On 04.10.2016 17:35, DurgaPrasad - DatasoftComnet via dmarc-discuss wrote: > I have done a stock dmarc implementation on centos 7. > > We use MailScanner and spamassassin with decent success since many years. I > would prefer a milter anyday so that I can influence my scores. > > My concerns is that if dmarc=fail is the result of the check - why do I need > to look at the spf result. Why doesn’t the OpenDMARC Filter v1.3.1 return a > pass for dmarc if intended result is indeed a combination output of the dmarc > and spf data.? > > I’m sorry if I am missing something here.
The point is: DMARC uses a combination of the SPF and the DKIM result. Per default OpenDMARC searches for an Authentication-Result: header or a Received-SPF: header that was inserted by a previous milter on your receiving MTA. If, for some reason, your OpenDMARC milter does not see the SPF result, the DMARC decission might be wrong. You might take this to the opendmarc-users mailing list and show your configuration to the folks at that ML. Juri _______________________________________________ dmarc-discuss mailing list [email protected] http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
