SmarterMail DMARC status?
Question asked by Eric Tykwinski - 4/21/2020 at 11:39 AM
Answered
I know this isn't used heavily, but it's getting there.  We have a customer that is prefiltering on AppRiver, which of course breaks DMARC for thier domain.  I don't see any way to turn off following policies just for this one client.  Is it possible for say AppRiver to sign with an "Authenticated Received Chain" header to bypass DMARC?  

3 Replies

Reply to Thread
0
Matt Petty Replied
Employee Post Marked As Answer
If it comes in to your server from AppRiver then you should be able to add an "IP Bypass" which will skip over AppRiver's IP and get the next part of the "Received By:" chain.
You can add an IP Bypass in the System Admin > Antispam section. This should hopefully resolve the DMARC issues.

The IP Bypass would be the IP of AppRiver's server that gives you the message.
Matt Petty
Software Developer
SmarterTools Inc.
(877) 357-6278
www.smartertools.com
0
Eric Tykwinski Replied
Matt,

Thanks, but I don't feel like managing a huge list of ips for a single customer, they list a bunch of /20's, /24's, et al, on the support page, it's like basically saying spf to +all.  Honestly, we can probably do everything that AppRiver can do already, so I'm going to try and have them just go direct to us.

Scratch the ARC deal as well, I just tested this out, and you guys are accepting the emails fine.  Gmail is doing a SRS rewrite and resigning with ARC.  I just did a forward from GMail to my personal and it's fine.
[2020.04.22] 13:18:29.526 [49227] Spam check args: from: eric@securedomain.com; messageID: 49227; messagePath: M:\SmarterMail\Spool\SubSpool1\191349227.eml; sender: gmail.username+caf_=local.username=domain.com@gmail.com; sendersDomain: gmail.com; sendersIp: 209.85.222.50; returnPath: gmail.username+caf_=local.username=domain.com@gmail.com 
[2020.04.22] 13:18:29.526 [49227] [209.85.222.50] Valid reverse DNS entry found: mail-ua1-f50.google.com 
[2020.04.22] 13:18:29.588 [49227] Running SPF check 
[2020.04.22] 13:18:29.588 [49227] Finished SPF check; result = Pass 
[2020.04.22] 13:18:29.588 [49227] [DKIM] Performing DKIM check... 
[2020.04.22] 13:18:29.588 [49227] [DKIM] Result: Good. 
[2020.04.22] 13:18:30.447 [49227] Spam Checks completed. 
[2020.04.22] 13:18:30.447 [49227] SpamCheck Processing Thread Completed
0
Douglas Foster Replied
You are right, the exception mechanisms are too limiting.   See my soapbox at this link.   

Reply to Thread