0

I successfully set up DMARC, DKIM and SPF for my mailserver's domain, but delivery reports created by Postfix fail the DKIM/SPF tests.

The headers of regular messages (sent via my mailserver) look like this:

Authentication-Results: posteo.de; dmarc=pass (p=quarantine dis=none) header.from=mail.my.domain
Authentication-Results: posteo.de; spf=pass smtp.mailfrom=my.domain
Authentication-Results: posteo.de;
        dkim=pass (2048-bit key) header.d=mail.my.domain [email protected] header.b=FGiVXFOU;
        dkim-atps=neutral```

Delivery reports have these headers:

Authentication-Results: posteo.de; dmarc=fail (p=quarantine dis=none) header.from=mail.my.domain
Authentication-Results: posteo.de; spf=tempfail smtp.helo=mail.my.domain

The Authentication-Results DKIM header is missing as there is no DKIM signature (I use rspamd as an smptd_milter to sign messages), and the SPF authentication result refers to smtp.helo instead of smtp.mailfrom. Is there any way to configure Postfix such that the delivery reports a) are DKIM-signed and b) contain an smtp.mailfrom header to pass the SPF test?

Update: jnrcorp asked the same question 5 years ago (sorry), and the answer to a) is an addition to Postfix's main.cf (internal_mail_filter_classes = bounce), but b) remains unsolved – although there is an SPF entry for my mail.my.domain, SPF fails. Could this be caused by the circular MX entry:

mail.my.domain 60 IN MX 10 mail.my.domain

0

You must log in to answer this question.

Browse other questions tagged .