X-Gm-Message-State: AOJu0Yygtd3O5YdS/rWj45vxya0hwrYa/BjQf5JxGSCWzAx9RXR9bryH
LpU0oZbfEz95pt1aYhcAMT1+ArGYrI6GtRLuJdtIEEHgVc36TLiys7kql09B4icWlFB6/0HAW7R
L84tjrA==
X-Google-Smtp-Source:
AGHT+IHJ80+WwCu4hMgvckgAPlSHw5qrXfLxQgaNiEfLv7pnjJvoeHyju4z8pvBZv1ELBkh6pusbJQ==
X-Received: by 2002:a05:6a20:52a8:b0:19c:b3db:7aed with SMTP id
o40-20020a056a2052a800b0019cb3db7aedmr3266982pzg.46.1706675336094;
Tue, 30 Jan 2024 20:28:56 -0800 (PST)
Return-Path: <manageusery0swbfcucwwk3ac1bozqy1hfwkc...@danielwindke.biz.id>
Received: from iZ4csyme2vmqlcZ ([47.236.118.246])
by smtp.gmail.com with ESMTPSA id
g20-20020a62e314000000b006dacfab07b6sm8690666pfh.121.2024.01.30.20.28.54
for <REDACTED>
(version=TLS1 cipher=ECDHE-ECDSA-AES128-SHA bits=128/128);
Tue, 30 Jan 2024 20:28:55 -0800 (PST)
Message-ID: <65b9cc87.620a0220.bdac.b...@mx.google.com>
...
This appears to be a normally authenticated ESMPTSA session, but from an
IP Address in the Alibaba cloud.. normally this would raise red flags
alone, and the IP now has been added to other AUTH restriction RBL's,
but of course headers MAY have been forged...
But it 'looks' like a case where the first Google MTA in the chain is
adding it, even though the delivery will NOT be local.
Anyone shed more light on these?
--
"Catch the Magic of Linux..."
------------------------------------------------------------------------
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
A Wizard IT Company - For More Info http://www.wizard.ca
"LinuxMagic" a Reg. TradeMark of Wizard Tower TechnoServices Ltd.
------------------------------------------------------------------------
604-682-0300 Beautiful British Columbia, Canada
_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
