What is the meaning of KAM_DMARC_REJECT?

[Carlos Estrada]

I'm trying to configure PMG with unbound as local DNS, as explained here. And it seems to work because my firewall logs shows the PMG server is connecting with multiple IP's on port 53 every time I get an incoming email.

But I'm also seeing a lot of false positives with this hit:

KAM_DMARC_REJECT            3 DKIM has Failed or SPF has failed on the message and the domain has a DMARC reject policy

Does this mean that my PMG failed to make a SPF/DKIM tests? meaning some kind of DNS fail?

Or it means that the problem is with the senders address/server/domain?

 

[dcsapak]

If your setup is ok, then this means that the mail came from a host not designated by the spf record or that it did not have a valid DKIM signature.
So normally this is a problem on the sender side.

 

[Carlos Estrada]

Ok. Thank you. I increased the spam level from 3 to 4 to prevent this false positives.

 

[sojic]

This is very strange for me:
SPF is OK
DKIM is OK
DMARC_REJECT ?? why?



Do I have something misconfigured?

 

[Stoiko Ivanov]

This is very strange for me:
SPF is OK
DKIM is OK
DMARC_REJECT ?? why?

please share the logs from that mail and the headers (especially From, Sender)

I guess the issue here is that the dkim signature and the spf pass only match the envelope sender - and not the domain in the From header.

I hope this helps!