Hello,
I have a question on how to get a DMARC policy to work when some of my email
is sent via blackberry BIS. I have not been able to find an answer through
web searches. I hope someone on this discussion board may have an answer.
My domain has SPF and DKIM set up and I confirmed that email sent directly
from my server is correctly authenticated on yahoo, hotmal and gmail test
accounts.
Some of my email is sent using a Blackberry phone. Blackberry sends my
email through blackberry's servers, which have their own SPF. Blackberry
emails are correctly received to these test accounts and I confirmed that
SPF authentication passed.
The "Return-Path" field of blackberry emails show blackberry's emails
server:
Return-Path:
<[email protected]>
This Return-Path shows the RFC5321.MailFrom field. While SPF uses this
field for authentication, DMARC does not. DMARC uses RFC5322.From. Is that
correct?
The RFC5322.From field of my blackberry emails are shown as:
From: "MY NAME" <[email protected]>
Under the belief that DMARC uses the domain in this FROM field for
authentication, I added blackberry's email servers
(srs.bis.na.blackberry.com) to my SPF TXT record. The domain in the
RFC5322.From field now lists blackberry's email servers as allowed senders.
My DMARC monitoring reports show that email sent through blackberry would
fail authentication, even though the SPF record includes blackberry's
servers.
Here is an example DMARC report for my domain. The failed blackberry emails
are listed in "Other Servers":
http://www.dmarcian.com/dmarc-xml/details/vpdhqKDIVJsklrLf
What mistake am I making? How can I get DMARC to authenticate my emails
when they are sent via a blackberry?
Thank you,
Jon
_______________________________________________
dmarc-discuss mailing list
[email protected]
http://www.dmarc.org/mailman/listinfo/dmarc-discuss
NOTE: Participating in this list means you agree to the DMARC Note Well terms
(http://www.dmarc.org/note_well.html)
