Microsoft O365 labels nanog potential fraud?

• Previous message (by thread): Microsoft O365 labels nanog potential fraud?
• Next message (by thread): Microsoft O365 labels nanog potential fraud?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On Wed, 2017-03-29 at 11:32 -0400, William Herrin wrote:

> The gold standard, Spamassassin, does not. Indeed, the message to
> which I reply was scored by spam assassin as "SPF_PASS" even though
> you do not include NANOG's servers in the SPF record for
> tnetconsulting.net.

The message from Mr. Taylor (to which Mr. Herrin is replying) arrived
here with:

Return-path: <nanog-bounces at nanog.org>
From: Grant Taylor via NANOG <nanog at nanog.org>
Reply-to: Grant Taylor <gtaylor at tnetconsulting.net>

So an SPF implementation that checks either or both of the (rfc2821
envelope from / rfc2822 header from) domains will pass.

The original was DKIM signed by d=tnetconsulting.net (c=simple/simple -
you might want to change that) but of course that signature was broken
by the nanog list handling.


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (GNU/Linux)

iEYEAREKAAYFAljb2dEACgkQL6j7milTFsGoxwCePikWwzhrqSLFV3QQIKNR8FfO
eoAAnjjH7TgYcTSJC8DWe2l139iQfkkI
=SEM6
-----END PGP SIGNATURE-----

• Previous message (by thread): Microsoft O365 labels nanog potential fraud?
• Next message (by thread): Microsoft O365 labels nanog potential fraud?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]