[Solved] DMARC Failure!

Ali Akbar

New Member
Hey guys,

Purchased Mailwizz recently.

I have a server on Vultr with CPanel/WHM.

I am using Sendgrid and have authenticated (and whitelabeled) my domain in Sendgrid via updating CNAME records in CPanel of the domain.

I send an email to Mail-Tester, it passes SPF and DKIM, but fails DMARC (that I set up via DMARC Global Cyber alliance).

Here is SPF from Mail-Tester

Code:
Sender Policy Framework (SPF) is an email validation system designed to prevent email spam by detecting email spoofing, a common vulnerability, by verifying sender IP addresses.
What we retained as your current SPF record is:

v=spf1 include:sendgrid.net ~all


Verification details:

dig +short TXT em2643.theaudiencer.com :
u3581770.wl021.sendgrid.net.
"v=spf1 include:sendgrid.net ~all"
dig +short TXT @u3581770.wl021.sendgrid.net. em2643.theaudiencer.com :
spfquery --scope mfrom --id bounces+3581770-9f50-test-os43a=mail-tester.com@em2643.theaudiencer.com --ip 167.89.100.130 --helo-id o2.3nn.shared.sendgrid.net :
pass
em2643.theaudiencer.com: Sender is authorized to use 'bounces+3581770-9f50-test-os43a=mail-tester.com@em2643.theaudiencer.com' in 'mfrom' identity (mechanism 'include:sendgrid.net' matched)
em2643.theaudiencer.com: Sender is authorized to use 'bounces+3581770-9f50-test-os43a=mail-tester.com@em2643.theaudiencer.com' in 'mfrom' identity (mechanism 'include:sendgrid.net' matched)
Received-SPF: pass (em2643.theaudiencer.com: Sender is authorized to use 'bounces+3581770-9f50-test-os43a=mail-tester.com@em2643.theaudiencer.com' in 'mfrom' identity (mechanism 'include:sendgrid.net' matched)) receiver=ns303428.ip-94-23-206.eu; identity=mailfrom; envelope-from="bounces+3581770-9f50-test-os43a=mail-tester.com@em2643.theaudiencer.com"; helo=o2.3nn.shared.sendgrid.net; client-ip=167.89.100.130
Here is DKIM from Mail-Tester:

Code:
DomainKeys Identified Mail (DKIM) is a method for associating a domain name to an email message, thereby allowing a person, role, or organization to claim some responsibility for the message.
The DKIM signature of your message is:

    v=1;
    a=rsa-sha256;
    c=relaxed/relaxed;
    d=theaudiencer.com;
    h=content-type:from:mime-version:reply-to:subject:to;
    s=s1;
    bh=+lNtgQwhLOjoOa9H8lz87q8TKK8QF3jpv6L9tr3ozLs=;
    b=p7yFbh2dzLUV7H1wjiDu6Bs6W32IJU31WLVwI/Z7Z9HZFqg6k87bYMNNaMGW1ywgo3dBcvz3/KzDdLyt9SvSINCUJ13yb+J8QTGJ8Nkjab/O51SWYYqjXzGDblNBWiszRXSXXqnxQyhwG1EDmDEpefkN1jLStgX4LHPx7UayJCw=
Your public key is:

"k=rsa;
t=s;
p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC46FFAPxKS0a+lNrMs/HxEgCWS8PCTU4XxLbgEiB8ow5pceOd6l63NQDwzosY2UOML57N2PchkdbCyHydcTEgb09cCOubCXr3JoyjVNy0hDC+mF+0187OSEk2NYIFtl0n5NpNNcQduPPEbjiiWBNYURYU5W2AcM9Oag42pdkxrHwIDAQAB"
Key length: 1024bits
And here is DMARC from Mail-Tester:

Code:
A DMARC policy allows a sender to indicate that their emails are protected by SPF and/or DKIM, and give instruction if neither of those authentication methods passes. Please be sure you have a DKIM and SPF set before using DMARC.
You are not allowed to send a message with this address

DMARC DNS entry found for the domain _dmarc.theaudiencer.com:

"\"v=DMARC1; p=reject; rua=mailto:reports@theaudiencer.com; ruf=mailto:reports@theaudiencer.com; sp=reject; aspf=s; adkim=s; ri=86400\""
Verification details:

mail-tester.com; dkim=pass (1024-bit key; unprotected) header.d=theaudiencer.com header.i=@theaudiencer.com header.b=p7yFbh2d; dkim-atps=neutral
mail-tester.com; dmarc=permerror header.from=theaudiencer.com
mail-tester.com; dkim=pass (1024-bit key; unprotected) header.d=theaudiencer.com header.i=@theaudiencer.com header.b=p7yFbh2d; dkim-atps=neutral
From Domain: theaudiencer.com
DKIM Domain: theaudiencer.com
Any help is greatly appreciated as this is driving me nuts.
 
Top