Mail sender field verification #166

Open
opened 2024-10-21 11:55:51 +02:00 by adriangl · 0 comments
Owner
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on microbel.pvv.ntnu.no
X-Spam-Level: **
X-Spam-Status: No, score=2.3 required=5.0 tests=DKIM_SIGNED,DKIM_VALID,
    DKIM_VALID_AU,HTML_MESSAGE,MIME_HTML_ONLY,PDS_FRNOM_TODOM_NAKED_TO,
    PDS_FROM_NAME_TO_DOMAIN,RCVD_IN_MSPIKE_H2,RCVD_IN_VALIDITY_RPBL,
    SPF_HELO_PASS,SPF_PASS autolearn=no autolearn_force=no version=3.4.6
Envelope-to: styret@pvv.ntnu.no
Received: from mta-sp-e01.biglobe.ne.jp ([222.227.84.33])
    by microbel.pvv.ntnu.no with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
    (Exim 4.94.2)
    (envelope-from <2yr2kv@bma.biglobe.ne.jp>)
    id 1syaKc-004e53-46
    for styret@pvv.ntnu.no; Wed, 09 Oct 2024 19:18:45 +0200
Received: from mta-snd-e01.biglobe.ne.jp by mta-sp-e01.biglobe.ne.jp
    with ESMTP
    id <20241009171831615.OXRG.76069.mta-snd-e01.biglobe.ne.jp@biglobe.ne.jp>
    for <styret@pvv.ntnu.no>; Thu, 10 Oct 2024 02:18:31 +0900
Received: from mail.biglobe.ne.jp by mta-snd-e01.biglobe.ne.jp with ESMTP
    id <20241009171831171.GJOT.71605.mail.biglobe.ne.jp@biglobe.ne.jp>
    for <styret@pvv.ntnu.no>; Thu, 10 Oct 2024 02:18:31 +0900
Content-Type: text/html; charset=utf-8
From: "pvv.ntnu.no" <2yr2kv@bma.biglobe.ne.jp>
To: styret@pvv.ntnu.no
Subject: Important: Verify Your styret@pvv.ntnu.no
Message-ID: <36fc85fb-4409-e58f-f027-5d66aaff31be@bma.biglobe.ne.jp>
Content-Transfer-Encoding: quoted-printable
Date: Wed, 09 Oct 2024 17:18:30 +0000
MIME-Version: 1.0
X-Biglobe-Sender: 2yr2kv@bma.biglobe.ne.jp
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bma.biglobe.ne.jp; s=default-1th84yt82rvi; t=1728494311;
    bh=Aps3GPUedhaKzamLllYJTUXy9uCv0XBdl0E6WTtD0BU=;
    h=From:To:Subject:Date;
    b=XMLMWIeVFek+Dv6+LrKmdbF+3giC8cqzM7ZnyQHebTszU6Gk6XTM46GkA/sJZh7AyBzO8CtU
    UIIPGnX76bwHX7EEXx+Q0JM7wdmHCIM4J0sGNVLh1QNxldzEVpXrl4idK91s9Pt08xRO87C+x5
    uTD4Mo/2AL9CDUscYDwqsEhewfB7ZmodnZFjX57KYOnyra1q3F2fM8Wu8Wl9ZvuLaFnE0TG8yO
    z5Y67NudWgu7/MLkbUM1YQv1AR4IGCDB74tRE8WqoXwLHXUf87ouI2QsRfUfzPbae1s8SzR0PA
    WorhHEiJ6hz76DVcJji5H2hdIR65wqM1gCU16Z4BYDZ/UKWg==
Delivered-To: styret@pvv.ntnu.no
Delivered-To: pvv@pvv.ntnu.no
Delivered-To: adriangl@pvv.ntnu.no
Delivered-To: adriangl@pvv.ntnu.no 

Shows as

From pvv.ntnu.no on 2024-10-09 19:18

Should possibly filter everything that does not originate from microbel and contains pvv.ntnu.no in the sender field, as this could be used for phising of our users.

``` X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on microbel.pvv.ntnu.no X-Spam-Level: ** X-Spam-Status: No, score=2.3 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,HTML_MESSAGE,MIME_HTML_ONLY,PDS_FRNOM_TODOM_NAKED_TO, PDS_FROM_NAME_TO_DOMAIN,RCVD_IN_MSPIKE_H2,RCVD_IN_VALIDITY_RPBL, SPF_HELO_PASS,SPF_PASS autolearn=no autolearn_force=no version=3.4.6 Envelope-to: styret@pvv.ntnu.no Received: from mta-sp-e01.biglobe.ne.jp ([222.227.84.33]) by microbel.pvv.ntnu.no with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from <2yr2kv@bma.biglobe.ne.jp>) id 1syaKc-004e53-46 for styret@pvv.ntnu.no; Wed, 09 Oct 2024 19:18:45 +0200 Received: from mta-snd-e01.biglobe.ne.jp by mta-sp-e01.biglobe.ne.jp with ESMTP id <20241009171831615.OXRG.76069.mta-snd-e01.biglobe.ne.jp@biglobe.ne.jp> for <styret@pvv.ntnu.no>; Thu, 10 Oct 2024 02:18:31 +0900 Received: from mail.biglobe.ne.jp by mta-snd-e01.biglobe.ne.jp with ESMTP id <20241009171831171.GJOT.71605.mail.biglobe.ne.jp@biglobe.ne.jp> for <styret@pvv.ntnu.no>; Thu, 10 Oct 2024 02:18:31 +0900 Content-Type: text/html; charset=utf-8 From: "pvv.ntnu.no" <2yr2kv@bma.biglobe.ne.jp> To: styret@pvv.ntnu.no Subject: Important: Verify Your styret@pvv.ntnu.no Message-ID: <36fc85fb-4409-e58f-f027-5d66aaff31be@bma.biglobe.ne.jp> Content-Transfer-Encoding: quoted-printable Date: Wed, 09 Oct 2024 17:18:30 +0000 MIME-Version: 1.0 X-Biglobe-Sender: 2yr2kv@bma.biglobe.ne.jp DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bma.biglobe.ne.jp; s=default-1th84yt82rvi; t=1728494311; bh=Aps3GPUedhaKzamLllYJTUXy9uCv0XBdl0E6WTtD0BU=; h=From:To:Subject:Date; b=XMLMWIeVFek+Dv6+LrKmdbF+3giC8cqzM7ZnyQHebTszU6Gk6XTM46GkA/sJZh7AyBzO8CtU UIIPGnX76bwHX7EEXx+Q0JM7wdmHCIM4J0sGNVLh1QNxldzEVpXrl4idK91s9Pt08xRO87C+x5 uTD4Mo/2AL9CDUscYDwqsEhewfB7ZmodnZFjX57KYOnyra1q3F2fM8Wu8Wl9ZvuLaFnE0TG8yO z5Y67NudWgu7/MLkbUM1YQv1AR4IGCDB74tRE8WqoXwLHXUf87ouI2QsRfUfzPbae1s8SzR0PA WorhHEiJ6hz76DVcJji5H2hdIR65wqM1gCU16Z4BYDZ/UKWg== Delivered-To: styret@pvv.ntnu.no Delivered-To: pvv@pvv.ntnu.no Delivered-To: adriangl@pvv.ntnu.no Delivered-To: adriangl@pvv.ntnu.no ``` Shows as From pvv.ntnu.no on 2024-10-09 19:18 Should possibly filter everything that does not originate from microbel and contains pvv.ntnu.no in the sender field, as this could be used for phising of our users.
oysteikt added this to the Kanban project 2024-11-09 22:53:02 +01:00
oysteikt added the
security
services
labels 2024-12-08 00:53:51 +01:00
oysteikt added the
mail
label 2024-12-08 00:55:39 +01:00
Sign in to join this conversation.
No Milestone
No project
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: Drift/issues#166
No description provided.