Open watermark opened 8 years ago
Pro
commented
8 years ago Can you check the Event Log for any error messages from the DKIM Signer. If a mail isn't signed, there should be some warning or error message.
Can you set the Event Log level to debugging. Then for the next DMARC report check if there are any suspicious messages at the time of failure.
Pro
commented
7 years ago I will close this issue for now, since there is no new update. Please report back if this problem still occurs.
watermark
commented
7 years ago This issue still occurs. The event logs do not offer anything I'd consider useful. I've installed this plugin on 2 (used to be 3) completely different exchange servers and this issue occurs on all of them.
With there being no error messages in the event log, it kinda seems like there is some way for the mail to be sent through the Exchange server, but not trigger the plugin's signing code. Can you think of any scenarios that may allow mail to be sent through the Exchange server that wouldn't trigger this plugin?
Pro
commented
7 years ago ATM I can not think of any reason why some mails would not be sent though the DKIM transport agent. The output at line https://github.com/Pro/dkim-exchange/blob/master/Src/Exchange.DkimSigner/DkimSigningRoutingAgent.cs#L50 should always be there. If not then the message is not sent to the DKIM agent.
Is there any info in the DMARC report which shows some common properties on the emails which aren't signed? Check the Sender e-mail address and the source IP in the DMARC report.
Versions
Description
According to DMARC reports: not all mail is signed and some mail is signed incorrectly. (12% isn't signed at all and 9% is signed incorrectly). These reports come from several DMARC providers (Google, MS, Yahoo, AOL). All from a single Exchange server with no additional plugins.
What additional information could help diagnose this issue?
DMarcian report: https://gist.github.com/watermark/220d9f5d4b73e1afab4bd280486d31d3