3

When I get one of these DMARC reports from Google is it because there is a problem? Or is it standard protocol. I am curious because I sent one test email and got this DMARC report to abuse@orcaaccounting.com. I just want to make sure everything is 100% elite with 0 room for any deliver-ability issues before I investing in generating leads.

noreply-dmarc-support@google.com

The only potential problem I see is <disposition>none</disposition><dkim>fail</dkim>

Now, MohammedSimba said;

none means Gmail applied "none" policy instead of "reject", and also as it accepts the dkim,the Most probably this happened because the message was forwarded to/ through that ip, check your logs if you sent message to that host.

Now, I am wondering should the "none" policy apply a policy that makes it "better" then none? Is this the root of my problem?

I just sent two emails from support@orcaaccounitng.com to macdougall.jesse@gmail.com.

My qmail log shows:

info msg 68319723: bytes 640 from <support@orcaaccounting.com> qp 30844 uid 48
starting delivery 135: msg 68319723 to remote macdougll.jesse@gmail.com
status: local 0/10 remote 1/100
delivery 135: success: 167.71.128.92_accepted_message./Remote_host_said:_250_ok_1596838652_qp_1395/

So from my end my network says okay. Yet no email shows up in gmail, in any of the tabs. Haven't seen this before.

I sent test emails to; Microsoft, Apple, AOL(spam folder), Yahoo(spam folder). But gmail isn't accepting anything. There must be a problem.

Strange, jesse@macdougall.ninja which uses the same IP as orcaaccounting.com deliver to gmail inbox, lol down the rabbit hole we go. not encrypted Looks like my qmail does not encrypt the emails like my MTA software does.

My DKIM keys are set up as per my software and confirmed in GoDaddy DNS.
mxtoolbox.com says DMARC Policy Not Enabled but DNS in GoDaddy looks good to me. My software automates this process. orcaaccounting.com Is this the problem?

DMARC Report

<?xml version="1.0" encoding="UTF-8" ?>
<feedback>
  <report_metadata>
    <org_name>google.com</org_name>
    <email>noreply-dmarc-support@google.com</email>
    <extra_contact_info>https://support.google.com/a/answer/2466580</extra_contact_info>
    <report_id>12382084297226656442</report_id>
    <date_range>
      <begin>1596672000</begin>
      <end>1596758399</end>
    </date_range>
  </report_metadata>
  <policy_published>
    <domain>orcaaccounting.com</domain>
    <adkim>r</adkim>
    <aspf>r</aspf>
    <p>none</p>
    <sp>none</sp>
    <pct>100</pct>
  </policy_published>
  <record>
    <row>
      <source_ip>167.71.128.92</source_ip>
      <count>1</count>
      <policy_evaluated>
        <disposition>none</disposition>
        <dkim>pass</dkim>
        <spf>pass</spf>
      </policy_evaluated>
    </row>
    <identifiers>
      <header_from>orcaaccounting.com</header_from>
    </identifiers>
    <auth_results>
      <dkim>
        <domain>orcaaccounting.com</domain>
        <result>pass</result>
        <selector>dkim</selector>
      </dkim>
      <spf>
        <domain>orcaaccounting.com</domain>
        <result>pass</result>
      </spf>
    </auth_results>
  </record>
  <record>
    <row>
      <source_ip>167.71.128.92</source_ip>
      <count>1</count>
      <policy_evaluated>
        <disposition>none</disposition>
        <dkim>fail</dkim>
        <spf>pass</spf>
      </policy_evaluated>
    </row>
    <identifiers>
      <header_from>orcaaccounting.com</header_from>
    </identifiers>
    <auth_results>
      <spf>
        <domain>orcaaccounting.com</domain>
        <result>pass</result>
      </spf>
    </auth_results>
  </record>
</feedback>
Esa Jokinen
  • 43,252
  • 2
  • 75
  • 122
Powerhouse6666
  • 143
  • 1
  • 7

1 Answers1

5

Your current DMARC policy is v=DMARC1; p=none; rua=mailto:abuse@orcaaccounting.com; ruf=mailto:abuse@orcaaccounting.com; pct=100; The p=none; means you are asking the receiver to take no action despite a DMARC alignment fails, but only report it back to you.

If you had p=quarantine or p=reject, the action would only be taken if BOTH SPF & DKIM failed or were unaligned with the domain used in the From header. Your policy was evaluated as:

<policy_evaluated> 
  <disposition>none</disposition>
  <dkim>fail</dkim>
  <spf>pass</spf> 
</policy_evaluated>

Because the SPF passed, the message passed the DMARC, too. Because you have p=none, the disposition is also none. You could compare it to the policy evaluation where both DKIM and SPF have passed, but the disposition is still none:

<policy_evaluated>
  <disposition>none</disposition>
  <dkim>pass</dkim>
  <spf>pass</spf>
</policy_evaluated>

The <auth_results> section on the same <record> block tells more detailed information on the evaluation, including the domain and selector used in DKIM. From this you can differentiate what was the problem with the DKIM alignment, which could be:

  • There wasn't a DKIM signature at all (no <dkim> on <auth_results>).
  • There was a DKIM signature, but the verification failed.
  • There was a DKIM signature that passed, but it wasn't aligned (didn't match).

There are several other reasons for which a message could have been silently discarded. You could start by reading these canonical questions:

Esa Jokinen
  • 43,252
  • 2
  • 75
  • 122