Microsoft O365 labels nanog potential fraud?

William Herrin bill at
Wed Mar 29 19:52:15 UTC 2017

On Wed, Mar 29, 2017 at 12:24 PM, Alan Hodgson <ahodgson at>

> On Wednesday 29 March 2017 11:12:33 William Herrin wrote:
> > Both SPF and DKIM are meant to be checked against the domain in the
> > envelope sender (SMTP protocol-level return address) which the NANOG list
> > sets to nanog-bounces at Checking against the message header
> "from"
> > address is an incorrect implementation which will break essentially all
> > mailing lists.
> >
> This is incomplete.
> TL;DR: SPF checks the envelope sender. DKIM doesn't check anything except
> to
> test that parts of the message haven't been altered. DMARC adds policy to
> both
> to check them against the header From:. Mailing list software may not work
> with DMARC-reject senders (but Nanog does).

Hi Alan,

I accept your explanation as the correct one.

Bill Herrin

William Herrin ................ herrin at  bill at
Dirtside Systems ......... Web: <>

More information about the NANOG mailing list