> Authentication-Results: icecube.pnzone.net; dmarc=fail >header.from=amazon.fr > Authentication-Results: icecube.pnzone.net; dkim=pass > reason="1024-bit key; unprotected key" > header.d=amazonses.com [email protected] header.b=BOrJMGL0; > dkim-adsp=pass; dkim-atps=neutral > >The only strange thing with this email is that it contains a double >DKIM-Signature, the second one appearing just after the first one:
The Authentication-Results header doesn't mention the second DKIM signature, and that's the one that matters for DMARC since it's the one with d=amazon.fr to match from From: address. Can you check the message to see if that signature is in fact good? If it is, you've probably found a bug. I also use opendmarc and as I recall, it does the right thing with multiple DKIM signatures so long as your MTA gives it all the signatures. I'd start by checking the code in the MTA to be sure it does that. R's, John _______________________________________________ dmarc-discuss mailing list [email protected] http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
