On 11/27/23 07:40, Linkcheck via Postfix-users wrote:
The forms also send a copy to the sender as confirmation. Most of these,
as far as I know, get delivered but recently gmail has been rejecting
them with the message:
550-5.7.26 This mail has been blocked because the sender is
unauthenticated.
550-5.7.26 Gmail requires all senders to authenticate with
either SPF or DKIM.
550-5.7.26 Authentication results:
550-5.7.26 DKIM = did not pass
550-5.7.26 SPF = did not pass
I also tested the form. My server checks DMARC, and on the message I
received, both SPF and DKIM pass. Everything I could think of to check
looks right to me.
If the email address in your DMARC record is valid, you should receive
reports from Google regarding their DMARC decision on your messages.
Hopefully there will be enough detail in those reports for you to figure
out why they rejected it.
I get a lot of DMARC rejects from google. Mostly for messages like this
one that I send to mailing lists. It seems that a lot of mailing lists
(the dovecot list and apache.org lists for sure) do not properly
repackage messages so that DKIM/SPF will pass.
It does look like this list (headers indicate it is mailman 3.3.8) is
sending its own DKIM signature. It does also send my DKIM signature, so
I see both a pass and a fail for DKIM on my own messages. I wonder if
mailing lists should remove the original sender's DKIM signature,
because it is highly unlikely that it will ever pass.
Thanks,
Shawn
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
