[ad_1]
Hi,
The below IP ‘209.85.160.197’ is reported on my new daily DMARC report.
<record>
<row>
<source_ip>209.85.160.197</source_ip>
<count>1</count>
<policy_evaluated>
<disposition>none</disposition>
<dkim>pass</dkim>
<spf>fail</spf>
</policy_evaluated>
</row>
<identifiers>
<envelope_from>mail.example.com</envelope_from>
<header_from>example.com</header_from>
</identifiers>
<auth_results>
<dkim>
<domain>amazonses.com</domain>
<result>pass</result>
</dkim>
<dkim>
<domain>example.com</domain>
<result>pass</result>
</dkim>
<spf>
<domain>mail.example.com</domain>
<result>softfail</result>
</spf>
</auth_results>
</record>According to ‘whois’ CLI, and to the website https://ipinfo.io/209.85.160.197 this IP belongs to Google.
Website is hosted on AWS, and uses ONLY AWS services to emails. So do I.
May I ask:
- if the straightforward meaning of this report, where the DKIM test had a PASS results, means that my SSH DKIM private key was compromised?
- Are there other options for servers reaching a PASS for DKIM, when they should have failed?
- Could an auto forward of an email by a recipient of an email sent from me, forwarded to another server, fetch the other server’s IP for auto forwarding?
- Can I easily generate a NEW private-public SSH keys for DKIM, and replace current ones:
- Private one (on a Plesk run server) on the file:
- /etc/domainkeys/currenge.com/default
- Public one, on the DNS record:
- default._domainkey.example.com. TXT v=DKIM1; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJ….HoZ+fe+/DtUymwldRL+oKLnzQgaFt7PFpcrz5H3Y1lZtJ….ExFSfkOuhjXLWNdBaLG1XgwIDAQAB;
Regards, ziegel
- This topic was modified 13 hours, 17 minutes ago by .