Dave Funk skrev den 2024-07-03 09:29:
> On Wed, 3 Jul 2024, Simon Wilson via users wrote:
> You say "passing SPF and DKIM" however in the SA rules report it
> clearly says:
> DKIM_SIGNED=0.1, DKIM_INVALID=0.1
>
> So eventho you think 'passed DKIM' SA clearly does NOT think it does.
> That DKIM_INVALID will prevent the whitelist_auth from firing, thus you
> need to investigate what's going wrong there.
whitelist_auth support Return-Path so spf is evaluated aswell as dkim is
grep logs DKIM_VALID_EF
or enable DMARC plugin
Hi Benny, none of that helps unless I'm being dense this evening :-D
* I know whitelist_auth supports spf and dkim, that is in the documentation *
Grepping for DKIM_VALID_EF only tells me what I now already know - SA thinks
that one of the emails did not pass DKIM, when my server validated that it did
and entered an Authentication-Results header saying that it did * I already
have DMARC assessment, and that is shown in the headers I
postedAuthentication-Results: mail.simonandkate.net; dmarc=pass (p=quarantine
dis=none) header.from=wasabi.com
The authentication headers that my server adds are:Authentication-Results:
mail.simonandkate.net;
spf=none smtp.helo=o562.ptr9861.wasabi.com;
spf=pass smtp.mailfrom=mmemail.wasabi.com
Authentication-Results: mail.simonandkate.net; dmarc=pass (p=quarantine
dis=none) header.from=wasabi.com
Authentication-Results: mail.simonandkate.net; arc=none
smtp.remote-ip=159.183.86.216
Authentication-Results: mail.simonandkate.net;
dkim=pass (2048-bit key, unprotected) header.d=wasabi.com
header.i=@wasabi.com header.a=rsa-sha256 header.s=mmd header.b=uhRSt2r0
However SA thinks DKIM failed.
I note your other email Benny on adding authres settings. I'm not averse to
doing so, but would like to first understand why SA is behaving differently
with these two emails.
Simon
