Forwarding strange phenomenon

Forum for things that doesn't really have anything to do with hMailServer. Such as php.ini, beer, etc etc.
Post Reply
User avatar
RvdH
Senior user
Senior user
Posts: 3561
Joined: 2008-06-27 14:42
Location: The Netherlands

Forwarding strange phenomenon

Post by RvdH » 2024-10-25 16:14

I operate 2 hMS instances, one at home (5.7) and the other work related (5.6)
Both instances are utilizing RewriteEnvelopeFromWhenForwarding=1

Let says i have 2 accounts, ruud@home.com and ruud@work.com and both these accounts are setup with SPF, DKIM and DMARC, for both accounts I have setup (automatic) forwarding to my gmail account

If i now send a mail from ruud@home.com to ruud@work.com the message is successfully forwarded to my gmail account,
If i in gmail open the source <show original> it reports:

Code: Select all

SPF:	PASS with IP x.x.x.x (@work.com IP)
DKIM:	'PASS' with domain home.com
DMARC:	'PASS'

Code: Select all

ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@work.com header.s=s2024 header.b=VPZcTMjN;
       dkim=pass header.i=@home.com header.s=mail header.b=cHedygYj;
       spf=pass (google.com: domain of ruud@work.com designates x.x.x.x as permitted sender) smtp.mailfrom=ruud@work.com;
       dmarc=pass (p=QUARANTINE sp=REJECT dis=NONE) header.from=home.com

Authentication-Results: mx.google.com;
       dkim=pass header.i=@work.nl header.s=s2024 header.b=VPZcTMjN;
       dkim=pass header.i=@home.nl header.s=mail header.b=cHedygYj;
       spf=pass (google.com: domain of ruud@work.com designates x.x.x.x as permitted sender) smtp.mailfrom=ruud@work.com;
       dmarc=pass (p=QUARANTINE sp=REJECT dis=NONE) header.from=home.com
Same message, but now in opposite direction, eg: i send a mail from ruud@work.com to ruud@home.com the message is successfully forwarded to my gmail account, only this time when looking at the source <show original> it reports:

Code: Select all

SPF:	PASS with IP x.x.x.x (@home.com IP)
DKIM:	'PASS' with domain home.com
DMARC:	'FAIL'

Code: Select all

ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@home.com header.s=mail header.b=ZmMaLHCv;
       dkim=neutral (body hash did not verify) header.i=@work.com header.s=s2024 header.b=pTF9N56E;
       spf=pass (google.com: domain of ruud@home.com designates x.x.x.x as permitted sender) smtp.mailfrom=ruud@home.com;
       dmarc=fail (p=QUARANTINE sp=REJECT dis=NONE) header.from=work.com
       
Authentication-Results: mx.google.com;
       dkim=pass header.i=@home.com header.s=mail header.b=ZmMaLHCv;
       dkim=neutral (body hash did not verify) header.i=@work.com header.s=s2024 header.b=pTF9N56E;
       spf=pass (google.com: domain of ruud@home.com designates x.x.x.x as permitted sender) smtp.mailfrom=ruud@home.com;
       dmarc=fail (p=QUARANTINE sp=REJECT dis=NONE) header.from=work.com
Trying to figure out what makes the second example to fail DMARC on both hMS instances i made copies of those mails in OnAcceptMessage, OnDeliveryStart and OnDeliverMessage, except for the X-Spam-Status headers being off in OnAcceptMessage the messages are 100% identical, once forwarded to gmail, except for the gmail added headers the rest still is 100% identical

I also looked at the DKIM signing source, although code not 100% the same due to int to size_t conversion on 64-bit (5.7) the code is functional identical

For both directions, the incoming mail reports DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF in SA
There is no difference in DKIM/SPF alignment or method (both using relaxed/relaxed) between the 2 instances...

Weird huh? I am clueless why this happens....anyone got an idea?
CIDR to RegEx: d-fault.nl/cidrtoregex
DNS Lookup: d-fault.nl/dnstools
DKIM Generator: d-fault.nl/dkimgenerator
DNSBL Lookup: d-fault.nl/dnsbllookup
GEOIP Lookup: d-fault.nl/geoiplookup

User avatar
mattg
Moderator
Moderator
Posts: 22491
Joined: 2007-06-14 05:12
Location: 'The Outback' Australia

Re: Forwarding strange phenomenon

Post by mattg » 2024-10-31 02:23

What does your DNS DMARC entry say for both @home and @work domains
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation

User avatar
RvdH
Senior user
Senior user
Posts: 3561
Joined: 2008-06-27 14:42
Location: The Netherlands

Re: Forwarding strange phenomenon

Post by RvdH » 2024-10-31 12:06

@home

Code: Select all

"v=DMARC1; p=quarantine; sp=reject; rua=mailto:reports@home.com; ruf=mailto:reports@home.com; fo=1; rf=afrf; ri=86400"

Code: Select all

"v=DKIM1; k=rsa; t=s; p=BASE64STRING; n=2048 bits"
@work

Code: Select all

"v=DMARC1; p=quarantine; rua=mailto:dmarc@work.com; ruf=mailto:dmarc@work.com; fo=1; rf=afrf; ri=86400"

Code: Select all

"v=DKIM1; k=rsa; p=BASE64STRING; n=2048 bits"
CIDR to RegEx: d-fault.nl/cidrtoregex
DNS Lookup: d-fault.nl/dnstools
DKIM Generator: d-fault.nl/dkimgenerator
DNSBL Lookup: d-fault.nl/dnsbllookup
GEOIP Lookup: d-fault.nl/geoiplookup

Post Reply