Tue, 22 Nov 2016 16:51:26 +0000
|
I have seen on Listserv mail too. It has also shown up on posts to the Office 365 list (Mailman list, hosted at UCDavis). Had a rather hostile session with someone from MS yesterday (in fairness, I was not exactly in a good mood) and went after them on RFC822 Sec 4.4.1 and 4.4.2 (yes, there are more current, but I don't believe these sections have been superseded - yet)
It kind of culminated with me asking if his recommendation was the UGA SPF designate UCDavis. As I say, it was not altogether friendly, and I wasn't in such a good mood (though I do feel bad venting on the tech support folks). At the conclusion, I believe he actually did read the sections. Even so, this is coming from Exchange Online Protection (EOP). It seems *like* (but not quite) the beloved DMARC issue of 2014, and I doubt there is any good resolution.
--joe
________________________________________
From: LISTSERV Site Administrators' Forum <[log in to unmask]> on behalf of Helmke,Richard A <[log in to unmask]>
Sent: Monday, November 21, 2016 9:18 PM
To: [log in to unmask]
Subject: Office 365 and fraud detection errors
We are running a RedHat/Postfix configuration of LISTSERV 16.0-2014B. Within the last 20 days a number of our subscribers on various lists have started receiving:
“This sender failed our fraud detection checks and may not be who they appear to be. Learn about spoofing at http://aka.ms/LearnAboutSpoofing”
This occurs after the subscriber on Office 365 has submitted a posting and after distribution his copy is sent to him with this flag -- no other subscribers on other domains see this error, but other subscribers in his domain also see this warning.
We have a valid SPF record in place for listserv.cuis.edu, but have not implemented any kind of DKIM or DMARC records on LISTSERV (or elsewhere).
Is this a 'new' common problem? Is there a workaround (there are many domains affected because many of our subscribers are Office 365 users)? Both LSoft and Microsoft have suggested that a valid SPF record for our LISTSERV should be enough, but that is obviously not working for us.
-Rich Helmke
________________________________
To unsubscribe from the LSTSRV-L list, click the following link:
http://peach.ease.lsoft.com/scripts/wa-PEACH.exe?SUBED1=LSTSRV-L&A=1
############################
To unsubscribe from the LSTSRV-L list:
write to: mailto:[log in to unmask]
or click the following link:
http://peach.ease.lsoft.com/scripts/wa-PEACH.exe?SUBED1=LSTSRV-L&A=1
|
|
|