02-12-2019 04:22 PM
Seeing an odd issue with a particular mail provider... they currently have a broken SPF record (syntax error due to an errant space character).
In the mail logs i'm seeing evidence of the SPF check being done, but then it goes straight on to performing the DMARC verification. By rights there should also be a DKIM check prior to DMARC being called - the message does have a perfectly valid DKIM signature present in the headers.
Logs:
Wed Feb 13 09:03:07 2019 Info: MID 8323655 SPF: identity mailfrom spf record of bounce.3rdparty.com has invalid format Wed Feb 13 09:03:07 2019 Info: MID 8323655 SPF: mailfrom identity bounces+user=mydomain.com.au@bounce.3rdparty.com PermError (v=spf1) Wed Feb 13 09:03:11 2019 Info: MID 8323655 SPF: pra identity user@mydomain.com.au None headers sender Wed Feb 13 09:03:11 2019 Info: MID 8323655 DMARC: Message from domain mydomain.com.au, DMARC fail, (SPF aligned False, DKIM aligned False) DMARC policy is quarantine, applied policy is none Wed Feb 13 09:03:11 2019 Info: MID 8323655 DMARC: Verification failed. Wed Feb 13 09:03:11 2019 Info: MID 8323655 DMARC: No action taken by DMARC policy.
We have SPF+DKIM+DMARC working perfectly fine with this provider when their email is sourced through other delivery networks with valid SPF, and it certainly works fine with other providers we partner with.
Am I missing something? Do I have a configuration setting somewhere causing this behaviour?
I've seen in the email pipeline picture that SPF and DKIM verification is handled together (by the same engine?) and wondering whether a syntax error in either part will cause the process to abort.
cheers.
08-21-2019 11:58 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide