Back to Community Threads
2
SmarterMail DMARC status?
Question asked by Eric Tykwinski - 4/21/2020 at 11:39 AM
Answered
I know this isn't used heavily, but it's getting there.  We have a customer that is prefiltering on AppRiver, which of course breaks DMARC for thier domain.  I don't see any way to turn off following policies just for this one client.  Is it possible for say AppRiver to sign with an "Authenticated Received Chain" header to bypass DMARC?  

3 Replies

Reply to Thread
0
Matt Petty Replied
4/22/2020 at 9:43 AM
Employee Post Marked As Answer
If it comes in to your server from AppRiver then you should be able to add an "IP Bypass" which will skip over AppRiver's IP and get the next part of the "Received By:" chain.
You can add an IP Bypass in the System Admin > Antispam section. This should hopefully resolve the DMARC issues.

The IP Bypass would be the IP of AppRiver's server that gives you the message.
Matt Petty
Software Developer
SmarterTools Inc.
(877) 357-6278
www.smartertools.com
0
Eric Tykwinski Replied
4/22/2020 at 10:11 AM
Matt,

Thanks, but I don't feel like managing a huge list of ips for a single customer, they list a bunch of /20's, /24's, et al, on the support page, it's like basically saying spf to +all.  Honestly, we can probably do everything that AppRiver can do already, so I'm going to try and have them just go direct to us.

Scratch the ARC deal as well, I just tested this out, and you guys are accepting the emails fine.  Gmail is doing a SRS rewrite and resigning with ARC.  I just did a forward from GMail to my personal and it's fine.
[2020.04.22] 13:18:29.526 [49227] Spam check args: from: eric@securedomain.com; messageID: 49227; messagePath: M:\SmarterMail\Spool\SubSpool1\191349227.eml; sender: gmail.username+caf_=local.username=domain.com@gmail.com; sendersDomain: gmail.com; sendersIp: 209.85.222.50; returnPath: gmail.username+caf_=local.username=domain.com@gmail.com 
[2020.04.22] 13:18:29.526 [49227] [209.85.222.50] Valid reverse DNS entry found: mail-ua1-f50.google.com 
[2020.04.22] 13:18:29.588 [49227] Running SPF check 
[2020.04.22] 13:18:29.588 [49227] Finished SPF check; result = Pass 
[2020.04.22] 13:18:29.588 [49227] [DKIM] Performing DKIM check... 
[2020.04.22] 13:18:29.588 [49227] [DKIM] Result: Good. 
[2020.04.22] 13:18:30.447 [49227] Spam Checks completed. 
[2020.04.22] 13:18:30.447 [49227] SpamCheck Processing Thread Completed
0
Douglas Foster Replied
4/23/2020 at 10:37 PM
You are right, the exception mechanisms are too limiting.   See my soapbox at this link.   
Back to Community Threads

Reply to Thread

Related Community Threads

vulnerable to CVE-2021-32233, CVE-2021-32234 and CVE-2021-43977Problem reported by webtomten - Today
Chat web connectionProblem reported by Omar Escalante - Today
DKIM not working even after build 7957Problem reported by Ionel Aurelian Rau - Yesterday
Missing features that prevent migration from Exchange to SmarterMail - 1: mail messages and To Do LISTProblem reported by Gabriele Maoret - SERSIS - Yesterday
DKIM key rollover without loss of functionality.Idea by Douglas Foster - 11/30/2021

Related Knowledge Base Articles

Messages from Trusted Senders are going to my Junk folderSmarterMail > Troubleshooting
Upgrading SmarterMail (Domain Conversion)SmarterMail > Installation and Configuration
Configure SmarterMail as a Free Gateway ServerSmarterMail > Server Configuration and Management
Attaching SmarterMail 16.x and Older Domains to New BuildsSmarterMail > Domain/User Configuration and Management
Configure IIS for Microsoft Exchange ActiveSyncSmarterMail > Server Configuration and Management