I have configured DMARC for one of the domains I manage, and all the tools I used for testing gave me the all clear. I then decided to use the REJECT policy. Today, I was testing the implementation of DMARC checks on one other server. I sent a test mail from one domain to another and got a rejection. Please help me understand what has happened from the log snippet below:
2018-11-29 18:48:00 1gSOXo-0002Yp-Fd PDKIM: d=titan.co.ke s=csl [failed key import] 2018-11-29 18:48:01 1gSOXo-0002Yp-Fd DMARC results: spf_domain=titan.co.ke dmarc_domain=titan.co.ke spf_align=no dkim_align=no enforcement='Reject' 2018-11-29 18:48:01 1gSOXo-0002Yp-Fd H=gw.titan.co.ke [197.232.25.162] I=[41.57.103.122]:25 Warning: DMARC DEBUG: 'reject' for titan.co.ke 2018-11-29 18:48:01 1gSOXo-0002Yp-Fd H=gw.titan.co.ke [197.232.25.162] I=[41.57.103.122]:25 X=TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256 CV=no F=< [email protected]> rejected after DATA: Message from titan.co.ke failed sender's DMARC policy, REJECT 2018-11-29 18:48:01 SMTP connection from gw.titan.co.ke [197.232.25.162] I=[41.57.103.122]:25 closed by QUIT A test for DMARC for the domain: root@gw:/etc/exim/opendmarc # /usr/local/sbin/opendmarc-check titan.co.ke DMARC record for titan.co.ke: Sample percentage: 100 DKIM alignment: relaxed SPF alignment: relaxed Domain policy: reject Subdomain policy: reject *<======== could this be the issue??* Aggregate report URIs: mailto:[email protected] Failure report URIs: mailto:[email protected] -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254 7 3200 0004/+254 7 2274 3223 "Oh, the cruft." -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
