Hi -Ashok., The "forwarded" reason is supposed to mean Why your requested policy was not applied.
This is typically used when a receiver knows that email is coming in from a service that people use to scan/clean... or forward.. email. Keep in mind that email Receivers will always be free to apply whatever policy they want. In your case, the receiver has added an exception for that specific server because, from their perspective, legitimate email is flowing in to their infrastructure from that server (even though authentication is being broken). If they didn't apply this exception, then legitimate email would fail to be delivered, and likely incur support costs. HTH, =- Tim PS. I don't think you can do anything, except if you have evidence that the server is NOT a forwarder. On Feb 19, 2014, at 8:33 AM, Dorai Ashok S A <[email protected]> wrote: > Hi, > > In the last few months, I have noticed a few unauthorized email messages > being accepted even though DMARC and SPF checks fail. In the DMARC report, > reason is mentioned as "forwarded". I have search around a lot on this and I > haven't been able to find a solution. Hence trying to seek some help here. > > Could someone explain what "forwarded" means when DMARC policy is "reject" ? > and How do i enforce the "reject" policy in such cases ? > > I have listed down the information I have in the DMARC report below for your > reference, > > Policy Published: > > <policy_published> > <domain>mpipe.net</domain> > <adkim>s</adkim> > <aspf>s</aspf> > <p>reject</p> > <sp>reject</sp> > <pct>100</pct> > </policy_published> > > Record: > > <record> > <row> > <source_ip>192.185.4.17</source_ip> > <count>1</count> > <policy_evaluated> > <disposition>none</disposition> > <dkim>fail</dkim> > <spf>fail</spf> > <reason> > <type>forwarded</type> > <comment></comment> > </reason> > </policy_evaluated> > </row> > <identifiers> > <header_from>mpipe.net</header_from> > </identifiers> > <auth_results> > <spf> > <domain>mpipe.net</domain> > <result>fail</result> > </spf> > </auth_results> > </record> > > NOTE: 192.185.4.17 is an *Unauthorized* sender. > > Regards, > -Ashok. _______________________________________________ dmarc-discuss mailing list [email protected] http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
