#216 dmarc = pass even if dkim = fail
Good day!
Recently I had updated opendmarc from 1.3.1 to 1.3.2 and everything looked fine, but now I find out that opendmarc accept emails even if dkim check was failed. It looking only for spf check.
Example of logs is below:
postfix/smtpd[28268]: client=XXXX
postfix/cleanup[32298]: hold: header Received: from XXXX (XXXX [X.X.X.X])??(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))??(No client certificate requested)??by YYYY (Postfix) wi from XXXX[X.X.X.X]; from=user@example.com to=user@example.ru proto=ESMTP helo=<xxxx>
opendkim[1834]: XXXX [X.X.X.X] not internal
opendkim[1834]: not authenticated
opendkim[1834]: signature=dpaNIQxR domain=examle.com selector=test result="key not found in DNS"
opendkim[1834]: key retrieval failed (s=test, d=example.com): 'test._domainkey.example.com' record not found
opendmarc[24128]: ignoring Authentication-Results at 3 from XXX
opendmarc[24128]: ignoring Authentication-Results at 4 from XXX
opendmarc[24128]: ignoring Authentication-Results at 5 from XXX
opendmarc[24128]: SPF(mailfrom): user@example.com pass
opendmarc[24128]: veeam.com pass</xxxx>
Could you help me with this issue?
It was my mistake. I just didn't correctly understand how dmarc works. Now I understood that is normal behavior. Please close this ticket.
Could you close the ticket yourself?