Skip to main content
S
sunen11383127
Participant
October 5, 2023
質問

Adobe doesn't seem to be following it's own DMARC policy leading to rejected emails

  • October 5, 2023
  • 返信数 3.
  • 1444 ビュー

I'm uncertain how to get a message through to Adobe IT department, so I am trying here.

 

Below you can see message@adobe.com using email services from Amazon - example a27-171.smtp-out.us-west-2.amazonses.com

The Adobe DMARC policy says to reject emails where the domains do not match the sending address domain.

Using this Amazon domain seems to viloate Adobe's own policy, and results in the email being rejected with a 550 error. 

 


[2023.10.03] 17:38:54 [54.240.27.171][63090815] Performing PTR host name lookup for 54.240.27.171
[2023.10.03] 17:38:54 [54.240.27.171][63090815] PTR host name for 54.240.27.171 resolved as a27-171.smtp-out.us-west-2.amazonses.com
[2023.10.03] 17:38:54 [54.240.27.171][63090815] rsp: 354 Start mail input; end with <CRLF>.<CRLF>
[2023.10.03] 17:38:55 [54.240.27.171][63090815] rsp: 550 Message rejected due to senders DMARC policy
[2023.10.03] 17:38:55 [54.240.27.171][63090815] A trace of the DMARC processing follows.
[2023.10.03] 17:38:55 [54.240.27.171][63090815] Beginning DMARC check for 0101018af6680d20-1f485dcc-cab8-47f0-8d0d-c2902ba3d8d1-000000@us-west-2.amazonses.com from IP 54.240.27.171...
[2023.10.03] 17:38:55 [54.240.27.171][63090815] The from field for the message is "Adobe <message@adobe.com>".  Will look for DMARC policy record at _dmarc.adobe.com
[2023.10.03] 17:38:55 [54.240.27.171][63090815] Retrieved the following DMARC policy record for "adobe.com": v=DMARC1; p=reject; sp=reject; pct=100; rua=mailto:adobe@rua.agari.com; ruf=mailto:adobe@ruf.agari.com; fo=1
[2023.10.03] 17:38:55 [54.240.27.171][63090815] DMARC: Bad DKIM signature.
[2023.10.03] 17:38:55 [54.240.27.171][63090815] DMARC policy violated due to SPF domain ("us-west-2.amazonses.com") not belonging to the same parent domain as the from address field domain ("adobe.com").

    このトピックへの返信は締め切られました。

    返信数 3

    S
    Simon25440529aumx
    Participant
    February 2, 2024

    This appears to have been going on since at least September/October 2023.  It is ni February 2024 and this issue still exists.

     

    Adobe need to sort this out immedialty - all emails for new users, password resets, etc. blocked

     

    ADOBE FIX YOUR DMARC or ROUTE YOUR EMAILS TO FOLLOW YOUR OWN DMARC RULES

     

    It is unbelievable that this has not already been addressed by you

      kglad
      Community Expert
      kgladCommunity Expert
      Community Expert
      February 2, 2024

      @Simon25440529aumx 

       

      these are user forums, not a way to communicate with adobe engineers.  

      to report bugs or ideas or wishes to adobe: for applicable apps, use https://helpx.adobe.com/ie/x-productkb/global/how-to-user-voice.html

       

      for createive cloud assets:

      bugs, https://community.adobe.com/t5/adobe-collaboration-experiences/ct-p/ct-adobe-collaboration-experienc...

       

      requests, https://community.adobe.com/t5/adobe-collaboration-experiences/ct-p/ct-adobe-collaboration-experienc...

       

      for others, use https://www.adobe.com/products/wishform.html

       

      if neither show a place to report the issue, just leave it here. that's the best you can do.

        F
        Frank32822987fctc
        Participant
        October 10, 2023

        Emails from Adobe have also recently been rejected by Microsoft because DMARC DNS entries are followed. So the behavior is similar. The cause is described in the following Microsoft article https://techcommunity.microsoft.com/t5/exchange-team-blog/announcing-new-dmarc-policy-handling-defaults-for-enhanced-email/ba-p/3878883. A support colleague from Adobe said I should post this here.

          S
          sunen11383127作成者
          Participant
          October 10, 2023

          Thanks, lending extra weight to the issue - there must be a lot of automated emails being rejected I'd imagine. 

           

          Ideally the support colleague from Adobe should alert their IT department to correct this (ideally by not sending email via another domain, or by setting the policy to "none"). Are they able to do so, or perhaps it is already in hand? 

          kglad
          Community Expert
          kgladCommunity Expert
          Community Expert
          October 5, 2023

          this is regarding what?

          S
          sunen11383127作成者
          Participant
          October 5, 2023

          This applies to at least some of Abode's emails that they send out from message@ - so for example email verification emails

           

          The email is routed via an Amazon SMTP server

          But Adobe's DMARC settings tell other mail servers only to trust the Abode emails if they come from an Abode domain name, and if they do not to reject them. 

          When that happens mail servers that are correctly set up will reject the email. 

           

          Abode will then get a reply showing a 550 error. 

          The recipient will get no email.

          In this case the cause is due to how Abode is sending out these emails which vilolates their own rules.  

           

          I'm attempting to highlight this to whoever might work in their IT department. 

          kglad
          Community Expert
          kgladCommunity Expert
          Community Expert
          October 5, 2023

          leaving it here is probably the best you can do per

           

          to report bugs or ideas or wishes to adobe:

           

          for applicable apps, use https://helpx.adobe.com/ie/x-productkb/global/how-to-user-voice.html

           

          for others, use https://www.adobe.com/products/wishform.html

           

          if neither show a place to report the issue, just leave it here.  that's the best you can do.

            契約条件Accessibility statement
            Using the community Terms of use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices