DA email forwarder causing ProtonMail "This email has failed its domain’s authentication requirements. It may be spoofed or improperly forwarded!"

W

wdc

Verified User
Joined
Dec 8, 2013
Messages
81
When I setup forwarder (in a DirectAdmin) to forward my Directadmin domain incoming mail to my ProtonMail alias email address and send a test email from my different third party mailbox (WHICH IS HOSTED ON SAME DA SERVER, ONLY UNDER DIFFERENT ACCOUNT), this email is forwarded and delivered to ProtonMail, but it is marked as a phishing attempt. Subject is prefixed "[Possible phishing attempt]" and a body shows message in title, claiming that the email was improperly forwarded:
proton.me

What does Proton Mail’s warning about domain authentication failure mean? | Proton

proton.me proton.me

When the email sender is some third party and sending from different server, then the issue does NOT happen.

Can this be fixed please?
 
Last edited:
wdc said:
Can this be fixed please?
Click to expand...
That depends. Do you use DMARC? If yes, remove that (or temporary remove it) and see if the issue persists.

I would start to check the headers from the mail you received in Protonmail so you can investigate exactly at which point the issue occurs. My good guess is DMARC because of DKIM failing or something like that. But the headers should be more informative.
 
Arc-Authentication-Results: i=1; mail.protonmail.ch; dkim=fail (Bad 2048 bit
rsa-sha256 signature.) header.d=mysenderdomain.com header.a=rsa-sha256; dmarc=fail (p=none
dis=none) header.from=mysenderdomain.com; spf=pass smtp.mailfrom=myrecipientdomain.info; dkim=fail (2048-bit
key) header.d=mysenderdomain.com [email protected] header.b=stringhere reason="signature
verification failed"
Click to expand...

_dmarc3600TXT"v=DMARC1;p=none"
https://lumo.proton.me says about it:
• v=DMARC1 – declares that this is a DMARC record (current version).
• p=none – tells receiving mail servers not to reject or quarantine messages that fail DMARC checks; they should only generate reports (if reporting tags are added). This is the “monitor‑only” mode, useful when you’re first deploying DMARC.
Click to expand...

I have tried to remove these DMARC records, and re-send mail, but the issue persist. DKIM is:

x._domainkey3600TXT"v=DKIM1; k=rsa; p=longstringhere"

i have also tried to disable and then enable DKIM (in DirectAdmin, Email accounts section there is a button). It removed and added the DKIM txt DNS record with new public key. But the issue persist:

Arc-Authentication-Results: i=1; mail.protonmail.ch; dkim=fail (Bad 2048 bit
rsa-sha256 signature.) header.d=mysender.com header.a=rsa-sha256; dmarc=fail (p=none
dis=none) header.from=mysender.com; spf=pass smtp.mailfrom=myrecipient.info; dkim=fail (2048-bit
key) header.d=mysender.com [email protected] header.b=RLyWi8Jv reason="signature
verification failed"
Dkim-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=passmail.net; s=dkim;
t=numberhere; h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
to:to:cc:mime-version:mime-version:content-type:content-type:
content-transfer-encoding:content-transfer-encoding;
bh=/stringhere=;
b=stringhere=
Click to expand...
Please what do you suggest to try as a reseller, not admin?
 
You must log in or register to reply here.
Back
Top