Fwd: analysing of dmarc report

2018-11-20 Thread Poliman - Serwis 
I have a problem with understanding dmarc reports and some features.
I attach two reports. First one come from google.com, second one from
tumieszkamy.pl. On my server is dns zone of domain kamir-transport.pl but
whole mail service is deployed on Google - in dns zone MX points to Google
and there are all mailboxes, aliases etc. Last time I have configured dkim
and dmarc policies and I got two reports. Honestly I don't know why two,
from two different providers - google.com and tumieszkamy.pl. Moreover in
report originating from google I see IP of my server [which fails spf and
dkim policies] and I don't understand why this IP is evaluated? Second
thing which I don't understand is second report which I got from
tumieszkamy.pl.
SPF record in dns zone of domain kamir-transport.pl was looking like below
(now I changed it to slightly different):
*v=spf1 mx include:_spf.google.com  -all*

Does anybody could help uderstand these things?

-- 

*Pozdrawiam / Best Regards*
*Piotr Bracha*


  
google.com
noreply-dmarc-supp...@google.com
https://support.google.com/a/answer/2466580
12589122423815780587

  1542585600
  1542671999

  
  
kamir-transport.pl
r
r
none
none
100
  
  

  209.85.220.41
  8
  
none
pass
pass
  


  kamir-transport.pl


  
kamir-transport.pl
pass
google
  
  
kamir-transport.pl
pass
  

  
  

  54.38.202.128
  42
  
none
fail
fail
  


  kamir-transport.pl


  
kamir-transport.pl
fail
  

  



 
  tumieszkamy.pl
  dm...@tumieszkamy.pl
  kamir-transport.pl:1542755608
  
   1542724697
   1542724697
  
 
 
  kamir-transport.pl
  r
  r
  none
  none
  100
 
 
  
   209.85.217.44
   1
   
none
pass
pass
   
  
  
   kamir-transport.pl
  
  
   
kamir-transport.pl
unknown
   
   
kamir-transport.pl
pass

Re: hostname is being appended to the From name

2018-11-20 Thread Wietse Venema 
li...@mbchandler.net:
> On 2018-11-20 3:34 pm, Wietse Venema wrote:
> > li...@mbchandler.net:
> >> I'm trying to understand why this is happening and how to prevent it. 
> >> I
> >> have a relay where if an email is sent to it with just a name in the
> >> Header From, then the server's hostname is added to the end of it. For
> >> example,  if I telnet to the server and send an email with 
> >> "From:Test",
> >> then I'll get an email from Test@hostname.
> > 
> > See http://www.postfix.org/postconf.5.html#myorigin
> > 
> > myorigin (default: $myhostname)
> > The domain name that locally-posted mail appears to come from,
> > and that locally posted mail is delivered to. The default,
> > $myhostname, is adequate for small sites. If you run a domain
> > with multiple machines, you should (1) change this to $mydomain
> > and (2) set up a domain-wide alias database that aliases each
> > user to user@that.users.mailhost.
> > 
> > Postfix does not support domain-less addresses.
> > 
> > Wietse
> 
> Thank you. This should only happen for email from "mynetworks", right?

You may want to look up:

http://www.postfix.org/postconf.5.html#local_header_rewrite_clients

That covers the appearance of mail headers.

Wietse

Re: hostname is being appended to the From name

2018-11-20 Thread lists 

Thank you. This should only happen for email from "mynetworks", right?


On 2018-11-20 3:34 pm, Wietse Venema wrote:

li...@mbchandler.net:
I'm trying to understand why this is happening and how to prevent it. 
I

have a relay where if an email is sent to it with just a name in the
Header From, then the server's hostname is added to the end of it. For
example,  if I telnet to the server and send an email with 
"From:Test",

then I'll get an email from Test@hostname.


See http://www.postfix.org/postconf.5.html#myorigin

myorigin (default: $myhostname)
The domain name that locally-posted mail appears to come from,
and that locally posted mail is delivered to. The default,
$myhostname, is adequate for small sites. If you run a domain
with multiple machines, you should (1) change this to $mydomain
and (2) set up a domain-wide alias database that aliases each
user to user@that.users.mailhost.

Postfix does not support domain-less addresses.

Wietse

Re: hostname is being appended to the From name

2018-11-20 Thread Wietse Venema 
li...@mbchandler.net:
> I'm trying to understand why this is happening and how to prevent it. I 
> have a relay where if an email is sent to it with just a name in the 
> Header From, then the server's hostname is added to the end of it. For 
> example,  if I telnet to the server and send an email with "From:Test", 
> then I'll get an email from Test@hostname.

See http://www.postfix.org/postconf.5.html#myorigin

myorigin (default: $myhostname)
The domain name that locally-posted mail appears to come from,
and that locally posted mail is delivered to. The default,
$myhostname, is adequate for small sites. If you run a domain
with multiple machines, you should (1) change this to $mydomain
and (2) set up a domain-wide alias database that aliases each
user to user@that.users.mailhost.

Postfix does not support domain-less addresses.

Wietse

Re: hostname is being appended to the From name

2018-11-20 Thread Ralph Seichter 
* lists:

> I'm trying to understand why this is happening and how to prevent
> it. I have a relay where if an email is sent to it with just a name in
> the Header From, then the server's hostname is added to the end of it.

See http://www.postfix.org/postconf.5.html#append_at_myorigin

-Ralph

hostname is being appended to the From name

2018-11-20 Thread lists 
I'm trying to understand why this is happening and how to prevent it. I 
have a relay where if an email is sent to it with just a name in the 
Header From, then the server's hostname is added to the end of it. For 
example,  if I telnet to the server and send an email with "From:Test", 
then I'll get an email from Test@hostname.

Re: RFE: DANE functions + log

2018-11-20 Thread Viktor Dukhovni 
> On Nov 20, 2018, at 7:53 AM, J. Thomsen  wrote:
> 
> From the log it should be obvious
> 
> 1) does Postfix lookup the TLSA record

Always does, with "smtp_tls_security_level = dane"

> 2) did Postfix receive the TLSA record and which ones

Domains that have TLSA records will be "Verified" or the delivery
will fail with a certificate authentication failure.  Other domains
will be logged as "Anonymous" or "Untrusted".  So the presence of
TLSA records is implicit in the connection security status.  The
actual TLSA records should not IMHO be logged on a routine basis.

> 3) does Postfix use the TLSA record and which one

Probably not useful on a routine basis.

> 4) is the TLSA record valid and how is Postfix using it

Probably not useful on a routine basis.  As for "how",
the answer is per RFC7672.

>> I think that 5 log messages where one was looks reasonably sufficient
>> to me are probably too much.
> 
> Well, yes, it was just a suggestion for an easy copy-paste from 
> posttls-finger to the smtp client :)

I am looking for "correct", not "easy".

>>> When implementing DANE it is helpful to increase the value of 
>>> smtp_tls_loglevel to at least X.
>> 
>> I've always found level 1 to be sufficient for routine logging.
> 
> As always a more detailed level (pt 1-3) is needed during the implementation 
> or error diagnosis and
> a less detailed level (pt. 4) during production.

So are you asking to change the routine logging, or just more
options for verbose logging when doing trouble-shoots and testing?

-- 
Viktor.