On Sun, 29 Jul 2018 18:33:23 +0100 RW wrote: > On Sun, 29 Jul 2018 12:28:08 +0200 > Antony Stone wrote: > > > On Sunday 29 July 2018 at 12:17:07, Sebastian Arcus wrote yet > > another email that's guaranteed to fail DMARC with a reject when > > posted through a mailing list, and consequently I didn't receive: > > > > > Or maybe I am misunderstanding completely what is going on? I've > > > uploaded a set of headers here: https://pastebin.com/KDV1f0wW > > > > Given that the example you've posted is from a machine with a public > > IP 82.132.242.82, but thinks it has a private IP 10.7.54.227, I'm > > not entirely surprised there is no rDNS set up for the private > > address. > > This is the header: > > Received: from 82.132.242.82 (EHLO [10.7.54.227]) ([82.132.242.82]) > by smtp409.mail.ir2.yahoo.com (Oath Hermes SMTP Server) with > ESMTPA ID 84be422cfd662692400891131b957bd8 for > <destination.addr...@mydomain.co.uk>; Mon, 23 Jul 2018 > 13:59:41 +0000 (UTC) > ... > Received: from ip70-189-131-151.lv.lv.cox.net (EHLO [192.168.0.105]) > ([70.189.131.151]) ... > > It's hard to say for sure, but either the sender is using a bare IP > address (would iPhone Mail allow that?) or Yahoo is doing something > strange.
What looks to be happening is that the first field is the rDNS, but if there is no rDNS (and possibly if it's not full-circle) Yahoo substitutes a bare IP address. I see in some older headers it has "JAMES SMTP Server" instead of "Oath Hermes SMTP Server". I wondering if this is an Apache James format.