[PLUG] Mail server question

Jim Garrison jhg at jhmg.net
Mon May 7 22:38:08 UTC 2018


On 5/7/2018 1:38 PM, Rich Shepard wrote:
>   I've installed both spf opendkim and they're up and running. But, when I
> send a verification message to port25.com the return message shows only spf
> as passing. Can I assume that opendkim is also working and can be seen by
> recipients who examine message headers?

Attached is a sample of a complete port25.com Authentication Checker
response including DKIM (mostly obfuscated)

-------------- next part --------------
The Port25 Solutions, Inc. team

==========================================================
Summary of Results
==========================================================
SPF check:          pass
"iprev" check:      pass
DKIM check:         pass
SpamAssassin check: ham

==========================================================
Details:
==========================================================

HELO hostname:  smtp.mydomain.com
Source IP:      nn.nn.nn.nn
mail-from:      me at mydomain.com

----------------------------------------------------------
SPF check details:
----------------------------------------------------------
Result:         pass
ID(s) verified: smtp.mailfrom=me at mydomain.com

DNS record(s):
    mydomain.com. 60 IN TXT "v=spf1 a:smtp.mydomain.com -all"
    mydomain.com. 60 IN TXT "google-site-verification=coYptFElnbWQ9cyOPiCQfbbNhqQndpkXJt3bRxuOSyA"
    mydomain.com. 60 IN TXT "google-site-verification=iEizCDYfOsl-WS_Gb3GRxM0OaZqzYCdn1fU6RfG6cPI"
    smtp.mydomain.com. 60 IN A nn.nn.nn.nn


----------------------------------------------------------
"iprev" check details:
----------------------------------------------------------
Result:         pass (matches smtp.mydomain.com)
ID(s) verified: policy.iprev=nn.nn.nn.nn

DNS record(s):
    nn.nn.nn.nn.in-addr.arpa. 60 IN PTR smtp.mydomain.com.
    smtp.mydomain.com. 60 IN A nn.nn.nn.nn


----------------------------------------------------------
DKIM check details:
----------------------------------------------------------
Result:         pass (matches From: me at mydomain.com)
ID(s) verified: header.d=mydomain.com

Canonicalized Headers:
    to:check-auth at verifier.port25.com'0D''0A'
    reply-to:jhg at acm.org'0D''0A'
    from:Jim'20'Garrison'20'<me at mydomain.com>'0D''0A'
    subject:Test'0D''0A'
    date:Mon,'20'7'20'May'20'2018'20'15:29:56'20'-0700'0D''0A'
    dkim-signature:v=1;'20'a=rsa-sha256;'20'c=relaxed/relaxed;'20'd=mydomain.com;'20's=smtp;'20't=1525732150;'20'bh=dP7deR7pQJ6gwuJBCV+X2eTcY1YaCgATM1YvLXS5rwo=;'20'h=To:Reply-To:From:Subject:Date:From;'20'b=

Canonicalized Body:
    '0D''0A'
    --'0D''0A'
    Jim'20'Garrison'20'jhg at acm.org'0D''0A'
    

DNS record(s):
    smtp._domainkey.mydomain.com. 60 IN TXT "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCqY6sKQOrrQPwjdR2CCPO2dh/TtNDPOtyZ/mMBBiFI7jahNGSP96MemUUni+7KoagieKDPfd9HNK8v5BfTE0/Dvu8uxMg0Tq0sEOppnB+psoldi+BX8Yiq3vxv5TRsTRa1l/MHeOcemfcve+CJ+NlvrrOJNnBr14aR5uFeb/SJqwIDAQAB"

Public key used for verification: smtp._domainkey.mydomain.com (1024 bits)

NOTE: DKIM checking has been performed based on the latest DKIM specs
(RFC 4871 or draft-ietf-dkim-base-10) and verification may fail for
older versions.  If you are using Port25's PowerMTA, you need to use
version 3.2r11 or later to get a compatible version of DKIM.

----------------------------------------------------------
SpamAssassin check details:
----------------------------------------------------------
SpamAssassin v3.4.0 (2014-02-07)

Result:         ham (-2.0 points, 5.0 required)

 pts rule name              description
---- ---------------------- --------------------------------------------------
-0.0 SPF_HELO_PASS          SPF: HELO matches SPF record
-0.0 SPF_PASS               SPF: sender matches SPF record
-1.9 BAYES_00               BODY: Bayes spam probability is 0 to 1%
                            [score: 0.0000]
-0.1 DKIM_VALID_AU          Message has a valid DKIM or DK signature from author's
                            domain
 0.1 DKIM_SIGNED            Message has a DKIM or DK signature, not necessarily valid
-0.1 DKIM_VALID             Message has at least one valid DKIM or DK signature


More information about the PLUG mailing list