I just started to get email from google stating something about my domain missing a DKIM field. But I check my DNS and it seems I do have a DKIM field. The message is not very informative and I don’t know why I am getting these emails. Can someone help me about what is wrong? I did use the diagnostic-center and didn’t find anything wrong with DNS. My domain is johnjudecampbell dot com. I know about the SSL error but I don’t think that is related to DKIM, right? Also, I checked out the google support link but I have no idea what to do with the information they present. Can I just turn off email from my server? Will this help make these google emails disappear??? Below is the xml file that is in the email. Thanks in advance.
Blockquote
<report_metadata>
<org_name>google dot com</org_name>
noreply-dmarc-support at google dot com
<extra_contact_info>support.google/a/answer/2466580
</extra_contact_info>
<report_id>1312248329147417958</report_id>
<date_range>
1657670400
1657756799
</date_range>
</report_metadata>
<policy_published>
johnjudecampbell dot com
r
r
I can’t look at your DKIM record as that isn’t a ‘standard’ record - it’s name varies based on a ‘selector’ you use when signing your message.
I can tell you you’re getting these messages because you have DMARC configured to tell mail recipients to let you have aggregate reports regarding DMARC failures. If you just remove this TXT records form your domain:
_dmarc.johnjudecampbell.com. description is "v=DMARC1; p=quarantine; rua=mailto:[email protected]"
then those messages will stop being sent to you.
In an ideal world, though the world is so far from ideal these days I feel stupid even typing this, you should look into why you’re getting these messages. It could well be that your domain is all hunky-dorey but some ne’er-do-well out there is spoofing message from your domain. In this case Google is doing the right thing ™ in telling you about the non-compliant messages they’re getting pertaining to be from you.
OK I’ll try removing the DMARC line. This only started happening last month with some new DNS features from Cloudflare. Before this, everything seemed to be working fine.
So, I am at a loss to understand why this just started happening in the last month or so.
Let me try taking out the DMARC line now and see what happens. Thanks for your tip.
[quote] It could well be that your domain is all hunky-dorey but some ne’er-do-well out there is spoofing message from your domain. In this case Google is doing the right thing ™ in telling you about the non-compliant messages they’re getting pertaining to be from you. [/quote]
You make a good point, Saul. Let me give that some thought about the spoofing. And, I wasn’t necessarily blaming Google - I appreciate their warning to me. But I would like to stop these emails if I can which happens to show up once a week on this same day.
I don’t recommend removing your DMARC policy. It weakens your email security posture by making it easier for your domain to be spoofed. The RUA value in a DMARC record is not intended to be a mailbox that is monitored by a human. Best practice is to use the assigned address provided by your DMARC monitoring service. While it is possible to manually review DMARC repots, it is not very practical. Using a monitoring service allows the data from DMARC reports to processed and aggregated into a more meaningful format.
The dmarcian forums is a good resource for engaging in deeper discussion on DMARC, DKIM and SPF.