LISTSERV - LSTSRV-L Archives - COMMUNITY.EMAILOGY.COM

LSTSRV-L Archives

LISTSERV Site Administrators' Forum

LSTSRV-L

	LISTSERV Archives
	LSTSRV-L Home

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show HTML Part by Default Show All Mail Headers
Topic:	[<< First] [< Prev] [Next >] [Last >>]

Re: Office 365 and fraud detection errors

"Silcox, Matthew" <[log in to unmask]>

Tue, 22 Nov 2016 16:54:59 +0000

text/plain (4 kB) , text/html (12 kB)

Same thing happening at Kent State University. We've assumed it's related to lack of SPF and DKIM, as GMail has been causing us similar grief. We're reviewing weekly DMARC reports to get our email auth plan underway, but getting information out of either vendor (Google and Microsoft) about a definitive cause is like pulling teeth.


Respectfully,

Matthew Silcox


Senior Systems Administrator

Client Infrastructure Group | Information Services

Kent State University


[1472478391067_PastedImage]    330.672.1290

[1472478426474_PastedImage]    [log in to unmask]<mailto:[log in to unmask]>




________________________________
From: LISTSERV Site Administrators' Forum <[log in to unmask]> on behalf of F J Kelley <[log in to unmask]>
Sent: Tuesday, November 22, 2016 11:51:26 AM
To: [log in to unmask]
Subject: Re: Office 365 and fraud detection errors

I have seen on Listserv mail too.  It has also shown up on posts to the Office 365 list (Mailman list, hosted at UCDavis).  Had a rather hostile session with someone from MS yesterday (in fairness, I was not exactly in a good mood) and went after them on RFC822 Sec 4.4.1 and 4.4.2 (yes, there are more current, but I don't believe these sections have been superseded - yet)
It kind of culminated with me asking if his recommendation was the UGA SPF designate UCDavis.  As I say, it was not altogether friendly, and I wasn't in such a good mood (though I do feel bad venting on the tech support folks).  At the conclusion, I believe he actually did read the sections.  Even so, this is coming from Exchange Online Protection (EOP).  It seems *like* (but not quite) the beloved DMARC issue of 2014, and I doubt there is any good resolution.
--joe

________________________________________
From: LISTSERV Site Administrators' Forum <[log in to unmask]> on behalf of Helmke,Richard A <[log in to unmask]>
Sent: Monday, November 21, 2016 9:18 PM
To: [log in to unmask]
Subject: Office 365 and fraud detection errors

We are running a RedHat/Postfix configuration of LISTSERV 16.0-2014B.  Within the last 20 days a number of our subscribers on various lists have started receiving:

“This sender failed our fraud detection checks and may not be who they appear to be. Learn about spoofing at https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Faka.ms%2FLearnAboutSpoofing&data=01%7C01%7Cmsilcox%40KENT.EDU%7C7d83ec17f96b4f1cca5008d412f7d28b%7Ce5a06f4a1ec44d018f73e7dd15f26134%7C1&sdata=Xcm5zafNplZTVGqx4E8jgh6JlCi%2BZpaEixi6DBgKoBY%3D&reserved=0”

This occurs after the subscriber on Office 365 has submitted a posting and after distribution his copy is sent to him with this flag -- no other subscribers on other domains see this error, but other subscribers in his domain also see this warning.


We have a valid SPF record in place for listserv.cuis.edu, but have not implemented any kind of DKIM or DMARC records on LISTSERV (or elsewhere).

Is this a 'new' common problem?  Is there a workaround (there are many domains affected because many of our subscribers are Office 365 users)?  Both LSoft and Microsoft have suggested that a valid SPF record for our LISTSERV should be enough, but that is obviously not working for us.

-Rich Helmke

________________________________

To unsubscribe from the LSTSRV-L list, click the following link:
https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fpeach.ease.lsoft.com%2Fscripts%2Fwa-PEACH.exe%3FSUBED1%3DLSTSRV-L%26A%3D1&data=01%7C01%7Cmsilcox%40KENT.EDU%7C7d83ec17f96b4f1cca5008d412f7d28b%7Ce5a06f4a1ec44d018f73e7dd15f26134%7C1&sdata=BxvEap0u%2BQ4FcFzFPfXmhgb7Adcqomif3%2B8cjOWarTM%3D&reserved=0

############################

To unsubscribe from the LSTSRV-L list:
write to: mailto:[log in to unmask]
or click the following link:
https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fpeach.ease.lsoft.com%2Fscripts%2Fwa-PEACH.exe%3FSUBED1%3DLSTSRV-L%26A%3D1&data=01%7C01%7Cmsilcox%40KENT.EDU%7C7d83ec17f96b4f1cca5008d412f7d28b%7Ce5a06f4a1ec44d018f73e7dd15f26134%7C1&sdata=BxvEap0u%2BQ4FcFzFPfXmhgb7Adcqomif3%2B8cjOWarTM%3D&reserved=0

############################

To unsubscribe from the LSTSRV-L list:
write to: mailto:[log in to unmask]
or click the following link:
http://peach.ease.lsoft.com/scripts/wa-PEACH.exe?SUBED1=LSTSRV-L&A=1

ATOM RSS1 RSS2

COMMUNITY.EMAILOGY.COM