same. Nothing like that in the headers or body. -nick
— Nick Peelman n...@peelman.us > On Dec 8, 2016, at 9:59 AM, Adam Levin <levins...@gmail.com> wrote: > > I received the message, and there has *not* been any message injected into > the body regarding failing fraud detection checks. > > -Adam > > On Thu, Dec 8, 2016 at 9:39 AM, Edward Ned Harvey (lopser) > <lop...@nedharvey.com <mailto:lop...@nedharvey.com>> wrote: > Before anything else, can any of you confirm that when you receive this > message, there has or hasn't been a line injected into the message body > saying "This sender failed our fraud detection checks..." at the beginning of > the message body? And who is your mail service provider? > > Ok, we know this much: > > My SPF record is definitely set correctly. > By looking at the message headers, we can see the message was sent > from NAM02-BL2-obe.outbound.protection.outlook.com > <http://nam02-bl2-obe.outbound.protection.outlook.com/> > (mail-bl2nam02on0092.outbound.protection.outlook.com > <http://mail-bl2nam02on0092.outbound.protection.outlook.com/>. [104.47.38.92]) > received by mx.google.com <http://mx.google.com/> > And when google receives it, it's an SPF pass > pass (google.com <http://google.com/>: domain of lop...@nedharvey.com > <mailto:lop...@nedharvey.com> designates 104.47.38.92 as permitted sender) > client-ip=104.47.38.92; > > Then, google does some processing, and google delivers the message to > lopsa-sb1.lopsa.org <http://lopsa-sb1.lopsa.org/> (Postfix) > Then, lopsa-sb1.lopsa.org <http://lopsa-sb1.lopsa.org/> delivers the message > to all the list members. > > Finally, when I receive the message, it has this text injected into the > message body: > This sender failed our fraud detection checks and may not be who they > appear to be. Learn about spoofing at http://aka.ms/LearnAboutSpoofing > <http://aka.ms/LearnAboutSpoofing> > > I am going to observe, that the URL is a link to an office365 information > article, which suggests, that the message is probably *not* being flagged as > spam by google or lopsa. It's probably being flagged only *after* lopsa > distributes it back to my office365 account. > _______________________________________________ > Tech mailing list > Tech@lists.lopsa.org <mailto:Tech@lists.lopsa.org> > https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech > <https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech> > This list provided by the League of Professional System Administrators > http://lopsa.org/ <http://lopsa.org/> > > _______________________________________________ > Tech mailing list > Tech@lists.lopsa.org > https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech > This list provided by the League of Professional System Administrators > http://lopsa.org/
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Tech mailing list Tech@lists.lopsa.org https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/