You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by "White, Daniel E. (GSFC-770.0)[AEGIS] via users" <us...@spamassassin.apache.org> on 2023/04/20 11:47:34 UTC
Re: [EXTERNAL] Re: Mailing list is being Spam Filtered by O-365
How about this:
Received: from BL0GCC02FT019.eop-gcc02.prod.protection.outlook.com
(2a01:111:f400:7d05::201) by CYXPR09CA0020.outlook.office365.com
(2603:10b6:930:d4::27) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6319.25 via Frontend
Transport; Thu, 20 Apr 2023 11:27:54 +0000
Authentication-Results: spf=fail (sender IP is 63.88.93.251) <-------------------------
smtp.mailfrom=lists.freeradius.org; dkim=none (message not signed)
header.d=none;dmarc=fail action=oreject
header.from=lists.freeradius.org;compauth=none reason=452
Received-SPF: Fail (protection.outlook.com: domain of lists.freeradius.org <-------------------------
does not designate 63.88.93.251 as permitted sender)
receiver=protection.outlook.com; client-ip=63.88.93.251;
helo=vsmtpx-e100-01.localdomain;
> From: Reindl Harald <h....@thelounge.net>
> Organization: the lounge interactive design
> Date: Thursday, April 20, 2023 at 07:36
> Subject: [EXTERNAL] Re: Mailing list is being Spam Filtered by O-365
>
> Am 20.04.23 um 13:20 schrieb White, Daniel E. (GSFC-770.0)[AEGIS] via users:
> > Is there any chance that SPF and DKIM records could be added to appear in the headers ?
> what makes you believe that SPF is part of mail-headers?
> dig +short TXT spamassassin.apache.org;
> "spf2.0/pra ?all"
> "v=spf1 include:_spf.apache.org -all"
>
> Received-SPF: Pass (mailfrom) identity=mailfrom;
> client-ip=3.227.148.255; helo=mxout1-ec2-va.apache.org
>
Re: [EXTERNAL] Re: Mailing list is being Spam Filtered by O-365
Posted by Benny Pedersen <me...@junc.eu>.
White, Daniel E. (GSFC-770.0)[AEGIS] via users skrev den 2023-04-20
13:47:
> How about this:
> Authentication-Results: spf=fail (sender IP is 63.88.93.251)
> <-------------------------
> smtp.mailfrom=lists.freeradius.org; dkim=none (message not signed)
> header.d=none;dmarc=fail action=oreject
> header.from=lists.freeradius.org;compauth=none reason=452
> Received-SPF: Fail (protection.outlook.com: domain of
> lists.freeradius.org <-------------------------
> does not designate 63.88.93.251 as permitted sender)
> receiver=protection.outlook.com; client-ip=63.88.93.251;
> helo=vsmtpx-e100-01.localdomain;
lists.freeradius.org is not spamassassin.apache.org
report to your forwarder not setting correct envelope sender, doh
Re: [EXTERNAL] Re: Mailing list is being Spam Filtered by O-365
Posted by Noel Butler <no...@ausics.net>.
That is not a freeradius.org server that I can see, completely different
network even...
/var/mail/corp/n/o/e/noel.butler/Maildir/.Lists.FreeRadius/cur# grep
"63.88.93.251" * | wc -l
0
Messages in folder 28047
CC'd F/R ML since you also posting this issue over there
On 20/04/2023 21:47, White, Daniel E. (GSFC-770.0)[AEGIS] via users
wrote:
> How about this:
>
> Received: from BL0GCC02FT019.eop-gcc02.prod.protection.outlook.com
> (2a01:111:f400:7d05::201) by CYXPR09CA0020.outlook.office365.com
> (2603:10b6:930:d4::27) with Microsoft SMTP Server (version=TLS1_2,
> cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6319.25 via
> Frontend
> Transport; Thu, 20 Apr 2023 11:27:54 +0000
> Authentication-Results: spf=fail (sender IP is 63.88.93.251)
> <-------------------------
> smtp.mailfrom=lists.freeradius.org; dkim=none (message not signed)
> header.d=none;dmarc=fail action=oreject
> header.from=lists.freeradius.org;compauth=none reason=452
> Received-SPF: Fail (protection.outlook.com: domain of
> lists.freeradius.org <-------------------------
> does not designate 63.88.93.251 as permitted sender)
> receiver=protection.outlook.com; client-ip=63.88.93.251;
> helo=vsmtpx-e100-01.localdomain;
--
Regards,
Noel Butler
This Email, including attachments, may contain legally privileged
information, therefore at all times remains confidential and subject to
copyright protected under international law. You may not disseminate
this message without the authors express written authority to do so.
If you are not the intended recipient, please notify the sender then
delete all copies of this message including attachments immediately.
Confidentiality, copyright, and legal privilege are not waived or lost
by reason of the mistaken delivery of this message.
Re: [EXTERNAL] Re: Mailing list is being Spam Filtered by O-365
Posted by Matus UHLAR - fantomas <uh...@fantomas.sk>.
>> Am 20.04.23 um 13:20 schrieb White, Daniel E. (GSFC-770.0)[AEGIS] via users:
>> > Is there any chance that SPF and DKIM records could be added to appear in the headers ?
On 20.04.23 11:47, White, Daniel E. (GSFC-770.0)[AEGIS] via users wrote:
>How about this:
>
>Received: from BL0GCC02FT019.eop-gcc02.prod.protection.outlook.com
> (2a01:111:f400:7d05::201) by CYXPR09CA0020.outlook.office365.com
> (2603:10b6:930:d4::27) with Microsoft SMTP Server (version=TLS1_2,
> cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6319.25 via Frontend
> Transport; Thu, 20 Apr 2023 11:27:54 +0000
>Authentication-Results: spf=fail (sender IP is 63.88.93.251) <-------------------------
> smtp.mailfrom=lists.freeradius.org; dkim=none (message not signed)
> header.d=none;dmarc=fail action=oreject
> header.from=lists.freeradius.org;compauth=none reason=452
>Received-SPF: Fail (protection.outlook.com: domain of lists.freeradius.org <-------------------------
> does not designate 63.88.93.251 as permitted sender)
> receiver=protection.outlook.com; client-ip=63.88.93.251;
> helo=vsmtpx-e100-01.localdomain;
Those are just results of checks a server added to the mail.
According to those headers they were added by lists.freeradius.org server,
but this message received from outlook.som could already contain these
headers, since these headers go AFTER the Received: line.
You don't need to trust them, they can be faked.
...and spammers will surely start faking them, if anyone chooses to blindly trust such
mail headers.
When I received your mail from this lists, I saw:
Authentication-Results: fantomas.fantomas.sk; dmarc=none (p=none dis=none) header.from=spamassassin.apache.org
Authentication-Results: fantomas.fantomas.sk;
dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=nasa.gov header.i=@nasa.gov header.a=rsa-sha256 header.s=selector1 header.b=NZ4tZwLQ;
dkim-atps=neutral
Authentication-Results: fantomas.fantomas.sk; arc=fail smtp.remote-ip=3.227.148.255
Authentication-Results: fantomas.fantomas.sk; spf=pass (sender SPF
authorized) smtp.mailfrom=spamassassin.apache.org
(client-ip=3.227.148.255; helo=mxout1-ec2-va.apache.org;
envelope-from=users-return-126707-uhlar=fantomas.sk@spamassassin.apache.
org; receiver=<UNKNOWN>)
Received: from mxout1-ec2-va.apache.org (mxout1-ec2-va.apache.org [3.227.148.255])
by fantomas.fantomas.sk (Postfix) with ESMTPS id 3245DA00EA
for <uh...@fantomas.sk>; Thu, 20 Apr 2023 13:47:49 +0200 (CEST)
so I know that Authentication-Results: were added by my server after
receiving this mail from apache.org.
--
Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
BSE = Mad Cow Desease ... BSA = Mad Software Producents Desease