I have setup a mail server with several postoffices/domains. DKIM, SPF and DMARC are setup for every domain. For the mailserver domain, which is a postoffice as well, I get weird DMARC reports, where the spf auth result lists the mx domain and the result is none. All other domains pass DKIM and SPF with the same DNS Records.
DNS-Records for all domains are setup as follows:
- @ 10800 IN MX 10 mail.msdomain.net.
- @ 3600 IN TXT "v=spf1 mx -all"
- domain/msdomain._domainkey 3600 IN TXT "v=DKIM1; p=***; v=DMARC1; p=none; rua=mailto:abuse@domain.net; ruf=mailto:abuse@domain.net"
And here's the weird DMARC report:
<record>
<row>
<source_ip>my.dedicated.ms.ip</source_ip>
<count>2</count>
<policy_evaluated>
<disposition>none</disposition>
<dkim>pass</dkim>
<spf>fail</spf>
</policy_evaluated>
</row>
<identifiers>
<header_from>msdomain.net</header_from>
</identifiers>
<auth_results>
<dkim>
<domain>msdomain.net</domain>
<result>pass</result>
<selector>msdomain</selector>
</dkim>
<spf>
<domain>mail.msdomain.net</domain>
<result>none</result>
</spf>
</auth_results>
</record>
I just don't get it. Why is DMARC evaluating my mx domain for SPF. Mails are coming from info@msdomain.net and not from info@mail.msdomain.net.
Can someone help?