# HG changeset patch # User Carl Byington # Date 1523390167 25200 # Node ID d4275f26241c2f224072b7fe8c682c908cf80577 # Parent 53adaef57eb5f7feaeb032a4eb89661a2459ed2c fix spf mx:domain.tld token parsing diff -r 53adaef57eb5 -r d4275f26241c ChangeLog --- a/ChangeLog Thu Feb 22 09:42:42 2018 -0800 +++ b/ChangeLog Tue Apr 10 12:56:07 2018 -0700 @@ -1,3 +1,6 @@ +6.69 2018-04-10 + fix spf mx:domain.tld token parsing. + 6.68 2018-02-19 round rather than truncate spam assassin scores. check >= rather than > for spam assassin scores to match diff -r 53adaef57eb5 -r d4275f26241c NEWS --- a/NEWS Thu Feb 22 09:42:42 2018 -0800 +++ b/NEWS Tue Apr 10 12:56:07 2018 -0700 @@ -1,3 +1,4 @@ +6.69 2018-04-10 fix spf mx:domain.tld token parsing 6.68 2018-02-19 round spamassassin scores; check >= rather than > 6.67 2018-01-05 always call dcc code so we get log entries 6.66 2017-12-07 more changes for long syslog messages diff -r 53adaef57eb5 -r d4275f26241c configure.in --- a/configure.in Thu Feb 22 09:42:42 2018 -0800 +++ b/configure.in Tue Apr 10 12:56:07 2018 -0700 @@ -1,6 +1,6 @@ AC_PREREQ(2.59) -AC_INIT(dnsbl,6.68,carl@five-ten-sg.com) +AC_INIT(dnsbl,6.69,carl@five-ten-sg.com) AC_CONFIG_SRCDIR([config.h.in]) AC_CONFIG_HEADER([config.h]) AC_CONFIG_MACRO_DIR([m4]) diff -r 53adaef57eb5 -r d4275f26241c dnsbl.dkim.conf --- a/dnsbl.dkim.conf Thu Feb 22 09:42:42 2018 -0800 +++ b/dnsbl.dkim.conf Tue Apr 10 12:56:07 2018 -0700 @@ -57,7 +57,6 @@ ac.travelocity.com require_signed ac.travelocity.com; actuarial-advancement.com require_signed actuarial-advancement-com.20150623.gappssmtp.com; acuityscheduling.com require_signed email.acuityscheduling.com; -adaction.org require_signed bounce.myngp.com; adcommgrp.com require_signed adcommgrp-com.20150623.gappssmtp.com; adexchanger.com require_signed adexchanger.com; adidasus-news.adidas.com require_signed adidasus-news.adidas.com; @@ -67,10 +66,12 @@ adparlor.com require_signed adparlor.com; adp.com require_signed "adp.com,*.adp.com,rimagede.onmicrosoft.com"; adrianacurcio.com require_signed emlr2.com; +adroll.com require_signed adroll.com; adroptions.com require_signed adroptions.ccsend.com; adr.org require_signed adr.org; adt.com require_signed adtcom.onmicrosoft.com; advancement.villanova.edu require_signed advancement.villanova.edu; +advantageescrow.net require_signed advantageescrow.net; adviserinvestments.com require_signed adviserinvestments.com; adv.strawberrynet.com require_signed adv.strawberrynet.com; a.email.hbr.org require_signed a.email.hbr.org; @@ -87,6 +88,7 @@ agoodson.com require_signed "emlr2.com,mandrillapp.com,*.mcsignup.com,*.mcsv.net,*.rsgsv.net,*.mcdlv.net"; a.grubhub.com require_signed a.grubhub.com; agu.org require_signed agu.org; +ahava.com require_signed ahava.com; aiaa.org require_signed aiaa.org; aiche.org require_signed aiche.org; aiga.org require_signed "mandrillapp.com,*.mcsignup.com,*.mcsv.net,*.rsgsv.net,*.mcdlv.net"; @@ -113,7 +115,7 @@ allinoneline.com require_signed allinoneline.ccsend.com; allstarbaseballacademy.com require_signed allstarbaseballacademy.ccsend.com; allstarnutrition.us signed_white "mandrillapp.com,*.mcsignup.com,*.mcsv.net,*.rsgsv.net,*.mcdlv.net"; -allstate.com require_signed allstate.com; +allstate.com signed_white allstate.com; // some unsigned mail via allstate-mail.com not listed in their spf record alm.com require_signed "e.alm.com,experiture.com"; almo.com require_signed icontactmail1.com; alpineescrow.net require_signed alpineescrowarrowhead.onmicrosoft.com; @@ -138,6 +140,7 @@ ameritas.com require_signed "*.memberemail.com"; amleo.com require_signed amleo.com; amrevmuseum.org require_signed "amrevmuseum.onmicrosoft.com,americanrevolutioncenter.ccsend.com,mta-bbcspool.convio.net"; +ams-cc.com require_signed ams-cc.com; am.sony.com signed_white sony.onmicrosoft.com; // some unsigned mail via lightpath a.narrativemagazine.com require_signed a.narrativemagazine.com; anatbanielmethod.com require_signed infusionmail.com; @@ -156,14 +159,14 @@ appsheet.com require_signed "mandrillapp.com,*.mcsignup.com,*.mcsv.net,*.rsgsv.net,*.mcdlv.net"; appulatemail.com require_signed appulatemail.com; aquafadas.com require_signed "mandrillapp.com,*.mcsignup.com,*.mcsv.net,*.rsgsv.net,*.mcdlv.net"; -archpaper.com require_signed archpaper.ccsend.com; +archpaper.com signed_white archpaper.ccsend.com; // some unsigned mail via listrak armsanctuary.org require_signed mta-bbcspool.convio.net; arthurhall.com require_signed arthurhallins.onmicrosoft.com; artisanalcheese.com require_signed artisanalcheese.ccsend.com; artisticimagery.com require_signed artisticimagery-com.20150623.gappssmtp.com; artmaterialsonline.com require_signed artmaterialsonline.com; artnet.com signed_white artnet.com; // some unsigned mail via their own servers -artrenewal.org require_signed artrenewal.ccsend.com; +artrenewal.org signed_white artrenewal.ccsend.com; // some unsigned mail via their own servers with no spf record artsusa.org require_signed bounce.bluestatedigital.com; asana.com require_signed asana.com; ascot.co.uk require_signed ascot.co.uk; @@ -220,9 +223,7 @@ belkemail.com require_signed belkemail.com; belly-mail.com require_signed main.belly-mail.com; b.email.hayneedle.com require_signed email.hayneedle.com; -benrlujan.com require_signed bounce.myngp.com; betabrand.com require_signed email.betabrand.com; -bethany2016.com require_signed bounce.myngp.com; bethelinn.com signed_white bounces.fanbridge.com; // some unsigned mail from their own servers not listed in their spf record betterworldbooks.com require_signed mailer.betterworldbooks.com; bgeneral.com signed_white bgeneral.com; // some unsigned mail via bgeneral.com @@ -230,7 +231,6 @@ biblicalarchaeology.org require_signed biblicalarchaeology.wc08.net; billdove.com require_signed billdove.com; // never signed, but must pass spf billerportal.com require_signed billerportal.com; -billfoster.com require_signed bounce.myngp.com; billing01.email-allstate.com require_signed billing01.email-allstate.com; billpay.bankofamerica.com require_signed billpay.bankofamerica.com; bingads.com require_signed bingads.com; @@ -253,6 +253,7 @@ bmwofdevon.com require_signed xtime.com; bmwofmtlaurel.com require_signed xtime.com; bnbestimating.com require_signed bnbestimating-com.20150623.gappssmtp.com; +bnind.com require_signed bnind.onmicrosoft.com; boatus.com require_signed boatus.wc08.net; bobcasey.com signed_white bounce.bluestatedigital.com; boldexperts.net require_signed boldexperts-net.20150623.gappssmtp.com; @@ -262,6 +263,7 @@ bookbyte.com require_signed bookbyte.com; booking.com require_signed "booking.com,sg.booking.com"; bossard.com require_signed bosnet.onmicrosoft.com; +bounces.amazon.com require_signed amazon.com; box.com require_signed box.com; boxed.com require_signed boxed.com; boydsphila.com require_signed boydsphila.ccsend.com; @@ -284,17 +286,20 @@ buckscounty.org require_signed countyofbucks.onmicrosoft.com; budgetrentacartolls.com require_signed smtp.com; buildingconnected.com require_signed buildingconnected.com; +bulletinhealthcare.com require_signed bulletinhealthcare.com; burpeenews.com require_signed burpeenews.com; business.amazon.com require_signed business.amazon.com; businessinsider.com require_signed businessinsider.com; businessmanagementdaily.com require_signed businessmanagementdaily.com; +bustle.com require_signed bustle.com; b.us.underarmour.com require_signed "*.underarmour.com"; -buykud.com require_signed buykud.com; +buykud.com require_signed "buykud.com,mandrillapp.com,*.mcsignup.com,*.mcsv.net,*.rsgsv.net,*.mcdlv.net"; cadsourcing.com require_signed cadsourcing-com.20150623.gappssmtp.com; cafarogreenleaf.com require_signed cafarogreenleaf.ccsend.com; cafepress.com require_signed cafepressinc.onmicrosoft.com; calbt.com require_signed email-od.com; calendly.com require_signed calendly.com; +callforentry.org require_signed callforentry.org; calparks.org require_signed mta-bbcspool.convio.net; calvaryabq.org require_signed calvaryabq.org; camasb.org signed_white camasb.org; // some unsigned mail via coxmail that fails spf @@ -320,12 +325,14 @@ cbre.com signed_white mailsvr.com; // some unsigned mail via ms *.outlook.com not listed in spf record cbs.com require_signed "cbs.onmicrosoft.com,recurly.com"; cbsd.org signed_white cbsd.onmicrosoft.com; // some unsigned mail via notification.com fails spf with -all +cbskyridge.com require_signed brianhall.onmicrosoft.com; cbslocal.com require_signed cbslocal.com; cbsnewsletter.com require_signed cbsnewsletter.com; cbsradio.com require_signed cbs.onmicrosoft.com; cc.att-mail.com require_signed cc.att-mail.com; cc.binders.com require_signed binders.com; cchcpelink.com require_signed cchcpelink.com; +c.constantcontact.com require_signed c.constantcontact.com; ccphilly.org require_signed smtpcorp.com; cc.yahoo-inc.com require_signed cc.yahoo-inc.com; // yahoo signin notifications cdsanalytical.com require_signed cdsanalytical.onmicrosoft.com; @@ -399,6 +406,7 @@ comms.dyson.com require_signed comms.dyson.com; comms.opentable.com require_signed comms.opentable.com; communication.ibx2.com require_signed communication.ibx2.com; +communication.microsoft.com require_signed communication.microsoft.com; communication.ruelala.com require_signed communication.ruelala.com; communications.meredith.com require_signed communications.meredith.com; compressionsale.com signed_white icontactmail2.com; // some unsigned mail via their own servers @@ -428,6 +436,7 @@ cpgmatters.com require_signed cpgmatters.ccsend.com; cpiinternational.com require_signed "vtiger.email,emcan1.vtigermail.com"; cpucommunication.com require_signed cpucommunication.com; +cracklefireplaces.com require_signed cracklefireplaces.com; craftunique.com require_signed craftunique-com.20150623.gappssmtp.com; craigslist.org require_signed craigslist.org; crainalerts.com require_signed crainalerts.com; @@ -436,6 +445,7 @@ create.paper-source.com require_signed create.paper-source.com; creativecircle.com signed_white creativecircle.onmicrosoft.com; // some unsigned mail creativegroup.com require_signed "roberthalf.onmicrosoft.com,mandrillapp.com,*.mcsignup.com,*.mcsv.net,*.rsgsv.net,*.mcdlv.net"; +creativelive.com require_signed creativelive.com; creativemag.com signed_white creativemagazine.ccsend.com; // some unsigned mail via gmail creditkarma.com require_signed creditkarma.com; credit.paypal.com require_signed credit.paypal.com; @@ -512,6 +522,7 @@ discogs.com require_signed discogs.com; discountschoolsupply.com require_signed discountschoolsupply.com; discoverphl.com require_signed discoverphl.com; +discovery.com require_signed discoverycomm.onmicrosoft.com; discover.zinio.com require_signed discover.zinio.com; dishemail.com require_signed dishemail.com; ditech-notify.com require_signed ditech-notify.com; @@ -593,12 +604,14 @@ eclinicalmail.com require_signed eclinicalmail.com; eclipsegr.com require_signed eclipsegr-com.20150623.gappssmtp.com; e.colehaan.com require_signed e.colehaan.com; +e.collegeboard.org require_signed e.collegeboard.org; e.columbia.com require_signed e.columbia.com; e.comixology.com require_signed e.comixology.com; ecommail.walgreens.com require_signed ecommail.walgreens.com; economist.com require_signed economist.com; e.constantcontact.com require_signed e.constantcontact.com; e.copart.com require_signed e.copart.com; +e.crainalerts.com require_signed e.crainalerts.com; ecrmemail.verizonwireless.com require_signed verizonwireless.com; e.customink.com require_signed e.customink.com; edelivery.citi.com require_signed edelivery.citi.com; @@ -774,6 +787,7 @@ email.jacquielawson.com require_signed email.jacquielawson.com; email.jcrew.com require_signed email.jcrew.com; email.jetblue.com require_signed email.jetblue.com; +email.joistapp.com require_signed "mandrillapp.com,email.joistapp.com"; email.justflyemail.com require_signed email.justflyemail.com; email.kqed.org require_signed email.kqed.org; email.laithwaiteswine.com require_signed email.laithwaiteswine.com; @@ -914,6 +928,7 @@ em.citizensbank.com require_signed em.citizensbank.com; em.dgcatalog.net require_signed em.dgcatalog.net; em.drugstorenews.com require_signed em.drugstorenews.com; +emedco.com require_signed emedco-com.20150623.gappssmtp.com; emerika.com require_signed emerika.com; emerson.com require_signed emerson.onmicrosoft.com; emessage.njezpass.net require_signed amazonses.com; @@ -1014,13 +1029,13 @@ e.target.com require_signed e.target.com; e.tdbank.com require_signed e.tdbank.com; e.teavana.com require_signed e.teavana.com; -e.therealreal.com require_signed e.therealreal.com; +e.therealdeal.com require_signed "mandrillapp.com,*.mcsignup.com,*.mcsv.net,*.rsgsv.net,*.mcdlv.net"; et.npr.org require_signed et.npr.org; et.nprstations.org require_signed et.nprstations.org; e.toyota.com require_signed e.toyota.com; etrailer.com require_signed icontactmail1.com; etrainingschool.com require_signed criticalimpactinc.com; -e.travelocity.com require_signed mg.expediamail.com; +e.travelocity.com require_signed "mg.travelocity.com,mg.expediamail.com"; e.tripadvisor.com require_signed e.tripadvisor.com; etsy.com require_signed mail.etsy.com; et.uber.com require_signed et.uber.com; @@ -1052,6 +1067,7 @@ exacttarget.change.org require_signed exacttarget.change.org; examine.com require_signed "ck.examine.com,smtp.groovehq.com"; exchange.calstatela.edu require_signed csula.onmicrosoft.com; +executivehospitality.com require_signed spsend.com; exhibitoronline.co require_signed exhibitoronline.co; exlevents.com require_signed exlevents.com; expediamail.com require_signed mg.expediamail.com; @@ -1062,6 +1078,7 @@ exponation.net require_signed "exponation-net.20150623.gappssmtp.com,auth.ccsend.com,icontactmail1.com"; extracare.cvs.com require_signed extracare.cvs.com; exworkscapital.com signed_white 198.memberemail.com; // some unsigned mail via exacttarget, might be spam +eyecareprovider.com require_signed eyecareprovider.com; eystudios.com require_signed eystudios.ccsend.com; e.zulily.com require_signed e.zulily.com; ezup.com signed_white "ezup.com,ezup.onmicrosoft.com"; // some other unsigned mail via quotevalet.com @@ -1080,7 +1097,7 @@ farmsanctuary.org require_signed mta-bbcspool.convio.net; fashionbizinc.org require_signed fashionbizinc.ccsend.com; fastspring.com require_signed fastspring.com; -fedbarlive.org require_signed "emsend.com,em.secureserver.net"; +fedbarlive.org signed_white "emsend.com,em.secureserver.net"; // emsend signing with domainkeys, not dkim fedex.com require_signed fedex.com; fedgovconnect.org require_signed fedgovconnect-org.20150623.gappssmtp.com; feedvisor.com require_signed "feedvisor-com.20150623.gappssmtp.com,feedvisor.com"; @@ -1095,7 +1112,7 @@ fire-design.fr require_signed newsletter.fire-design.fr; firefox.com require_signed firefox.com; firstam.com require_signed firstam.com; -firstleaf.club require_signed firstleaf.club; +firstleaf.club require_signed "firstleaf.club,pmta.sailthru.com"; fisherunitech.com require_signed fisherunitech.com; fitbit.com require_signed email.fitbit.com fitzgeraldphoto.com require_signed emlr2.com; @@ -1125,6 +1142,7 @@ fourhourbody.com require_signed fourhourbody.com; foxcreative.net signed_white emlr2.com; // some unsigned mail via ms outlook foxtv.com require_signed foxtv.onmicrosoft.com; +frame.io require_signed frame.io; fraudprevention.chase.com require_signed fraudprevention.chase.com; freeconference.com require_signed freeconference.com; freedomforallamericans.org require_signed bounce.bluestatedigital.com; @@ -1148,6 +1166,7 @@ gerstmangroup.com require_signed "auth.ccsend.com,questservicegroup.ccsend.com"; ges.com signed_white "ges.com,viadcorp.onmicrosoft.com"; getjibjab.com require_signed getjibjab.com; +getty.edu require_signed gettytrust.onmicrosoft.com; gge4mailer.com signed_white email.gge4mailer.com; ggimageusa.com require_signed "ggimageusa-com.20150623.gappssmtp.com,smtpserver.email,smtpsendmail.com"; gifts.figis.com require_signed gifts.figis.com; @@ -1183,6 +1202,7 @@ greatebay.com require_signed sendclubmail.com; greaterthanone.com require_signed greaterthanone.onmicrosoft.com; greatist.com require_signed greatist.com; +greatparentingshow.com require_signed ontramail.com; greenbiz.com require_signed greenbiz.com; greenbuildingunited.org require_signed dvgbc365.onmicrosoft.com; greenforall.org require_signed greenforall.org; @@ -1192,7 +1212,7 @@ greenvelope.com require_signed greenvelope.com; greyhawk.com require_signed "greyhawkna.onmicrosoft.com,*.ccsend.com"; greystar.com require_signed "greystar365.onmicrosoft.com,entrata.com"; -gridphilly.com require_signed gridphilly-com.20150623.gappssmtp.com; +gridphilly.com require_signed "gridphilly-com.20150623.gappssmtp.com,mandrillapp.com,*.mcsignup.com,*.mcsv.net,*.rsgsv.net,*.mcdlv.net"; grizzly.com require_signed grizzly.com; groove3.com require_signed groove3.com; grove.co require_signed grove.co; @@ -1208,6 +1228,7 @@ h1.hiltonhonors.com require_signed h1.hiltonhonors.com; habitatncc.org require_signed habitatncc.ccsend.com; halfoffdeal.com require_signed halfoffdeal.com; +hallmarkmoviesnow.com require_signed "hallmarkmoviesnow.com,pmta.sailthru.com"; halpernlevy.com require_signed halpernandlevy.onmicrosoft.com; harborfreight.com require_signed harborfreight-com.20150623.gappssmtp.com; harborfreightemail.com require_signed harborfreightemail.com; @@ -1260,8 +1281,9 @@ honeywell.com require_signed honeywell.com; hootsuite.com require_signed hootsuite.com; hospitalitydental.com require_signed hospitalitydental.ccsend.com; +hotels.com require_signed hotels.com; houseofgeoscience.org require_signed "sendgrid.info,mailplus.nl"; -houzz.com require_signed houzz.com; +houzz.com signed_white houzz.com; // some unsigned mail via salesforce hq.acm.org require_signed acmhq.onmicrosoft.com; hsbc.com require_signed hsbc.com; htallc.com require_signed "smtpsendmail.com,smtp.com"; @@ -1294,12 +1316,14 @@ improvementscatalog-email.com require_signed improvementscatalog-email.com; imt-mach.com require_signed imt-mach.com; inbound.com require_signed inbound.com; +inbound.efax.com require_signed inbound.efax.com; // never signed, but must pass spf inbox.bissell.com require_signed inbox.bissell.com; industrymarketingsolutions.com require_signed mail-202-169.rm0005.net; infinitytools.com require_signed "infinitytools.ccsend.com,remarkety.com"; info1.networksolutions.com require_signed info1.networksolutions.com; info3.citibank.com require_signed info3.citibank.com; info4.citi.com require_signed info4.citi.com; +info5.accountonline.com require_signed info5.accountonline.com; info6.accountonline.com require_signed info6.accountonline.com; info6.citi.com require_signed info6.citi.com; info.bitdefender.com require_signed info.bitdefender.com; @@ -1319,6 +1343,7 @@ inlandgroup.com require_signed inlandgroup.com; inmarket.com require_signed "inmarket.com,*.hubspotemail.net"; innovive.com require_signed innovive-com.20150623.gappssmtp.com; +inpower.ca require_signed inpower-ca.20150623.gappssmtp.com; insideapple.apple.com require_signed insideapple.apple.com; insideradio.com require_signed e2ma.net; inspire.pinterest.com require_signed inspire.pinterest.com; @@ -1363,6 +1388,7 @@ jibjab.com require_signed "jibjab.com,recurly.com"; jimjohnson4governor.com require_signed bounce.bluestatedigital.com; jkj.com require_signed "jkj.com,jkji.onmicrosoft.com"; +jmtingley.com require_signed netorgft3481339.onmicrosoft.com; job.alerted.org require_signed job.alerted.org; jobrapidoalert.com require_signed jobrapidoalert.com; jobs2careers.com require_signed jobs2careers.com; @@ -1382,7 +1408,6 @@ kamalaharris.org signed_white kamalaharris.org; kantar.com require_signed "ktglbuc.onmicrosoft.com,icontactmail6.com"; kantarmedia.com require_signed "kantarmedia.com,ktglbuc.onmicrosoft.com,icontactmail3.com,icontactmail6.com"; -katiemcginty.com require_signed bounce.myngp.com; katzmedia.com require_signed "iheartmedia.onmicrosoft.com,clearchannel.com,iheartmedia.com"; kaydaly.com require_signed "kaydaly.com,bluehornet.com"; kbkg.net require_signed kbkg.net; @@ -1418,6 +1443,7 @@ latest.newsmax.com require_signed latest.newsmax.com; latinworks.com require_signed latinworks.onmicrosoft.com; law360.com require_signed "law360.com,mailings-alt.law360.com"; +laweekly-insider.com require_signed laweekly-insider.com; lawline.com require_signed icontactmail1.com; lawreviewcle.com require_signed lawreviewcle.com; law.stanford.edu require_signed "cmail19.com,cmail20.com"; @@ -1444,7 +1470,6 @@ libertymutual.com signed_white libertymutual.com; // some unsigned mail from their own servers lifeandstylemag.com require_signed lifeandstylemag.com; lifelock.com require_signed lifelock.com; -lightblocks.com require_signed triggeredemailservice.com; lightyearmg.com require_signed lightyearmg-com.20150623.gappssmtp.com; lillarogers.com require_signed lillarogers.ccsend.com; lindenmeyr.com require_signed lindenmeyrmunroe.ccsend.com; @@ -1472,6 +1497,7 @@ loweekly.com require_signed loweekly.com; loyaltyalliance.com require_signed "loyaltyalliance.com,mx-senderer-02.com,mx-senderer-03.com"; loyalty.bloomingdales.com require_signed loyalty.bloomingdales.com; +loyalty.ms.aa.com require_signed loyalty.ms.aa.com; lpl.com require_signed lpl.com; lqa.com require_signed cp20.com; l.soma.com require_signed l.soma.com; @@ -1495,12 +1521,14 @@ mail1.wellsfargo.com require_signed mail1.wellsfargo.com; mail2.gofarrewards.wellsfargo.com require_signed mail2.gofarrewards.wellsfargo.com; mail2.wellsfargo.com require_signed mail2.wellsfargo.com; +mail3.ams-cc.com require_signed ams-cc.com; mail5.avvo.com require_signed mail5.avvo.com; mail7.creditkarma.com require_signed mail.creditkarma.com; mail.accounts.autodesk.com require_signed email.accounts.autodesk.com; mail.authorize.net require_signed mail.authorize.net; mail.barnesandnoble.com require_signed mail.barnesandnoble.com; mail.bloombergbusiness.com require_signed mail.bloombergbusiness.com; +mail.bonefishgrill.com require_signed mail.bonefishgrill.com; mail.bouqs.com require_signed mail.bouqs.com; mail.brylanehome.com require_signed mail.brylanehome.com; mailcenter.usaa.com require_signed usaa.com; @@ -1508,9 +1536,12 @@ mailchimp.com require_signed mailchimp.com; mail.citipricerewind.com require_signed mail.citipricerewind.com; // stupid banks with multiple branding; mail.crateandbarrel.com require_signed mail.crateandbarrel.com; +mail.disneydestinations.com require_signed mail.disneydestinations.com; +mail.efax.com require_signed mail.efax.com; // never signed, but must pass spf mail.elsevier.com require_signed mail.elsevier.com; mailer.birchbox.com require_signed mailer.birchbox.com; mailer.box.com require_signed box.com; +mailer.cheaptickets.com require_signed mailer.cheaptickets.com; mailer.netflix.com require_signed netflix.com; mailer.shopify.com require_signed shopify.com; mail.etsy.com require_signed mail.etsy.com; @@ -1574,11 +1605,12 @@ marketing.qdoba.com require_signed marketing.qdoba.com; marketplace.amazon.ca require_signed amazon.ca; marketplace.amazon.com require_signed amazon.com; -marquiscapemay.com require_signed marquiscapemay.onmicrosoft.com; +marquiscapemay.com require_signed "marquiscapemay.onmicrosoft.com,auth.ccsend.com"; martindalemail.com require_signed martindalemail.com; martindalenolo.com require_signed "martindalenolo.com,lawyers.com"; marymorrissey.com require_signed marymorrissey.com; mastrocomm.com require_signed twisteddune.ccsend.com; +matadornetwork.com require_signed matadornetwork.com; matildajaneclothing-email.com require_signed matildajaneclothing-email.com; matterhackers.com require_signed "mandrillapp.com,*.mcsignup.com,*.mcsv.net,*.rsgsv.net,*.mcdlv.net"; maxpedition.com require_signed icontactmail1.com; @@ -1597,6 +1629,7 @@ medjet.com require_signed "mandrillapp.com,*.mcsignup.com,*.mcsv.net,*.rsgsv.net,*.mcdlv.net"; medquestltd.com signed_white medquest.ccsend.com; // some unsigned mail from their own servers medstatix.com require_signed medstatix.com; +meetup.com require_signed meetup.com; meltwaterpress.com require_signed meltwaterpress.com; member.americanexpress.com require_signed member.americanexpress.com; members.allmodern.com require_signed members.allmodern.com; @@ -1611,6 +1644,7 @@ menard.messages1.com require_signed menard.messages1.com; mentor-protege.net require_signed 1pointemail.net; meraki.net require_signed meraki.net; +merchant.bankofamerica.com require_signed merchant.bankofamerica.com; meredith.com require_signed meredith.com; merrickbank.com require_signed smtpsendmail.com; message.bbt.com require_signed message.bbt.com; @@ -1619,6 +1653,7 @@ messages.autotrader.com require_signed messages.autotrader.com; messages.cancer.org require_signed messages.cancer.org; message.scholastic.com require_signed message.scholastic.com; +messages.clippers.com require_signed clippers.com; messages.cutco.com require_signed messages.cutco.com; message.sema.org require_signed message.sema.org; messages.globalindustrial.com require_signed messages.globalindustrial.com; @@ -1758,7 +1793,6 @@ news.hickoryfarms.com require_signed news.hickoryfarms.com; newsletter.247sports.com require_signed newsletter.247sports.com; newsletter.gearbest.com require_signed newsletter.gearbest.com; -newsletter.mail.moneyandmarkets.com require_signed newsletter.mail.moneyandmarkets.com; newsletter.movietickets.email require_signed newsletter.movietickets.email; newsletter.newyorker.com require_signed newsletter.newyorker.com; newsletter.purposedriven.com require_signed newsletter.purposedriven.com; @@ -1775,6 +1809,7 @@ news.shiftdailynews.com require_signed news.shiftdailynews.com; news.southcommmail.com require_signed news.southcommmail.com; // needs spf for broken signatures news.subaru.com require_signed news.subaru.com; +news.taylormadegolf.com require_signed news.taylormadegolf.com; news.tinyprints.com require_signed news.tinyprints.com; news.united.com require_signed news.united.com; news.weddingpaperdivas.com require_signed news.weddingpaperdivas.com; @@ -1793,7 +1828,8 @@ nlmdlr.com require_signed pool01.imakenews.net; nmajh.org require_signed nmajh.ccsend.com; nmk.printegra.com require_signed nmk.printegra.com; -nordstrom.com require_signed nordstrom.com; +noozhawk.com require_signed noozhawk.com; +nordstrom.com require_signed "nordstrom.com,amazonses.com"; noreply1.ebay.com require_signed ebay.com; noreply.autodesk.com require_signed noreply.autodesk.com; noreply.collegeboard.org require_signed noreply.collegeboard.org; @@ -1807,13 +1843,14 @@ notification.capitalone.com require_signed notification.capitalone.com notification.intuit.com require_signed notification.intuit.com; notifications.intuit.com require_signed notifications.intuit.com; +notifications.networksolutions.com require_signed notifications.networksolutions.com; notifications.pinterest.com require_signed notifications.pinterest.com; notifications.wm.com require_signed notifications.wm.com; notify.email.aa.com require_signed notify.email.aa.com; notify.meetmemail.com require_signed notify.meetmemail.com; notify.transunion.com require_signed notify.transunion.com; novitex.com require_signed pbmsnovitex.onmicrosoft.com; -npm.org require_signed "npm-org.20150623.gappssmtp.com,smtp.com"; +npm.org require_signed "npm-org.20150623.gappssmtp.com,smtp.com,auth.ccsend.com"; nrailafrontlines.com require_signed nrailafrontlines.com; nrdc.org require_signed nrdc1.onmicrosoft.com; nsbaadvocate.com require_signed mmsend.com; @@ -1824,6 +1861,7 @@ oaktreecapital.com require_signed oaktreecapital.com; oakwoodveneer.com require_signed em.secureserver.net; oath.com require_signed oath.com; +ocitc.com require_signed netorg670674.onmicrosoft.com; ocusoft.com require_signed "cmail19.com,cmail20.com"; ocwen.com require_signed ocwen.com; o.delta.com require_signed o.delta.com; @@ -1852,6 +1890,7 @@ onlineaudiotraining.com require_signed onlineaudiotraining.com; online.costco.com require_signed online.costco.com; online.essentra.com require_signed online.essentra.com; +online.wsfsbank.com require_signed online.wsfsbank.com // unsigned mail should pass spf -all onmogul.com require_signed onmogul.com; onpeak.com require_signed "onpeak.com,mandrillapp.com,*.mcsignup.com,*.mcsv.net,*.rsgsv.net,*.mcdlv.net"; onvia.com require_signed onvia.com; @@ -1874,6 +1913,7 @@ os-media.com require_signed os-media.com; osv.com require_signed osvparish.ccsend.com; ottingergolf.com require_signed "mandrillapp.com,*.mcsignup.com,*.mcsv.net,*.rsgsv.net,*.mcdlv.net,scotlandrun.ccsend.com"; +ottolearn.com require_signed "mandrillapp.com,*.mcsignup.com,*.mcsv.net,*.rsgsv.net,*.mcdlv.net"; ourrevolution.com require_signed ourrevolution.com; ourtime.com require_signed ourtime.com; outdoorfest.com require_signed outdoorfest.com; @@ -1885,6 +1925,7 @@ ownerreminders.com require_signed ownerreminders.com; oyrtbetham.org require_signed oyrtbetham.onmicrosoft.com; p66.com require_signed p66.com; +paalerts.com require_signed paalerts.com; // broken signatures, but passes spf pac-cap.com require_signed thelakearrowheadvillage.ccsend.com; pacific.edu require_signed "imodules.com,bluehornet.com"; pacificmachinetools.com require_signed "mandrillapp.com,*.mcsignup.com,*.mcsv.net,*.rsgsv.net,*.mcdlv.net"; @@ -1968,14 +2009,17 @@ planetcyclery.com require_signed sendgrid.net; pmc.com require_signed pmc.com; pmrgi.com require_signed cvent-planner.com; +pnc.com require_signed pnc.com; pods.com require_signed pods.com; +politico.com require_signed politico.com; politicoemail.com require_signed politicoemail.com; pond5.com require_signed e.pond5.com; pony.org require_signed pony.ccsend.com; -poolhost.com require_signed poolhost.com; +poolhost.com require_signed "poolhost.com,amazonses.com"; popmoney.com require_signed popmoney.com; popsugar.com signed_white "popsugar.com,auth.ccsend.com"; // unsigned mail via netsuite portal.io require_signed portal-io.20150623.gappssmtp.com; +poshmark.com require_signed email.poshmark.com; postergarden.com require_signed postergarden.com; powell.com require_signed powell.com; ppfa.org require_signed ppfa.org; @@ -2039,7 +2083,7 @@ randjsc.com require_signed randjsc.onmicrosoft.com; randpac.com require_signed bluehornet.com; randstadusa.com require_signed rfo.contacts.randstadusa.com; -randybryceforcongress.com require_signed bounce.bluestatedigital.com; +randybryceforcongress.com require_signed "bounce.bluestatedigital.com,bounce.myngp.com"; rapidnews.com require_signed "rapidnews-com.20150623.gappssmtp.com,mandrillapp.com,*.mcsignup.com,*.mcsv.net,*.rsgsv.net,*.mcdlv.net"; ravepro.com require_signed icontactmail1.com; rbc.com.pa require_signed "rbc-com-pa.20150623.gappssmtp.com,mpdkim2.ch"; @@ -2079,6 +2123,7 @@ reservebar.com require_signed reservebar.com; resnap.com require_signed resnap.com; resnexus.com require_signed resnexus.com; +resonantmastering.com require_signed resonantmastering-com.20150623.gappssmtp.com; response.ebags.com require_signed response.ebags.com; response.nfcu.org require_signed response.nfcu.org; revinate.com require_signed inguest.com; @@ -2098,6 +2143,7 @@ rismedia-enews.com require_signed rismedia-enews.com; ritz-ritz.us require_signed ritz-ritz.us; rlsassociates.com require_signed icontactmail3.com; +rmsmg.com require_signed rmsmg.com; // opoc_leaking for mbmg client roberthalf.com signed_white roberthalf.onmicrosoft.com; // some unsigned via geninfo.com robsonforensic.com signed_white "*.shared.hubspot.com"; // unsigned mail from their barracuda servers roku.com require_signed roku.onmicrosoft.com; @@ -2123,7 +2169,8 @@ salamanderhotels.com require_signed salamanderhotels.com; salamanderresort.com require_signed "salamanderresort.com,salamanderhotels.com"; samplingsupplies.com require_signed samplingsupplies.com; -sandpiperrental.com require_signed "sandpiperrental.com,mandrillapp.com,*.mcsignup.com,*.mcsv.net,*.rsgsv.net,*.mcdlv.net";; +sandpiperrental.com require_signed "sandpiperrental.com,amazonses.com,mandrillapp.com,*.mcsignup.com,*.mcsv.net,*.rsgsv.net,*.mcdlv.net";; +sanofi.com require_signed sanofi.com; // unsigned spam via exacttarget santamariasun.com require_signed santamariasun-com.20150623.gappssmtp.com; sap.com signed_white bluehornet.com; // probably other signers save.nature.org require_signed save.nature.org; @@ -2132,6 +2179,7 @@ sbpub.com require_signed "publicaster.com,bsftransmit7.com"; sbs.nyc.gov require_signed "auth.ccsend.com,nycsbs.ccsend.com"; schedulepayment.com require_signed schedulepayment.com; +schoology.com require_signed email.schoology.com; schoox.com require_signed mail.intercom.io; scoremorerewards.com require_signed scoremorerewards.com; scotnery.com require_signed scotnery.com; @@ -2139,6 +2187,7 @@ scouting.org require_signed "scouting.org,scouting.ccsend.com"; scoutmob.com require_signed scoutmob.com; scup.org require_signed em.secureserver.net; +scwmediasystems.com signed_white outlook.com; sdi.com require_signed sdi2.onmicrosoft.com; seatgeek.com require_signed seatgeek.com; seatme.com require_signed seatme.com; @@ -2277,6 +2326,7 @@ stringacademyofwisconsin.org require_signed panthers.onmicrosoft.com; stripe.com require_signed stripe.com; strongmail.cfmvmail.com require_signed strongmail.cfmvmail.com; +studiomalibu.com require_signed studiomalibu-com.20150623.gappssmtp.com; style.adoreme.com require_signed style.adoreme.com; style.letote.com require_signed style.letote.com; subscriptions.cms.hhs.gov require_signed subscriptions.cms.hhs.gov; @@ -2343,6 +2393,7 @@ the-efa.org require_signed "the-efa.org,the-efa.ccsend.com,mandrillapp.com,*.mcsignup.com,*.mcsv.net,*.rsgsv.net,*.mcdlv.net"; thefisherman.com require_signed thefisherman.ccsend.com; thegovconadvisors.com require_signed reachmail.net; +thegramlist.com require_signed thegramlist-com.20150623.gappssmtp.com; thehotviolinist.com require_signed "ckmail4.com,mandrillapp.com,*.mcsignup.com,*.mcsv.net,*.rsgsv.net,*.mcdlv.net"; thejurylab.com require_signed icontactmail1.com; thelooploft.com require_signed thelooploft.com; @@ -2350,6 +2401,7 @@ themichigancatholicchoir.org require_signed papadantravel.com; theproducenews.com require_signed theproducenews.ccsend.com; therdstore.com require_signed jetrord.ccsend.com; +therealdeal.com require_signed "mandrillapp.com,*.mcsignup.com,*.mcsv.net,*.rsgsv.net,*.mcdlv.net"; theselfimprovementgenie.com require_signed theselfimprovementgenie.com; theshadestore.com require_signed theshadestore.com; thesoccerwire.com require_signed hummersport.ccsend.com; @@ -2400,6 +2452,7 @@ trendhunter.com require_signed trendhunter.ccsend.com; trendmicro.com require_signed trendmicro.com; trialguides.com require_signed infusionmail.com; +tribalworldwide.com require_signed ddbnewyork.onmicrosoft.com; tridentadvisors.com signed_white tridentadvisors.onmicrosoft.com;// some mail has bad signature tridentmortgage.com require_signed tridentmortgage.com; trigentsolutions.com require_signed trigentsolutionsinc.onmicrosoft.com; @@ -2419,11 +2472,12 @@ ubmcanon-info.com require_signed ubmcanon-info.com; ubs.com require_signed ubs.com; ucla.edu signed_white ucla-edu.20150623.gappssmtp.com; // probably not the only source -ucsb.edu require_signed "ltsc.ucsb.edu,imodules.com"; +ucsb.edu require_signed "ltsc.ucsb.edu,imodules.com,e2ma.net"; uh.edu signed_white amazonses.com // Coognews ulta.com require_signed ulta.com; ultimateestateplanner.com require_signed ultimateestateplanner.ccsend.com; umail.ucsb.edu require_signed "ltsc.ucsb.edu,gmail.com"; // google groups mail for michael signed by gmail +umich.edu signed_white lyris.dundee.net; // mailing list uncubed.com require_signed uncubed.com; undertone.com signed_white undertone.com; // mbmg client unionbank.com signed_white unionbank.com; // some unsigned mail via cashedge @@ -2434,6 +2488,7 @@ unitronics.com require_signed unitronics.ccsend.com; universalsocceracademy.com require_signed universalsocceracademy.ccsend.com; universityproducts.com signed_white icontactmail3.com; // unsigned mail from their own servers, no spf txt record +univision.net require_signed uci.onmicrosoft.com; unm.edu require_signed unmm.onmicrosoft.com; unyson.com require_signed unyson.com; uofpittgreensburg.org require_signed uofpittgreensburg.org; @@ -2463,7 +2518,6 @@ ustvnow.com require_signed ustvnow.com; u.ticketliquidatorupdates.com require_signed u.ticketliquidatorupdates.com; uwalumni.com require_signed uwalumni.com; -valarkoosh.com require_signed bounce.myngp.com; valeant.com require_signed "valeant.com,valeant.onmicrosoft.com"; value.amerimark.com require_signed value.amerimark.com; value.kmart.com require_signed value.kmart.com; @@ -2506,7 +2560,9 @@ watchmanmonitoring.com require_signed watchmanmonitoring.com; waterboards.ca.gov require_signed cawaterboards.onmicrosoft.com; wayfair.com require_signed "wayfair.com,wayfair.onmicrosoft.com"; +wayneart.org require_signed "mandrillapp.com,*.mcsignup.com,*.mcsv.net,*.rsgsv.net,*.mcdlv.net"; wdsearch.com require_signed wdsearch.com; +wdw.disneyonline.com require_signed disneyonline.com; wealthyretirement.com require_signed wealthyretirement.com; wearealexander.com require_signed wearealexander-com.20150623.gappssmtp.com; wearecollide.com require_signed "wearecollide-com.20150623.gappssmtp.com,mlsend3.com"; @@ -2533,6 +2589,7 @@ wharton.upenn.edu require_signed "wharton.upenn.edu,mandrillapp.com,*.mcsignup.com,*.mcsv.net,*.rsgsv.net,*.mcdlv.net"; whcandy.com require_signed whcandy.com; whitegraphics.com require_signed whitegraphics-com.20150623.gappssmtp.com; +whitesharkmedia.com require_signed whitesharkmedia.com; wholesaleprime.com require_signed "sendgrid.net,frg.im"; wiley.com require_signed wiley.com; williampenninn.com require_signed williampenninn.ccsend.com; @@ -2567,6 +2624,7 @@ x2vol.com require_signed sendgrid.info; xarisma.com signed_white xarisma.com; // some unsigned mail via netsuite.com xbyte.com require_signed xbyte.com; +xks.com require_signed xks.com; xlive.tm00.com require_signed tm00.com; xode.com require_signed xode.com; yahoo-inc.com require_signed yahoo-inc.com; // password resets, etc diff -r 53adaef57eb5 -r d4275f26241c dnsbl.spec.in --- a/dnsbl.spec.in Thu Feb 22 09:42:42 2018 -0800 +++ b/dnsbl.spec.in Tue Apr 10 12:56:07 2018 -0700 @@ -155,6 +155,9 @@ %changelog +* Tue Apr 10 2018 Carl Byington - 6.69-1 +- fix spf mx:domain.tld token parsing + * Mon Feb 19 2018 Carl Byington - 6.68-1 - round rather than truncate spam assassin scores. - check >= rather than > for spam assassin scores to match diff -r 53adaef57eb5 -r d4275f26241c src/context.cpp --- a/src/context.cpp Thu Feb 22 09:42:42 2018 -0800 +++ b/src/context.cpp Tue Apr 10 12:56:07 2018 -0700 @@ -1239,7 +1239,7 @@ } } else if (strncmp(p, "mx", 2) == 0) { - const char *name = (p[2] == ':') ? p+2 : from; + const char *name = (p[2] == ':') ? p+3 : from; char buf[maxdnslength]; dns_interface(*priv, name, ns_t_mx, false, NULL, buf, maxdnslength); char *b = buf; diff -r 53adaef57eb5 -r d4275f26241c tld.conf --- a/tld.conf Thu Feb 22 09:42:42 2018 -0800 +++ b/tld.conf Tue Apr 10 12:56:07 2018 -0700 @@ -1,4 +1,4 @@ -// generated by make-tld-conf.py on 2018-02-15 09:55:12 +// generated by make-tld-conf.py on 2018-04-10 12:51:15 // This Source Code Form is subject to the terms of the Mozilla Public // License, v. 2.0. If a copy of the MPL was not distributed with this @@ -447,6 +447,7 @@ art.br ato.br b.br +barueri.br belem.br bhz.br bio.br @@ -7708,7 +7709,7 @@ booking // boots : 2015-01-08 THE BOOTS COMPANY PLC -boots +// no ns record for boots // bosch : 2015-06-18 Robert Bosch GMBH bosch @@ -11061,12 +11062,6 @@ inf.ua ltd.ua -// AgileBits Inc : https://agilebits.com -// Submitted by Roustem Karimov -1password.ca -1password.com -1password.eu - // Agnat sp. z o.o. : https://domena.pl // Submitted by Przemyslaw Plewa beep.pl @@ -11097,6 +11092,7 @@ elasticbeanstalk.com ap-northeast-1.elasticbeanstalk.com ap-northeast-2.elasticbeanstalk.com +ap-northeast-3.elasticbeanstalk.com ap-south-1.elasticbeanstalk.com ap-southeast-1.elasticbeanstalk.com ap-southeast-2.elasticbeanstalk.com @@ -11266,7 +11262,6 @@ qc.com ru.com sa.com -se.com se.net uk.com uk.net @@ -11310,9 +11305,14 @@ // Submitted by Leon Rowland virtueeldomein.nl +// Clever Cloud : https://www.clever-cloud.com/ +// Submitted by Quentin Adam +cleverapps.io + // Cloud66 : https://www.cloud66.com/ // Submitted by Khash Sajadi c66.me +cloud66.ws // CloudAccess.net : https://www.cloudaccess.net/ // Submitted by Pawel Panek @@ -11356,6 +11356,10 @@ cloudns.pw cloudns.us +// Cloudeity Inc : https://cloudeity.com +// Submitted by Stefan Dimitrov +cloudeity.net + // CoDNS B.V. co.nl co.no @@ -12181,6 +12185,14 @@ // Submitted by Matthew Hardeman ipifony.net +// Jino : https://www.jino.ru +// Submitted by Sergey Ulyashin +myjino.ru +*.hosting.myjino.ru +*.landing.myjino.ru +*.spectrum.myjino.ru +*.vps.myjino.ru + // Joyent : https://www.joyent.com/ // Submitted by Brian Bennett *.triton.zone @@ -12208,6 +12220,11 @@ lcube-server.de svn-repos.de +// linkyard ldt: https://www.linkyard.ch/ +// Submitted by Mario Siegenthaler +linkyard.cloud +linkyard-cloud.ch + // LiquidNet Ltd : http://www.liquidnetlimited.com/ // Submitted by Victor Velchev we.bs @@ -12250,6 +12267,10 @@ azure-mobile.net cloudapp.net +// Mozilla Corporation : https://mozilla.com +// Submitted by Ben Francis +mozilla-iot.org + // Mozilla Foundation : https://mozilla.org/ // Submitted by glob bmoattachments.org @@ -12451,6 +12472,10 @@ // Submitted by Jan Moennich ownprovider.com +// OX : http://www.ox.rs +// Submitted by Adam Grand +ox.rs + // oy.lc // Submitted by Charly Coste oy.lc @@ -12506,6 +12531,10 @@ chirurgiens-dentistes-en-france.fr byen.site +// Russian Academy of Sciences +// Submitted by Tech Support +ras.ru + // QA2 // Submitted by Daniel Dent (https://www.danieldent.com/) qa2.com @@ -12558,6 +12587,10 @@ logoip.de logoip.com +// schokokeks.org GbR : https://schokokeks.org/ +// Submitted by Hanno Böck +schokokeks.net + // Scry Security : http://www.scrysec.com // Submitted by Shante Adam scrysec.com @@ -12663,6 +12696,10 @@ med.pl sopot.pl +// The Gwiddle Foundation : https://gwiddlefoundation.org.uk +// Submitted by Joshua Bayfield +gwiddle.co.uk + // Thingdust AG : https://thingdust.com/ // Submitted by Adrian Imboden cust.dev.thingdust.io @@ -12738,6 +12775,10 @@ // Submitted by Ed Moore lib.de.us +// VeryPositive SIA : http://very.lv +// Submitted by Danko Aleksejevs +2038.io + // Viprinet Europe GmbH : http://www.viprinet.com // Submitted by Simon Kissel router.management @@ -12766,6 +12807,10 @@ demon.nl xs4all.space +// YesCourse Pty Ltd : https://yescourse.com +// Submitted by Atul Bhouraskar +official.academy + // Yola : https://www.yola.com/ // Submitted by Stefano Rivera yolasite.com @@ -12792,10 +12837,14 @@ // ===END PRIVATE DOMAINS=== finemanrealty.com +club loan +stream +win static.reverse.lstn.net unifiedlayer.com mail.unifiedlayer.com +psychz.net cloudapp.net myactivedirectory.com ddns.net