Back to Community Threads
2
SmarterMail DMARC status?
Question asked by Eric Tykwinski - 4/21/2020 at 11:39 AM
Answered
I know this isn't used heavily, but it's getting there.  We have a customer that is prefiltering on AppRiver, which of course breaks DMARC for thier domain.  I don't see any way to turn off following policies just for this one client.  Is it possible for say AppRiver to sign with an "Authenticated Received Chain" header to bypass DMARC?  

3 Replies

Reply to Thread
0
Matt Petty Replied
4/22/2020 at 9:43 AM
Employee Post Marked As Answer
If it comes in to your server from AppRiver then you should be able to add an "IP Bypass" which will skip over AppRiver's IP and get the next part of the "Received By:" chain.
You can add an IP Bypass in the System Admin > Antispam section. This should hopefully resolve the DMARC issues.

The IP Bypass would be the IP of AppRiver's server that gives you the message.
Matt Petty Senior Software Developer SmarterTools Inc. www.smartertools.com
0
Eric Tykwinski Replied
4/22/2020 at 10:11 AM
Matt,

Thanks, but I don't feel like managing a huge list of ips for a single customer, they list a bunch of /20's, /24's, et al, on the support page, it's like basically saying spf to +all.  Honestly, we can probably do everything that AppRiver can do already, so I'm going to try and have them just go direct to us.

Scratch the ARC deal as well, I just tested this out, and you guys are accepting the emails fine.  Gmail is doing a SRS rewrite and resigning with ARC.  I just did a forward from GMail to my personal and it's fine.
[2020.04.22] 13:18:29.526 [49227] Spam check args: from: eric@securedomain.com; messageID: 49227; messagePath: M:\SmarterMail\Spool\SubSpool1\191349227.eml; sender: gmail.username+caf_=local.username=domain.com@gmail.com; sendersDomain: gmail.com; sendersIp: 209.85.222.50; returnPath: gmail.username+caf_=local.username=domain.com@gmail.com 
[2020.04.22] 13:18:29.526 [49227] [209.85.222.50] Valid reverse DNS entry found: mail-ua1-f50.google.com 
[2020.04.22] 13:18:29.588 [49227] Running SPF check 
[2020.04.22] 13:18:29.588 [49227] Finished SPF check; result = Pass 
[2020.04.22] 13:18:29.588 [49227] [DKIM] Performing DKIM check... 
[2020.04.22] 13:18:29.588 [49227] [DKIM] Result: Good. 
[2020.04.22] 13:18:30.447 [49227] Spam Checks completed. 
[2020.04.22] 13:18:30.447 [49227] SpamCheck Processing Thread Completed
0
Douglas Foster Replied
4/23/2020 at 10:37 PM
You are right, the exception mechanisms are too limiting.   See my soapbox at this link.   
Back to Community Threads

Reply to Thread

Related Knowledge Base Articles

Deploying Rspamd For Use With SmarterMailSmarterMail > Server Configuration and Management
Messages from Trusted Senders are going to my Junk folderSmarterMail > Troubleshooting
BIMI Images in EmailsSmarterMail > Desktop and Mobile Synchronization
Troubleshooting SmarterMail Automatic SSL CertificatesSmarterMail > Troubleshooting
Changing Ownership of SmarterMail on Linux: A Step-by-Step GuideSmarterMail > Server Configuration and Management