On 11/02/2017 10:38, /dev/rob0 wrote:
This appears to be from Mailchimp, so reporting it as abuse is likely
to yield some satisfactory results.
Thanks to everyone for the advice.
P.V.Anthony
smime.p7s
Description: S/MIME Cryptographic Signature
On Thu, Feb 09, 2017 at 06:16:36PM +0800, P.V.Anthony wrote:
> Just got an scam email that looks like from paypal.
>
> It passed dkim and spf.
>
> dkim=pass (1024-bit key) header.d=service2.sdmone.email
> header.i=sdmone@service2.sdmone.email header.b="adXLiw9w";
> dkim=pass (1024-bit key
Im Auftrag von P.V.Anthony
> Since the email contains the following.
>
> From: =?utf-8?Q?service=40paypaI=2Ecom=2Esg?=
>
>
> What do you all think about that?
>
> P.V.Anthony
>
Perhaps
if /^From:.*paypal.*/
if !/\<.+@(.\.)?paypal\.(de|com)\>$/
#!/\<.+@(.\.)paypal\.(de|com)\>$/i
uary 9, 2017 2:24 AM
>*To: *postfix-users@postfix.org
>*Subject: *Re: The "from" header looks like paypal but it is coming
>from
>somewhere else. [signed]
>
>The problem here is that DKIM isn't aligned to paypal.com
>Enforce strict DKIM alignment on sensitive domains l
: The "from" header looks like paypal but it is coming from
somewhere else. [signed]
The problem here is that DKIM isn't aligned to paypal.com
Enforce strict DKIM alignment on sensitive domains like paypal
I don't think this is a DKIM issue. A bespoke regex as check_header sh
ot; header looks like paypal but it is coming from somewhere else. [signed]The problem here is that DKIM isn't aligned to paypal.com
Enforce strict DKIM alignment on sensitive domains like paypal
The problem here is that DKIM isn't aligned to paypal.com
Enforce strict DKIM alignment on sensitive domains like paypal
smime.p7s
Description: S/MIME Cryptographic Signature
