EFA and DKIM checks at receiving end
Posted: 30 Nov 2016 20:28
So my EFA receives emails and forwards them to my server using opendkim to send and check received emails.
EFA is configured properly (in the config files there is an option to properly add headers at the top of messages and not replace them) and yet my receiving server throws warnings like these:
this one is about an email coming from Google Apps, with proper SPF/DKIM/dmarc setup:
this one is about an email coming from a server under my control, with proper SPF/DKIM/dmarc setup:
Has anyone got an idea how to fix this?
I'd also be happy to skip DKIM checks on incoming messages since they get filtered through EFA anyway and there are DKIM checks already in place.
Anyone familiar with opendkim?
The dmarc policies are:
so basically the first one says: if it fails, reject 100% of failed emails while the second one says to quarantine 25% of failed emails.
But none of these 2 should fail. I'm sure its because of being EFA in the middle.
###edit###
to make things easier, here is the full email content with all headers of the first email of the two mentioned above: http://pastebin.com/aExuVJG0
EFA is configured properly (in the config files there is an option to properly add headers at the top of messages and not replace them) and yet my receiving server throws warnings like these:
this one is about an email coming from Google Apps, with proper SPF/DKIM/dmarc setup:
Code: Select all
Authentication-Results: mike.knightsenglish.com; dkim=fail
reason="verification failed; unprotected key"
header.d=pacura.ru header.i=@pacura.ru
header.b=J2TxdPbe; dkim-adsp=none (unprotected policy); dkim-atps=neutralCode: Select all
Authentication-Results: mike.knightsenglish.com; dkim=pass
reason="4096-bit key; unprotected key"
header.d=intramed.sa.com header.i=@intramed.sa.com
header.b=qL9xD/z+; dkim-adsp=pass; dkim-atps=neutralI'd also be happy to skip DKIM checks on incoming messages since they get filtered through EFA anyway and there are DKIM checks already in place.
Anyone familiar with opendkim?
The dmarc policies are:
Code: Select all
v=DMARC1; p=reject; pct=100;
v=DMARC1; p=quarantine; pct=25;But none of these 2 should fail. I'm sure its because of being EFA in the middle.
###edit###
to make things easier, here is the full email content with all headers of the first email of the two mentioned above: http://pastebin.com/aExuVJG0