On second thought, this may be a spammer who discovered gmail heuristics that exempt the message from DMARC and SPF .
The DNS part may be a factor, but I don't want to publicly reverse engineer a partner's private exemption process. ------Original Message------ From: Franck Martin To: Chris Lamont Mankowski To: [email protected] Subject: Re: [dmarc-discuss] Google report shows "Trusted Forwarder" for Asia hacker... Sent: Jul 11, 2012 12:50 PM The joys of NAT? And Carrier Grade NAT? Or you are infected by DNSChanger? On 7/11/12 9:09 AM, "Chris Lamont Mankowski" <[email protected]> wrote: >It seems that any Windows machine that tracerroutes the IP address I >blanked out, they will get a DNS resolution of local host. This is >due to a special DNS response I captured using netmon. > >If a Google security engineer contacts me directly off list, I can >share the results and more information. > > > >On Wed, Jul 11, 2012 at 11:58 AM, Chris Lamont Mankowski ><[email protected]> wrote: >> This is strange, I have a DKIM report from Google that says email was >> sent by a Trusted Forwarder, and when I do a tracert to the remote >> machine, several of the reverse lookups have a machine name matching >> my personal laptop. >> Sent via BlackBerry from T-Mobile _______________________________________________ dmarc-discuss mailing list [email protected] http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
