[exim] Re: dmarc_history_file - incomplete data logged for s…

Top Page
Delete this message
Reply to this message
Author: Victor Ustugov
Date:  
To: Mackenzie Taiaroa via Exim-users
Subject: [exim] Re: dmarc_history_file - incomplete data logged for spf and dkim
Mackenzie Taiaroa via Exim-users wrote on 17.08.2023 4:57:
> Good day Victor (and Jeremy!),


Hello


> Thanks for your advice, super on point regarding the issues I've been
> facing. I've had this project on hold for awhile and just picking it up now
> so apologies for the tardy response.
>
> I was sceptical about building Exim with ARC authentication - being an
> experimental feature and not widely adopted anyhow,


Building exim with ARC support does not solve the "arc" and "arc_policy"
fields problem.


> so I'm glad there's a
> workaround to disable arc authentication in opendmarc.
>
> I've patched opendmarc and exim and also updated the opendmarc SQL as
> you've recommended.
>
> The opendmarc patch and SQL modifications are working like a charm! However
> unfortunately the exim patch hasn't resolved the lack of SPF/DKIM details
> being logged to the dmarc history file.


patch-src__exim-4.96-fix-opemdmarc-1.4.x-history_file.patch just outputs
a DKIM selector to the file to fix problems with the dmarc_history_file
format.


> Sorry to trouble you further, but do you have any other ideas? here's a
> debug output from Exim for a delivery: https://pastebin.com/iZEiEHu9
>
> The corresponding delivery log in the dmarc history file:


What exactly do you mean by "the lack of SPF/DKIM details being logged
to the dmarc history file"?

Can you show what you are missing in the report using the example of
DMARC aggregate report from noreply-dmarc-support@??? or from
dmarcreport@????


> reporter server.hostname.com.au
> received 1692234968
> ipaddr 209.85.215.171
> from gmail.com
> mfrom gmail.com
> spf 0
> dkim gmail.com 0
> pdomain gmail.com
> policy 15
> rua mailto:mailauth-reports@google.com
> pct 100
> adkim 114
> aspf 114
> p 110
> sp 113
> align_dkim 4
> align_spf 4
> action 2
>
> And also the delivery information in the exim mainlog:
>
> 2023-08-17 11:16:06.760 [2565238] SMTP connection from
> [209.85.215.171]:56649 I=[103.209.24.57]:25 (TCP/IP connection count = 1)
> 2023-08-17 11:16:07.591 [2565282] SPF validation passed
> 2023-08-17 11:16:08.276 [2565282] 1qWRcO-00AlLW-0O DKIM validation passed
> 2023-08-17 11:16:08.276 [2565282] 1qWRcO-00AlLW-0O DKIM: d=gmail.com
> s=20221208 c=relaxed/relaxed a=rsa-sha256 b=2048 t=1692234966 x=1692839766
> [verification succeeded]
> 2023-08-17 11:16:08.561 [2565282] 1qWRcO-00AlLW-0O H=
> mail-pg1-f171.google.com [209.85.215.171]:56649 I=[103.209.24.57]:25
> Warning: "SpamAssassin as sslreservedsite detected message as NOT spam
> (-0.2)"
> 2023-08-17 11:16:08.565 [2565282] 1qWRcO-00AlLW-0O DMARC results:
> spf_domain=gmail.com dmarc_domain=gmail.com spf_align=yes dkim_align=yes
> enforcement='Accept'
> 2023-08-17 11:16:08.567 [2565282] 1qWRcO-00AlLW-0O H=
> mail-pg1-f171.google.com [209.85.215.171]:56649 I=[103.209.24.57]:25
> Warning: DMARC STATUS: accept gmail.com
> 2023-08-17 11:16:08.576 [2565282] 1qWRcO-00AlLW-0O <= mackenzie@??? H=
> mail-pg1-f171.google.com [209.85.215.171]:56649 I=[103.209.24.57]:25
> P=esmtps L.- X=TLS1.3:TLS_AES_128_GCM_SHA256:128 CV=no SNI=
> mail.demo-domain.com.au S=4704 M8S=0 DKIM=gmail.com RT=0.151s id=CAD2o6Gz8F=
> MVWJJ0N0W-FdmxU8W7ZAVmsiyA3R_F+eon42nO-w@??? T="test" from <
> mackenzie@???> for info@???
> 2023-08-17 11:16:08.593 [2565296] cwd=/var/spool/exim 6 args:
> /usr/sbin/exim -d=0xf7795cfd -MCd daemon-accept-delivery -Mc
> 1qWRcO-00AlLW-0O
> 2023-08-17 11:16:08.730 [2565282] SMTP connection from
> mail-pg1-f171.google.com [209.85.215.171]:56649 I=[103.209.24.57]:25 closed
> by QUIT
> 2023-08-17 11:16:08.742 [2565296] 1qWRcO-00AlLW-0O => info <
> info@???> F=<mackenzie@???> P=<mackenzie@???>
> R=virtual_user T=dovecot_virtual_delivery S=4923 C="250 2.0.0 <
> info@???> wQpQKdh03WS2JCcAK/qN0w Saved" QT=0.470s DT=0.069s
> 2023-08-17 11:16:08.743 [2565296] 1qWRcO-00AlLW-0O Completed QT=0.621s
>
> Thanks again for your help.
>
> All the best,
> *Mackenzie*
>



--
Best wishes Victor Ustugov
mailto:victor@corvax.kiev.ua
public GnuPG/PGP key: https://victor.corvax.kiev.ua/corvax.asc

--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@???
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/