DMARC quarantine results

li...@lazygranch.com Sat, 16 Apr 2016 17:48:06 -0700

These are the failing reports from DMARC set to quarantine. Most
failures are for SPF, which now I gather from the other post is due to
remailing. {Originally I thought the comment was about me using a
remailer.]


It looks like if you pass DKIM, most ESPs just pass on the message. 

Since nobody I know personally is rejecting my email due to DMARC, does
it make sense just to set the DMARC to reject and watch the bounced
emails? I'm assuming the failures are on listserves. It seems to me
dealing with bounced emails is less work that reading these reports. 

Cloud9 is probably from the postfix listserve. ;-)


-----------------------------------------------
FROM GOOGLE:
2607:f140:0:1000::d is UC Berkeley
http://www.ip2location.com/2607%3Af140%3A0%3A1000%3A%3Ad
    <row>
      <source_ip>2607:f140:0:1000::d</source_ip>
      <count>1</count>
      <policy_evaluated>
        <disposition>none</disposition>
        <dkim>fail</dkim>
        <spf>fail</spf>
        <reason>
          <type>looks forwarded, downgrade to quarantine with phishing
warning</type> <comment></comment>
        </reason>
      </policy_evaluated>
    </row>
    <identifiers>
      <header_from>MYDOMAIN</header_from>
    </identifiers>
    <auth_results>
      <dkim>
        <domain>MYDOMAIN</domain>
        <result>fail</result>
      </dkim>
      <spf>
        <domain>MYDOMAIN</domain>
        <result>fail</result>
      </spf>
    </auth_results>
  </record>

207.46.163.236 is Microsoft
http://www.ip2location.com/207.46.163.236
  </policy_published>
  <record>
    <row>
      <source_ip>207.46.163.236</source_ip>
      <count>1</count>
      <policy_evaluated>
        <disposition>none</disposition>
        <dkim>pass</dkim>
        <spf>fail</spf>
      </policy_evaluated>
    </row>


<auth_results>
      <dkim>
        <domain>MYOTHERDOMAIN</domain>
        <result>pass</result>
      </dkim>
      <spf>
        <domain>cuesta.edu</domain>
        <result>none</result>
      </spf>
207.46.163.140 is Microsoft
http://www.ip2location.com/207.46.163.140
   <row>
      <source_ip>207.46.163.140</source_ip>
      <count>1</count>
      <policy_evaluated>
        <disposition>none</disposition>
        <dkim>pass</dkim>
        <spf>fail</spf>
      </policy_evaluated>
    </row>
-----------------------------------------
FROM HOTMAIL:
168.100.1.7 is Cloud 9
http://www.ip2location.com/168.100.1.7
</policy_published>
<record><row>
<source_ip>168.100.1.7</source_ip>
<count>27</count>
<policy_evaluated>
<disposition>none</disposition>
<dkim>pass</dkim>
<spf>fail</spf>

74.125.82.54 is google
http://www.ip2location.com/74.125.82.54
<source_ip>74.125.82.54</source_ip>
<count>1</count>
<policy_evaluated>
<disposition>none</disposition>
<dkim>pass</dkim>
<spf>fail</spf>
--------------------------------------

DMARC quarantine results

Reply via email to