search

trusteddomainproject / OpenDMARC

This is the Trusted Domain Project's impementation of the DMARC protocol libary and mail filter, called OpenDMARC. A "milter" connects to unix-based mailers (originally, sendmail, but now many) and provides a standard filtering API.
Other
98 stars 52 forks source link

confirmation email from signing up for chat GPT email was rejected #234

Closed jmcclelland closed 1 year ago

jmcclelland commented 1 year ago

Unfortunately, I did not have the HistoryFile turned on when opendmarc rejected the original and I can't coax it to send me another.

So, I re-applied using a gmail address, and gmail accepted the email.

I took the email from Gmail and ran it through opendmarc -t (adding the approrpriate environment variables). And, my history file reports ():

job DEBUG-i
reporter DEBUG-j
received 1675269377
ipaddr 205.201.136.5
from tm.openai.com
mfrom mandrillapp.com
spf 3
pdomain openai.com
policy 16
rua mailto:tdfyvl0n@ag.dmarcian.com
pct 100
adkim 114
aspf 114
p 114
sp 0
align_dkim 5
align_spf 5
arc 7
arc_policy 2 json:[]
action 0

I can see why SPF doesn't align (since the envelope from address is mandrill.com). But I'm not sure why DKIM fails? It seems that pdomain should be tm.openai.com instead of openai.com? Please let me know if this is more appropriate in a users forum or is just general user error.

Here are the headers (only modified to change the To Address):

Delivered-To: jamiexxxxx@gmail.com
Received: by 2002:a5d:6f01:0:0:0:0:0 with SMTP id ay1csp327297wrb;
        Wed, 1 Feb 2023 07:50:40 -0800 (PST)
X-Google-Smtp-Source: AK7set8RkY51gvwIXqDOgbtyOfFaQ6ZZs5cFoDFFD5awupBtJ5t5W9M747QXY/pkCd2jhBs4noFl
X-Received: by 2002:a0d:df17:0:b0:506:3b6d:8d66 with SMTP id i23-20020a0ddf17000000b005063b6d8d66mr1972959ywe.47.1675266640426;
        Wed, 01 Feb 2023 07:50:40 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1675266640; cv=none;
        d=google.com; s=arc-20160816;
        b=zTGsvbrJzD6OjKsITdV6CWSsPMAr+zonHs8thLl2b2FuoWKEfvJR44Mihtui4JwLBv
         7TWcu1PYBM0SGm35z6ypjsq2BXysJFwJeuT8TkUFIBvxvdbQRpezTZJ1R5Qkw3dqzqET
         hjP0bCgzWvHeu0fU7FU6B62IwIeOy91ncs113CO+6tuDqIxliE5Aauw54/uMmCdv5UPB
         HKsAI5E8CNjsNz/nLW3n9fGXOPii99p1JyI6bhf5whJk0IPlLpf0l/q36sqi5cCR/sP0
         PuF31TYBHc+9RPpyDYMjaFCQs6Hsvp+Lt0srDtBXMlONMt3ECsLsaC5XMKMBS7rTSvW2
         pr8Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=mime-version:date:message-id:feedback-id:to:subject:from
         :dkim-signature:dkim-signature;
        bh=qjrqX4yb+/irsnSIDT+Xfg0O47HivPlrUzyksldQtrQ=;
        b=z8nMCH6G9NyKRHZSpwwklAwySbDT8PX0ZTE0v7i/Fv9TBsOnc+djDO5MTqdPeB+aEQ
         v631uNqdtl248l1rVEcDZMuOlxB9AxYVebjusqSkZHlGZTTgS1PnGNQHO3bPDck/WBUD
         TCS/n6SjYAh/AeOXcXF5sALAKTNGiul44jgo+iPkeelojbpcl1F1BVxQAJmkDc/geA/S
         drBndh+D3H13SMww3Lijzryd81TOKIgHs/X0vXtt4zHq3AD3tIx2gvKIWFBJBsqM2ktC
         zWRXoRLId+NXbmyL9iD9eboxwypUQWUl/SYR/gmxMVP01XbOr2UgKgmzYchc9rV5/LGc
         BZqg==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@tm.openai.com header.s=mandrill header.b=gPCSxZ+C;
       dkim=pass header.i=@mandrillapp.com header.s=mandrill header.b=RlzI1OSc;
       spf=pass (google.com: domain of bounce-md_31165340.63da8a4f.v1-a4b0a0601e1847b0b59904888072162e@mandrillapp.com designates 205.201.136.5 as permitted sender) smtp.mailfrom=bounce-md_31165340.63da8a4f.v1-a4b0a0601e1847b0b59904888072162e@mandrillapp.com;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=openai.com
Return-Path: <bounce-md_31165340.63da8a4f.v1-a4b0a0601e1847b0b59904888072162e@mandrillapp.com>
Received: from mail5.us4.mandrillapp.com (mail5.us4.mandrillapp.com. [205.201.136.5])
        by mx.google.com with ESMTPS id q124-20020a818082000000b0051f86aa78bcsi2314930ywf.78.2023.02.01.07.50.40
        for <jamiexxxxx@gmail.com>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 01 Feb 2023 07:50:40 -0800 (PST)
Received-SPF: pass (google.com: domain of bounce-md_31165340.63da8a4f.v1-a4b0a0601e1847b0b59904888072162e@mandrillapp.com designates 205.201.136.5 as permitted sender) client-ip=205.201.136.5;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@tm.openai.com header.s=mandrill header.b=gPCSxZ+C;
       dkim=pass header.i=@mandrillapp.com header.s=mandrill header.b=RlzI1OSc;
       spf=pass (google.com: domain of bounce-md_31165340.63da8a4f.v1-a4b0a0601e1847b0b59904888072162e@mandrillapp.com designates 205.201.136.5 as permitted sender) smtp.mailfrom=bounce-md_31165340.63da8a4f.v1-a4b0a0601e1847b0b59904888072162e@mandrillapp.com;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=openai.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tm.openai.com; s=mandrill; t=1675266639; x=1675324239; i=noreply@tm.openai.com; bh=qjrqX4yb+/irsnSIDT+Xfg0O47HivPlrUzyksldQtrQ=; h=From:Subject:To:Feedback-ID:Message-Id:Date:MIME-Version:
         Content-Type:CC:Date:Subject:From; b=gPCSxZ+Clto9Q7ZyJyXlYMcBoZ5S/QfuCOcpBUXecGLJGK5NtFmfYKxoChjYUoi7J
         dsN0AaxpXNugqya0aWe9O1kY5054zgbGJEXKXpF9HGWz/TKaH/2/vDR4VSwWUbkJQo
         Tq6xAWHhTBAfq3oDGtCH+Uq+xQCF+p4Go3gx50nk=
Received: from pmta15.mandrill.prod.suw01.rsglab.com (localhost [127.0.0.1]) by mail5.us4.mandrillapp.com (Mailchimp) with ESMTP id 4P6RG75FjDzDRJFM3 for <jamiexxxxx@gmail.com>; Wed,
  1 Feb 2023 15:50:39 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mandrillapp.com;
  i=@mandrillapp.com; q=dns/txt; s=mandrill; t=1675266639; h=From :
  Subject : To : Message-Id : Date : MIME-Version : Content-Type : From :
  Subject : Date : X-Mandrill-User : List-Unsubscribe;
  bh=qjrqX4yb+/irsnSIDT+Xfg0O47HivPlrUzyksldQtrQ=;
  b=RlzI1OSchRhNPvqDGbzvWfz1/9Q3goQ1zvd7DWToB+pb3HWUlKjOLrNaoT1wAik8i/12vp 8AQ4esE+eTtC5shXnYO8YNa63C6vPzJfNOGS86uKElTGkimOhgaSXHENFDRsO6nbNkg2lXpt /G4pCEMJPRLN2IeTsGEp6nYdX4Vc4=
From: OpenAI <noreply@tm.openai.com>
Subject: OpenAI - Verify your email
Received: from [3.12.112.20] by mandrillapp.com id a4b0a0601e1847b0b59904888072162e; Wed, 01 Feb 2023 15:50:39 +0000
To: jamiexxxxx@gmail.com
X-Report-Abuse: Please forward a copy of this message, including all headers, to abuse@mandrill.com
X-Report-Abuse: You can also report abuse here: http://mandrillapp.com/contact/abuse?id=31165340.a4b0a0601e1847b0b59904888072162e
X-Mandrill-User: md_31165340
Feedback-ID: 31165340:31165340.20230201:md
Message-Id: <31165340.20230201155039.63da8a4f91cc68.61998917@mail5.us4.mandrillapp.com>
Date: Wed, 01 Feb 2023 15:50:39 +0000
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="_av-WT8Tq15ctHw6q4pAG2H2Rg"
jmcclelland commented 1 year ago

Here's some better data. I tried again with a new email address. This time I set RejectFailures false so I received the message.

Here's the History:

job 4P8Srq4RJ2z29
reporter b.mx.mayfirst.org
received 1675552155
ipaddr 198.2.187.16
from tm.openai.com
mfrom mandrillapp.com
spf 0
pdomain openai.com
policy 16
rua mailto:tdfyvl0n@ag.dmarcian.com
pct 100
adkim 114
aspf 114
p 114
sp 0
align_dkim 5
align_spf 5
arc 7
arc_policy 2 json:[]
action 2

And here's the headers:

Return-Path: <bounce-md_31165340.63dee59a.v1-9496d2179a584e258d0f0fe29b8be53a@mandrillapp.com>
Delivered-To: jmcclelland@mailstore002.mayfirst.org
Received: from mailstore002.mayfirst.org
    by mailstore002.mayfirst.org with LMTP
    id BqsKEJ/l3mPiZh8AGJC8Ow
    (envelope-from <bounce-md_31165340.63dee59a.v1-9496d2179a584e258d0f0fe29b8be53a@mandrillapp.com>)
    for <jmcclelland@mailstore002.mayfirst.org>; Sat, 04 Feb 2023 23:09:19 +0000
Received: from filter.mayfirst.org (mailfilter002.mayfirst.org [209.51.169.92])
    by mailstore002.mayfirst.org (Postfix) with ESMTPS id 4P8Srv1GG5zBS
    for <jmcclelland@mailstore002.mayfirst.org>; Sat,  4 Feb 2023 23:09:19 +0000 (UTC)
Received: from filter.mayfirst.org (localhost [127.0.0.1])
    by filter.mayfirst.org (Postfix) with ESMTP id 4P8Srs3SjTz1x5t
    for <jmcclelland@mailstore002.mayfirst.org>; Sat,  4 Feb 2023 23:09:17 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
    mailfilter002.mayfirst.org
X-Spam-Level: *
X-Spam-Status: No, score=1.0 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED,
    DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,HEADER_FROM_DIFFERENT_DOMAINS,
    HTML_FONT_LOW_CONTRAST,HTML_IMAGE_RATIO_04,HTML_MESSAGE,SPF_HELO_NONE,
    SPF_SOFTFAIL,URIBL_BLOCKED shortcircuit=no autolearn=disabled
    version=3.4.6
X-Spam-Language: en
X-Envelope-From: <bounce-md_31165340.63dee59a.v1-9496d2179a584e258d0f0fe29b8be53a@mandrillapp.com>
Received: from b.mx.mayfirst.org (mailmx002.mayfirst.org [209.51.169.86])
    by filter.mayfirst.org (Postfix) with ESMTPS id 4P8Srr3jLbz1x5s
    for <jamie@workingdirectory.net>; Sat,  4 Feb 2023 23:09:16 +0000 (UTC)
Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=198.2.187.16; helo=mail187-16.suw11.mandrillapp.com; envelope-from=bounce-md_31165340.63dee59a.v1-9496d2179a584e258d0f0fe29b8be53a@mandrillapp.com; receiver=<UNKNOWN> 
Authentication-Results: b.mx.mayfirst.org; dmarc=fail (p=reject dis=none) header.from=tm.openai.com
Received: from mail187-16.suw11.mandrillapp.com (mail187-16.suw11.mandrillapp.com [198.2.187.16])
    by b.mx.mayfirst.org (Postfix) with ESMTPS id 4P8Srq4RJ2z29
    for <jamie@workingdirectory.net>; Sat,  4 Feb 2023 23:09:15 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tm.openai.com;
    s=mandrill; t=1675552154; x=1675609754; i=noreply@tm.openai.com;
    bh=7mg7BrjxsVsyvxEKQxJKU9mdUNW0RY72d3ncWvxtMT8=;
    h=From:Subject:To:Feedback-ID:Message-Id:Date:MIME-Version:
    Content-Type:CC:Date:Subject:From;
    b=fwmqXeK2qUzoovB2C67jRh43dSK49Q1y0plYmB/CV7yfhepBos51b5EeTm+IyzI65
    UUr6EsSQWgVYeSGjO9HFoU33K1bAv33mbZ7cYyc5rDlsy8ZGzQbdUCHsRZQeQc22pO
    rjVejy7Jq3WTJB2aUnVOUHItfYwUiTFkCp6i4BTg=
Received: from pmta09.mandrill.prod.suw01.rsglab.com (localhost [127.0.0.1])
    by mail187-16.suw11.mandrillapp.com (Mailchimp) with ESMTP id 4P8Srp34XDzB5pL2G
    for <jamie@workingdirectory.net>; Sat,  4 Feb 2023 23:09:14 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mandrillapp.com; 
 i=@mandrillapp.com; q=dns/txt; s=mandrill; t=1675552154; h=From : 
 Subject : To : Message-Id : Date : MIME-Version : Content-Type : From : 
 Subject : Date : X-Mandrill-User : List-Unsubscribe; 
 bh=7mg7BrjxsVsyvxEKQxJKU9mdUNW0RY72d3ncWvxtMT8=; 
 b=ZwwH4wuIio26lhANzL2JCbAx6eb++AHH8IBAM3Q9fOnLFNW/m9lyxruaYwx3hiewYPNOm6
 WER/bOXpTOWknpDnmogCj+k/VWNKBzMeTUMP/7QG8H5EUWZh/fN+GsNGdYE6SsTev3O2D9S0
 aupFxx1fmsqSJcPQDRxpvpHNX2NqI=
From: OpenAI <noreply@tm.openai.com>
Subject: OpenAI - Verify your email
Received: from [3.12.4.51] by mandrillapp.com id 9496d2179a584e258d0f0fe29b8be53a; Sat, 04 Feb 2023 23:09:14 +0000
To: jamie@workingdirectory.net
X-Report-Abuse: Please forward a copy of this message, including all headers, to abuse@mandrill.com
X-Report-Abuse: You can also report abuse here: http://mandrillapp.com/contact/abuse?id=31165340.9496d2179a584e258d0f0fe29b8be53a
X-Mandrill-User: md_31165340
Feedback-ID: 31165340:31165340.20230204:md
Message-Id: <31165340.20230204230914.63dee59a45bc89.35562078@mail187-16.suw11.mandrillapp.com>
Date: Sat, 04 Feb 2023 23:09:14 +0000
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="_av-zUWBW0GgRNT5UJ7C-yqBBg"
X-Virus-Scanned: ClamAV using ClamSMTP

I see the pdomain is set to openai.com - because there is no policy on tm.openai.com, but I'm not sure why dkim is not aligned.

jmcclelland commented 1 year ago

Sorry for the noise, this seems to be caused by opendkim not properly adding the Authentication-Results header.