Richard G
Verified User
I tested my SPF, DKIM and DMARC records on various testing sites and they look good
I've looked it up and a notification of a script update of Softaculous is send to a customor of ours.
What I can see from the mail log, it looks send as [email protected] instead of a mailadres I entered, but that should not be an issue because I added both MX and the server ip in the SPF record.
I masked ip and domein in the example below.
My Dmarc record which worked without issues for several years:
Now this happened on the notification mail:
It looks like an internal forward took place. Mails are send from my domain, but originally created by root.
This is from the exim log:
which says completd, and then gets rejected:
So I don't understand this, because the hostname from root is another one, but that hostname is the MX address so rDNS record is present. I did not have this failing before.
Also, autoforwarders will generate reports like this. Sometimes half fail/half pass but somethings fail like this.
So the "evaluate" policy is already both fail, while the domain (at the bottom) is a domain which resolves to the correct ip address mentioned in the SPF.
What can I do to fix this, do I really have to specify this hostname in my spf too? I Never had to do this before, so I'm wondering what's happening.
Any help is appreciated.
I've looked it up and a notification of a script update of Softaculous is send to a customor of ours.
What I can see from the mail log, it looks send as [email protected] instead of a mailadres I entered, but that should not be an issue because I added both MX and the server ip in the SPF record.
I masked ip and domein in the example below.
Code:
v=spf1 a mx ip4:95.123.123.123 ~all
My Dmarc record which worked without issues for several years:
Code:
v=DMARC1; p=reject; rua=mailto:[email protected], mailto:[email protected]; ruf=mailto:fore
[email protected]; pct=100"
Now this happened on the notification mail:
Code:
Reporting-MTA: dns; server23.otherdomain.nl
Action: failed
Final-Recipient: rfc822;[email protected]
Status: 5.0.0
Remote-MTA: dns; mx3.xs4all.nl
Diagnostic-Code: smtp; 550 5.7.1 DMARC failure for domain mydomain.nl, policy reject
It looks like an internal forward took place. Mails are send from my domain, but originally created by root.
This is from the exim log:
Code:
1iKGFo-0008IS-E4 => noreply <[email protected]> F=<[email protected]> R=virtual_user T=dovecot_lmtp_udp
Code:
CV=yes: SMTP error from remote mail server after end of data: 550 5.7.1 DMARC failure for domain mydomain.nl, policy reject
Also, autoforwarders will generate reports like this. Sometimes half fail/half pass but somethings fail like this.
Code:
<?xml version="1.0" encoding="UTF-8" ?>
<feedback>
<report_metadata>
<org_name>google.com</org_name>
<email>[email protected]</email>
<extra_contact_info>https://support.google.com/a/answer/2466580</extra_contact_info>
<report_id>1876321465xxxxxxxx</report_id>
<date_range>
<begin>1571011200</begin>
<end>1571097599</end>
</date_range>
</report_metadata>
<policy_published>
<domain>mydomain.nl</domain>
<adkim>r</adkim>
<aspf>r</aspf>
<p>reject</p>
<sp>none</sp>
<pct>100</pct>
</policy_published>
<record>
<row>
<source_ip>95.123.123.123</source_ip>
<count>2</count>
<policy_evaluated>
<disposition>reject</disposition>
<dkim>fail</dkim>
<spf>fail</spf>
</policy_evaluated>
</row>
<identifiers>
<header_from>mydomain.nl</header_from>
</identifiers>
<auth_results>
<spf>
<domain>server23.otherdomain.nl</domain>
<result>none</result>
</spf>
</auth_results>
</record>
</feedback>
So the "evaluate" policy is already both fail, while the domain (at the bottom) is a domain which resolves to the correct ip address mentioned in the SPF.
What can I do to fix this, do I really have to specify this hostname in my spf too? I Never had to do this before, so I'm wondering what's happening.
Any help is appreciated.