• Please be aware: Kaspersky Anti-Virus has been deprecated
    With the upgrade to Plesk Obsidian 18.0.64, "Kaspersky Anti-Virus for Servers" will be automatically removed from the servers it is installed on. We recommend that you migrate to Sophos Anti-Virus for Servers.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Question Could it be DKIM be set for domain example.com, would not work for mail-server mail.example.com?

Ehud

Ehud

Basic Pleskian
Server operating system version
OS version: Ubuntu 22.04 x86_64 Postfix mail_version = 3.6.4 Server version: Apache/2.4.57 (Ubuntu) Server built: 2023-04-08T12:56:02nginx version: nginx/1.22.1
Plesk version and microupdate number
Product version: Plesk Obsidian 18.0.52.3 OS version: Ubuntu 22.04 x86_64 Build date: 2023/05/16 12:00 Revision: a3b74dbc9de2e47afd4e532d02fa7759b29d3fa5
Hi,

As default configuration, I have DKIM set with 'default' selector on the domain example.com.

I have recently received a DMARC report from mail.ru claiming an IP in Russia was able to send an email which had SPF failure, however DKIM pass.

On our server example.com, the sub-domain mail.example.com is used to send outgoing SES SMTP emails.

Could it be, that in order to prevent the above seemed bypassing of DKIM, in addition to default DKIM configured by Plesk for domain example.com, some sort of SKIM configuration should also be set for mail-server sub-domain mail.example.com?

And if so, how should this be done?


Please note:
POSSIBLY, the email was an email generated originally on our server example.com, and AUTO FORWADED by contact form recipient of a copy of the contacting us form, thus POSSIBLY relying on our DKIM PASS.



<?xml version='1.0' encoding='utf-8'?><feedback>
<report_metadata><org_name>Mail.Ru</org_name><email>[email protected]</email>
<extra_contact_info>Почта</extra_contact_info><report_id>4999999999999999999990</report_id>
<date_range><begin>1685664000</begin><end>1685750400</end></date_range></report_metadata>

<policy_published>
<domain>example.com</domain>
<adkim>s</adkim><aspf>s</aspf><p>reject</p><sp>quarantine</sp><pct>100</pct>
</policy_published>

<record>
<row>
<source_ip>185.78.30.999</source_ip>
<count>1</count>
Click to expand...

<policy_evaluated>
<disposition>none</disposition>
<dkim>pass</dkim>
<spf>fail</spf>
</policy_evaluated>
</row>
<identifiers>
<header_from>example.com</header_from>
</identifiers>

<auth_results>
<dkim><domain>amazonses.com</domain><selector>xxxxxxxxxxxxxxxxxxxx</selector><result>pass</result></dkim>
<dkim><domain>example.com</domain><selector>xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx</selector><result>pass</result></dkim>
<spf><domain>amazonses.com</domain><scope>mfrom</scope><result>fail</result></spf>
</auth_results>


</record>
</feedback>
Click to expand...
 
You must log in or register to reply here.

Similar threads

D
Issue Dmarc report suspicious
Replies
0
Views
652
Davidtina94
D
D
Issue Spoofed Emails Appearing as Sent from My Own Server Despite Correct SPF/DKIM/DMARC Configuration?
Replies
2
Views
618
drdna
D
I
Question Mail fail
Replies
0
Views
497
ivanes82
I
V
Question DKIM Fails
Replies
1
Views
1K
voelu28
V
Azurel
Forwarded to devs mail() not working, if called php script on command-line
Replies
3
Views
3K
Azurel
Azurel
Back
Top