[AusNOG] List Submissions failing SPF (was: AusNOG 2.0)

[Luke Thompson]

Hi,

These crazed attacks on SAU aren't reasonable.

Is there any way for AusNOG to filter out improper emails like this?

At the moment, provided they're confirmed, emails to the list seem to be 
allowed?

This should be hard-failing the SPF so with a setting tweak I'd hope 
this could be cracked down on.

$ dig txt serversaustralia.com.au +short | grep "spf"
"v=spf1 include:spf1.serversaustralia.com.au include:spf.mandrillapp.com 
include:amazonses.com include:et._spf.pardot.com 
exists:%{i}._spf.mta.salesforce.com include:_spf.google.com 
include:trustpilotservice.com -all"

Received: from nnw088.aus.us.siteprotect.com
  (216-139-242-212.aus.us.siteprotect.com [216.139.242.212])
  by fw.ausnog.net (Postfix) with ESMTP id A209C273F7
  for <ausnog at ausnog.net>; Sun, 14 Aug 2022 15:40:44 +1000 (AEST)
Received: from mail pickup service by nnw088.aus.us.siteprotect.com with
  Microsoft SMTPSVC; Sat, 13 Aug 2022 17:54:01 -0500

I haven't dug through all the permitted blocks, though would imagine 
this provider wouldn't be included given the "Just Send Email" style of 
website operating within their/customer SendEmail.in.

OriginAS:       AS32400
Organization:   Hostway Services, Inc. (HOSTW-6)

Cheers,

Luke Thompson
Chief Technical Officer

The Network Crew Pty Ltd
https://thenetworkcrew.com.au


On 14/8/2022 8:53 am, jared.hirst at serversaustralia.com.au wrote:
> AusNOG 2.0
>
> This email was sent using www.SendEmail.in Requires: No Login No 
> Password. Just Send Email
> Sent on:Saturday, August 13, 2022 5:53:56 PM from computer IP 
> Address:185.220.101.147
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at ausnog.net
> https://lists.ausnog.net/mailman/listinfo/ausnog
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ausnog.net/pipermail/ausnog/attachments/20220814/34597f87/attachment.htm>