On Wed, 27 Dec 2017 09:37:24 +0000 Dominic Raferd <domi...@timedicer.co.uk> wrote:
> On 27 December 2017 at 07:22, Poliman - Serwis <ser...@poliman.pl> > wrote: > > I configured yesterday spf, dkim, dmarc for example.com. Today I > > got report in xml on my mailbox. Attached. One from addresses has > > dkim failed - marked in orange... > > This is a DMARC report from Gmail and so a more appropriate place to > ask about it is the opendmarc mailing list > http://www.trusteddomain.org/mailman/listinfo/opendmarc-users. The > google link within the report that you attached gives a bit more > information. The report says that Gmail received one email purporting > to be from your domain, it passed the spf test and failed the dkim > test. If you are confident that this was a legitimate email (it came > from or via 200.150.100.50, unless you obfuscated this), then either > there is a problem with your dkim setup or this email bypassed it > entirely. > > DMARC reports from mail providers are very useful in checking for > problems with spf/dkim/dmarc before one moves to p=reject. Consider > using one of the services that receive and collate these reports for > you, it makes them easier to understand. I decided not to set up DMARC on my new server since the logs are pretty overwhelming. What service would you suggest? BTW the OP should use this to verify the setup: http://dkimvalidator.com/ There are a bunch of similar services, but I like the output on this one. I had some spammer try to spoof my email address and got a bounced message because my they used my email address in the return. That was a SPF rejection, but still nice to see the system working.
