Amazon dmarc report fail because of Zextras

Discuss your pilot or production implementation with other Zimbra admins or our engineers.
Post Reply
User avatar
andras0602
Advanced member
Advanced member
Posts: 62
Joined: Sat May 21, 2022 3:11 pm
ZCS/ZD Version: 8.8.15

Amazon dmarc report fail because of Zextras

Post by andras0602 »

Hi!

I'm using 8.8.15_GA_3869.RHEL7_64 Network edition + Zextras on CentOS7 in a single node installation.
In my daily dmarc report from Amazon SES there is always exactly 1 failed email.

Code: Select all

			<source_ip>REDACTED</source_ip>
			<count>1</count>
			<policy_evaluated>
				<disposition>reject</disposition>
				<dkim>fail</dkim>
				<spf>fail</spf>
			</policy_evaluated>
Which I could narrow down to these:

Code: Select all

[root@mail ~]# zgrep "inbound.*amazon"  /var/log/zimbra.log* 
/var/log/zimbra.log-20230120.gz:Jan 20 04:08:24 mail postfix/smtp[361]: 5BC07C1B6A: to=<license@updates.zextras.com>, relay=inbound-smtp.eu-west-1.amazonaws.com[54.239.39.100]:25, delay=0.89, delays=0.01/0.02/0.63/0.23, dsn=2.0.0, status=sent (250 OK mdkhod0siqdb8vmtmu57f7oj6vb6ube0p1if9ig1)
/var/log/zimbra.log-20230122.gz:Jan 22 04:08:25 mail postfix/smtp[394]: B17F58849D: to=<license@updates.zextras.com>, relay=inbound-smtp.eu-west-1.amazonaws.com[176.32.109.132]:25, delay=0.87, delays=0.01/0.03/0.58/0.25, dsn=2.0.0, status=sent (250 OK thinlf7s53254pnaifjubaqd8ahhkgnr7llvnh81)
/var/log/zimbra.log-20230123.gz:Jan 23 04:08:44 mail postfix/smtp[365]: 708DDB682B: to=<license@updates.zextras.com>, relay=inbound-smtp.eu-west-1.amazonaws.com[52.95.121.182]:25, delay=2, delays=0.01/0.02/1.7/0.23, dsn=2.0.0, status=sent (250 OK h5743hmur2o9l64dor9vld82ci2jorptard4kt01)
My SPF and DKIM records are correct and there is no issue neither with Google, Outlook, etc.
Here are the detailed logs for the last attempt:

Code: Select all

[root@mail ~]# zgrep "708DDB682B"  /var/log/zimbra.log* 
/var/log/zimbra.log-20230123.gz:Jan 23 04:08:42 mail postfix/amavisd/smtpd[364]: 708DDB682B: client=localhost[127.0.0.1]
/var/log/zimbra.log-20230123.gz:Jan 23 04:08:42 mail postfix/cleanup[358]: 708DDB682B: message-id=<1664801225.0.1674443321378.JavaMail.zimbra@mail>
/var/log/zimbra.log-20230123.gz:Jan 23 04:08:42 mail postfix/qmgr[10452]: 708DDB682B: from=<>, size=3102, nrcpt=1 (queue active)
/var/log/zimbra.log-20230123.gz:Jan 23 04:08:42 mail amavis[9315]: (09315-02) OtKJVHtNN4Az FWD from <> -> <license@updates.zextras.com>, BODY=7BIT 250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 708DDB682B
/var/log/zimbra.log-20230123.gz:Jan 23 04:08:42 mail amavis[9315]: (09315-02) Passed CLEAN {RelayedOutbound}, ORIGINATING_POST/MYNETS LOCAL [127.0.0.1]:54384 <> -> <license@updates.zextras.com>, Queue-ID: B6BD8BBB3F, Message-ID: <1664801225.0.1674443321378.JavaMail.zimbra@mail>, mail_id: OtKJVHtNN4Az, Hits: -2.899, size: 2703, queued_as: 708DDB682B, 653 ms
/var/log/zimbra.log-20230123.gz:Jan 23 04:08:42 mail postfix/smtp[359]: B6BD8BBB3F: to=<license@updates.zextras.com>, relay=127.0.0.1[127.0.0.1]:10032, delay=0.73, delays=0.05/0.02/0.01/0.64, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 708DDB682B)
/var/log/zimbra.log-20230123.gz:Jan 23 04:08:44 mail postfix/smtp[365]: 708DDB682B: to=<license@updates.zextras.com>, relay=inbound-smtp.eu-west-1.amazonaws.com[52.95.121.182]:25, delay=2, delays=0.01/0.02/1.7/0.23, dsn=2.0.0, status=sent (250 OK h5743hmur2o9l64dor9vld82ci2jorptard4kt01)
/var/log/zimbra.log-20230123.gz:Jan 23 04:08:44 mail postfix/qmgr[10452]: 708DDB682B: removed
For me it seems like this license-validation something is trying to send an email to "license@updates.zextras.com" with an empty from field -> which is getting dropped my Amazon SES.
What is your opinion? Should I open a support case for this? Or did I miss some settings in Zimbra?
I'm trying not to worry about the fact that my mail server is sending emails without my consent (or maybe I agreed to it... tbh I can't recall).
But why does it leave empty the from<> field? Have you seen anything similar before?
Many thanks!
jhurley
Zimbra Employee
Zimbra Employee
Posts: 34
Joined: Wed Apr 27, 2016 7:04 pm

Re: Amazon dmarc report fail because of Zextras

Post by jhurley »

This is part of the NG licensing and has no effect on your ability to use the NG feature.
The issue is with how Zextra creates their email and can be ignored.
User avatar
andras0602
Advanced member
Advanced member
Posts: 62
Joined: Sat May 21, 2022 3:11 pm
ZCS/ZD Version: 8.8.15

Re: Amazon dmarc report fail because of Zextras

Post by andras0602 »

jhurley wrote:This is part of the NG licensing and has no effect on your ability to use the NG feature.
The issue is with how Zextra creates their email and can be ignored.
Thanks for the super fast reply! Don't you know, can I fix it somehow? I couldn't find yet where could I fill the"from" field. Just to make my dmarc reports clear.
jhurley
Zimbra Employee
Zimbra Employee
Posts: 34
Joined: Wed Apr 27, 2016 7:04 pm

Re: Amazon dmarc report fail because of Zextras

Post by jhurley »

This email is autogenerated by the NG module.
Open a support case and the team will report the issue to Zextras
User avatar
andras0602
Advanced member
Advanced member
Posts: 62
Joined: Sat May 21, 2022 3:11 pm
ZCS/ZD Version: 8.8.15

Re: Amazon dmarc report fail because of Zextras

Post by andras0602 »

jhurley wrote:This email is autogenerated by the NG module.
Open a support case and the team will report the issue to Zextras
Roger! I just did it. Thank you!
Post Reply