SPF，DKIM和DMARC都设置了，但是dmarc报告的说法却相反

（再次）关于电子邮件的事情，我正在失去主意。

我有一个Kimsufi / OVH（Debian Wheezy 7.10）服务器。 我有后缀和鸽舍所有设置。

我的主域名/主机名是vaeserveur.fr，我使用的是在vaeserveur.fr上设置的calendridel.fr。

我为这两个域设置了dns区域中的spf，dkim和dmarc条目。 从接触[at] calendridel [点] fr和没有答复[at] calendridel [点] fr，我跑的所有testing都是好的：

• Debian（wheezy）强制caching到RAM
• MySQL服务不启动
• 网关升级后喘息不振
• 升级到Wheezy后无法再访问HG repo
• 限制通过access.conflogin不起作用

1）[email protected]

The Port25 Solutions, Inc. team ========================================================== Summary of Results ========================================================== SPF check: pass DomainKeys check: neutral DKIM check: pass SpamAssassin check: ham ========================================================== Details: ========================================================== HELO hostname: vaeserveur.fr Source IP: 91.121.166.194 mail-from: [email protected] ---------------------------------------------------------- SPF check details: ---------------------------------------------------------- Result: pass ID(s) verified: [email protected] DNS record(s): calendridel.fr. SPF (no records) calendridel.fr. 6055 IN TXT "v=spf1 a mx include:mx.ovh.com ~all" calendridel.fr. 6054 IN A 91.121.166.194 ---------------------------------------------------------- DomainKeys check details: ---------------------------------------------------------- Result: neutral (message not signed) ID(s) verified: [email protected] DNS record(s): ---------------------------------------------------------- DKIM check details: ---------------------------------------------------------- Result: pass (matches From: [email protected]) ID(s) verified: header.d=calendridel.fr 

2）dmarcian.com

 https://dmarcian.com/dmarc-inspector/calendridel.fr All seems good 

3）dkimvalidator.com

 DKIM Information: DKIM Signature Message contains this DKIM Signature: DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=calendridel.fr; s=mail; t=1491673268; bh=g3zLYH4xKxcPrHOD18z9YfpQcnk/GaJedfustWU5uGs=; h=Date:From:To:Subject:From; b=CScyX9ZvWCDL6FGLroXZi/8dFiWmgPbKwcTuSZqPuCHBOR4tv4QdGzxgZ3acWf6AP AwAt3Y2h+9IHeayu8mT2rl2Bz3E3XbMC6waEHoc645sAOq1nV9l8hAuw73hm6YsvXU QEAgcDIaD8b5fAXoX99rGkSfD6Rx5ygeuJOs0MzZcxnOzaJM+6mvOzusep4PRv0XvG eEJYYwL2sNd0qEJSLJ666fhvE781qtwnWaUewlceSgek5bnJ1DVEOsLkcl3uwTabau PsLZm9SPuqsc+aDRTTNNRKuI2noO1/w3M6XWfZxpYPIeoxwNnflWxP0s9O6+UbhsCJ PJbZeYVATVFKYKjFJlbwAqPMMmJAiqSWzsXvT06/P/Qw70nT5Q9qK1FI8Uu9NRFhWe g+35wx03zNG5OMgKzKsv9qH06qccBsbfhHXKm63YkxLDhO+2AtdicdWqrMlZQap7V0 CC4VyTCNLZdOASWdLJdh8JDsY2TXNU/Pcpxw0uSf0BigY/0q3qj5O7GRzzSLG1rKz0 +HpvDql/PpsscXt16URaOtO7/rZ6H3EsS1ZkutO5udiwJvoZulraMbI8sQQghR3Yyw OZqDardodYdVo1tHzTPQ4MJTEKI+2IO4ulCj7/kJ109xpTYo8+8x3I7Z5Bhmnyui7j TIxRT8MCD1sRUOoP7mD/7Pb0= Signature Information: v= Version: 1 a= Algorithm: rsa-sha256 c= Method: relaxed/relaxed d= Domain: calendridel.fr s= Selector: mail q= Protocol: bh= g3zLYH4xKxcPrHOD18z9YfpQcnk/GaJedfustWU5uGs= h= Signed Headers: Date:From:To:Subject:From b= Data: CScyX9ZvWCDL6FGLroXZi/8dFiWmgPbKwcTuSZqPuCHBOR4tv4QdGzxgZ3acWf6AP AwAt3Y2h+9IHeayu8mT2rl2Bz3E3XbMC6waEHoc645sAOq1nV9l8hAuw73hm6YsvXU QEAgcDIaD8b5fAXoX99rGkSfD6Rx5ygeuJOs0MzZcxnOzaJM+6mvOzusep4PRv0XvG eEJYYwL2sNd0qEJSLJ666fhvE781qtwnWaUewlceSgek5bnJ1DVEOsLkcl3uwTabau PsLZm9SPuqsc+aDRTTNNRKuI2noO1/w3M6XWfZxpYPIeoxwNnflWxP0s9O6+UbhsCJ PJbZeYVATVFKYKjFJlbwAqPMMmJAiqSWzsXvT06/P/Qw70nT5Q9qK1FI8Uu9NRFhWe g+35wx03zNG5OMgKzKsv9qH06qccBsbfhHXKm63YkxLDhO+2AtdicdWqrMlZQap7V0 CC4VyTCNLZdOASWdLJdh8JDsY2TXNU/Pcpxw0uSf0BigY/0q3qj5O7GRzzSLG1rKz0 +HpvDql/PpsscXt16URaOtO7/rZ6H3EsS1ZkutO5udiwJvoZulraMbI8sQQghR3Yyw OZqDardodYdVo1tHzTPQ4MJTEKI+2IO4ulCj7/kJ109xpTYo8+8x3I7Z5Bhmnyui7j TIxRT8MCD1sRUOoP7mD/7Pb0= Public Key DNS Lookup Building DNS Query for mail._domainkey.calendridel.fr Retrieved this publickey from DNS: v=DKIM1; k=rsa;p=MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAomnPCDLufwn5YnIxZ+4veAqdQiTNyk3OsqxTXddGXstKjYefjeJZ/Wgd4vFRheS9DSRjtqLvc66KyM3Ubk37G3S2tXU6dpIPh/poiQuDhdZMWlp829YyR47sYtSSJqFrzd+dKDGfPwrlJb6iIeYksfXOXSHej6s9z1mDobl+fDhORKaB5JySZyPhh/FqCIVMHJffr8tod0Q55MAfRpl38WIJjRjjTXHS2OTNUSQq53kIqSZkx3iFdlxxZh5Tj1DU1bzIGfB4tQaJAGqGhSz4pyzkdc+uVuvXr6NbIrEQ/YnueDHWrbbPoMq77QcToMGqfypgB2CcEU2rlcDYq9aPqYAalv22zY6S0M5FUjlpiHDIR3Hb/ID2ZC2Q/XtCKgaOxr2C4T7Ad0CdcjjQMLnFkOY337U7/P0FgaSQaykiUvSkXDvURgunBv0GLqXfjfwK2Ge8fl+dhYN5bZ/59/GFPcyB/sLHB/cMFWEUyp63RXHBRm+q+c6PMdGIgmoTHYH/0FbYI+/9NHhYOLWhBrgds3x54vStQk0jqYKAipd2494v2dr3p5XlhXU4NEOSEH4FnBfiqoHiYDgjPEIm0ddqH2kBEiuymIoGtWPuBCmY993/1wevOMVjrQlysw2Gf1DZnlbnaytgcSAR0fHgIlLPPoRqGXodvgtW6Zj8ocy71qsCAwEAAQ== Validating Signature result = pass Details: SPF Information: Using this information that I obtained from the headers Helo Address = vaeserveur.fr From Address = [email protected] From IP = 91.121.166.194 SPF Record Lookup Looking up TXT SPF record for calendridel.fr Found the following namesevers for calendridel.fr: ns.kimsufi.com ns318520.ip-91-121-166.eu Retrieved this SPF Record: zone updated 20170408 (TTL = 46739) using authoritative server (ns.kimsufi.com) directly for SPF Check Result: pass (Mechanism 'a' matched) Result code: pass Local Explanation: calendridel.fr: 91.121.166.194 is authorized to use '[email protected]' in 'mfrom' identity (mechanism 'a' matched) spf_header = Received-SPF: pass (calendridel.fr: 91.121.166.194 is authorized to use '[email protected]' in 'mfrom' identity (mechanism 'a' matched)) receiver=ip-172-31-3-128.us-west-1.compute.internal; identity=mailfrom; envelope-from="[email protected]"; helo=vaeserveur.fr; client-ip=91.121.166.194 

等等等等

一切似乎都很好，我发邮件的所有邮件testing人员都在说：“10/10，你很好，可以去找朋友”。

问题是，我收到dmarc报告，他们不好。 例如，从雅虎的最后date：

 <?xml version="1.0"?> <feedback> <report_metadata> <org_name>Yahoo! Inc.</org_name> <email>[email protected]</email> <report_id>1491615950.716847</report_id> <date_range> <begin>1491523200</begin> <end>1491609599 </end> </date_range> </report_metadata> <policy_published> <domain>calendridel.fr</domain> <adkim>r</adkim> <aspf>r</aspf> <p>none</p> <pct>100</pct> </policy_published> <record> <row> <source_ip>91.121.166.194</source_ip> <count>1</count> <policy_evaluated> <disposition>none</disposition> <dkim>fail</dkim> <spf>fail</spf> </policy_evaluated> </row> <identifiers> <header_from>calendridel.fr</header_from> </identifiers> <auth_results> <dkim> <domain>calendridel.fr</domain> <result>permerror</result> </dkim> <spf> <domain>vaeserveur.fr</domain> <result>pass</result> </spf> </auth_results> </record> </feedback> 

并在google.com的最后date：

 <?xml version="1.0" encoding="UTF-8" ?> <feedback> <report_metadata> <org_name>google.com</org_name> <email>[email protected]</email> <extra_contact_info>https://support.google.com/a/answer/2466580</extra_contact_info> <report_id>14868783784049997701</report_id> <date_range> <begin>1491523200</begin> <end>1491609599</end> </date_range> </report_metadata> <policy_published> <domain>calendridel.fr</domain> <adkim>r</adkim> <aspf>r</aspf> <p>none</p> <sp>none</sp> <pct>100</pct> </policy_published> <record> <row> <source_ip>2001:41d0:1:e7c2::1</source_ip> <count>1</count> <policy_evaluated> <disposition>none</disposition> <dkim>fail</dkim> <spf>fail</spf> </policy_evaluated> </row> <identifiers> <header_from>calendridel.fr</header_from> </identifiers> <auth_results> <dkim> <domain>calendridel.fr</domain> <result>fail</result> <selector>mail</selector> </dkim> <spf> <domain>vaeserveur.fr</domain> <result>softfail</result> </spf> </auth_results> </record> <record> <row> <source_ip>2001:41d0:1:e7c2::1</source_ip> <count>1</count> <policy_evaluated> <disposition>none</disposition> <dkim>pass</dkim> <spf>fail</spf> </policy_evaluated> </row> <identifiers> <header_from>calendridel.fr</header_from> </identifiers> <auth_results> <dkim> <domain>calendridel.fr</domain> <result>pass</result> <selector>mail</selector> </dkim> <spf> <domain>vaeserveur.fr</domain> <result>pass</result> </spf> </auth_results> </record> </feedback> 

我迷路了，我不知道要做什么比已经设定的更多。 不要犹豫，问我更多的信息，如果它可以帮助。 谢谢…