Before anything else, can any of you confirm that when you receive this
message, there has or hasn't been a line injected into the message body saying
"This sender failed our fraud detection checks..." at the beginning of the
message body? And who is your mail service provider?
Ok, we know this much:
My SPF record is definitely set correctly.
By looking at the message headers, we can see the message was sent
from NAM02-BL2-obe.outbound.protection.outlook.com
(mail-bl2nam02on0092.outbound.protection.outlook.com. [104.47.38.92])
received by mx.google.com
And when google receives it, it's an SPF pass
pass (google.com: domain of [email protected] designates
104.47.38.92 as permitted sender) client-ip=104.47.38.92;
Then, google does some processing, and google delivers the message to
lopsa-sb1.lopsa.org (Postfix)
Then, lopsa-sb1.lopsa.org delivers the message to all the list members.
Finally, when I receive the message, it has this text injected into the message
body:
This sender failed our fraud detection checks and may not be who they
appear to be. Learn about spoofing at http://aka.ms/LearnAboutSpoofing
I am going to observe, that the URL is a link to an office365 information
article, which suggests, that the message is probably *not* being flagged as
spam by google or lopsa. It's probably being flagged only *after* lopsa
distributes it back to my office365 account.
_______________________________________________
Tech mailing list
[email protected]
https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech
This list provided by the League of Professional System Administrators
http://lopsa.org/
