DMARC_REJECT(10)

Dec 20, 2019
7
1
1
Hello!

Strange things happens on my proxmox mail gateway.
I send mails from my friends company domain to myself and get my message, but when i attach some file, so message size grow a little bit. I get DMARC_REJECT(10). And mail fall to quarantine. And this problem occurs on many domains, getting DMARC_REJECT(10) from 100% legit senders.

I've try testing my and my friends domains at links below, and both of them have 10\10 & 100% test pass, no errors and etc.
Test DKIM&SPF
https://www.appmaildev.com/en/dkim
DKIM&SPF
https://www.mail-tester.com/

I don't want turn off DKIM check, because it makes my spam protection less effective. But same time i can't spend whole day monitoring quarantine.

Here examples of message log:
Has attachment:
Dec 20 17:37:56 post02 postfix/qmgr[995]: 59938140155: from=<abc@1234.ru>, size=465256, nrcpt=1 (queue active)
Dec 20 17:37:56 post02 pmg-smtp-filter[29329]: 1408A45DFCDCC46A72C: new mail message-id=<f54988335ee044b69157fe67df56e0dc@1234.ru>#012
Dec 20 17:37:57 post02 pmg-smtp-filter[29329]: 1408A45DFCDCC46A72C: SA score=10/5 time=0.581 bayes=undefined autolearn=no autolearn_force=no hits=AWL(-0.230),DKIM_INVALID(0.1),DKIM_SIGNED(0.1),DMARC_REJECT(10),HTML_MESSAGE(0.001),KAM_NUMSUBJECT(0.5),SPF_HELO_NONE(0.001),SPF_PASS(-0.001),TVD_SPACE_RATIO(0.001),URIBL_BLOCKED(0.001)

Doesnt have attachment:
Dec 20 10:32:01 post01 postfix/qmgr[1095]: 06FD941238: from=<abc@1234.ru>, size=3886, nrcpt=1 (queue active)
Dec 20 10:32:01 post01 pmg-smtp-filter[19751]: 4123F5DFC78F1222A3: new mail message-id=<45e3a65b691f4d27bb31d6ef7ec226fa@1234.ru>#012
Dec 20 10:32:01 post01 pmg-smtp-filter[19751]: 4123F5DFC78F1222A3: SA score=0/5 time=0.398 bayes=undefined autolearn=ham autolearn_force=no hits=DKIM_SIGNED(0.1),DKIM_VALID(-0.1),DKIM_VALID_AU(-0.1),DKIM_VALID_EF(-0.1),HTML_MESSAGE(0.001),SPF_HELO_NONE(0.001),SPF_PASS(-0.001),URIBL_BLOCKED(0.001)
 
The mails with attachment seem to get mangled on the way which invalidates their DKIM signature - you need to find the mail-server which invalidates the signature (by changing something in the mail ) and reconfigure that to not invalidate the DKIM signature

Maybe it is some kind of security-appliance after your mail-client (or the mail-server which adds the DKIM signature) , which adds some footer like:
"Scanned by security solution XXXXXXX" ...

I hope this helps!
 
hmm - a colleague just pointed out that it might be related to the max Spam Size setting (Configuration-> Spam Detector -> Options -> Max Spam Size (bytes) )

could you try increasing the value and see if the issue goes away?

Thanks!
 
hmm - a colleague just pointed out that it might be related to the max Spam Size setting (Configuration-> Spam Detector -> Options -> Max Spam Size (bytes) )

could you try increasing the value and see if the issue goes away?

Thanks!
Thank you!

The solution you proposed worked for me. Set this parametr same as max message size.
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!