[SOLVED] SA - DKIM/DMARC Problem

Aug 28, 2019
17
1
23
Hi,
I notice, that in some situations the SA seems don't work correct.

Example Message:

Code:
Delivered-To: xxxx@domain.ch
Return-Path: campaign@mailing.ubs.com
Received-SPF: pass (mailing.ubs.com: Sender is authorized to use 'campaign@mailing.ubs.com' in 'mfrom' identity (mechanism 'include:spf.swisscom.com' matched)) receiver=pmg-a01.dynanet.local; identity=mailfrom; envelope-from="campaign@mailing.ubs.com"; helo=mail.swisscom.com; client-ip=138.188.176.51
Received: from mail.swisscom.com (mailout51.swisscom.com [138.188.176.51])
    by mx.dynamail.ch (Proxmox) with ESMTPS id A4441121ECD
    for <xxxx@domain.ch>; Wed, 11 Dec 2019 13:05:46 +0100 (CET)
Received: by mail.swisscom.com; Wed, 11 Dec 2019 13:05:22 +0100
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mailing.ubs.com;
    s=aurelia; t=1576065922;
    bh=ucDVnI8RCXOWzA6F7R0h1xQq3wSkidcBqC5DYPpWIgY=;
    h=From:Subject:Date:To:Reply-To;
    b=xvax...
From: "UBS KeyInvest Product News" <ubs-keyinvest@mailing.ubs.com>
Subject: Bis zu 14.00% p.a. Coupon mit UBS Kick-In GOALs
Date: Wed, 11 Dec 2019 13:05:21 +0100
To: <xxxx@domain.ch>
Reply-To: "UBS" <keyinvest@ubs.com>
MIME-Version: 1.0
X-mailer: nlserver, Build 6.7.0
Message-ID: <NM608C11AE602D4747Fubs_extfront_prod@mailing.ubs.com>
Content-Type: multipart/alternative;
    boundary="----=_NextPart_539_E5A83124.E5A83124"
X-SPAM-LEVEL: Spam detection results:  3
    AWL                    -4.702 Adjusted score from AWL reputation of From: address
    BAYES_00                 -1.9 Bayes spam probability is 0 to 1%
    DKIM_INVALID              0.1 DKIM or DK signature exists, but is not valid
    DKIM_SIGNED               0.1 Message has a DKIM or DK signature, not necessarily valid
    DMARC_REJECT               10 DKIM has Failed or SPF has failed on the message and the domain has a DMARC reject policy
    ...

The SPF check is OK. The DKIM Selector is aurelia. The public key :

# dig aurelia._domainkey.mailing.ubs.com TXT

aurelia._domainkey.mailing.ubs.com. 900 IN TXT "v=DKIM1;k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDMwvCfDAQ9A1P213EpXH3ux8wSICKxdWeBJX3994cPqBV5Kz5r7K3biahdHWbdNsFGrk8kfyqFKfO76p7sjmyxP1ViOpLvC0hjwgVz5Bqd9hhTc5l4okfYESfLLLj0xc+Z8jdKGJsZbL83X5atUwTZb9dFgHSnYcrxmZq2ZLq9owIDAQAB"


For me it looks OK.

But the SA give 10 points for : "DMARC_REJECT 10 DKIM has Failed or SPF has failed on the message and the domain has a DMARC reject policy".

Miss I something, or is it a problem with SA?
 
Last edited:
seems the DKIM signature is not valid - thus yielding a negative DMARC result

Thanks for your reply.

I make a check with another tool and it seems, the mail was really modified on the way.

First, I did not want to believe that the UBS newsletter was not working properly, but it is so.

OK. No error on SA.
 
Thanks for reporting back! - Please mark the thread as 'SOLVED'
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!