We have a primary domain name example.com
that has both adkim=s
and aspf=s
defined in its DMARC policy. Now, we have multiple subdomain names for this primary domain, such as postman.example.com
. The subdomain has SPF, DKIM and DMARC TXT records in place.
However, when sending from @postman.example.com
to any or most remote mail servers such as @gmail.com
, SPF and DKIM checks pass, however, they fail their alignments. I have read up on some articles that I need to set my adkim
and aspf
from strict to relaxed to address this. And this I have successfully done, but @gmail.com
still bounces with a DMARC error:
message": "5.7.26 Unauthenticated email from example.com is not accepted due to\n5.7.26 domain's DMARC policy. Please contact the administrator of\n5.7.26 example.com domain if this was a legitimate mail. Please visit\n5.7.26 https://support.google.com/mail/answer/2451690 to learn about the\n5.7.26 DMARC initiative. t5-20020a5d5345000000b0021f10931e69si5563740wrv.234 - gsmtp",
This seems to be affecting all *.example.com
subdomains. And I have no idea what else is supposed to happen for this to be fixed.