On Thu, 21 Feb 2013, Scott Kitterman wrote:
> Feb 21 15:30:13 mailout02 opendkim[1740]: 231D920E4061:
> mailout03.controlledmail.com [208.43.65.50] not internal
> Feb 21 15:30:13 mailout02 opendkim[1740]: 231D920E4061: not authenticated
> Feb 21 15:30:13 mailout02 opendkim[1740]: 231D920E4061: external host
> mailout03.controlledmail.com attempted to send as kitterman.com
> Feb 21 15:30:13 mailout02 opendmarc[1751]: 231D920E4061: pass
>
> There is nothing from opendkim about the actual verification process. In my
> view, the fact that an external host is sending using a domain that this host
> also signs for and is not authenticated is not relevant to anything. Not
> internal isn't very useful either. I'd think those kinds of things should be
> reserved for debug logging. Regular logging should report actual program
> errors and optionally (I think default on) signature results.
Regular logging does. "LogWhy" is a specific debugging flag. I don't
normally run with it enabled. It's intended to be used when your filter
isn't signing and you can't figure out why; when things are operating
normally, that information isn't useful to log.
> As an aside (I know this is the wrong list), it would be nice if
> opendmarc would include the domain in addition to the result.
Please open a feature request for that one.
-MSK
Received on Thu Feb 21 2013 - 22:05:54 PST
This archive was generated by hypermail 2.3.0
: Thu Feb 21 2013 - 22:09:02 PST