Re: Re: DKIM and SPF fail for messages sent via mutt-users

Wed, 24 Aug 2022 23:49:35 -0700 

On 2022-08-24 15:18, Kevin J. McCarthy wrote:
> On Wed, Aug 24, 2022 at 08:15:21PM +0200, Jan Eden wrote:
> > I was under the impression that earlier issues with DMARC, DKIM and SPF
> > with respect to mailing lists were solvable (cf.
> > https://begriffs.com/posts/2018-09-18-dmarc-mailing-list.html), but this
> > does not seem to be the case. Is there anything I can do myself to avoid
> > such problems? My DMARC setup works fine for messages sent directly to
> > recipients at Gmail, Yahoo, Comcast etc.
> 
> I think OSUOSL implemented a DKIM filter some time in June, probably due to
> lots of bounce-unsubscribe issues with other mailing customers. However,
> this is probably causing your DMARC policy to fail, since the signature is
> missing (or renamed).
> 
> The Mutt lists already munge the From header for p=reject emails.  I haven't
> enabled it for p=quarantine, but this is a Mailman option I can control.
> 
> Does anyone have feedback before I enable that?

Thank you for considering a changed configuration. FWIW, this is how my
own mail server handles my message to mutt-users (delivered via
smtp1.osuosl.org [140.211.166.138]):

Authentication-Results: mail.eden.one;
        dkim=none;
        dmarc=fail reason="SPF not aligned (strict), No valid DKIM" 
header.from=eden.one (policy=none);
        spf=pass (mail.eden.one: domain of mutt-users-boun...@mutt.org 
designates 140.211.166.138 as permitted sender) 
smtp.mailfrom=mutt-users-boun...@mutt.org

It reports a successful SPF authentication result, as does
outlook.com, but both servers still report a SPF failure overall:

  <record>
    <row>
      <source_ip>140.211.166.138</source_ip>
      <count>1</count>
      <policy_evaluated>
        <disposition>none</disposition>
        <dkim>fail</dkim>
        <spf>fail</spf>
      </policy_evaluated>
    </row>
    <identifiers>
      <envelope_to>outlook.com</envelope_to>
      <envelope_from>mutt.org</envelope_from>
      <header_from>eden.one</header_from>
    </identifiers>
    <auth_results>
      <spf>
        <domain>mutt.org</domain>
        <scope>mfrom</scope>
        <result>pass</result>
      </spf>
    </auth_results>
  </record>

- Jan

Attachment: signature.asc
Description: PGP signature

Reply via email to