Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Outgoing email is signed using DKIM but public key is unavailable #83

Open
GaryA opened this issue Nov 8, 2017 · 2 comments
Open

Outgoing email is signed using DKIM but public key is unavailable #83

GaryA opened this issue Nov 8, 2017 · 2 comments

Comments

@GaryA
Copy link
Owner

GaryA commented Nov 8, 2017

Some mail servers refuse emails from Antlog because the public key is unavailable.

Try http://www.mail-tester.com to diagnose the problem. Possibly more to do with DNS than web iste settings?
@GaryA
Copy link
Owner Author

GaryA commented Nov 8, 2017

We check if the server you are sending from is authenticated
-1
[SPF] garya.org.uk does not allow your server 185.119.172.153 to use antlog@garya.org.uk
Sender Policy Framework (SPF) is an email validation system designed to prevent email spam by detecting email spoofing, a common vulnerability, by verifying sender IP addresses.

You do not have a SPF record, please add the following one to your domain garya.org.uk:

v=spf1 a mx ip4:185.119.172.153 ~all

The Name Server handling the domain name garya.org.uk is ns3.tsohost.co.uk.

Need guidance? View guides for each host.

Verification details:

dig +short TXT garya.org.uk :

dig +short SPF @ns3.tsohost.co.uk. garya.org.uk :

spfquery --scope mfrom --id antlog@garya.org.uk --ip 185.119.172.153 --helo-id host54.servers.prgn.misp.co.uk :

none
garya.org.uk: No applicable sender policy available
garya.org.uk: No applicable sender policy available
Received-SPF: none (garya.org.uk: No applicable sender policy available) receiver=ns303428.ip-94-23-206.eu; identity=mailfrom; envelope-from="antlog@garya.org.uk"; helo=host54.servers.prgn.misp.co.uk; client-ip=185.119.172.153

-1
[Sender ID] garya.org.uk does not allow your server 185.119.172.153 to use antlog@garya.org.uk
Sender ID is like SPF, but it checks the FROM address, not the bounce address.

You do not have a SPF record, please add the following one to your domain garya.org.uk:

v=spf1 a mx ip4:185.119.172.153 ~all

The Name Server handling the domain name garya.org.uk is ns2.tsohost.co.uk.

Need guidance? View guides for each host.

Verification details:

dig +short TXT garya.org.uk :

dig +short TXT @ns2.tsohost.co.uk. garya.org.uk :

spfquery --scope mfrom --id antlog@garya.org.uk --ip 185.119.172.153 --helo-id host54.servers.prgn.misp.co.uk :

none
garya.org.uk: No applicable sender policy available
garya.org.uk: No applicable sender policy available
Received-SPF: none (garya.org.uk: No applicable sender policy available) receiver=ns303428.ip-94-23-206.eu; identity=mailfrom; envelope-from="antlog@garya.org.uk"; helo=host54.servers.prgn.misp.co.uk; client-ip=185.119.172.153

-3
Your DKIM signature is not valid
DomainKeys Identified Mail (DKIM) is a method for associating a domain name to an email message, thereby allowing a person, role, or organization to claim some responsibility for the message.

The DKIM signature of your message is:

v=1;
a=rsa-sha256;
q=dns/txt;
c=relaxed/relaxed;
d=garya.org.uk;
s=default;
h=Message-ID:Subject:To:From:Date:Content-Transfer-Encoding:Content-Type:MIME-Version:Sender:Reply-To:Cc:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive;
bh=6j9BnDbiH8PskqY1O0uiCRcKr/P1zvnvbt/XWmJ7GGI=;
b=U24zLJGD19uAXLJztcFrCnpWiESOO01Oouzr5nhIlDinNWP5rf7Hi054zy7q/xJaktU3G+t5uDf+Ec9nLDPEQ0ZqYxt6ltRZJUlMQx6LatNjxQ4fzLv2aJmjhxin5sNuSlyH6XYAqvpfmUD1tdjwc1t0scuCFBWIhZfIGh8da8L+JEgimopZr8VcbLmu2dgLjpKEU3cURW2mDXxdG33BmgaDNbMXRD0RypJCxrpIeuMkVPFpot9vvwKfRAxc0LuEsV1ulNU9FaYH/+vcrznDeIk+UovNEgCbgK47WmCSr2mXi05d91hgQRFOMS45RDrp8RUY9hyQOEXz0+xL9P8NSQ==;

We were not able to retrieve your public key.
Please ensure that you inserted your DKIM TXT DNS record on your domain garya.org.uk using the selector default.
If you recently modified your DNS, please be patient and test again your Newsletter in 12 hours, it may take some time for the DNS to be propagated
You do not have a DMARC record
A DMARC policy allows a sender to indicate that their emails are protected by SPF and/or DKIM, and give instruction if neither of those authentication methods passes. Please be sure you have a DKIM and SPF set before using DMARC.

You do not have a DMARC record, please add a TXT record to your domain _dmarc.garya.org.uk with the following value:

v=DMARC1; p=none

Verification details:

mail-tester.com;	dkim=fail reason="key not found in DNS" (0-bit key; unprotected) header.d=garya.org.uk header.i=@garya.org.uk header.b=U24zLJGD;	dkim-atps=neutral
mail-tester.com; dmarc=none header.from=garya.org.uk
From Domain: garya.org.uk
DKIM Domain: garya.org.uk

@GaryA
Copy link
Owner Author

GaryA commented Nov 10, 2017

DKIM and SPF enabled, wait 12 hours for DNS changes to propagate before re-testing.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@GaryA