I'm still trying to get settings right (and I think I'm close), but ASSP is failing to catch really obviously faked domains!
I put the header below, and you can see that 168-226-66-116.speedy.com.ar is pretending to be usps.com. I run my mail through netdorm (and have setup netdorm correctly per previous advice). Why is ASSP not throwing out this message based on the obviously faked sender domain/ip ? (I even have usps.com in the strictSPF file but no difference). Thanks! Received: from smtp2.netdorm.com (172.31.254.35) by mail.mydomain.com (172.31.254.35) with Microsoft SMTP Server id 8.1.436.0; Fri, 30 Mar 2012 09:15:01 -0400 Received: from smtp2.netdorm.com ([67.214.161.138] helo=smtp2.netdorm.com) by spamfilter.mydomain.com with ESMTP (2.1.1); 30 Mar 2012 09:15:00 -0400 Received: from usps.com (168-226-66-116.speedy.com.ar [168.226.66.116] (may be forged)) by smtp2.netdorm.com (8.13.8/8.13.8) with ESMTP id q2UDExvD014961; Fri, 30 Mar 2012 09:15:05 -0400 Received: from [66.46.31.241] (account usps_shipping_servi...@usps.com<mailto:usps_shipping_servi...@usps.com> HELO uxrxqlfpoztpdtk.vejgrirrwzx.info) by (CommuniGate Pro SMTP 5.2.3) with ESMTPA id 274623071 for us...@mydomain.com<mailto:us...@mydomain.com>; Fri, 30 Mar 2012 10:14:56 -0300 From: Rudy Gould <usps_shipping_servi...@usps.com<mailto:usps_shipping_servi...@usps.com>> To: <us...@mydomain.com<mailto:us...@mydomain.com>>, <us...@mydomain.com<mailto:us...@mydomain.com>> Subject: USPS postage labels order confirmation. Date: Fri, 30 Mar 2012 10:14:56 -0300 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_ryqoj_39_54_73" X-Priority: 3 X-Mailer: wynuuy_29 Message-ID: <6979509404.jvx74cpq755...@tcidqwlmahhk.zettatccivjbe.org<mailto:6979509404.jvx74cpq755...@tcidqwlmahhk.zettatccivjbe.org>> X-Assp-Version: 2.1.1(11364) on spamfilter.mydomain.com X-Assp-Re-SPFstrict: @usps.com X-Assp-Received-SPF: softfail (cache) ip=67.214.161.138 mailfrom=usps_shipping_servi...@usps.com<mailto:mailfrom=usps_shipping_servi...@usps.com> helo=smtp2.netdorm.com X-Assp-Message/IP-Score: 10 (SPF softfail) X-Assp-Message/IP-Score: 17 (DNSBL: neutral, 168.226.66.116 listed in l2.apews.org) X-Assp-DNSBL: neutral, 168.226.66.116 listed in (l2.apews.org<-127.0.0.2; ) X-Assp-Spam-Prob: 0.49675 X-Assp-ID: spamfilter.mydomain.com m1-13300-75165 X-Assp-Detected-RIP: 66.46.31.241, 168.226.66.116 X-Assp-Source-IP: 66.46.31.241 X-Assp-Envelope-From: usps_shipping_servi...@usps.com<mailto:usps_shipping_servi...@usps.com> X-Assp-Intended-For: us...@mydomain.com<mailto:us...@mydomain.com> Return-Path: usps_shipping_servi...@usps.com<mailto:usps_shipping_servi...@usps.com> ------------------------------------------------------------------------------ This SF email is sponsosred by: Try Windows Azure free for 90 days Click Here http://p.sf.net/sfu/sfd2d-msazure _______________________________________________ Assp-test mailing list Assp-test@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/assp-test
