CentOS-6.6 Postfix-2.11.1 OpenDKIM-2.9.0 We are set up to use SPF, DKIM and DMARC and have been using our present settings since last June. Our DMARC policy is this:
2014/12/17 17:49:12 :Your DMARC record for '_dmarc.harte-lyne.ca' is 'v=DMARC1; p=quarantine; pct=100; ri=86400; rua=mailto:dmarc.repo...@harte-lyne.ca' We ran our email service through the DKIM testing site had-pilot.com run by the U.S. NSI. Everything checks out correctly. <--- received on Wed Dec 17 17:48:55 2014 with Subject dmarc The message was: Delivered The SPF result was: pass The DKIM result was: True ********************************************************** Enter your email address and this hash stringin the Review My Results link for message header analysis of results: . . ********************************************************** Full Record Id[59]: SPF result: pass DKIM result: True Alignment result: Pass Feedback: RecordType Delivery Result: Pass Source IP: 216.185.71.28 User Agent: Pythentic Version: 1 Recipient: had-pilot.biz Arrival Date: Wed Dec 17 17:48:55 2014 From: byrn...@harte-lyne.ca DKIM Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=harte-lyne.ca; s=dkim_hll; t=1418856530; bh=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=; h=Date:Subject:From:To:Reply-To; b=ZI8z02suqvwwp+BsYCdKUGwCwAHBa128AXdAXIa/BiqW/dgPsxZDllSZHQSqCz8f7 L43H6nh4Mrf5ftvpZyOTUUEveWA3gdFxfMbpWwCEWPL7ZJnuvgRykZoPu2oOXhVIup 6EoEXLdRC8Xrfbl7LkPbJl/VjbLwfRMNYmTu5a4aLBtN5qxDLcm7Cxge4983jZecmE /LsYgcmtuwuRPUi1Bi+ZZ68RdQahM5PZqQXzKGTI4LMvyrw2NYNW7/mjl08nO2zgvx 4FyMS4UOkxqiN4yLBpYCATgaRbaduX0SoK7RUMBIychEgLjeYeb6je5JH/EH5EznMr 9l4CRfOkdU6rA== Subject: dmarc Reported: 0 SPFReason: sender SPF authorized DKIMReason: Good DKIM Signature. DMARCReason: Message authenticated. Message: Received: from localhost (localhost [127.0.0.1]) by inet08.hamilton.harte-lyne.ca (Postfix) with ESMTP id BFCC560FD9 for <pythen...@had-pilot.biz>; Wed, 17 Dec 2014 17:48:52 -0500 (EST) ---> Nonetheless, yesterday one of our users received this NDR from our server in response to an email sent to a known valid AOL.com address: <--- This is the mail system at host inet08.hamilton.harte-lyne.ca. I'm sorry to have to inform you that your message could not be delivered to one or more recipients. It's attached below. For further assistance, please send mail to postmaster. If you do so, please include this problem report. You can delete your own text from the attached returned message. The mail system <xxuse...@aol.com>: host mailin-02.mx.aol.com[152.163.0.99] said: 521 5.2.1 : (DMARC) This message failed DMARC Evaluation and is being refused due to provided DMARC Policy (in reply to end of DATA command) ---> Has anyone have any idea what AOL might be complaining about WRT to our DMARC policy? -- *** E-Mail is NOT a SECURE channel *** James B. Byrne mailto:byrn...@harte-lyne.ca Harte & Lyne Limited http://www.harte-lyne.ca 9 Brockley Drive vox: +1 905 561 1241 Hamilton, Ontario fax: +1 905 561 0757 Canada L8E 3C3
