Our emails are passing DMARC validation because the DKIM check is passing and it is properly aligned.
However, there is an issue with the SPF alignment. The SPF from domain is amazonses.com, which is the default. However, this needs to match the actual domain of the From: in the Email headers. As in dawson.ustaxcourt.gov or $EFCMS_DOMAIN. We have some configuration in place to create mail.$EFCMS_DOMAIN, but our actual identities are not using it.
Business Impact/Reason for Severity
Court users are not affected. Our Email currently has a very high success rate for passing DMARC.
In which environment did you see this bug?
Any
Who were you logged in as?
N/A
What were you doing when you discovered this bug? (Using the application, demoing, smoke tests, testing other functionality, etc.)
Reviewing DMARC reports
To Reproduce
N/A
Expected Behavior
Reviewing DMARC reports and observe that SPF alignment is passing.
Examine one of our emails and notice that the SPF from Email has the domain name of dawson.ustaxcourt.gov or $EFCMS_DOMAIN
Actual Behavior
Review DMARC reports and observe that SPF alignment is failing.
Examine one of our emails and notice that the SPF from Email has the domain name of amazonses.com
Screenshots
Cause of Bug, If Known
I suspect it's due to the identity sending the Email not having been properly configured to make use of the from.${EFCMS_DOMAIN} MAIL FROM option.
Process for Logging a Bug:
Complete the above information
Add a severity tag (Critical, High Severity, Medium Severity or Low Severity). See below for priority definition.
Severity Definition:
Critical Defect
Blocks entire system's or module’s functionality
No workarounds available
Testing cannot proceed further without bug being fixed.
High-severity Defect
Affects key functionality of an application
There's a workaround, but not obvious or easy
App behaves in a way that is strongly different from the one stated in the requirements
Medium-severity Defect
A minor function does not behave in a way stated in the requirements.
Workaround is available and easy
Low-severity Defect
Mostly related to an application’s UI
Doesn't need a workaround, because it doesn't impact functionality
Definition of Ready for Bugs(Created 10-4-21)
Definition used: A failure or flaw in the system which produces an incorrect or undesired result that deviates from the expected result or behavior. (Note: Expected results are use cases that have been documented in past user stories as acceptance criteria and test cases, and do not include strange behavior unrelated to use cases.)
The following criteria must be met in order for the development team to begin work on the bug.
The bug must:
Be focused on solving a user problem
Contain data for all fields in the bug template, so the team can pick it up and begin working immediately
Process: If the unexpected results are new use cases that have been identified, but not yet built, new acceptance criteria and test cases should be captured in a new user story and prioritized by the product owner.
If the Court is not able to reproduce the bug, add the “Unable to reproduce” tag. This will provide visibility into the type of support that may be needed by the Court. In the event that the Court cannot reproduce the bug, the Court will work with Flexion to communicate what type of troubleshooting help may be needed.
Definition of Done (Updated 4-14-21)
Product Owner
[ ] Bug fix has been validated in the Court's test environment
Engineering
[ ] Automated test scripts have been written
[ ] Field level and page level validation errors (front-end and server-side) integrated and functioning
[ ] Verify that language for docket record for internal users and external users is identical
Describe the Bug
Our emails are passing DMARC validation because the DKIM check is passing and it is properly aligned.
However, there is an issue with the SPF alignment. The SPF from domain is amazonses.com, which is the default. However, this needs to match the actual domain of the
From:in the Email headers. As indawson.ustaxcourt.govor$EFCMS_DOMAIN. We have some configuration in place to createmail.$EFCMS_DOMAIN, but our actual identities are not using it.Business Impact/Reason for Severity
Court users are not affected. Our Email currently has a very high success rate for passing DMARC.
In which environment did you see this bug?
Any
Who were you logged in as?
N/A
What were you doing when you discovered this bug? (Using the application, demoing, smoke tests, testing other functionality, etc.)
Reviewing DMARC reports
To Reproduce
N/A
Expected Behavior
dawson.ustaxcourt.govor$EFCMS_DOMAINActual Behavior
amazonses.comScreenshots
Cause of Bug, If Known
I suspect it's due to the identity sending the Email not having been properly configured to make use of the
from.${EFCMS_DOMAIN}MAIL FROM option.Process for Logging a Bug:
Severity Definition:
Critical Defect Blocks entire system's or module’s functionality No workarounds available Testing cannot proceed further without bug being fixed.
High-severity Defect Affects key functionality of an application There's a workaround, but not obvious or easy App behaves in a way that is strongly different from the one stated in the requirements
Medium-severity Defect A minor function does not behave in a way stated in the requirements. Workaround is available and easy
Low-severity Defect Mostly related to an application’s UI Doesn't need a workaround, because it doesn't impact functionality
Definition of Ready for Bugs(Created 10-4-21)
Definition used: A failure or flaw in the system which produces an incorrect or undesired result that deviates from the expected result or behavior. (Note: Expected results are use cases that have been documented in past user stories as acceptance criteria and test cases, and do not include strange behavior unrelated to use cases.)
The following criteria must be met in order for the development team to begin work on the bug.
The bug must:
Process: If the unexpected results are new use cases that have been identified, but not yet built, new acceptance criteria and test cases should be captured in a new user story and prioritized by the product owner.
If the Court is not able to reproduce the bug, add the “Unable to reproduce” tag. This will provide visibility into the type of support that may be needed by the Court. In the event that the Court cannot reproduce the bug, the Court will work with Flexion to communicate what type of troubleshooting help may be needed.
Definition of Done (Updated 4-14-21)
Product Owner
Engineering
testenvironment if prod-like data is required. Otherwise, deployed to anyexperimentalenvironment for review.