?
Solved

Message does not pass DomainKeys requirements for domain asap-cheques.com

Posted on 2011-10-07
4
Medium Priority
?
1,476 Views
Last Modified: 2012-05-12
I am trying to figure why my mdaemon server will not let emails from asap-cheques.com and if there is anything I can do about it.

Any ideas?
Fri 2011-10-07 10:57:26: Session 3175; child 1
Fri 2011-10-07 10:57:26: Accepting SMTP connection from [216.221.81.25:18594] to [192.168.185.12:25]
Fri 2011-10-07 10:57:26: --> 220 mail.araxi.ca ESMTP MDaemon 12.0.4; Fri, 07 Oct 2011 10:57:26 -0700
Fri 2011-10-07 10:57:26: <-- EHLO fipsb03.cogeco.net
Fri 2011-10-07 10:57:26: --> 250-mail.araxi.ca Hello fipsb03.cogeco.net, pleased to meet you
Fri 2011-10-07 10:57:26: --> 250-ETRN
Fri 2011-10-07 10:57:26: --> 250-AUTH=LOGIN
Fri 2011-10-07 10:57:26: --> 250-AUTH LOGIN CRAM-MD5
Fri 2011-10-07 10:57:26: --> 250-8BITMIME
Fri 2011-10-07 10:57:26: --> 250 SIZE
Fri 2011-10-07 10:57:26: <-- MAIL FROM:<info@asap-cheques.com> SIZE=95458
Fri 2011-10-07 10:57:26: Performing PTR lookup (25.81.221.216.IN-ADDR.ARPA)
Fri 2011-10-07 10:57:36: *  D=25.81.221.216.IN-ADDR.ARPA TTL=(1440) PTR=[smtp.cogeco.net]
Fri 2011-10-07 10:57:36: *  Gathering A records...
Fri 2011-10-07 10:57:39: *  D=smtp.cogeco.net TTL=(1440) A=[216.221.81.25]
Fri 2011-10-07 10:57:39: ---- End PTR results
Fri 2011-10-07 10:57:39: Performing IP lookup (fipsb03.cogeco.net)
Fri 2011-10-07 10:57:49: *  DNS: 10 second wait for DNS response exceeded 
Fri 2011-10-07 10:57:50: *  D=smtp.cogeco.ca TTL=(1439) A=[216.221.81.25]
Fri 2011-10-07 10:57:50: ---- End IP lookup results
Fri 2011-10-07 10:57:50: Performing IP lookup (asap-cheques.com)
Fri 2011-10-07 10:57:50: *  D=asap-cheques.com TTL=(1440) A=[64.15.156.11]
Fri 2011-10-07 10:57:51: *  P=010 S=000 D=asap-cheques.com TTL=(1440) MX=[mail.asap-cheques.com] {209.15.249.67}
Fri 2011-10-07 10:57:51: ---- End IP lookup results
Fri 2011-10-07 10:57:51: Performing SPF lookup (asap-cheques.com / 216.221.81.25)
Fri 2011-10-07 10:57:54: *  Result: none; no SPF record in DNS
Fri 2011-10-07 10:57:54: ---- End SPF results
Fri 2011-10-07 10:57:54: --> 250 <info@asap-cheques.com>, Sender ok
Fri 2011-10-07 10:57:54: <-- RCPT TO:<sfawcett@imailroom.ca>
Fri 2011-10-07 10:57:54: --> 250 <sfawcett@imailroom.ca>, Recipient ok
Fri 2011-10-07 10:57:54: <-- DATA
Fri 2011-10-07 10:57:54: Creating temp file (SMTP): c:\mdaemon\queues\temp\md50000000662.tmp
Fri 2011-10-07 10:57:54: --> 354 Enter mail, end with <CRLF>.<CRLF>
Fri 2011-10-07 10:57:55: Message size: 95759 bytes
Fri 2011-10-07 10:57:55: Performing DKIM lookup
Fri 2011-10-07 10:57:55: *  File: c:\mdaemon\queues\temp\md50000000662.tmp
Fri 2011-10-07 10:57:55: *  Message-ID: BE73D5652232487E8C4D1322594173C4@GS02
Fri 2011-10-07 10:57:55: *  Result: neutral
Fri 2011-10-07 10:57:55: ---- End DKIM results
Fri 2011-10-07 10:57:55: Performing DomainKeys lookup (Sender: info@asap-cheques.com)
Fri 2011-10-07 10:57:55: *  File: c:\mdaemon\queues\temp\md50000000662.tmp
Fri 2011-10-07 10:57:55: *  Message-ID: BE73D5652232487E8C4D1322594173C4@GS02
Fri 2011-10-07 10:57:55: *  Querying for policy: asap-cheques.com
Fri 2011-10-07 10:57:55: *    Querying: _domainkey.asap-cheques.com ...
Fri 2011-10-07 10:57:58: *    Policy record: o=-
Fri 2011-10-07 10:57:58: *  Result: fail
Fri 2011-10-07 10:57:58: ---- End DomainKeys results
Fri 2011-10-07 10:57:58: --> 550 Message does not pass DomainKeys requirements for domain asap-cheques.com
Fri 2011-10-07 10:57:58: SMTP session terminated (Bytes in/out: 95872/415)
Fri 2011-10-07 10:57:58: ----------
Fri 2011-10-07 10:57:58: Performing DomainKeys lookup (Sender: info@asap-cheques.com)
Fri 2011-10-07 10:57:58: *  File: c:\mdaemon\queues\temp\md50000000662.tmp
Fri 2011-10-07 10:57:58: *  Message-ID: BE73D5652232487E8C4D1322594173C4@GS02
Fri 2011-10-07 10:57:58: *  Querying for policy: asap-cheques.com
Fri 2011-10-07 10:57:58: *    Querying: _domainkey.asap-cheques.com ...
Fri 2011-10-07 10:57:58: *    Policy record: o=-
Fri 2011-10-07 10:57:58: *  Result: fail

Open in new window

0
Comment
Question by:Shawn
  • 2
  • 2
4 Comments
 
LVL 21

Accepted Solution

by:
Papertrip earned 2000 total points
ID: 36933299
It sounds like they have a policy that says that they sign all mail ( "o=-" ), but perhaps there is no DK signature in the mail.  Considering the fact they have no SPF record, I wouldn't be surprised if that was the case.

It appears, from the information provided, that this is a problem on the sender side.

The only way you could let the mail pass would be to whitelist the domain/IP/address, but then you open yourself up to all sorts of spoofing and spam from anything you whitelist.
0
 
LVL 1

Author Comment

by:Shawn
ID: 36933802
I got them to send it to a gmail account and it went through. Below is the header. Anything jump out to you? I'm not really concerned about this one incident but want to make sure it is not our side where there is an issue.


Received: by 10.213.31.73 with SMTP id x9cs3809ebc;
        Fri, 7 Oct 2011 13:50:12 -0700 (PDT)
Received: by 10.236.185.228 with SMTP id u64mr12734292yhm.91.1318020610667;
        Fri, 07 Oct 2011 13:50:10 -0700 (PDT)
Return-Path: <info@asap-cheques.com>
Received: from fipsb03.cogeco.net (smtp.cogeco.net. [216.221.81.25])
        by mx.google.com with ESMTP id j69si9076624yhn.83.2011.10.07.13.50.09;
        Fri, 07 Oct 2011 13:50:10 -0700 (PDT)
Received-SPF: neutral (google.com: 216.221.81.25 is neither permitted nor denied by best guess record for domain of info@asap-cheques.com) client-ip=216.221.81.25;
Authentication-Results: mx.google.com; spf=neutral (google.com: 216.221.81.25 is neither permitted nor denied by best guess record for domain of info@asap-cheques.com) smtp.mail=info@asap-cheques.com
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: ApwGAPlkj05IJmPW/2dsb2JhbABBA4pCjnqBKYkPhSmBThEDAQE/DQIBDR4CAQcCASABAQIJAhwSAQIBAQIYBgcWBAMTCAIBAgMBh3SYUJ9gAoQLEIIyYQSHTYRwghMBiDaNaWM
X-IronPort-AV: E=Sophos;i="4.68,504,1312171200"; 
   d="jpg'145?scan'145,208,145";a="293286519"
Received: from s72-38-99-214.static.comm.cgocable.net (HELO GS02) ([72.38.99.214])
  by fipsb03.cogeco.net with SMTP; 07 Oct 2011 16:50:09 -0400
Message-ID: <18FC8EA1A00B4CAA8AABF3EADFF155D5@GS02>
Reply-To: "Customer Service \(2\)" <info@asap-cheques.com>
From: "Customer Service \(2\)" <info@asap-cheques.com>
To: <shawnfawcett@gmail.com>
Subject: Order #110929828 Proof
Date: Fri, 7 Oct 2011 16:50:06 -0400
Organization: ASAP Cheques, Forms & Supplies
MIME-Version: 1.0
Content-Type: multipart/mixed;
	boundary="----=_NextPart_000_000A_01CC8511.2AE041E0"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.5931
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.6109

This is a multi-part message in MIME format.

------=_NextPart_000_000A_01CC8511.2AE041E0
Content-Type: text/plain;
	format=flowed;
	charset="iso-8859-1";
	reply-type=original
Content-Transfer-Encoding: 7bit

Open in new window

0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36934117
Yep that confirms my suspicion.  No SPF/DF/DKIM, yet their policy says they sign all mails with DK.
0
 
LVL 1

Author Comment

by:Shawn
ID: 36934221
great thanks for clarifying :)
0

Featured Post

What Security Threats Are We Predicting for 2018?

Cryptocurrency, IoT botnets, MFA, and more! Hackers are already planning their next big attacks for 2018. Learn what you might face, and how to defend against it with our 2018 security predictions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Here in this article, you will get a step by step guidance on how to restore an Exchange database to a recovery database. Get a brief on Recovery Database and how it can be used to restore Exchange database in this section!
Steps to fix “Unable to mount database. (hr=0x80004005, ec=1108)”.
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
Suggested Courses
Course of the Month16 days, 10 hours left to enroll

862 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question