steve skrev den 2015-11-23 13:31:
asn plugin currently does not work with ipv6
I'll cross that bridge when I come to it.
i just still need self to debug why it fails, currently i have seen
2.0.0.0/8 when ipv6 recieved in 26xx: :=)
and if you see mails pretending sent from google/gmail it wont be dkim
pass and spf pass
The example i saw last week was from "Google Audit"
<sec...@googletechteam.co.uk>, was DKIM signed and valid [but
obviously not by Google's key :)] and was asking a user to verifiy
thier account... URIs weren't blacklisted at the time.
co.uk is a domain and a tld, very cool :)
dont blame me on that
i can make google.junc.eu is it now google that spams you ?
yes i know co.uk is a valid tld, but spammers seems not knowing why not
to use it
Test results of that scan were...
DKIM_SIGNED=0.1
DKIM_VALID=-0.1
DKIM_VALID_AU=-0.1
HTML_MESSAGE=0.001
KAM_COUK=0.1
MIME_HTML_ONLY=0.723
RP_MATCHES_RCVD=-0.582
SPF_PASS=-0.001
TXREP=1.105
what dkim domain, whois dkim-domain
My thought process was that emails with Google in the Senders Name or
email address should only really originate from IP addresses / ASN's
Google own (initial invesgation suggest gmail.com comes from AS15169
thought I've not thrown a wide net yet).
asn is nice but too unstable to make rules on
I feel its worth exploring for my purposes.
okay with me if you do with stable data
Any further advice will be grafefully recived.
possible start using dmarc ?
