We are seeing an increasing number of bounces by Gmail related to failed authentication checks. The bounces include language like:
<<< 550-5.7.26 This mail is unauthenticated, which poses a security risk to the <<< 550-5.7.26 sender and Gmail users, and has been blocked. The sender must <<< 550-5.7.26 authenticate with at least one of SPF or DKIM. For this message, <<< 550-5.7.26 DKIM checks did not pass and SPF check for [mcn.org] did not pass <<< 550-5.7.26 with ip: [67.231.157.125]. The sender should visit <<< 550-5.7.26 https://support.google.com/mail/answer/81126#authentication for <<< 550 5.7.26 instructions on setting up authentication. z6-20020a05622a028600b00403a8e58423si1377805qtw.448 - gsmtp 554 5.0.0 Service unavailable This is occurring in situations where our users forward their mail to a personal Gmail account. SPF checks will of course fail in the scenario, but DKIM checks should pass. In fact, they most often do pass—users impacted by this are only seeing a small subset of their mail from a given sender bounced (which often times will be a Gmail sender). In cases where the user retains a copy locally we’ve been able to verify that the DKIM signature was present and was successfully validated by our system. Is anyone else experiencing this? Is anyone from Google could reach out to me off-list to discuss that would be much appreciated. Best, Jason Cowart Stanford University IT
_______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
