[SAC] [OSGeo] #2639: DMARC validation failed - header_from: faunalia.it
OSGeo
trac_osgeo at osgeo.org
Tue Sep 14 07:45:57 PDT 2021
#2639: DMARC validation failed - header_from: faunalia.it
---------------------------+-----------------------
Reporter: pcav | Owner: sac@…
Type: task | Status: new
Priority: normal | Milestone: Unplanned
Component: Systems Admin | Keywords:
---------------------------+-----------------------
We are receiving reports of failed DMARC validations for emails sent by
140.211.15.3 (osgeo6.osgeo.osuosl.org) with the following identifier:
{{{
<header_from>faunalia.it</header_from>
<envelope_from>lists.osgeo.org</envelope_from>
}}}
Some examples of the reports:
{{{
<?xml version="1.0"?>
<feedback>
<report_metadata>
<org_name>Verizon Media</org_name>
<email>dmarchelp at verizonmedia.com</email>
<report_id>1631582081.170348</report_id>
<date_range>
<begin>1631491200</begin>
<end>1631577599</end>
</date_range>
</report_metadata>
<policy_published>
<domain>faunalia.it</domain>
<adkim>r</adkim>
<aspf>r</aspf>
<p>none</p>
<pct>100</pct>
</policy_published>
<record>
<row>
<source_ip>140.211.15.3</source_ip>
<count>1</count>
<policy_evaluated>
<disposition>none</disposition>
<dkim>fail</dkim>
<spf>fail</spf>
</policy_evaluated>
</row>
<identifiers>
<header_from>faunalia.it</header_from>
</identifiers>
<auth_results>
<dkim>
<domain>faunalia.it</domain>
<selector>mail</selector>
<result>permerror</result>
</dkim>
<spf>
<domain>lists.osgeo.org</domain>
<result>pass</result>
</spf>
</auth_results>
</record>
</feedback>
}}}
{{{
<?xml version="1.0" encoding="UTF-8" ?>
<feedback>
<version>1.0</version>
<report_metadata>
<org_name>esa3.hc726-32.eu.iphmx.com</org_name>
<email>MAILER-DAEMON at esa3.hc726-32.eu.iphmx.com</email>
<extra_contact_info></extra_contact_info>
<report_id>803ff8$ba13321=3cf9959c31e36f60 at esa3.hc726-32.eu.iphmx.com</report_id>
<date_range>
<begin>1631484004</begin>
<end>1631570403</end>
</date_range>
</report_metadata>
<policy_published>
<domain>faunalia.it</domain>
<adkim>r</adkim>
<aspf>r</aspf>
<p>none</p>
<sp>none</sp>
<pct>100</pct>
</policy_published>
<record>
<row>
<source_ip>140.211.15.3</source_ip>
<count>1</count>
<policy_evaluated>
<disposition>none</disposition>
<dkim>fail</dkim>
<spf>fail</spf>
</policy_evaluated>
</row>
<identifiers>
<header_from>faunalia.it</header_from>
<envelope_from>lists.osgeo.org</envelope_from>
</identifiers>
<auth_results>
<dkim>
<domain>faunalia.it</domain>
<selector>mail</selector>
<result>permerror</result>
</dkim>
<spf>
<domain>lists.osgeo.org</domain>
<scope>mfrom</scope>
<result>pass</result>
</spf>
</auth_results>
</record>
</feedback
}}}
{{{
<?xml version="1.0"?>
<feedback>
<version>1.0</version>
<report_metadata>
<org_name>Fastmail Pty Ltd</org_name>
<email>reports at fastmaildmarc.com</email>
<extra_contact_info>https://fastmail.com/</extra_contact_info>
<report_id>524846272</report_id>
<date_range>
<begin>1631491200</begin>
<end>1631577599</end>
</date_range>
</report_metadata>
<policy_published>
<domain>faunalia.it</domain>
<aspf>r</aspf>
<p>none</p>
<sp>none</sp>
<pct>100</pct>
<fo>0</fo>
</policy_published>
<record>
<row>
<source_ip>140.211.15.3</source_ip>
<count>1</count>
<policy_evaluated>
<disposition>none</disposition>
<dkim>fail</dkim>
<spf>fail</spf>
<reason>
<type>trusted_forwarder</type>
<comment>Policy ignored due to
local white list</comment>
</reason>
</policy_evaluated>
</row>
<identifiers>
<envelope_from>lists.osgeo.org</envelope_from>
<header_from>faunalia.it</header_from>
</identifiers>
<auth_results>
<dkim>
<domain>faunalia.it</domain>
<selector>mail</selector>
<result>fail</result>
<human_result>fail (message has been
altered)</human_result>
</dkim>
<spf>
<domain>lists.osgeo.org</domain>
<scope>mfrom</scope>
<result>pass</result>
</spf>
</auth_results>
</record>
</feedback>
}}}
Right now we have a "none" DMARC policy, but we are planning on enforcing
it in the near future. As far as I can understand, Osgeo misconfigured the
headers. If I'm not wrong, this could be a problem for many other domains,
so I thought it is of general interest and worth fixing.
Thanks for any intervention.
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2639>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
More information about the Sac
mailing list