Is anybody well-versed at parsing Yahoo DMARC reports? I am working on an email deliverability project for my company and puzzled at some regular traffic that appears on bell.ca. Using Meeting invite forwarding and DMARC – IT Review as a reference, the reports I have don’t look quite the same. The author explains a Yahoo report in a forwarding scenario, where a user at Company A is sending a meeting invitation to a user at Company B, who then forwards it to another user at Company C. In the example, Company B appears in the report under
Original-Mail-From
Sender
Message-ID
but in my reports, bell .ca appears only under Message-ID. Original-Mail-From is us, and there is no Sender field:
Feedback-Type: other
User-Agent: Yahoo!-Mail-Feedback/1.0
Version: 1.0
Original-Mail-From: user@ca.CompanyA .com
Arrival-Date: Wed, 10 Feb 2021 19:50:19 +0000
Source-IP: 204.101.250.59
Reported-Domain: ca.CompanyA .com
Policy-Action: NONE
Reported-URI: blahblahblah .com
MIME Part = 1.3
content-type: text/rfc822-headers
content-disposition: inline
content-transfer-encoding: 7bit
Received-SPF: fail (domain of ca.CompanyA .com does not designate 204.101.250.59 as permitted sender)
Authentication-Results: atlas311.free.mail.gq1.yahoo .com;
dkim=perm_fail header.i=@ca.CompanyA .com header.s=selector1;
spf=fail smtp.mailfrom=ca.CompanyA .com;
dmarc=fail(p=NONE) header.from=ca.CompanyA .com;
From: user1@ca.CompanyA .com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ca.CompanyA .com;
s=selector1;
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
bh=XjWb1aT4wJbkTgXBJVUqxYGzaG8IejV+bF9k8jW01E0=;
b=QeNHUqNht733vmhog52i6wc7BROozFs3Li9s9sL8macoYm+JkVaCjzpbF2iSJ9P+Hpf6fFT7s+l1zod61+y2Uv5/Abk/dGMnq/rGWQdfWN0uEFOF8CUiM8wOaB5TLx+mskDYxF8tFlvOnKhjPte+kb8GaLUD9uXHzMxi88wk9qU=
Date: Wed, 10 Feb 2021 19:50:13 +0000
Message-ID: <20210210195018.ENMD4357.tor12vmxfep01.isp.intranet.bell .ca@tor12vicmrk03>
Subject: Re: Quotation - remainder of subject line
(Spacing was added to work around a forum feature that filters links.)
Company A is us.
Company B is bell .ca.
Company C is Yahoo.
I am trying to decide if this is just another variation of email auto-forwarding or if something else is occurring.
BTW, I don’t completely agree with the link author’s conclusions. If Company B is manually forwarding the meeting invitation, that should add a new Mail From, Header From, and DKIM signature, and deliver according to that data (hopefully successfully). In my experience, auto-forwarding results are all over the place, but it’s common to add a new Mail From and DKIM key. In this situation, with Company A still in the Header From field, DMARC will never pass.
Thanks.
