From dmarc-noreply@example.com Fri Apr 21 13:06:00 2017 Return-path: Envelope-to: postmaster@bsdly.net Delivery-date: Fri, 21 Apr 2017 13:06:00 +0200 Received: from mx.centurylink.net ([205.219.233.5] helo=mx01.agate.dfw.synacor.com) by skapet.bsdly.net with esmtp (Exim 4.89) (envelope-from ) id 1d1WKX-0001I5-3Q for postmaster@bsdly.net; Fri, 21 Apr 2017 13:06:00 +0200 Received: from [127.0.0.1] ([local]) by mx01.agate.dfw.synacor.com (envelope-from ) (ecelerity 3.6.14.50842 r(Core:3.6.14.1)) with UNKNOWN id F5/DA-16764-818D9F85; Fri, 21 Apr 2017 05:59:52 -0400 Date: Fri, 21 Apr 2017 05:59:52 -0400 Message-ID: Subject: DMARC Failure report for bsdly.net Mail-From:owner-misc+M163999=patrick_dohman=centurylink.net@openbsd.org IP:192.43.244.163 To: dmarc-noreply@example.com From: dmarc-noreply@example.com Content-Type: multipart/report; report-type=feedback-report; boundary="_----Sg4/J/yS04dG/79c1HLL5g===_F5/DA-16764-818D9F85" Status: RO Content-Length: 5406 Lines: 110 --_----Sg4/J/yS04dG/79c1HLL5g===_F5/DA-16764-818D9F85 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit This is an email abuse report for an email message received from IP 192.43.244.163 on Fri, 21 Apr 2017 05:59:52 -0400. The message below did not meet the sending domain's dmarc policy. For more information about this format please see http://tools.ietf.org/html/rfc6591 . --_----Sg4/J/yS04dG/79c1HLL5g===_F5/DA-16764-818D9F85 Content-Type: message/feedback-report Feedback-Type: auth-failure User-Agent: Lua/1.0 Version: 1.0 Original-Mail-From: owner-misc+M163999=patrick_dohman=centurylink.net@openbsd.org Original-Rcpt-To: patrick_dohman@centurylink.net Arrival-Date: Fri, 21 Apr 2017 05:59:52 -0400 Message-ID: <20170421095920.GA46989@skapet.bsdly.net> Authentication-Results: dmarc=fail (p=none; dis=none) header.from=bsdly.net Source-IP: 192.43.244.163 Delivery-Result: delivered Auth-Failure: dmarc Reported-Domain: bsdly.net --_----Sg4/J/yS04dG/79c1HLL5g===_F5/DA-16764-818D9F85 Content-Type: message/rfc822 Content-Disposition: inline Return-Path: Authentication-Results: mx01.agate.dfw.synacor.com; iprev=pass policy.iprev="192.43.244.163"; spf=pass smtp.mailfrom="owner-misc+M163999=patrick_dohman=centurylink.net@openbsd.org" smtp.helo="openbsd.org"; dkim=fail (signature verification failed) header.d=bsdly.net; dmarc=fail (p=none; dis=none) header.from=bsdly.net Received: from [192.43.244.163] ([192.43.244.163:29293] helo=openbsd.org) by smtp.embarq.synacor.com (envelope-from ) (ecelerity 3.6.14.50842 r(Core:3.6.14.1)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id B4/DA-16764-818D9F85; Fri, 21 Apr 2017 05:59:52 -0400 Received: from openbsd.org (localhost [127.0.0.1]) by openbsd.org (OpenSMTPD) with ESMTP id 3ef1fd4a for ; Fri, 21 Apr 2017 03:59:51 -0600 (MDT) Received: from skapet.bsdly.net (skapet.bsdly.net [213.187.179.198]) by openbsd.org (OpenSMTPD) with ESMTPS id f1e5e97d (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256:NO) for ; Fri, 21 Apr 2017 03:59:22 -0600 (MDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=simple/simple; d=bsdly.net; s=x; h=Sender:In-Reply-To:Content-Type:MIME-Version:References:Message-ID: Subject:Cc:To:From:Date:Reply-To:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=YWK8NZFHECL03Dq0reSSoyL36HsMM7JPuIEIV0tMPok=; b=nzRxJ6+klkEyEVZGdu5zS4Dk3c a5Apfl9PfSxgBHnlxWtIPzMdJwbIe8AwnwlhMoAAU31Jc3gVaMOqo8BCczJGrCxArbLq/LEXQrNWJ lX4BudnVxk2J8gY4DRm9hvdGbU0yPAUXNPyPPMCgyAOsVHnukJaWW+RzKj0ZQNmYduq8=; Received: from peter by skapet.bsdly.net with local (Exim 4.89) (envelope-from ) id 1d1VLU-000Bpo-NG; Fri, 21 Apr 2017 11:59:20 +0200 Date: Fri, 21 Apr 2017 11:59:20 +0200 From: "Peter N. M. Hansteen" To: misc@openbsd.org Cc: "misc@openbsd.org" Subject: Re: spamd and outlook.com Message-ID: <20170421095920.GA46989@skapet.bsdly.net> References: <20aa3a9e-b188-c394-ac5b-e3fb11b2218e@ghweb.de> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20aa3a9e-b188-c394-ac5b-e3fb11b2218e@ghweb.de> User-Agent: Mutt/1.8.1 (2017-04-11) List-Help: List-ID: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: X-Loop: misc@openbsd.org Precedence: list Sender: owner-misc@openbsd.org On Fri, Apr 21, 2017 at 11:25:14AM +0200, Markus Rosjat wrote: > > so if you have spamd in place in greylisting mode and you have customers > that work with people who use Office365 as a service you will get calls that > emails are delayed for a freaking long time and if you check the ip range > that outlook.com could send from you get scared. start with $ host -ttxt outlook.com and follow the includes to the very end. Then weep. TL;DR: last time I looked that expanded to eighty-some *networks* of varying sizes. https://github.com/akpoff/spf_fetch fed the relevant domains is one solution, and in addition you will find my collection of manually maintained SPF sedimentation is available at https://home.nuug.no/~peter/nospamd The problem is that the 'architects' behind outlook.com and their ilk are really not on board with the idea that having some tiny bit of control over where your mail comes from is a good idea, but they were made to comply with the SPF/DKIM/DMARC scheme (straight out of the Rube Goldberg school of engineering), which is one of those endless and endlessly tiresome artifacts of the "something has to be done", "this is something" 'system architect' responses. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ "Remember to set the evil bit on all malicious network traffic" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds. --_----Sg4/J/yS04dG/79c1HLL5g===_F5/DA-16764-818D9F85--