Subject
I would like some feedback concerning a use case
Description
It appears that mailserver detects DMARC policy failures, however the test spoofed emails are delivered to the mailbox even when the reject policy is set for the sender domain
relevant log:
Dec 12 18:58:48 mail postfix/smtpd[219195]: 727171F825F: client=m42-5.mailgun.net[69.72.42.5]
Dec 12 18:58:48 mail postfix/cleanup[219206]: 727171F825F: message-id=<[email protected]>
Dec 12 18:58:48 mail opendkim[457]: 727171F825F: m42-5.mailgun.net [69.72.42.5] not internal
Dec 12 18:58:48 mail opendkim[457]: 727171F825F: not authenticated
Dec 12 18:58:48 mail opendkim[457]: 727171F825F: DKIM verification successful
Dec 12 18:58:48 mail opendkim[457]: 727171F825F: s=mx d=mg.spoofing.science a=rsa-sha256 SSL
Dec 12 18:58:48 mail opendmarc[466]: 727171F825F: ibm.com fail
...
<*** mailserver continues with the message delivery to the mailbox ***>
This can be easily reproduced by sending a test spoof email from https://dmarc-tester.com/ . Use a sender from a domain with the reject DMARC policy enabled for example [email protected]
for comparison., the same test email is rejected, as it supposed to, when sending to a gmail address
Subject
I would like some feedback concerning a use case
Description
It appears that mailserver detects DMARC policy failures, however the test spoofed emails are delivered to the mailbox even when the reject policy is set for the sender domain
relevant log:
This can be easily reproduced by sending a test spoof email from https://dmarc-tester.com/ . Use a sender from a domain with the reject DMARC policy enabled for example [email protected]
for comparison., the same test email is rejected, as it supposed to, when sending to a gmail address