1 Topic by dandon

  • dandon
  • Member
  • Offline
  • Registered: 2020-02-24
  • Posts: 7

Topic: DKIM tests fine but fails on Google?

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 1.1
- Deployed with iRedMail Easy or the downloadable installer? installer
- Linux/BSD distribution name and version: Ubuntu 18.04
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): PGSQL
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? No
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

Hi all,

As per subject, I'm getting emails returned from Google due to DKIM errors, but tests seem to show that it is all setup fine. See errors below:

Google return email:

host aspmx.l.google.com[2a00:1450:400c:c00::1a] said:
550-5.7.26 Unauthenticated email from domain.com is not accepted
due 550-5.7.26 to domain's DMARC policy. Please contact the administrator
of 550-5.7.26 domain.com domain if this was a legitimate mail.
Please 550-5.7.26 visit 550-5.7.26
https://support.google.com/mail/answer/2451690 to learn about the 550
5.7.26 DMARC initiative. d18si9267760wrv.94 - gsmtp (in reply to end of
DATA command)

However, amavisd-new shows:

TESTING#1 domain.com: dkim._domainkey.domain.com => pass
TESTING#2 domain2.com: dkim._domainkey.domain2.com => pass

And, online tester shows it passing (https://dkimvalidator.com/results):

DKIM Information:
DKIM Signature

Message contains this DKIM Signature:
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=
    domain.com; h=message-id:content-type:content-type
    :date:date:subject:subject:from:from:to:mime-version; s=dkim; t=
    1582490112; x=1585082113; bh=glZG8z/gcsTIcoXzXCJvUJg/fTnJF3m9eRh
    STb3KMk0=; b=gvjhE391j0WD/LWl1pvSfyAoYZkGUa34Pb17gnKXZ6sV0XhCXRb
    5G3BnNqRIy7QYAkjWNq/Rj0BS/YdF6Fsi4I+kdwV5oG5X3JucmXYdaw3dZQsz1r4
    DcG2GzMdLAI4yTxu61gQnxSaFVOzSPNud85yKQYEaekZRsQ5YuYTXfXs=


Signature Information:
v= Version:         1
a= Algorithm:       rsa-sha256
c= Method:          relaxed/simple
d= Domain:          domain.com
s= Selector:        dkim
q= Protocol:        
bh=                 glZG8z/gcsTIcoXzXCJvUJg/fTnJF3m9eRh
    STb3KMk0=
h= Signed Headers:  message-id:content-type:content-type
    :date:date:subject:subject:from:from:to:mime-version
b= Data:            gvjhE391j0WD/LWl1pvSfyAoYZkGUa34Pb17gnKXZ6sV0XhCXRb
    5G3BnNqRIy7QYAkjWNq/Rj0BS/YdF6Fsi4I+kdwV5oG5X3JucmXYdaw3dZQsz1r4
    DcG2GzMdLAI4yTxu61gQnxSaFVOzSPNud85yKQYEaekZRsQ5YuYTXfXs=
Public Key DNS Lookup

Building DNS Query for dkim._domainkey.domain.com
Retrieved this publickey from DNS: v=DKIM1; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDBt6mujvGNL1uoe/e+zcJNm8RSqaCfRuFm0w3qWqtZcT7ZZPTXHasXervFe2AVADRZRtry61DaVFcVE+QobuMr0Man1Lp4kjnOvvTkNJ3H+WuA2opv6GDMvaPuxawN53gqxmbezBhR97S4VVaD3bDsbq8jsgV58ga5YFXuqQvtFQIDAQAB
Validating Signature

result = pass
Details:

Please can someone tell me if I'm doing something wrong?

*domain name changed

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,792

Re: DKIM tests fine but fails on Google?

it complains about DMARC record.

3 Reply by dandon

  • dandon
  • Member
  • Offline
  • Registered: 2020-02-24
  • Posts: 7

Re: DKIM tests fine but fails on Google?

Thanks for the reply. The report sent to the dmarc address showed DKIM and SPF failing, but all seem to be set up correctly. I will monitor and get back if I continue to experience problems. Thanks