[exim] Strange issue with DMARC

Top Page
Delete this message
Reply to this message
Author: Odhiambo Washington
Date:  
To: exim users
Subject: [exim] Strange issue with DMARC
I have configured DMARC for one of the domains I manage, and all the tools
I used for testing gave me the all clear. I then decided to use the REJECT
policy.
Today, I was testing the implementation of DMARC checks on one other
server. I sent a test mail from one domain to another and got a rejection.
Please help me understand what has happened from the log snippet below:

2018-11-29 18:48:00 1gSOXo-0002Yp-Fd PDKIM: d=titan.co.ke s=csl [failed key
import]
2018-11-29 18:48:01 1gSOXo-0002Yp-Fd DMARC results: spf_domain=titan.co.ke
dmarc_domain=titan.co.ke spf_align=no dkim_align=no enforcement='Reject'
2018-11-29 18:48:01 1gSOXo-0002Yp-Fd H=gw.titan.co.ke [197.232.25.162]
I=[41.57.103.122]:25 Warning: DMARC DEBUG: 'reject' for titan.co.ke
2018-11-29 18:48:01 1gSOXo-0002Yp-Fd H=gw.titan.co.ke [197.232.25.162]
I=[41.57.103.122]:25 X=TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256 CV=no F=<
XXXX@???> rejected after DATA: Message from titan.co.ke failed
sender's DMARC policy, REJECT
2018-11-29 18:48:01 SMTP connection from gw.titan.co.ke [197.232.25.162]
I=[41.57.103.122]:25 closed by QUIT

A test for DMARC for the domain:
root@gw:/etc/exim/opendmarc # /usr/local/sbin/opendmarc-check titan.co.ke
DMARC record for titan.co.ke:
        Sample percentage: 100
        DKIM alignment: relaxed
        SPF alignment: relaxed
        Domain policy: reject
        Subdomain policy: reject *<======== could this be the issue??*
        Aggregate report URIs:
                mailto:postmaster@titan.co.ke
        Failure report URIs:
                mailto:postmaster@titan.co.ke



--
Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254 7 3200 0004/+254 7 2274 3223
"Oh, the cruft."