Hi Guys I came across this report and I am wondering if you can shed some light on it. Basically its originating from the wrong source, and domain. <?xml version="1.0" encoding="utf-8"?><feedback><report_metadata><org_name>Microsoft Corp.</org_name><email>[email protected]</email><report_id>[email protected]</report_id><date_range><begin>1440964800</begin><end>1441051200</end></date_range></report_metadata><policy_published><domain>pgl-uk.org</domain><adkim>r</adkim><aspf>r</aspf><p>none</p><sp>none</sp><pct>100</pct></policy_published><record><row><source_ip>195.47.247.102</source_ip><count>1</count><policy_evaluated><disposition>none</disposition><dkim>pass</dkim><spf>fail</spf></policy_evaluated></row><identifiers><header_from>pgl-uk.org</header_from></identifiers><auth_results><spf><domain>dk-electrics.co.uk</domain><result>none</result></spf><dkim><domain>pgl-uk.org</domain><result>pass</result></dkim></auth_results></record></feedback> In all my other reports, everything is basically the same across the board and everything passes? I am blocked on hormail at the moment, and i just saw this as i was investigating. Thanks
This is a report related to you dmarc-record. They received a mail from 195.47.247.102 and dkim was valid (= pass dmarc-check). But your spf-record does not allow 195.47.247.102 to send mails. BTW: you should simplify yor spf-record and remove the ptr-setting.
Thanks Florian, but nothing should be coming from that IP address. It has nothing to do with me. Here is my current record v=spf1 mx ptr ip4:188.165.218.77 mx:mail.pgl-uk.org -all
Maybe the is your "local" ip? You can also check this report using https://dmarcian.com/dmarc-xml/ (they have other nice services like sending reports to dmarcian so you don´t need to read the xml-formated reports. And keep your spf-record simpe and remove ptr. v=spf1 mx -all is enough if your mx-record "points" (*) to 188.165.218.77 a mx-record does not has an ipv4-address, so hostname in the mx-record must point to an a-record with this ip.
Thanks, I will adjust the spf as the mx record is correct. Is there a way of monitoring the amount of emails my server sends (not in MB but in item number), and from which email address they came from?
