On Mon, 1 May 2017, Alex wrote:
Hi,
On Mon, May 1, 2017 at 12:46 AM, Axb <axb.li...@gmail.com> wrote:
On 04/30/2017 10:48 PM, John Hardin wrote:
On Sun, 30 Apr 2017, Alex wrote:
Hi, is it possible hotmail is now using outlook.com to route and
process their email? Or perhaps this user is using outlook to send
their hotmail mail? If so, I believe the FORGED_HOTMAIL_RCVD2 rule is
not considering this possibility.
That's entirely possible. I'm pretty sure I've seen messages purporting
to be from a hotmail user that were processed by outlook.com. I'll check
my corpora and see if I can confirm that.
If you check hotmail's SPF records you'll see that they've added a a bunch
of include:spfX.protection.outlook.com entries.
I can confirm they're routing hotmail/live/etc mail thru these ranges.
So what can be done about fixing this rule?
Primarily, get the masscheck infrastructure working again.
Devs can fix the rule in the repo, but that doesn't get it published to
automatically update production installs.
For the moment it would be:
(1) fix the rule in the repo (on us devs)
(2) pull the updated version out of the SA repo (on you)
(3) manually patch your local install (on you)
(4) depending on how you do (3), remember to undo it when masscheck starts
publishing rules updates again. (on you)
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhar...@impsec.org FALaholic #11174 pgpk -a jhar...@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
Where are my space habitats? Where is my flying car?
It's 2010 and all I got from the SF books of my youth
is the lousy dystopian government. -- perlhaqr
-----------------------------------------------------------------------
7 days until the 72nd anniversary of VE day
