing what you/waucquez.org/arnor.org
requested.
I indeed asked to reject mails when DMARC fails, not when DMARC is OK. So,
while it's indeed applying the policy correctly in case of a failure, it
doesn't return the correct answer for the checks...
You are correct.
# host -t txt waucquez.org
waucquez.org descriptive text "v=spf1 redirect=arnor.org"
# host -t txt arnor.org
arnor.org descriptive text "v=spf1 mx a:isildur.arnor.org a:amandil.arnor.org
a:elendil.arnor.org a:elrond.arnor.org a:mail.openbsd.org -all"
... which does not include "192.168.254.2" :-)
So 83.166.143.58 (mx02.infomaniak.com) is failing the message on SPF
because of the internal route through their system. They are ideed at fault.
My apologies.
--
Andrew C. Aitchison Kendal, UK
and...@aitchison.me.uk
_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
