Strange Problem

Discussion in 'ISPConfig 3 Priority Support' started by Dextros, Sep 1, 2015.

  1. Dextros

    Dextros Member

    Hi Guys
    I came across this report and I am wondering if you can shed some light on it.

    Basically its originating from the wrong source, and domain.

    <?xml version="1.0" encoding="utf-8"?><feedback><report_metadata><org_name>Microsoft Corp.</org_name><email>[email protected]</email><report_id>[email protected]</report_id><date_range><begin>1440964800</begin><end>1441051200</end></date_range></report_metadata><policy_published><domain></domain><adkim>r</adkim><aspf>r</aspf><p>none</p><sp>none</sp><pct>100</pct></policy_published><record><row><source_ip></source_ip><count>1</count><policy_evaluated><disposition>none</disposition><dkim>pass</dkim><spf>fail</spf></policy_evaluated></row><identifiers><header_from></header_from></identifiers><auth_results><spf><domain></domain><result>none</result></spf><dkim><domain></domain><result>pass</result></dkim></auth_results></record></feedback>

    In all my other reports, everything is basically the same across the board and everything passes?

    I am blocked on hormail at the moment, and i just saw this as i was investigating.

  2. florian030

    florian030 Well-Known Member HowtoForge Supporter

    This is a report related to you dmarc-record. They received a mail from and dkim was valid (= pass dmarc-check).
    But your spf-record does not allow to send mails.

    BTW: you should simplify yor spf-record and remove the ptr-setting.
  3. Dextros

    Dextros Member

    Thanks Florian, but nothing should be coming from that IP address. It has nothing to do with me.

    Here is my current record v=spf1 mx ptr ip4: -all
  4. florian030

    florian030 Well-Known Member HowtoForge Supporter

    Maybe the is your "local" ip? You can also check this report using (they have other nice services like sending reports to dmarcian so you don´t need to read the xml-formated reports.

    And keep your spf-record simpe and remove ptr. v=spf1 mx -all is enough if your mx-record "points" (*) to
    a mx-record does not has an ipv4-address, so hostname in the mx-record must point to an a-record with this ip.
  5. Dextros

    Dextros Member

    Thanks, I will adjust the spf as the mx record is correct.

    Is there a way of monitoring the amount of emails my server sends (not in MB but in item number), and from which email address they came from?
  6. florian030

    florian030 Well-Known Member HowtoForge Supporter

    You can use grep over your mail.log

Share This Page