Yeah, the Kitterman SPF checker barfs on this:
Mail sent from this IP address: 118.27.72.15
Mail from (Sender): bou...@amazon.co.jp
Mail checked using this SPF policy: v=spf1 include:amazon.com
include:spf-bma.mpme.jp include:amazon-spf.mrs.mpub.ne.jp -all
Results - Permanent Error SPF Permanent Er
Should point out.. they have a messy SPF record right now..
host -t TXT amazon.co.jp
amazon.co.jp descriptive text "v=spf1 include:amazon.com
include:spf-bma.mpme.jp include:amazon-spf.mrs.mpub.ne.jp -all"
host amazon-spf.mrs.mpub.ne.jp
Host amazon-spf.mrs.mpub.ne.jp not found: 3(NXDOMAIN)
Bu
Not trying to be an apologist for Amazon (EC2?), but the domain has a DMARC
policy, so you could treat it at that level. Are your samples failing
authentication?
$ dig +short txt _dmarc.amazon.co.jp
"v=DMARC1; p=quarantine; pct=100; rua=mailto:
dmarc-repo...@bounces.amazon.com; ruf=mailto:
dmarc-r
Just a friendly point out..
Return-Path:
Received: from v118-27-72-15.thcj.static.cnode.io (HELO amazon.co.jp)
(118.27.72.15)
From: Amazon
If you see a similar combination, you might just want to block it in the
SMTP layer..
We added it (amazon.co.jp) to our known sender forgery list(s),
