Got an SPF report, am I reading this right?

Got an SPF report, am I reading this right?

Daniel Shahaf d.s at daniel.shahaf.name
Thu Dec 23 23:02:59 IST 2021 

אורי wrote on Thu, 23 Dec 2021 14:49 +00:00:
> I suggest that you use/create a Gmail account, send yourself mail the way
> you usually send it and check the headers from there.

I just did basically that.

My copy of my post to this list a few minutes ago shows as dkim=fail
on my end.  My copy of a post I made to another list a few minutes
before that shows as dkim=pass on my end.  By "My copy" I mean the
copy of the post I received through the list.  The two posts were sent
the same way.

I suspect the list's footer breaks the DKIM-Signature body hash (bh=)
verification.

Cheers,

Daniel

> For example if I
> check a mail I receive from my server (sent automatically), I receive
> the following messages:
>
> SPF: PASS with IP 69.169.224.10 Learn more
> DKIM: 'PASS' with domain amazonses.com Learn more
>
> You may consider sending your mail via an external email provider, such as
> Amazon SES. I use them and they are very reliable.
>
> Thanks,
> אורי
> uri at speedy.net
>
>
> On Thu, Dec 23, 2021 at 4:01 PM Ira Linux Abramov <
> Lists-Linux-IL at ira.abramov.org> wrote:
>
>> Hey gang,
>>
>> I have added SPF record for my domains about 2 years ago and kinda
>> forgot about it. I get a lot of reports about spam received "from my
>> domain" but not from my servers. almost 50% from google, and I assume
>> that's because half the world in on gmail...
>>
>> however today I found a report from an Israeli domain for the first
>> time, the OpenU server sent me the following report and I'm not happy
>> about what I am reading here. if I read it correctly, someone at
>> openu.ac.il got an email I sent through this list but it is rejected
>> because the DKIM is broken. If that is true there is something wrong
>> with the way the huji mail server is adding the sig at the bottom, or
>> something else is breaking the message, which suggests using SPF records
>> may be more harmful than helpful, plus the huji server is not configured
>> correctly to prevent DKIM breakage.
>>
>> Anyone got insights?
>>
>> <?xml version="1.0" encoding="UTF-8" ?>
>> <feedback>
>>    <version>1.0</version>
>>    <report_metadata>
>>      <org_name>openu.ac.il</org_name>
>>      <email>MAILER-DAEMON at openu.ac.il</email>
>>      <extra_contact_info></extra_contact_info>
>>      <report_id>8e1971$6c419ec=9144b8f82252374d at openu.ac.il</report_id>
>>      <date_range>
>>        <begin>1640124003</begin>
>>        <end>1640210403</end>
>>      </date_range>
>>    </report_metadata>
>>    <policy_published>
>>      <domain>ira.abramov.org</domain>
>>      <adkim>r</adkim>
>>      <aspf>r</aspf>
>>      <p>none</p>
>>      <sp></sp>
>>      <pct>100</pct>
>>    </policy_published>
>>    <record>
>>      <row>
>>        <source_ip>132.65.116.210</source_ip>
>>        <count>1</count>
>>        <policy_evaluated>
>>          <disposition>none</disposition>
>>          <dkim>fail</dkim>
>>          <spf>fail</spf>
>>        </policy_evaluated>
>>      </row>
>>      <identifiers>
>>        <header_from>ira.abramov.org</header_from>
>>        <envelope_from>cs.huji.ac.il</envelope_from>
>>      </identifiers>
>>      <auth_results>
>>        <dkim>
>>          <domain>ira.abramov.org</domain>
>>          <selector>dkim</selector>
>>          <result>permerror</result>
>>        </dkim>
>>        <spf>
>>          <domain>cs.huji.ac.il</domain>
>>          <scope>mfrom</scope>
>>          <result>none</result>
>>        </spf>
>>      </auth_results>
>>    </record>
>> </feedback>
>>
>> _______________________________________________
>> Linux-il mailing list
>> Linux-il at cs.huji.ac.il
>> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>>
>
> _______________________________________________
> Linux-il mailing list
> Linux-il at cs.huji.ac.il
> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il

More information about the Linux-il mailing list