Re: Which SA test can detect/score this (fairly common) 'freemail' whack-a-mole?

Reindl Harald Sat, 25 Jun 2016 16:48:57 -0700


Am 26.06.2016 um 01:06 schrieb Benny Pedersen:

On 2016-06-26 00:29, jaso...@mail-central.com wrote:

    Authentication-Results: dmarc.mail.example.com/876fg6sdf6876498f;
dmarc=none header.from=gmail.com


https://dane.sys4.de/smtp/gmail.com

    Authentication-Results: dkim.mail.example.com/876fg6sdf6876498f;
    dkim=pass (2048-bit key; unprotected) header.d=yahoo.com
header.i=@yahoo.com header.b=UFAXzzUL


https://dane.sys4.de/smtp/yahoo.com

    Authentication-Results: spf.mail.example.com; spf=softfail (domain
owner discourages use of this host) smtp.mailfrom=gmail.com
(client-ip=212.82.96.171; helo=nm12-vm1.bullet.mail.ir2.yahoo.com;
envelope-from=mrs.djoe...@gmail.com; receiver=u...@example.com)


so why not reject softfail based on it ?


because he is no fool and likely repsonsible for others mail?

SPF_SOFTFAIL != SPF_FAIL and when you don#t understand the difference better don't comment at all

oh yahoo client use gmail, hmm :=)


yes that's the topic

that user should use smtp auth on gmail, not use yahoo smtp servers for
relaying


yes that's the topic

there seems no be rule for

        From 'freemail' @GMAIL
        ReplyTo 'freemail' @HOTMAIL

FREEMAIL_FORGED_REPLYTO "Freemail in Reply-To, but not From" comes near, but don't hit because are freemail *but different* ones

signature.asc
Description: OpenPGP digital signature

Re: Which SA test can detect/score this (fairly common) 'freemail' whack-a-mole?

Reply via email to