We use sendmail-8.15.2-8.fc25 on Fedora 25 with spamassassin-3.4.1-9. Can anyone explain how this email got through with a forged from: address? https://pastebin.com/L7NKCK3E <https://pastebin.com/L7NKCK3E>
The 1st received IP is not on any real time blacklist as of this moment: Received: from 167.249.16.132 The 2nd IP in the mail header trail now shows up in BACKSCATTER, BLOCKLIST.DE and MAILSPIKE BL Received: from embacelsga.localdomain (oi66.grupocartonpack.com [189.30.23.66]) But shouldn’t the default settings in sendmail.mc/cf check for spoofing of the HELO?