hi- a message from yahoo seems to have matched FORGED_YAHOO_RCVD, which from my perspective, the message is not forged [see below pastebin - i hope i've not removed anything of importance during anonymization]. i noted that dkim authentication appears to have failed, which, while of interest for other reasons, doesn't seem to be the culprit here [in my cursory look at check_for_forged_yahoo_received_headers, i didn't see any references to dkim]? was this a false positive, or am i ignorant?
http://dpaste.com/3XTYV0V.txt -ben
