[PLUG] Mail server question
Jim Garrison
jhg at jhmg.net
Mon May 7 22:38:08 UTC 2018
On 5/7/2018 1:38 PM, Rich Shepard wrote:
> I've installed both spf opendkim and they're up and running. But, when I
> send a verification message to port25.com the return message shows only spf
> as passing. Can I assume that opendkim is also working and can be seen by
> recipients who examine message headers?
Attached is a sample of a complete port25.com Authentication Checker
response including DKIM (mostly obfuscated)
-------------- next part --------------
The Port25 Solutions, Inc. team
==========================================================
Summary of Results
==========================================================
SPF check: pass
"iprev" check: pass
DKIM check: pass
SpamAssassin check: ham
==========================================================
Details:
==========================================================
HELO hostname: smtp.mydomain.com
Source IP: nn.nn.nn.nn
mail-from: me at mydomain.com
----------------------------------------------------------
SPF check details:
----------------------------------------------------------
Result: pass
ID(s) verified: smtp.mailfrom=me at mydomain.com
DNS record(s):
mydomain.com. 60 IN TXT "v=spf1 a:smtp.mydomain.com -all"
mydomain.com. 60 IN TXT "google-site-verification=coYptFElnbWQ9cyOPiCQfbbNhqQndpkXJt3bRxuOSyA"
mydomain.com. 60 IN TXT "google-site-verification=iEizCDYfOsl-WS_Gb3GRxM0OaZqzYCdn1fU6RfG6cPI"
smtp.mydomain.com. 60 IN A nn.nn.nn.nn
----------------------------------------------------------
"iprev" check details:
----------------------------------------------------------
Result: pass (matches smtp.mydomain.com)
ID(s) verified: policy.iprev=nn.nn.nn.nn
DNS record(s):
nn.nn.nn.nn.in-addr.arpa. 60 IN PTR smtp.mydomain.com.
smtp.mydomain.com. 60 IN A nn.nn.nn.nn
----------------------------------------------------------
DKIM check details:
----------------------------------------------------------
Result: pass (matches From: me at mydomain.com)
ID(s) verified: header.d=mydomain.com
Canonicalized Headers:
to:check-auth at verifier.port25.com'0D''0A'
reply-to:jhg at acm.org'0D''0A'
from:Jim'20'Garrison'20'<me at mydomain.com>'0D''0A'
subject:Test'0D''0A'
date:Mon,'20'7'20'May'20'2018'20'15:29:56'20'-0700'0D''0A'
dkim-signature:v=1;'20'a=rsa-sha256;'20'c=relaxed/relaxed;'20'd=mydomain.com;'20's=smtp;'20't=1525732150;'20'bh=dP7deR7pQJ6gwuJBCV+X2eTcY1YaCgATM1YvLXS5rwo=;'20'h=To:Reply-To:From:Subject:Date:From;'20'b=
Canonicalized Body:
'0D''0A'
--'0D''0A'
Jim'20'Garrison'20'jhg at acm.org'0D''0A'
DNS record(s):
smtp._domainkey.mydomain.com. 60 IN TXT "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCqY6sKQOrrQPwjdR2CCPO2dh/TtNDPOtyZ/mMBBiFI7jahNGSP96MemUUni+7KoagieKDPfd9HNK8v5BfTE0/Dvu8uxMg0Tq0sEOppnB+psoldi+BX8Yiq3vxv5TRsTRa1l/MHeOcemfcve+CJ+NlvrrOJNnBr14aR5uFeb/SJqwIDAQAB"
Public key used for verification: smtp._domainkey.mydomain.com (1024 bits)
NOTE: DKIM checking has been performed based on the latest DKIM specs
(RFC 4871 or draft-ietf-dkim-base-10) and verification may fail for
older versions. If you are using Port25's PowerMTA, you need to use
version 3.2r11 or later to get a compatible version of DKIM.
----------------------------------------------------------
SpamAssassin check details:
----------------------------------------------------------
SpamAssassin v3.4.0 (2014-02-07)
Result: ham (-2.0 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
-0.0 SPF_HELO_PASS SPF: HELO matches SPF record
-0.0 SPF_PASS SPF: sender matches SPF record
-1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1%
[score: 0.0000]
-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's
domain
0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
More information about the PLUG
mailing list