[194258] in North American Network Operators' Group
Re: Microsoft O365 labels nanog potential fraud?
daemon@ATHENA.MIT.EDU (William Herrin)
Wed Mar 29 11:33:05 2017
X-Original-To: nanog@nanog.org
X-Really-To: <nanog@nanog.org>
In-Reply-To: <470c9743-1f90-4b65-29d9-a4176dae4896@tnetconsulting.net>
From: William Herrin <bill@herrin.us>
Date: Wed, 29 Mar 2017 11:32:35 -0400
To: Grant Taylor <gtaylor@tnetconsulting.net>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
On Wed, Mar 29, 2017 at 11:25 AM, Grant Taylor via NANOG <nanog@nanog.org>
wrote:
> Every SPF implementation I've seen has checked the SMTP envelope FROM
> address /and/ the RFC 822 From: header address.
>
Hi Grant,
The gold standard, Spamassassin, does not. Indeed, the message to which I
reply was scored by spam assassin as "SPF_PASS" even though you do not
include NANOG's servers in the SPF record for tnetconsulting.net.
Regards,
Bill Herrin
--
William Herrin ................ herrin@dirtside.com bill@herrin.us
Dirtside Systems ......... Web: <http://www.dirtside.com/>
