Microsoft O365 labels nanog potential fraud?
Grant Taylor
gtaylor at tnetconsulting.net
Wed Mar 29 15:25:44 UTC 2017
On 03/29/2017 09:12 AM, William Herrin wrote:
> Both SPF and DKIM are meant to be checked against the domain in the
> envelope sender (SMTP protocol-level return address) which the NANOG list
> sets to nanog-bounces at nanog.org. Checking against the message header "from"
> address is an incorrect implementation which will break essentially all
> mailing lists.
That may be what the original intent was.
Every SPF implementation I've seen has checked the SMTP envelope FROM
address /and/ the RFC 822 From: header address.
Granted, that does not mean that it's the correct behavior.
--
Grant. . . .
unix || die
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3717 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20170329/4492fdd3/attachment.bin>
More information about the NANOG
mailing list