changeset 449:d4275f26241c stable-6-0-69

fix spf mx:domain.tld token parsing
author Carl Byington <carl@five-ten-sg.com>
date Tue, 10 Apr 2018 12:56:07 -0700
parents 53adaef57eb5
children a0293ef794a7
files ChangeLog NEWS configure.in dnsbl.dkim.conf dnsbl.spec.in src/context.cpp tld.conf
diffstat 7 files changed, 150 insertions(+), 36 deletions(-) [+]
line wrap: on
line diff
--- a/ChangeLog	Thu Feb 22 09:42:42 2018 -0800
+++ b/ChangeLog	Tue Apr 10 12:56:07 2018 -0700
@@ -1,3 +1,6 @@
+6.69 2018-04-10
+    fix spf mx:domain.tld token parsing.
+
 6.68 2018-02-19
     round rather than truncate spam assassin scores.
     check >= rather than > for spam assassin scores to match
--- a/NEWS	Thu Feb 22 09:42:42 2018 -0800
+++ b/NEWS	Tue Apr 10 12:56:07 2018 -0700
@@ -1,3 +1,4 @@
+6.69 2018-04-10 fix spf mx:domain.tld token parsing
 6.68 2018-02-19 round spamassassin scores; check >= rather than >
 6.67 2018-01-05 always call dcc code so we get log entries
 6.66 2017-12-07 more changes for long syslog messages
--- a/configure.in	Thu Feb 22 09:42:42 2018 -0800
+++ b/configure.in	Tue Apr 10 12:56:07 2018 -0700
@@ -1,6 +1,6 @@
 
 AC_PREREQ(2.59)
-AC_INIT(dnsbl,6.68,carl@five-ten-sg.com)
+AC_INIT(dnsbl,6.69,carl@five-ten-sg.com)
 AC_CONFIG_SRCDIR([config.h.in])
 AC_CONFIG_HEADER([config.h])
 AC_CONFIG_MACRO_DIR([m4])
--- a/dnsbl.dkim.conf	Thu Feb 22 09:42:42 2018 -0800
+++ b/dnsbl.dkim.conf	Tue Apr 10 12:56:07 2018 -0700
@@ -57,7 +57,6 @@
 ac.travelocity.com              require_signed  ac.travelocity.com;
 actuarial-advancement.com       require_signed  actuarial-advancement-com.20150623.gappssmtp.com;
 acuityscheduling.com            require_signed  email.acuityscheduling.com;
-adaction.org                    require_signed  bounce.myngp.com;
 adcommgrp.com                   require_signed  adcommgrp-com.20150623.gappssmtp.com;
 adexchanger.com                 require_signed  adexchanger.com;
 adidasus-news.adidas.com        require_signed  adidasus-news.adidas.com;
@@ -67,10 +66,12 @@
 adparlor.com                    require_signed  adparlor.com;
 adp.com                         require_signed  "adp.com,*.adp.com,rimagede.onmicrosoft.com";
 adrianacurcio.com               require_signed  emlr2.com;
+adroll.com                      require_signed  adroll.com;
 adroptions.com                  require_signed  adroptions.ccsend.com;
 adr.org                         require_signed  adr.org;
 adt.com                         require_signed  adtcom.onmicrosoft.com;
 advancement.villanova.edu       require_signed  advancement.villanova.edu;
+advantageescrow.net             require_signed  advantageescrow.net;
 adviserinvestments.com          require_signed  adviserinvestments.com;
 adv.strawberrynet.com           require_signed  adv.strawberrynet.com;
 a.email.hbr.org                 require_signed  a.email.hbr.org;
@@ -87,6 +88,7 @@
 agoodson.com                    require_signed  "emlr2.com,mandrillapp.com,*.mcsignup.com,*.mcsv.net,*.rsgsv.net,*.mcdlv.net";
 a.grubhub.com                   require_signed  a.grubhub.com;
 agu.org                         require_signed  agu.org;
+ahava.com                       require_signed  ahava.com;
 aiaa.org                        require_signed  aiaa.org;
 aiche.org                       require_signed  aiche.org;
 aiga.org                        require_signed  "mandrillapp.com,*.mcsignup.com,*.mcsv.net,*.rsgsv.net,*.mcdlv.net";
@@ -113,7 +115,7 @@
 allinoneline.com                require_signed  allinoneline.ccsend.com;
 allstarbaseballacademy.com      require_signed  allstarbaseballacademy.ccsend.com;
 allstarnutrition.us             signed_white    "mandrillapp.com,*.mcsignup.com,*.mcsv.net,*.rsgsv.net,*.mcdlv.net";
-allstate.com                    require_signed  allstate.com;
+allstate.com                    signed_white    allstate.com;                   // some unsigned mail via allstate-mail.com not listed in their spf record
 alm.com                         require_signed  "e.alm.com,experiture.com";
 almo.com                        require_signed  icontactmail1.com;
 alpineescrow.net                require_signed  alpineescrowarrowhead.onmicrosoft.com;
@@ -138,6 +140,7 @@
 ameritas.com                    require_signed  "*.memberemail.com";
 amleo.com                       require_signed  amleo.com;
 amrevmuseum.org                 require_signed  "amrevmuseum.onmicrosoft.com,americanrevolutioncenter.ccsend.com,mta-bbcspool.convio.net";
+ams-cc.com                      require_signed  ams-cc.com;
 am.sony.com                     signed_white    sony.onmicrosoft.com;           // some unsigned mail via lightpath
 a.narrativemagazine.com         require_signed  a.narrativemagazine.com;
 anatbanielmethod.com            require_signed  infusionmail.com;
@@ -156,14 +159,14 @@
 appsheet.com                    require_signed  "mandrillapp.com,*.mcsignup.com,*.mcsv.net,*.rsgsv.net,*.mcdlv.net";
 appulatemail.com                require_signed  appulatemail.com;
 aquafadas.com                   require_signed  "mandrillapp.com,*.mcsignup.com,*.mcsv.net,*.rsgsv.net,*.mcdlv.net";
-archpaper.com                   require_signed  archpaper.ccsend.com;
+archpaper.com                   signed_white    archpaper.ccsend.com;           // some unsigned mail via listrak
 armsanctuary.org                require_signed  mta-bbcspool.convio.net;
 arthurhall.com                  require_signed  arthurhallins.onmicrosoft.com;
 artisanalcheese.com             require_signed  artisanalcheese.ccsend.com;
 artisticimagery.com             require_signed  artisticimagery-com.20150623.gappssmtp.com;
 artmaterialsonline.com          require_signed  artmaterialsonline.com;
 artnet.com                      signed_white    artnet.com;                     // some unsigned mail via their own servers
-artrenewal.org                  require_signed  artrenewal.ccsend.com;
+artrenewal.org                  signed_white    artrenewal.ccsend.com;          // some unsigned mail via their own servers with no spf record
 artsusa.org                     require_signed  bounce.bluestatedigital.com;
 asana.com                       require_signed  asana.com;
 ascot.co.uk                     require_signed  ascot.co.uk;
@@ -220,9 +223,7 @@
 belkemail.com                   require_signed  belkemail.com;
 belly-mail.com                  require_signed  main.belly-mail.com;
 b.email.hayneedle.com           require_signed  email.hayneedle.com;
-benrlujan.com                   require_signed  bounce.myngp.com;
 betabrand.com                   require_signed  email.betabrand.com;
-bethany2016.com                 require_signed  bounce.myngp.com;
 bethelinn.com                   signed_white    bounces.fanbridge.com;          // some unsigned mail from their own servers not listed in their spf record
 betterworldbooks.com            require_signed  mailer.betterworldbooks.com;
 bgeneral.com                    signed_white    bgeneral.com;                   // some unsigned mail via bgeneral.com
@@ -230,7 +231,6 @@
 biblicalarchaeology.org         require_signed  biblicalarchaeology.wc08.net;
 billdove.com                    require_signed  billdove.com;                   // never signed, but must pass spf
 billerportal.com                require_signed  billerportal.com;
-billfoster.com                  require_signed  bounce.myngp.com;
 billing01.email-allstate.com    require_signed  billing01.email-allstate.com;
 billpay.bankofamerica.com       require_signed  billpay.bankofamerica.com;
 bingads.com                     require_signed  bingads.com;
@@ -253,6 +253,7 @@
 bmwofdevon.com                  require_signed  xtime.com;
 bmwofmtlaurel.com               require_signed  xtime.com;
 bnbestimating.com               require_signed  bnbestimating-com.20150623.gappssmtp.com;
+bnind.com                       require_signed  bnind.onmicrosoft.com;
 boatus.com                      require_signed  boatus.wc08.net;
 bobcasey.com                    signed_white    bounce.bluestatedigital.com;
 boldexperts.net                 require_signed  boldexperts-net.20150623.gappssmtp.com;
@@ -262,6 +263,7 @@
 bookbyte.com                    require_signed  bookbyte.com;
 booking.com                     require_signed  "booking.com,sg.booking.com";
 bossard.com                     require_signed  bosnet.onmicrosoft.com;
+bounces.amazon.com              require_signed  amazon.com;
 box.com                         require_signed  box.com;
 boxed.com                       require_signed  boxed.com;
 boydsphila.com                  require_signed  boydsphila.ccsend.com;
@@ -284,17 +286,20 @@
 buckscounty.org                 require_signed  countyofbucks.onmicrosoft.com;
 budgetrentacartolls.com         require_signed  smtp.com;
 buildingconnected.com           require_signed  buildingconnected.com;
+bulletinhealthcare.com          require_signed  bulletinhealthcare.com;
 burpeenews.com                  require_signed  burpeenews.com;
 business.amazon.com             require_signed  business.amazon.com;
 businessinsider.com             require_signed  businessinsider.com;
 businessmanagementdaily.com     require_signed  businessmanagementdaily.com;
+bustle.com                      require_signed  bustle.com;
 b.us.underarmour.com            require_signed  "*.underarmour.com";
-buykud.com                      require_signed  buykud.com;
+buykud.com                      require_signed  "buykud.com,mandrillapp.com,*.mcsignup.com,*.mcsv.net,*.rsgsv.net,*.mcdlv.net";
 cadsourcing.com                 require_signed  cadsourcing-com.20150623.gappssmtp.com;
 cafarogreenleaf.com             require_signed  cafarogreenleaf.ccsend.com;
 cafepress.com                   require_signed  cafepressinc.onmicrosoft.com;
 calbt.com                       require_signed  email-od.com;
 calendly.com                    require_signed  calendly.com;
+callforentry.org                require_signed  callforentry.org;
 calparks.org                    require_signed  mta-bbcspool.convio.net;
 calvaryabq.org                  require_signed  calvaryabq.org;
 camasb.org                      signed_white    camasb.org;                     // some unsigned mail via coxmail that fails spf
@@ -320,12 +325,14 @@
 cbre.com                        signed_white    mailsvr.com;                    // some unsigned mail via ms *.outlook.com not listed in spf record
 cbs.com                         require_signed  "cbs.onmicrosoft.com,recurly.com";
 cbsd.org                        signed_white    cbsd.onmicrosoft.com;           // some unsigned mail via notification.com fails spf with -all
+cbskyridge.com                  require_signed  brianhall.onmicrosoft.com;
 cbslocal.com                    require_signed  cbslocal.com;
 cbsnewsletter.com               require_signed  cbsnewsletter.com;
 cbsradio.com                    require_signed  cbs.onmicrosoft.com;
 cc.att-mail.com                 require_signed  cc.att-mail.com;
 cc.binders.com                  require_signed  binders.com;
 cchcpelink.com                  require_signed  cchcpelink.com;
+c.constantcontact.com           require_signed  c.constantcontact.com;
 ccphilly.org                    require_signed  smtpcorp.com;
 cc.yahoo-inc.com                require_signed  cc.yahoo-inc.com;           // yahoo signin notifications
 cdsanalytical.com               require_signed  cdsanalytical.onmicrosoft.com;
@@ -399,6 +406,7 @@
 comms.dyson.com                 require_signed  comms.dyson.com;
 comms.opentable.com             require_signed  comms.opentable.com;
 communication.ibx2.com          require_signed  communication.ibx2.com;
+communication.microsoft.com     require_signed  communication.microsoft.com;
 communication.ruelala.com       require_signed  communication.ruelala.com;
 communications.meredith.com     require_signed  communications.meredith.com;
 compressionsale.com             signed_white    icontactmail2.com;              // some unsigned mail via their own servers
@@ -428,6 +436,7 @@
 cpgmatters.com                  require_signed  cpgmatters.ccsend.com;
 cpiinternational.com            require_signed  "vtiger.email,emcan1.vtigermail.com";
 cpucommunication.com            require_signed  cpucommunication.com;
+cracklefireplaces.com           require_signed  cracklefireplaces.com;
 craftunique.com                 require_signed  craftunique-com.20150623.gappssmtp.com;
 craigslist.org                  require_signed  craigslist.org;
 crainalerts.com                 require_signed  crainalerts.com;
@@ -436,6 +445,7 @@
 create.paper-source.com         require_signed  create.paper-source.com;
 creativecircle.com              signed_white    creativecircle.onmicrosoft.com; // some unsigned mail
 creativegroup.com               require_signed  "roberthalf.onmicrosoft.com,mandrillapp.com,*.mcsignup.com,*.mcsv.net,*.rsgsv.net,*.mcdlv.net";
+creativelive.com                require_signed  creativelive.com;
 creativemag.com                 signed_white    creativemagazine.ccsend.com;    // some unsigned mail via gmail
 creditkarma.com                 require_signed  creditkarma.com;
 credit.paypal.com               require_signed  credit.paypal.com;
@@ -512,6 +522,7 @@
 discogs.com                     require_signed  discogs.com;
 discountschoolsupply.com        require_signed  discountschoolsupply.com;
 discoverphl.com                 require_signed  discoverphl.com;
+discovery.com                   require_signed  discoverycomm.onmicrosoft.com;
 discover.zinio.com              require_signed  discover.zinio.com;
 dishemail.com                   require_signed  dishemail.com;
 ditech-notify.com               require_signed  ditech-notify.com;
@@ -593,12 +604,14 @@
 eclinicalmail.com               require_signed  eclinicalmail.com;
 eclipsegr.com                   require_signed  eclipsegr-com.20150623.gappssmtp.com;
 e.colehaan.com                  require_signed  e.colehaan.com;
+e.collegeboard.org              require_signed  e.collegeboard.org;
 e.columbia.com                  require_signed  e.columbia.com;
 e.comixology.com                require_signed  e.comixology.com;
 ecommail.walgreens.com          require_signed  ecommail.walgreens.com;
 economist.com                   require_signed  economist.com;
 e.constantcontact.com           require_signed  e.constantcontact.com;
 e.copart.com                    require_signed  e.copart.com;
+e.crainalerts.com               require_signed  e.crainalerts.com;
 ecrmemail.verizonwireless.com   require_signed  verizonwireless.com;
 e.customink.com                 require_signed  e.customink.com;
 edelivery.citi.com              require_signed  edelivery.citi.com;
@@ -774,6 +787,7 @@
 email.jacquielawson.com         require_signed  email.jacquielawson.com;
 email.jcrew.com                 require_signed  email.jcrew.com;
 email.jetblue.com               require_signed  email.jetblue.com;
+email.joistapp.com              require_signed  "mandrillapp.com,email.joistapp.com";
 email.justflyemail.com          require_signed  email.justflyemail.com;
 email.kqed.org                  require_signed  email.kqed.org;
 email.laithwaiteswine.com       require_signed  email.laithwaiteswine.com;
@@ -914,6 +928,7 @@
 em.citizensbank.com             require_signed  em.citizensbank.com;
 em.dgcatalog.net                require_signed  em.dgcatalog.net;
 em.drugstorenews.com            require_signed  em.drugstorenews.com;
+emedco.com                      require_signed  emedco-com.20150623.gappssmtp.com;
 emerika.com                     require_signed  emerika.com;
 emerson.com                     require_signed  emerson.onmicrosoft.com;
 emessage.njezpass.net           require_signed  amazonses.com;
@@ -1014,13 +1029,13 @@
 e.target.com                    require_signed  e.target.com;
 e.tdbank.com                    require_signed  e.tdbank.com;
 e.teavana.com                   require_signed  e.teavana.com;
-e.therealreal.com               require_signed  e.therealreal.com;
+e.therealdeal.com               require_signed  "mandrillapp.com,*.mcsignup.com,*.mcsv.net,*.rsgsv.net,*.mcdlv.net";
 et.npr.org                      require_signed  et.npr.org;
 et.nprstations.org              require_signed  et.nprstations.org;
 e.toyota.com                    require_signed  e.toyota.com;
 etrailer.com                    require_signed  icontactmail1.com;
 etrainingschool.com             require_signed  criticalimpactinc.com;
-e.travelocity.com               require_signed  mg.expediamail.com;
+e.travelocity.com               require_signed  "mg.travelocity.com,mg.expediamail.com";
 e.tripadvisor.com               require_signed  e.tripadvisor.com;
 etsy.com                        require_signed  mail.etsy.com;
 et.uber.com                     require_signed  et.uber.com;
@@ -1052,6 +1067,7 @@
 exacttarget.change.org          require_signed  exacttarget.change.org;
 examine.com                     require_signed  "ck.examine.com,smtp.groovehq.com";
 exchange.calstatela.edu         require_signed  csula.onmicrosoft.com;
+executivehospitality.com        require_signed  spsend.com;
 exhibitoronline.co              require_signed  exhibitoronline.co;
 exlevents.com                   require_signed  exlevents.com;
 expediamail.com                 require_signed  mg.expediamail.com;
@@ -1062,6 +1078,7 @@
 exponation.net                  require_signed  "exponation-net.20150623.gappssmtp.com,auth.ccsend.com,icontactmail1.com";
 extracare.cvs.com               require_signed  extracare.cvs.com;
 exworkscapital.com              signed_white    198.memberemail.com;            // some unsigned mail via exacttarget, might be spam
+eyecareprovider.com             require_signed  eyecareprovider.com;
 eystudios.com                   require_signed  eystudios.ccsend.com;
 e.zulily.com                    require_signed  e.zulily.com;
 ezup.com                        signed_white    "ezup.com,ezup.onmicrosoft.com";    // some other unsigned mail via quotevalet.com
@@ -1080,7 +1097,7 @@
 farmsanctuary.org               require_signed  mta-bbcspool.convio.net;
 fashionbizinc.org               require_signed  fashionbizinc.ccsend.com;
 fastspring.com                  require_signed  fastspring.com;
-fedbarlive.org                  require_signed  "emsend.com,em.secureserver.net";
+fedbarlive.org                  signed_white    "emsend.com,em.secureserver.net";   // emsend signing with domainkeys, not dkim
 fedex.com                       require_signed  fedex.com;
 fedgovconnect.org               require_signed  fedgovconnect-org.20150623.gappssmtp.com;
 feedvisor.com                   require_signed  "feedvisor-com.20150623.gappssmtp.com,feedvisor.com";
@@ -1095,7 +1112,7 @@
 fire-design.fr                  require_signed  newsletter.fire-design.fr;
 firefox.com                     require_signed  firefox.com;
 firstam.com                     require_signed  firstam.com;
-firstleaf.club                  require_signed  firstleaf.club;
+firstleaf.club                  require_signed  "firstleaf.club,pmta.sailthru.com";
 fisherunitech.com               require_signed  fisherunitech.com;
 fitbit.com                      require_signed  email.fitbit.com
 fitzgeraldphoto.com             require_signed  emlr2.com;
@@ -1125,6 +1142,7 @@
 fourhourbody.com                require_signed  fourhourbody.com;
 foxcreative.net                 signed_white    emlr2.com;                      // some unsigned mail via ms outlook
 foxtv.com                       require_signed  foxtv.onmicrosoft.com;
+frame.io                        require_signed  frame.io;
 fraudprevention.chase.com       require_signed  fraudprevention.chase.com;
 freeconference.com              require_signed  freeconference.com;
 freedomforallamericans.org      require_signed  bounce.bluestatedigital.com;
@@ -1148,6 +1166,7 @@
 gerstmangroup.com               require_signed  "auth.ccsend.com,questservicegroup.ccsend.com";
 ges.com                         signed_white    "ges.com,viadcorp.onmicrosoft.com";
 getjibjab.com                   require_signed  getjibjab.com;
+getty.edu                       require_signed  gettytrust.onmicrosoft.com;
 gge4mailer.com                  signed_white    email.gge4mailer.com;
 ggimageusa.com                  require_signed  "ggimageusa-com.20150623.gappssmtp.com,smtpserver.email,smtpsendmail.com";
 gifts.figis.com                 require_signed  gifts.figis.com;
@@ -1183,6 +1202,7 @@
 greatebay.com                   require_signed  sendclubmail.com;
 greaterthanone.com              require_signed  greaterthanone.onmicrosoft.com;
 greatist.com                    require_signed  greatist.com;
+greatparentingshow.com          require_signed  ontramail.com;
 greenbiz.com                    require_signed  greenbiz.com;
 greenbuildingunited.org         require_signed  dvgbc365.onmicrosoft.com;
 greenforall.org                 require_signed  greenforall.org;
@@ -1192,7 +1212,7 @@
 greenvelope.com                 require_signed  greenvelope.com;
 greyhawk.com                    require_signed  "greyhawkna.onmicrosoft.com,*.ccsend.com";
 greystar.com                    require_signed  "greystar365.onmicrosoft.com,entrata.com";
-gridphilly.com                  require_signed  gridphilly-com.20150623.gappssmtp.com;
+gridphilly.com                  require_signed  "gridphilly-com.20150623.gappssmtp.com,mandrillapp.com,*.mcsignup.com,*.mcsv.net,*.rsgsv.net,*.mcdlv.net";
 grizzly.com                     require_signed  grizzly.com;
 groove3.com                     require_signed  groove3.com;
 grove.co                        require_signed  grove.co;
@@ -1208,6 +1228,7 @@
 h1.hiltonhonors.com             require_signed  h1.hiltonhonors.com;
 habitatncc.org                  require_signed  habitatncc.ccsend.com;
 halfoffdeal.com                 require_signed  halfoffdeal.com;
+hallmarkmoviesnow.com           require_signed  "hallmarkmoviesnow.com,pmta.sailthru.com";
 halpernlevy.com                 require_signed  halpernandlevy.onmicrosoft.com;
 harborfreight.com               require_signed  harborfreight-com.20150623.gappssmtp.com;
 harborfreightemail.com          require_signed  harborfreightemail.com;
@@ -1260,8 +1281,9 @@
 honeywell.com                   require_signed  honeywell.com;
 hootsuite.com                   require_signed  hootsuite.com;
 hospitalitydental.com           require_signed  hospitalitydental.ccsend.com;
+hotels.com                      require_signed  hotels.com;
 houseofgeoscience.org           require_signed  "sendgrid.info,mailplus.nl";
-houzz.com                       require_signed  houzz.com;
+houzz.com                       signed_white    houzz.com;                      // some unsigned mail via salesforce
 hq.acm.org                      require_signed  acmhq.onmicrosoft.com;
 hsbc.com                        require_signed  hsbc.com;
 htallc.com                      require_signed  "smtpsendmail.com,smtp.com";
@@ -1294,12 +1316,14 @@
 improvementscatalog-email.com   require_signed  improvementscatalog-email.com;
 imt-mach.com                    require_signed  imt-mach.com;
 inbound.com                     require_signed  inbound.com;
+inbound.efax.com                require_signed  inbound.efax.com;               // never signed, but must pass spf
 inbox.bissell.com               require_signed  inbox.bissell.com;
 industrymarketingsolutions.com  require_signed  mail-202-169.rm0005.net;
 infinitytools.com               require_signed  "infinitytools.ccsend.com,remarkety.com";
 info1.networksolutions.com      require_signed  info1.networksolutions.com;
 info3.citibank.com              require_signed  info3.citibank.com;
 info4.citi.com                  require_signed  info4.citi.com;
+info5.accountonline.com         require_signed  info5.accountonline.com;
 info6.accountonline.com         require_signed  info6.accountonline.com;
 info6.citi.com                  require_signed  info6.citi.com;
 info.bitdefender.com            require_signed  info.bitdefender.com;
@@ -1319,6 +1343,7 @@
 inlandgroup.com                 require_signed  inlandgroup.com;
 inmarket.com                    require_signed  "inmarket.com,*.hubspotemail.net";
 innovive.com                    require_signed  innovive-com.20150623.gappssmtp.com;
+inpower.ca                      require_signed  inpower-ca.20150623.gappssmtp.com;
 insideapple.apple.com           require_signed  insideapple.apple.com;
 insideradio.com                 require_signed  e2ma.net;
 inspire.pinterest.com           require_signed  inspire.pinterest.com;
@@ -1363,6 +1388,7 @@
 jibjab.com                      require_signed  "jibjab.com,recurly.com";
 jimjohnson4governor.com         require_signed  bounce.bluestatedigital.com;
 jkj.com                         require_signed  "jkj.com,jkji.onmicrosoft.com";
+jmtingley.com                   require_signed  netorgft3481339.onmicrosoft.com;
 job.alerted.org                 require_signed  job.alerted.org;
 jobrapidoalert.com              require_signed  jobrapidoalert.com;
 jobs2careers.com                require_signed  jobs2careers.com;
@@ -1382,7 +1408,6 @@
 kamalaharris.org                signed_white    kamalaharris.org;
 kantar.com                      require_signed  "ktglbuc.onmicrosoft.com,icontactmail6.com";
 kantarmedia.com                 require_signed  "kantarmedia.com,ktglbuc.onmicrosoft.com,icontactmail3.com,icontactmail6.com";
-katiemcginty.com                require_signed  bounce.myngp.com;
 katzmedia.com                   require_signed  "iheartmedia.onmicrosoft.com,clearchannel.com,iheartmedia.com";
 kaydaly.com                     require_signed  "kaydaly.com,bluehornet.com";
 kbkg.net                        require_signed  kbkg.net;
@@ -1418,6 +1443,7 @@
 latest.newsmax.com              require_signed  latest.newsmax.com;
 latinworks.com                  require_signed  latinworks.onmicrosoft.com;
 law360.com                      require_signed  "law360.com,mailings-alt.law360.com";
+laweekly-insider.com            require_signed  laweekly-insider.com;
 lawline.com                     require_signed  icontactmail1.com;
 lawreviewcle.com                require_signed  lawreviewcle.com;
 law.stanford.edu                require_signed  "cmail19.com,cmail20.com";
@@ -1444,7 +1470,6 @@
 libertymutual.com               signed_white    libertymutual.com;              // some unsigned mail from their own servers
 lifeandstylemag.com             require_signed  lifeandstylemag.com;
 lifelock.com                    require_signed  lifelock.com;
-lightblocks.com                 require_signed  triggeredemailservice.com;
 lightyearmg.com                 require_signed  lightyearmg-com.20150623.gappssmtp.com;
 lillarogers.com                 require_signed  lillarogers.ccsend.com;
 lindenmeyr.com                  require_signed  lindenmeyrmunroe.ccsend.com;
@@ -1472,6 +1497,7 @@
 loweekly.com                    require_signed  loweekly.com;
 loyaltyalliance.com             require_signed  "loyaltyalliance.com,mx-senderer-02.com,mx-senderer-03.com";
 loyalty.bloomingdales.com       require_signed  loyalty.bloomingdales.com;
+loyalty.ms.aa.com               require_signed  loyalty.ms.aa.com;
 lpl.com                         require_signed  lpl.com;
 lqa.com                         require_signed  cp20.com;
 l.soma.com                      require_signed  l.soma.com;
@@ -1495,12 +1521,14 @@
 mail1.wellsfargo.com            require_signed  mail1.wellsfargo.com;
 mail2.gofarrewards.wellsfargo.com require_signed  mail2.gofarrewards.wellsfargo.com;
 mail2.wellsfargo.com            require_signed  mail2.wellsfargo.com;
+mail3.ams-cc.com                require_signed  ams-cc.com;
 mail5.avvo.com                  require_signed  mail5.avvo.com;
 mail7.creditkarma.com           require_signed  mail.creditkarma.com;
 mail.accounts.autodesk.com      require_signed  email.accounts.autodesk.com;
 mail.authorize.net              require_signed  mail.authorize.net;
 mail.barnesandnoble.com         require_signed  mail.barnesandnoble.com;
 mail.bloombergbusiness.com      require_signed  mail.bloombergbusiness.com;
+mail.bonefishgrill.com          require_signed  mail.bonefishgrill.com;
 mail.bouqs.com                  require_signed  mail.bouqs.com;
 mail.brylanehome.com            require_signed  mail.brylanehome.com;
 mailcenter.usaa.com             require_signed  usaa.com;
@@ -1508,9 +1536,12 @@
 mailchimp.com                   require_signed  mailchimp.com;
 mail.citipricerewind.com        require_signed  mail.citipricerewind.com;       // stupid banks with multiple branding;
 mail.crateandbarrel.com         require_signed  mail.crateandbarrel.com;
+mail.disneydestinations.com     require_signed  mail.disneydestinations.com;
+mail.efax.com                   require_signed  mail.efax.com;                  // never signed, but must pass spf
 mail.elsevier.com               require_signed  mail.elsevier.com;
 mailer.birchbox.com             require_signed  mailer.birchbox.com;
 mailer.box.com                  require_signed  box.com;
+mailer.cheaptickets.com         require_signed  mailer.cheaptickets.com;
 mailer.netflix.com              require_signed  netflix.com;
 mailer.shopify.com              require_signed  shopify.com;
 mail.etsy.com                   require_signed  mail.etsy.com;
@@ -1574,11 +1605,12 @@
 marketing.qdoba.com             require_signed  marketing.qdoba.com;
 marketplace.amazon.ca           require_signed  amazon.ca;
 marketplace.amazon.com          require_signed  amazon.com;
-marquiscapemay.com              require_signed  marquiscapemay.onmicrosoft.com;
+marquiscapemay.com              require_signed  "marquiscapemay.onmicrosoft.com,auth.ccsend.com";
 martindalemail.com              require_signed  martindalemail.com;
 martindalenolo.com              require_signed  "martindalenolo.com,lawyers.com";
 marymorrissey.com               require_signed  marymorrissey.com;
 mastrocomm.com                  require_signed  twisteddune.ccsend.com;
+matadornetwork.com              require_signed  matadornetwork.com;
 matildajaneclothing-email.com   require_signed  matildajaneclothing-email.com;
 matterhackers.com               require_signed  "mandrillapp.com,*.mcsignup.com,*.mcsv.net,*.rsgsv.net,*.mcdlv.net";
 maxpedition.com                 require_signed  icontactmail1.com;
@@ -1597,6 +1629,7 @@
 medjet.com                      require_signed  "mandrillapp.com,*.mcsignup.com,*.mcsv.net,*.rsgsv.net,*.mcdlv.net";
 medquestltd.com                 signed_white    medquest.ccsend.com;            // some unsigned mail from their own servers
 medstatix.com                   require_signed  medstatix.com;
+meetup.com                      require_signed  meetup.com;
 meltwaterpress.com              require_signed  meltwaterpress.com;
 member.americanexpress.com      require_signed  member.americanexpress.com;
 members.allmodern.com           require_signed  members.allmodern.com;
@@ -1611,6 +1644,7 @@
 menard.messages1.com            require_signed  menard.messages1.com;
 mentor-protege.net              require_signed  1pointemail.net;
 meraki.net                      require_signed  meraki.net;
+merchant.bankofamerica.com      require_signed  merchant.bankofamerica.com;
 meredith.com                    require_signed  meredith.com;
 merrickbank.com                 require_signed  smtpsendmail.com;
 message.bbt.com                 require_signed  message.bbt.com;
@@ -1619,6 +1653,7 @@
 messages.autotrader.com         require_signed  messages.autotrader.com;
 messages.cancer.org             require_signed  messages.cancer.org;
 message.scholastic.com          require_signed  message.scholastic.com;
+messages.clippers.com           require_signed  clippers.com;
 messages.cutco.com              require_signed  messages.cutco.com;
 message.sema.org                require_signed  message.sema.org;
 messages.globalindustrial.com   require_signed  messages.globalindustrial.com;
@@ -1758,7 +1793,6 @@
 news.hickoryfarms.com           require_signed  news.hickoryfarms.com;
 newsletter.247sports.com        require_signed  newsletter.247sports.com;
 newsletter.gearbest.com         require_signed  newsletter.gearbest.com;
-newsletter.mail.moneyandmarkets.com require_signed  newsletter.mail.moneyandmarkets.com;
 newsletter.movietickets.email   require_signed  newsletter.movietickets.email;
 newsletter.newyorker.com        require_signed  newsletter.newyorker.com;
 newsletter.purposedriven.com    require_signed  newsletter.purposedriven.com;
@@ -1775,6 +1809,7 @@
 news.shiftdailynews.com         require_signed  news.shiftdailynews.com;
 news.southcommmail.com          require_signed  news.southcommmail.com;         // needs spf for broken signatures
 news.subaru.com                 require_signed  news.subaru.com;
+news.taylormadegolf.com         require_signed  news.taylormadegolf.com;
 news.tinyprints.com             require_signed  news.tinyprints.com;
 news.united.com                 require_signed  news.united.com;
 news.weddingpaperdivas.com      require_signed  news.weddingpaperdivas.com;
@@ -1793,7 +1828,8 @@
 nlmdlr.com                      require_signed  pool01.imakenews.net;
 nmajh.org                       require_signed  nmajh.ccsend.com;
 nmk.printegra.com               require_signed  nmk.printegra.com;
-nordstrom.com                   require_signed  nordstrom.com;
+noozhawk.com                    require_signed  noozhawk.com;
+nordstrom.com                   require_signed  "nordstrom.com,amazonses.com";
 noreply1.ebay.com               require_signed  ebay.com;
 noreply.autodesk.com            require_signed  noreply.autodesk.com;
 noreply.collegeboard.org        require_signed  noreply.collegeboard.org;
@@ -1807,13 +1843,14 @@
 notification.capitalone.com     require_signed  notification.capitalone.com
 notification.intuit.com         require_signed  notification.intuit.com;
 notifications.intuit.com        require_signed  notifications.intuit.com;
+notifications.networksolutions.com require_signed  notifications.networksolutions.com;
 notifications.pinterest.com     require_signed  notifications.pinterest.com;
 notifications.wm.com            require_signed  notifications.wm.com;
 notify.email.aa.com             require_signed  notify.email.aa.com;
 notify.meetmemail.com           require_signed  notify.meetmemail.com;
 notify.transunion.com           require_signed  notify.transunion.com;
 novitex.com                     require_signed  pbmsnovitex.onmicrosoft.com;
-npm.org                         require_signed  "npm-org.20150623.gappssmtp.com,smtp.com";
+npm.org                         require_signed  "npm-org.20150623.gappssmtp.com,smtp.com,auth.ccsend.com";
 nrailafrontlines.com            require_signed  nrailafrontlines.com;
 nrdc.org                        require_signed  nrdc1.onmicrosoft.com;
 nsbaadvocate.com                require_signed  mmsend.com;
@@ -1824,6 +1861,7 @@
 oaktreecapital.com              require_signed  oaktreecapital.com;
 oakwoodveneer.com               require_signed  em.secureserver.net;
 oath.com                        require_signed  oath.com;
+ocitc.com                       require_signed  netorg670674.onmicrosoft.com;
 ocusoft.com                     require_signed  "cmail19.com,cmail20.com";
 ocwen.com                       require_signed  ocwen.com;
 o.delta.com                     require_signed  o.delta.com;
@@ -1852,6 +1890,7 @@
 onlineaudiotraining.com         require_signed  onlineaudiotraining.com;
 online.costco.com               require_signed  online.costco.com;
 online.essentra.com             require_signed  online.essentra.com;
+online.wsfsbank.com             require_signed  online.wsfsbank.com             // unsigned mail should pass spf -all
 onmogul.com                     require_signed  onmogul.com;
 onpeak.com                      require_signed  "onpeak.com,mandrillapp.com,*.mcsignup.com,*.mcsv.net,*.rsgsv.net,*.mcdlv.net";
 onvia.com                       require_signed  onvia.com;
@@ -1874,6 +1913,7 @@
 os-media.com                    require_signed  os-media.com;
 osv.com                         require_signed  osvparish.ccsend.com;
 ottingergolf.com                require_signed  "mandrillapp.com,*.mcsignup.com,*.mcsv.net,*.rsgsv.net,*.mcdlv.net,scotlandrun.ccsend.com";
+ottolearn.com                   require_signed  "mandrillapp.com,*.mcsignup.com,*.mcsv.net,*.rsgsv.net,*.mcdlv.net";
 ourrevolution.com               require_signed  ourrevolution.com;
 ourtime.com                     require_signed  ourtime.com;
 outdoorfest.com                 require_signed  outdoorfest.com;
@@ -1885,6 +1925,7 @@
 ownerreminders.com              require_signed  ownerreminders.com;
 oyrtbetham.org                  require_signed  oyrtbetham.onmicrosoft.com;
 p66.com                         require_signed  p66.com;
+paalerts.com                    require_signed  paalerts.com;                   // broken signatures, but passes spf
 pac-cap.com                     require_signed  thelakearrowheadvillage.ccsend.com;
 pacific.edu                     require_signed  "imodules.com,bluehornet.com";
 pacificmachinetools.com         require_signed  "mandrillapp.com,*.mcsignup.com,*.mcsv.net,*.rsgsv.net,*.mcdlv.net";
@@ -1968,14 +2009,17 @@
 planetcyclery.com               require_signed  sendgrid.net;
 pmc.com                         require_signed  pmc.com;
 pmrgi.com                       require_signed  cvent-planner.com;
+pnc.com                         require_signed  pnc.com;
 pods.com                        require_signed  pods.com;
+politico.com                    require_signed  politico.com;
 politicoemail.com               require_signed  politicoemail.com;
 pond5.com                       require_signed  e.pond5.com;
 pony.org                        require_signed  pony.ccsend.com;
-poolhost.com                    require_signed  poolhost.com;
+poolhost.com                    require_signed  "poolhost.com,amazonses.com";
 popmoney.com                    require_signed  popmoney.com;
 popsugar.com                    signed_white    "popsugar.com,auth.ccsend.com"; // unsigned mail via netsuite
 portal.io                       require_signed  portal-io.20150623.gappssmtp.com;
+poshmark.com                    require_signed  email.poshmark.com;
 postergarden.com                require_signed  postergarden.com;
 powell.com                      require_signed  powell.com;
 ppfa.org                        require_signed  ppfa.org;
@@ -2039,7 +2083,7 @@
 randjsc.com                     require_signed  randjsc.onmicrosoft.com;
 randpac.com                     require_signed  bluehornet.com;
 randstadusa.com                 require_signed  rfo.contacts.randstadusa.com;
-randybryceforcongress.com       require_signed  bounce.bluestatedigital.com;
+randybryceforcongress.com       require_signed  "bounce.bluestatedigital.com,bounce.myngp.com";
 rapidnews.com                   require_signed  "rapidnews-com.20150623.gappssmtp.com,mandrillapp.com,*.mcsignup.com,*.mcsv.net,*.rsgsv.net,*.mcdlv.net";
 ravepro.com                     require_signed  icontactmail1.com;
 rbc.com.pa                      require_signed  "rbc-com-pa.20150623.gappssmtp.com,mpdkim2.ch";
@@ -2079,6 +2123,7 @@
 reservebar.com                  require_signed  reservebar.com;
 resnap.com                      require_signed  resnap.com;
 resnexus.com                    require_signed  resnexus.com;
+resonantmastering.com           require_signed  resonantmastering-com.20150623.gappssmtp.com;
 response.ebags.com              require_signed  response.ebags.com;
 response.nfcu.org               require_signed  response.nfcu.org;
 revinate.com                    require_signed  inguest.com;
@@ -2098,6 +2143,7 @@
 rismedia-enews.com              require_signed  rismedia-enews.com;
 ritz-ritz.us                    require_signed  ritz-ritz.us;
 rlsassociates.com               require_signed  icontactmail3.com;
+rmsmg.com                       require_signed  rmsmg.com;                      // opoc_leaking for mbmg client
 roberthalf.com                  signed_white    roberthalf.onmicrosoft.com;     // some unsigned via geninfo.com
 robsonforensic.com              signed_white    "*.shared.hubspot.com";         // unsigned mail from their barracuda servers
 roku.com                        require_signed  roku.onmicrosoft.com;
@@ -2123,7 +2169,8 @@
 salamanderhotels.com            require_signed  salamanderhotels.com;
 salamanderresort.com            require_signed  "salamanderresort.com,salamanderhotels.com";
 samplingsupplies.com            require_signed  samplingsupplies.com;
-sandpiperrental.com             require_signed  "sandpiperrental.com,mandrillapp.com,*.mcsignup.com,*.mcsv.net,*.rsgsv.net,*.mcdlv.net";;
+sandpiperrental.com             require_signed  "sandpiperrental.com,amazonses.com,mandrillapp.com,*.mcsignup.com,*.mcsv.net,*.rsgsv.net,*.mcdlv.net";;
+sanofi.com                      require_signed  sanofi.com;                     // unsigned spam via exacttarget
 santamariasun.com               require_signed  santamariasun-com.20150623.gappssmtp.com;
 sap.com                         signed_white    bluehornet.com;                 // probably other signers
 save.nature.org                 require_signed  save.nature.org;
@@ -2132,6 +2179,7 @@
 sbpub.com                       require_signed  "publicaster.com,bsftransmit7.com";
 sbs.nyc.gov                     require_signed  "auth.ccsend.com,nycsbs.ccsend.com";
 schedulepayment.com             require_signed  schedulepayment.com;
+schoology.com                   require_signed  email.schoology.com;
 schoox.com                      require_signed  mail.intercom.io;
 scoremorerewards.com            require_signed  scoremorerewards.com;
 scotnery.com                    require_signed  scotnery.com;
@@ -2139,6 +2187,7 @@
 scouting.org                    require_signed  "scouting.org,scouting.ccsend.com";
 scoutmob.com                    require_signed  scoutmob.com;
 scup.org                        require_signed  em.secureserver.net;
+scwmediasystems.com             signed_white    outlook.com;
 sdi.com                         require_signed  sdi2.onmicrosoft.com;
 seatgeek.com                    require_signed  seatgeek.com;
 seatme.com                      require_signed  seatme.com;
@@ -2277,6 +2326,7 @@
 stringacademyofwisconsin.org    require_signed  panthers.onmicrosoft.com;
 stripe.com                      require_signed  stripe.com;
 strongmail.cfmvmail.com         require_signed  strongmail.cfmvmail.com;
+studiomalibu.com                require_signed  studiomalibu-com.20150623.gappssmtp.com;
 style.adoreme.com               require_signed  style.adoreme.com;
 style.letote.com                require_signed  style.letote.com;
 subscriptions.cms.hhs.gov       require_signed  subscriptions.cms.hhs.gov;
@@ -2343,6 +2393,7 @@
 the-efa.org                     require_signed  "the-efa.org,the-efa.ccsend.com,mandrillapp.com,*.mcsignup.com,*.mcsv.net,*.rsgsv.net,*.mcdlv.net";
 thefisherman.com                require_signed  thefisherman.ccsend.com;
 thegovconadvisors.com           require_signed  reachmail.net;
+thegramlist.com                 require_signed  thegramlist-com.20150623.gappssmtp.com;
 thehotviolinist.com             require_signed  "ckmail4.com,mandrillapp.com,*.mcsignup.com,*.mcsv.net,*.rsgsv.net,*.mcdlv.net";
 thejurylab.com                  require_signed  icontactmail1.com;
 thelooploft.com                 require_signed  thelooploft.com;
@@ -2350,6 +2401,7 @@
 themichigancatholicchoir.org    require_signed  papadantravel.com;
 theproducenews.com              require_signed  theproducenews.ccsend.com;
 therdstore.com                  require_signed  jetrord.ccsend.com;
+therealdeal.com                 require_signed  "mandrillapp.com,*.mcsignup.com,*.mcsv.net,*.rsgsv.net,*.mcdlv.net";
 theselfimprovementgenie.com     require_signed  theselfimprovementgenie.com;
 theshadestore.com               require_signed  theshadestore.com;
 thesoccerwire.com               require_signed  hummersport.ccsend.com;
@@ -2400,6 +2452,7 @@
 trendhunter.com                 require_signed  trendhunter.ccsend.com;
 trendmicro.com                  require_signed  trendmicro.com;
 trialguides.com                 require_signed  infusionmail.com;
+tribalworldwide.com             require_signed  ddbnewyork.onmicrosoft.com;
 tridentadvisors.com             signed_white    tridentadvisors.onmicrosoft.com;// some mail has bad signature
 tridentmortgage.com             require_signed  tridentmortgage.com;
 trigentsolutions.com            require_signed  trigentsolutionsinc.onmicrosoft.com;
@@ -2419,11 +2472,12 @@
 ubmcanon-info.com               require_signed  ubmcanon-info.com;
 ubs.com                         require_signed  ubs.com;
 ucla.edu                        signed_white    ucla-edu.20150623.gappssmtp.com;    // probably not the only source
-ucsb.edu                        require_signed  "ltsc.ucsb.edu,imodules.com";
+ucsb.edu                        require_signed  "ltsc.ucsb.edu,imodules.com,e2ma.net";
 uh.edu                          signed_white    amazonses.com                   // Coognews
 ulta.com                        require_signed  ulta.com;
 ultimateestateplanner.com       require_signed  ultimateestateplanner.ccsend.com;
 umail.ucsb.edu                  require_signed  "ltsc.ucsb.edu,gmail.com";      // google groups mail for michael signed by gmail
+umich.edu                       signed_white    lyris.dundee.net;               // mailing list
 uncubed.com                     require_signed  uncubed.com;
 undertone.com                   signed_white    undertone.com;                  // mbmg client
 unionbank.com                   signed_white    unionbank.com;                  // some unsigned mail via cashedge
@@ -2434,6 +2488,7 @@
 unitronics.com                  require_signed  unitronics.ccsend.com;
 universalsocceracademy.com      require_signed  universalsocceracademy.ccsend.com;
 universityproducts.com          signed_white    icontactmail3.com;              // unsigned mail from their own servers, no spf txt record
+univision.net                   require_signed  uci.onmicrosoft.com;
 unm.edu                         require_signed  unmm.onmicrosoft.com;
 unyson.com                      require_signed  unyson.com;
 uofpittgreensburg.org           require_signed  uofpittgreensburg.org;
@@ -2463,7 +2518,6 @@
 ustvnow.com                     require_signed  ustvnow.com;
 u.ticketliquidatorupdates.com   require_signed  u.ticketliquidatorupdates.com;
 uwalumni.com                    require_signed  uwalumni.com;
-valarkoosh.com                  require_signed  bounce.myngp.com;
 valeant.com                     require_signed  "valeant.com,valeant.onmicrosoft.com";
 value.amerimark.com             require_signed  value.amerimark.com;
 value.kmart.com                 require_signed  value.kmart.com;
@@ -2506,7 +2560,9 @@
 watchmanmonitoring.com          require_signed  watchmanmonitoring.com;
 waterboards.ca.gov              require_signed  cawaterboards.onmicrosoft.com;
 wayfair.com                     require_signed  "wayfair.com,wayfair.onmicrosoft.com";
+wayneart.org                    require_signed  "mandrillapp.com,*.mcsignup.com,*.mcsv.net,*.rsgsv.net,*.mcdlv.net";
 wdsearch.com                    require_signed  wdsearch.com;
+wdw.disneyonline.com            require_signed  disneyonline.com;
 wealthyretirement.com           require_signed  wealthyretirement.com;
 wearealexander.com              require_signed  wearealexander-com.20150623.gappssmtp.com;
 wearecollide.com                require_signed  "wearecollide-com.20150623.gappssmtp.com,mlsend3.com";
@@ -2533,6 +2589,7 @@
 wharton.upenn.edu               require_signed  "wharton.upenn.edu,mandrillapp.com,*.mcsignup.com,*.mcsv.net,*.rsgsv.net,*.mcdlv.net";
 whcandy.com                     require_signed  whcandy.com;
 whitegraphics.com               require_signed  whitegraphics-com.20150623.gappssmtp.com;
+whitesharkmedia.com             require_signed  whitesharkmedia.com;
 wholesaleprime.com              require_signed  "sendgrid.net,frg.im";
 wiley.com                       require_signed  wiley.com;
 williampenninn.com              require_signed  williampenninn.ccsend.com;
@@ -2567,6 +2624,7 @@
 x2vol.com                       require_signed  sendgrid.info;
 xarisma.com                     signed_white    xarisma.com;                    // some unsigned mail via netsuite.com
 xbyte.com                       require_signed  xbyte.com;
+xks.com                         require_signed  xks.com;
 xlive.tm00.com                  require_signed  tm00.com;
 xode.com                        require_signed  xode.com;
 yahoo-inc.com                   require_signed  yahoo-inc.com;                  // password resets, etc
--- a/dnsbl.spec.in	Thu Feb 22 09:42:42 2018 -0800
+++ b/dnsbl.spec.in	Tue Apr 10 12:56:07 2018 -0700
@@ -155,6 +155,9 @@
 
 
 %changelog
+* Tue Apr 10 2018 Carl Byington <carl@five-ten-sg.com> - 6.69-1
+- fix spf mx:domain.tld token parsing
+
 * Mon Feb 19 2018 Carl Byington <carl@five-ten-sg.com> - 6.68-1
 - round rather than truncate spam assassin scores.
 - check >= rather than > for spam assassin scores to match
--- a/src/context.cpp	Thu Feb 22 09:42:42 2018 -0800
+++ b/src/context.cpp	Tue Apr 10 12:56:07 2018 -0700
@@ -1239,7 +1239,7 @@
                     }
                 }
                 else if (strncmp(p, "mx", 2) == 0) {
-                    const char *name = (p[2] == ':') ? p+2 : from;
+                    const char *name = (p[2] == ':') ? p+3 : from;
                     char buf[maxdnslength];
                     dns_interface(*priv, name, ns_t_mx, false, NULL, buf, maxdnslength);
                     char *b = buf;
--- a/tld.conf	Thu Feb 22 09:42:42 2018 -0800
+++ b/tld.conf	Tue Apr 10 12:56:07 2018 -0700
@@ -1,4 +1,4 @@
-// generated by make-tld-conf.py on 2018-02-15 09:55:12
+// generated by make-tld-conf.py on 2018-04-10 12:51:15
 
 // This Source Code Form is subject to the terms of the Mozilla Public
 // License, v. 2.0. If a copy of the MPL was not distributed with this
@@ -447,6 +447,7 @@
 art.br
 ato.br
 b.br
+barueri.br
 belem.br
 bhz.br
 bio.br
@@ -7708,7 +7709,7 @@
 booking
 
 // boots : 2015-01-08 THE BOOTS COMPANY PLC
-boots
+// no ns record for boots
 
 // bosch : 2015-06-18 Robert Bosch GMBH
 bosch
@@ -11061,12 +11062,6 @@
 inf.ua
 ltd.ua
 
-// AgileBits Inc : https://agilebits.com
-// Submitted by Roustem Karimov <roustem@agilebits.com>
-1password.ca
-1password.com
-1password.eu
-
 // Agnat sp. z o.o. : https://domena.pl
 // Submitted by Przemyslaw Plewa <it-admin@domena.pl>
 beep.pl
@@ -11097,6 +11092,7 @@
 elasticbeanstalk.com
 ap-northeast-1.elasticbeanstalk.com
 ap-northeast-2.elasticbeanstalk.com
+ap-northeast-3.elasticbeanstalk.com
 ap-south-1.elasticbeanstalk.com
 ap-southeast-1.elasticbeanstalk.com
 ap-southeast-2.elasticbeanstalk.com
@@ -11266,7 +11262,6 @@
 qc.com
 ru.com
 sa.com
-se.com
 se.net
 uk.com
 uk.net
@@ -11310,9 +11305,14 @@
 // Submitted by Leon Rowland <leon@clearvox.nl>
 virtueeldomein.nl
 
+// Clever Cloud : https://www.clever-cloud.com/
+// Submitted by Quentin Adam <noc@clever-cloud.com>
+cleverapps.io
+
 // Cloud66 : https://www.cloud66.com/
 // Submitted by Khash Sajadi <khash@cloud66.com>
 c66.me
+cloud66.ws
 
 // CloudAccess.net : https://www.cloudaccess.net/
 // Submitted by Pawel Panek <noc@cloudaccess.net>
@@ -11356,6 +11356,10 @@
 cloudns.pw
 cloudns.us
 
+// Cloudeity Inc : https://cloudeity.com
+// Submitted by Stefan Dimitrov <contact@cloudeity.com>
+cloudeity.net
+
 // CoDNS B.V.
 co.nl
 co.no
@@ -12181,6 +12185,14 @@
 // Submitted by Matthew Hardeman <mhardeman@ipifony.com>
 ipifony.net
 
+// Jino : https://www.jino.ru
+// Submitted by Sergey Ulyashin <ulyashin@jino.ru>
+myjino.ru
+*.hosting.myjino.ru
+*.landing.myjino.ru
+*.spectrum.myjino.ru
+*.vps.myjino.ru
+
 // Joyent : https://www.joyent.com/
 // Submitted by Brian Bennett <brian.bennett@joyent.com>
 *.triton.zone
@@ -12208,6 +12220,11 @@
 lcube-server.de
 svn-repos.de
 
+// linkyard ldt: https://www.linkyard.ch/
+// Submitted by Mario Siegenthaler <mario.siegenthaler@linkyard.ch>
+linkyard.cloud
+linkyard-cloud.ch
+
 // LiquidNet Ltd : http://www.liquidnetlimited.com/
 // Submitted by Victor Velchev <admin@liquidnetlimited.com>
 we.bs
@@ -12250,6 +12267,10 @@
 azure-mobile.net
 cloudapp.net
 
+// Mozilla Corporation : https://mozilla.com
+// Submitted by Ben Francis <bfrancis@mozilla.com>
+mozilla-iot.org
+
 // Mozilla Foundation : https://mozilla.org/
 // Submitted by glob <glob@mozilla.com>
 bmoattachments.org
@@ -12451,6 +12472,10 @@
 // Submitted by Jan Moennich <jan.moennich@ownprovider.com>
 ownprovider.com
 
+// OX : http://www.ox.rs
+// Submitted by Adam Grand <webmaster@mail.ox.rs>
+ox.rs
+
 // oy.lc
 // Submitted by Charly Coste <changaco@changaco.oy.lc>
 oy.lc
@@ -12506,6 +12531,10 @@
 chirurgiens-dentistes-en-france.fr
 byen.site
 
+// Russian Academy of Sciences
+// Submitted by Tech Support <support@rasnet.ru>
+ras.ru
+
 // QA2
 // Submitted by Daniel Dent (https://www.danieldent.com/)
 qa2.com
@@ -12558,6 +12587,10 @@
 logoip.de
 logoip.com
 
+// schokokeks.org GbR : https://schokokeks.org/
+// Submitted by Hanno Böck <hanno@schokokeks.org>
+schokokeks.net
+
 // Scry Security : http://www.scrysec.com
 // Submitted by Shante Adam <shante@skyhat.io>
 scrysec.com
@@ -12663,6 +12696,10 @@
 med.pl
 sopot.pl
 
+// The Gwiddle Foundation : https://gwiddlefoundation.org.uk
+// Submitted by Joshua Bayfield <joshua.bayfield@gwiddlefoundation.org.uk>
+gwiddle.co.uk
+
 // Thingdust AG : https://thingdust.com/
 // Submitted by Adrian Imboden <adi@thingdust.com>
 cust.dev.thingdust.io
@@ -12738,6 +12775,10 @@
 // Submitted by Ed Moore <Ed.Moore@lib.de.us>
 lib.de.us
 
+// VeryPositive SIA : http://very.lv
+// Submitted by Danko Aleksejevs <danko@very.lv>
+2038.io
+
 // Viprinet Europe GmbH : http://www.viprinet.com
 // Submitted by Simon Kissel <hostmaster@viprinet.com>
 router.management
@@ -12766,6 +12807,10 @@
 demon.nl
 xs4all.space
 
+// YesCourse Pty Ltd : https://yescourse.com
+// Submitted by Atul Bhouraskar <atul@yescourse.com>
+official.academy
+
 // Yola : https://www.yola.com/
 // Submitted by Stefano Rivera <stefano@yola.com>
 yolasite.com
@@ -12792,10 +12837,14 @@
 // ===END PRIVATE DOMAINS===
 
 finemanrealty.com
+club
 loan
+stream
+win
 static.reverse.lstn.net
 unifiedlayer.com
 mail.unifiedlayer.com
+psychz.net
 cloudapp.net
 myactivedirectory.com
 ddns.net