On 2022-05-10 20:39, Matus UHLAR - fantomas wrote:
From: nore...@ess.firstdata.com
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple;
s=6g5c7kdjkv3qjrxjsdzn3325ejghli53; d=ess.firstdata.com;
t=1652117979;
h=Date:From:Reply-To:To:Message-ID:Subject:MIME-Version:Content-Type;
bh=gRPH1y61kVZSDVPNuLr2WQo4Q0dpMd1ELWBGEE4Kp8c=;
b=MHojQsOqw1AZHyOIUQahSlbOQMMfufMtRltQ/Y3RCuYVO628KuErabQFB38mc82y
XcsgPG5Xl5Mck5OwlsK3vrS2cmVxfbBlgVRm6yzZehHaJ54Jakjqb5psalWNE5YN2Dw
h1tHFhykima88hgeOzw/KI8y8VidzkeEI/nHOMkk=
Authentication-Results: mail03.example.com (amavisd-new);
dkim=pass (1024-bit key) header.d=ess.firstdata.com
header.b="MHojQsOq"; dkim=pass (1024-bit key) header.d=amazonses.com
header.b="dwNxlXrW"
so the mail looks to be DMARC valid, while SA produces:
* 6.0 KAM_DMARC_REJECT DKIM has Failed or SPF has failed on the
message
* and the domain has a DMARC reject policy
On 11.05.22 00:55, Benny Pedersen wrote:
dkim=pass (1024-bit key) header.d=amazonses.com
header.b="dwNxlXrW"
this does not pass, why do amazonses add dkim :(
it does not matter here.
when multiple dkim signers is added all must pass for dmarc pass,
who told you this? any passing signature from the origin domain is enough.
i belive this is the kam fails ?
it's more likely a bug
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Spam = (S)tupid (P)eople's (A)dvertising (M)ethod