[Rspamd-Users] dmarc blacklists emails from upstream relays

Florian rspamd at fd.mytrap.de
Sun Aug 16 20:09:57 UTC 2020 

Hi,

currently I'm using rspamd 2.5 behind an upstream relay.

I've put

external_relay = [ "1.2.3.4", "$upstream" ]

into local.d/spf.conf

(whereas 1.2.3.4 is the ip address of the upstream mail server, and 
"upstream" is the dns hostname of the upstream mail server.)

nevertheless, I get into problems with some checks, where 
"BLACKLIST_DMARC [paypal.de:D:-]" is triggered?

$server = hostname of my local server running rspamd as milter
$upstream = hostname of upstream mail server
1.2.3.4 = ip address of upstream mail server

Mail headers are looking like this:

----
...
Received: from $server
	by $server with LMTP
	id rOZLG2xeOV+xAg8AezYpnQ
	(envelope-from <service at paypal.de>)
	for <...>; Sun, 16 Aug 2020 18:27:24 +0200
Received: from $upstream ($upstream [1.2.3.4])
	by ma.ra-doersch.de (Postfix) with ESMTPS id 0DFD9222179E
	for <...>; Sun, 16 Aug 2020 18:27:24 +0200 (CEST)
Received: from $upstream (localhost.localdomain [127.0.0.1])
	by $upstream (Proxmox) with ESMTP id 9B622241519
	for <...>; Sun, 16 Aug 2020 18:21:14 +0200 (CEST)
Received-SPF: pass (paypal.de: Sender is authorized to use 
'service at paypal.de' in 'mfrom' identity (mechanism 
'include:pp._spf.paypal.com' matched)) receiver=$upstream; 
identity=mailfrom; envelope-from="service at paypal.de"; 
helo=mx2.slc.paypal.com; client-ip=173.0.84.226
Received: from mx2.slc.paypal.com (mx1.slc.paypal.com [173.0.84.226])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by $upstream (Proxmox) with ESMTPS id A3A0C2414E9
	for <...>; Sun, 16 Aug 2020 18:21:12 +0200 (CEST)
...
X-Spamd-Bar: +++++++
X-Spam-Level: *******
Authentication-Results: $server;
	dkim=pass header.d=paypal.de header.s=pp-dkim1 header.b=Y/N/6K/A
X-Spam: Yes
----

It looks like as it has a problem with the multiple headers, the 
upstream server applicane adds, or is this a different problem here?

Or does somebody know an easy way to exclude the 3rd Received line in 
postfix if that is the problem?

Thank you

Regards

Florian

More information about the Users mailing list