I have seen on Listserv mail too. It has also shown up on posts to the Office 365 list (Mailman list, hosted at UCDavis). Had a rather hostile session with someone from MS yesterday (in fairness, I was not exactly in a good mood) and went after them on RFC822 Sec 4.4.1 and 4.4.2 (yes, there are more current, but I don't believe these sections have been superseded - yet) It kind of culminated with me asking if his recommendation was the UGA SPF designate UCDavis. As I say, it was not altogether friendly, and I wasn't in such a good mood (though I do feel bad venting on the tech support folks). At the conclusion, I believe he actually did read the sections. Even so, this is coming from Exchange Online Protection (EOP). It seems *like* (but not quite) the beloved DMARC issue of 2014, and I doubt there is any good resolution. --joe ________________________________________ From: LISTSERV Site Administrators' Forum <[log in to unmask]> on behalf of Helmke,Richard A <[log in to unmask]> Sent: Monday, November 21, 2016 9:18 PM To: [log in to unmask] Subject: Office 365 and fraud detection errors We are running a RedHat/Postfix configuration of LISTSERV 16.0-2014B. Within the last 20 days a number of our subscribers on various lists have started receiving: “This sender failed our fraud detection checks and may not be who they appear to be. Learn about spoofing at http://aka.ms/LearnAboutSpoofing” This occurs after the subscriber on Office 365 has submitted a posting and after distribution his copy is sent to him with this flag -- no other subscribers on other domains see this error, but other subscribers in his domain also see this warning. We have a valid SPF record in place for listserv.cuis.edu, but have not implemented any kind of DKIM or DMARC records on LISTSERV (or elsewhere). Is this a 'new' common problem? Is there a workaround (there are many domains affected because many of our subscribers are Office 365 users)? Both LSoft and Microsoft have suggested that a valid SPF record for our LISTSERV should be enough, but that is obviously not working for us. -Rich Helmke ________________________________ To unsubscribe from the LSTSRV-L list, click the following link: http://peach.ease.lsoft.com/scripts/wa-PEACH.exe?SUBED1=LSTSRV-L&A=1 ############################ To unsubscribe from the LSTSRV-L list: write to: mailto:[log in to unmask] or click the following link: http://peach.ease.lsoft.com/scripts/wa-PEACH.exe?SUBED1=LSTSRV-L&A=1