Menu
The domain s****g.nl has the following DMARC record:
"v=DMARC1; p=reject; rua=mailto:postmaster@s****g.nl, mailto:dmarc@s****g.nl"
A valid SPF record for the sending mail server and none DKIM record.
The domain fo***de.com has a valid SPF and DKIM record.
Example 1
Result:
Example 2
Result:
So when I send the email using a sender (on behalf of) the DMARC fails and the mail is not delivered.
Is there a explanation for this and maybe a solution to send emails on behalf of a domain which contains a DMARC reject policy and have a valid SPF for the sending mailserver?
Edit:
[Screenshot results...][1]
788
I have a feeling, it's failing on your ADKIM and ASPF Tests of DMARC. If SPF and DKIM passes, then it must be failing on both alignment tests.
Read this to understand more about Identifier Alignments
I seen several cases where there DKIM Validator is coded wrong and it will fail DMARC when it fails 1 alignment test, but both must fail according to the RFC Standards.
The only alignment tester I know about is this email tester, if you post the full headers of the sent emails. It'll be much easier to understand what might be wrong. You're only sharing part of the information and it's impossible to make a 100% accurate assessment. But I'm 80% confident the issue is with the alignment.
Based on the image you linked of your headers, I added an "a" to the beginning and "1" to the end so bots don't spam you.
Return-Path = response@afo***de1.com
DKIM Signature = d=afo***de1.com
From = info@as**g1.nl
So for ADKIM alignment to Pass the "from" domain must match the "d=" domain of the dkim signature
info@as**g1.nl <> afo***de1.com
For the ASPF Alignment to pass the "return-path" domain must match the "from" domain
afo***de1.com <> as**g1.nl
One of those need to match in order for DMARC to pass.
140
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
