Authentication Bypass in MailboxImportServlet vulnerability (reminder)
https://blog.zimbra.com/2022/08/authentication-bypass-in-mailboximportservlet-vulnerability/

550 error sent mail - Multiple domain - Dmarc

Discuss your pilot or production implementation with other Zimbra admins or our engineers.
glenndm
Advanced member
Advanced member
Posts: 114
Joined: Fri Sep 12, 2014 10:35 pm
ZCS/ZD Version: Release 8.8.15.GA.3829.UBUNTU16.64

550 error sent mail - Multiple domain - Dmarc

Postby glenndm » Wed Sep 14, 2022 3:53 pm

Hello,

I am struggling to configure my setup for compliance with DMARC.
My system has two domains: company.com and somethingelse.com (names changed )

My primary account = glenn@somethingelse.com
My secondary persona = glenn@company.com

both domains return valid and correct SPF, DKIM, DMARC info on mrtoolbox.com

Since I've activated the DMARC reject flag, once in a while, outgoing messages are refused by the target email server with following error:

Code: Select all

<contact@contact.com>: host mx.contact.com[xxx.xxx.xxx.xxx] said: 550
    #5.7.1 DMARC unauthenticated mail is prohibited. (in reply to end of DATA
    command)


As said, I'm struggling to see my error in the setup.

One thing I see in the error message, is that, when I send as my secondary persona, the return-path still states my primary account.
Could this a reason for the rejection?

suggestions welcome
glenn

Code: Select all

This is the mail system at host mx.company.com.

I'm sorry to have to inform you that your message could not
be delivered to one or more recipients. It's attached below.

For further assistance, please send mail to postmaster.

If you do so, please include this problem report. You can
delete your own text from the attached returned message.

                   The mail system

<contact@contact.com>: host mx.contact.com[xxx.xxx.xxx.xxx] said: 550
    #5.7.1 DMARC unauthenticated mail is prohibited. (in reply to end of DATA
    command)
Return-Path: <glenn@somethingelse.com>
Received: from localhost (localhost.localdomain [127.0.0.1])
        by mx.company.com (Postfix) with ESMTP id F2244380F1F
        for <contact@contact.com>; Wed, 14 Sep 2022 16:24:48 +0200 (CEST)
Received: from mx.company.com ([127.0.0.1])
        by localhost (mx.company.com [127.0.0.1]) (amavisd-new, port 10032)
        with ESMTP id uAvk7fiqKrFH for <contact@contact.com>;
        Wed, 14 Sep 2022 16:24:48 +0200 (CEST)
Received: from localhost (localhost.localdomain [127.0.0.1])
        by mx.company.com (Postfix) with ESMTP id 21B85380EDB
        for <contact@contact.com>; Wed, 14 Sep 2022 16:24:48 +0200 (CEST)
DKIM-Filter: OpenDKIM Filter v2.10.3 mx.company.com 21B85380EDB
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=company.com;
       8<
X-Virus-Scanned: amavisd-new at company.com
Received: from mx.company.com ([127.0.0.1])
        by localhost (mx.company.com [127.0.0.1]) (amavisd-new, port 10026)
        with ESMTP id nQpVV-2fXnbi for <contact@contact.com>;
        Wed, 14 Sep 2022 16:24:47 +0200 (CEST)
Received: from mx.company.com (mx.company.com [192.168.xxx.xx])
        by mx.company.com (Postfix) with ESMTP id 21E50380F27
        for <contact@contact.com>; Wed, 14 Sep 2022 16:24:47 +0200 (CEST)
Date: Wed, 14 Sep 2022 16:24:46 +0200 (CEST)
From: glenn <glenn@company.com>
Reply-To: glenn@company.com
To: contact <contact@contact.com>
Message-ID: <1845379402.180356.1663165486910.JavaMail.zimbra@somethingelse.com[/b]>
In-Reply-To: <1991764074.31701.1649153824152.JavaMail.zimbra@somethingelse.com>
References: <000301d84837$463a32d0$d2ae9870$@skynet.be> <1991764074.31701.1649153824152.JavaMail.zimbra@somethingelse.com>
8<


Return to “Administrators”

Who is online

Users browsing this forum: No registered users and 52 guests