Hi Gang
I'm on the way of more widely deploying DMARC and also testing DKIM
once again. Also on our ISP email service domains.
So at the moment I'm only using DMARC with SPF. According to my
reading on how DMARC works, if no DKIM record is published, a passing
SPF record is sufficient for authentication.
But as soon as I set p=reject Gmail is rejecting all emails:
<xxxxxxxxx>: host aspmx.l.google.com[2a00:1450:4013:c04::1a] said:
550-5.7.26 Unauthenticated email from imp.ch is not accepted due to
domain's 550-5.7.26 DMARC policy. Please contact the administrator of
imp.ch domain if 550-5.7.26 this was a legitimate mail. Please visit
550-5.7.26 https://support.google.com/mail/answer/2451690 to learn about
the 550 5.7.26 DMARC initiative. i4si1617970edq.200 - gsmtp (in reply to
end of DATA command)
imp.ch descriptive text "v=spf1 ip6:2001:4060::/32 ip4:157.161.0.0/16
ip4:217.173.238.128/27 ip6:2a00:ec0:1::/64 -all"
_DMARC.imp.ch descriptive text "v=DMARC1; p=none;
rua=mailto:dmarc-rep...@imp.ch; ruf=mailto:dmarc-rep...@imp.ch; aspf=s"
(reverted to p=none)
That email was sent from: 2001:4060:1:1002::139:139 which passes SPF.
Any idea what is going wrong? Is Gmail's DMARC implementation broken
and REQUIRES DKIM violating RFC?
Mit freundlichen Grüssen
-Benoît Panizzon-
--
I m p r o W a r e A G - Leiter Commerce Kunden
______________________________________________________
Zurlindenstrasse 29 Tel +41 61 826 93 00
CH-4133 Pratteln Fax +41 61 826 93 01
Schweiz Web http://www.imp.ch
______________________________________________________
_______________________________________________
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
