I'm running ASSP version 2.1.1(11364) so it's a recent version
From: Thomas Eckardt [thomas.ecka...@thockar.com]
Sent: Friday, March 30, 2012 11:31 AM
To: ASSP development mailing list
Subject: [Assp-test] Antwort: Still not catching falsified sender domain
Why is ASSP not throwing out this message based on the obviously faked
sender domain/ip
possibly because you use an outdated version ? I think there was fix for
this in the last months.
Thomas
Von:Michelle Dupuis mdup...@ocg.ca
An: assp-test@lists.sourceforge.net
assp-test@lists.sourceforge.net
Datum: 30.03.2012 15:52
Betreff:[Assp-test] Still not catching falsified sender domain
I'm still trying to get settings right (and I think I'm close), but ASSP
is failing to catch really obviously faked domains!
I put the header below, and you can see that 168-226-66-116.speedy.com.ar
is pretending to be usps.com. I run my mail through netdorm (and have
setup netdorm correctly per previous advice). Why is ASSP not throwing
out this message based on the obviously faked sender domain/ip ? (I even
have usps.com in the strictSPF file but no difference).
Thanks!
Received: from smtp2.netdorm.com (172.31.254.35) by mail.mydomain.com
(172.31.254.35) with Microsoft SMTP Server id 8.1.436.0; Fri, 30 Mar 2012
09:15:01 -0400
Received: from smtp2.netdorm.com ([67.214.161.138] helo=smtp2.netdorm.com)
by
spamfilter.mydomain.com with ESMTP (2.1.1); 30 Mar 2012 09:15:00 -0400
Received: from usps.com (168-226-66-116.speedy.com.ar [168.226.66.116]
(may be
forged)) by smtp2.netdorm.com (8.13.8/8.13.8) with ESMTP id
q2UDExvD014961;
Fri, 30 Mar 2012 09:15:05 -0400
Received: from [66.46.31.241] (account usps_shipping_servi...@usps.com
mailto:usps_shipping_servi...@usps.com HELO
uxrxqlfpoztpdtk.vejgrirrwzx.info) by (CommuniGate Pro SMTP 5.2.3) with
ESMTPA id 274623071 for us...@mydomain.commailto:us...@mydomain.com;
Fri, 30 Mar 2012 10:14:56 -0300
From: Rudy Gould usps_shipping_servi...@usps.com
mailto:usps_shipping_servi...@usps.com
To: us...@mydomain.commailto:us...@mydomain.com, us...@mydomain.com
mailto:us...@mydomain.com
Subject: USPS postage labels order confirmation.
Date: Fri, 30 Mar 2012 10:14:56 -0300
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary==_ryqoj_39_54_73
X-Priority: 3
X-Mailer: wynuuy_29
Message-ID: 6979509404.jvx74cpq755...@tcidqwlmahhk.zettatccivjbe.org
mailto:6979509404.jvx74cpq755...@tcidqwlmahhk.zettatccivjbe.org
X-Assp-Version: 2.1.1(11364) on spamfilter.mydomain.com
X-Assp-Re-SPFstrict: @usps.com
X-Assp-Received-SPF: softfail (cache) ip=67.214.161.138
mailfrom=usps_shipping_servi...@usps.com
mailto:mailfrom=usps_shipping_servi...@usps.com
helo=smtp2.netdorm.com
X-Assp-Message/IP-Score: 10 (SPF softfail)
X-Assp-Message/IP-Score: 17 (DNSBL: neutral, 168.226.66.116 listed in
l2.apews.org)
X-Assp-DNSBL: neutral, 168.226.66.116 listed in (l2.apews.org-127.0.0.2;
)
X-Assp-Spam-Prob: 0.49675
X-Assp-ID: spamfilter.mydomain.com m1-13300-75165
X-Assp-Detected-RIP: 66.46.31.241, 168.226.66.116
X-Assp-Source-IP: 66.46.31.241
X-Assp-Envelope-From: usps_shipping_servi...@usps.com
mailto:usps_shipping_servi...@usps.com
X-Assp-Intended-For: us...@mydomain.commailto:us...@mydomain.com
Return-Path: usps_shipping_servi...@usps.com
mailto:usps_shipping_servi...@usps.com
--
This SF email is sponsosred by:
Try Windows Azure free for 90 days Click Here
http://p.sf.net/sfu/sfd2d-msazure
___
Assp-test mailing list
Assp-test@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-test
DISCLAIMER:
***
This email and any files transmitted with it may be confidential, legally
privileged and protected in law and are intended solely for the use of the
individual to whom it is addressed.
This email was multiple times scanned for viruses. There should be no
known virus in this email!
***
--
This SF email is sponsosred by:
Try Windows Azure free for 90 days Click Here
http://p.sf.net/sfu/sfd2d-msazure
___
Assp-test mailing list
Assp-test@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-test
