mirror of
https://github.com/domainaware/parsedmarc.git
synced 2026-02-17 07:03:58 +00:00
cb3f82e847
mimecast sample taken from: https://github.com/domainaware/parsedmarc/issues/429#issuecomment-1873387507
109 lines
5.1 KiB
Plaintext
109 lines
5.1 KiB
Plaintext
From dmarc-noreply@linkedin.com Tue Apr 30 02:09:16 2019
|
|
Received: from mailf-cd.linkedin.com ([108.174.6.228])
|
|
by example.uriports.com with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
|
|
(MTA 2.20)
|
|
(envelope-from <dmarc-noreply@linkedin.com>)
|
|
id 1hLICq-00001z-JU
|
|
for dmarc@example.uriports.com; Tue, 30 Apr 2019 02:09:16 +0000
|
|
Received: from [127.0.0.1] ([local])
|
|
by mail516.prod.linkedin.com (envelope-from <dmarc-noreply@linkedin.com>)
|
|
(ecelerity 3.6.21.53563 r(Core:3.6.21.0)) with UNKNOWN
|
|
id AA/01-16018-D1AA1CC5; Tue, 30 Apr 2019 02:09:00 +0000
|
|
Date: Tue, 30 Apr 2019 02:09:00 +0000
|
|
Message-ID: <BB.91.26019.C3EA7CC5@mail516.prod.linkedin.com>
|
|
X-LinkedIn-Class: EMAIL_REPORTS
|
|
Subject: DMARC Failure report for example.com Mail-From: IP:10.10.10.10
|
|
To: dmarc-noreply@linkedin.com
|
|
From: dmarc-noreply@linkedin.com
|
|
Content-Type: multipart/report; report-type=feedback-report;
|
|
boundary="_----abcdefghijklmnopqrstuv===_AA/01-16018-D1AA1CC5"
|
|
Received-SPF: pass client-ip=108.174.6.228; envelope-from=dmarc-noreply@linkedin.com; helo=mailf-cd.linkedin.com
|
|
|
|
--_----abcdefghijklmnopqrstuv===_AA/01-16018-D1AA1CC5
|
|
Content-Type: text/plain; charset="US-ASCII"
|
|
Content-Transfer-Encoding: 7bit
|
|
|
|
This is an email abuse report for an email message received from IP 10.10.10.10 on Tue, 30 Apr 2019 02:09:00 +0000.
|
|
The message below did not meet the sending domain's dmarc policy.
|
|
The message below could have been accepted or rejected depending on policy.
|
|
For more information about this format please see http://tools.ietf.org/html/rfc6591 .
|
|
|
|
--_----abcdefghijklmnopqrstuv===_AA/01-16018-D1AA1CC5
|
|
Content-Type: message/feedback-report
|
|
|
|
Feedback-Type: auth-failure
|
|
User-Agent: Lua/1.0
|
|
Version: 1.0
|
|
Original-Mail-From:
|
|
Original-Rcpt-To: recipient@linkedin.com
|
|
Arrival-Date: Tue, 30 Apr 2019 02:09:00 +0000
|
|
Message-ID: <01010101010101010101010101010101@ABAB01MS0016.someserver.loc>
|
|
Authentication-Results: dmarc=fail (p=none; dis=none) header.from=example.com
|
|
Source-IP: 10.10.10.10
|
|
Delivery-Result: delivered
|
|
Auth-Failure: dmarc
|
|
Reported-Domain: example.com
|
|
|
|
--_----abcdefghijklmnopqrstuv===_AA/01-16018-D1AA1CC5
|
|
Content-Type: message/rfc822
|
|
Content-Disposition: inline
|
|
|
|
Return-Path: <>
|
|
Authentication-Results: mail516.prod.linkedin.com; iprev=pass policy.iprev="10.10.10.10"; spf=neutral smtp.mailfrom="" smtp.helo="mail02.someserver.com"; dkim=none (message not signed) header.d=none; tls=pass (verified) key.ciphersuite="TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384" key.length="256" tls.v="tlsv1.2" cert.client="OU=Domain Control Validated,CN=*.someserver.com" cert.clientissuer="C=GB,ST=Greater Manchester,L=Salford,O=COMODO CA Limited,CN=COMODO RSA Domain Validation Secure Server CA"; dmarc=fail (p=none; dis=none) header.from=example.com
|
|
X-OnPremExternalIP: 10.10.10.10
|
|
Received: from [10.10.10.10] ([10.10.10.10:4227] helo=mail02.someserver.com)
|
|
by mail516.prod.linkedin.com (envelope-from <>)
|
|
(ecelerity 3.6.21.53563 r(Core:3.6.21.0)) with ESMTPS (cipher=ECDHE-RSA-AES256-GCM-SHA384
|
|
subject="/OU=Domain Control Validated/CN=*.someserver.com")
|
|
id CA/91-26019-ABCDECC5; Tue, 30 Apr 2019 02:09:00 +0000
|
|
Received: from DENU02MS0016.someserver.loc (10.156.68.14) by
|
|
DENU02MS0017.someserver.loc (10.10.10.9) with Microsoft SMTP Server (TLS) id
|
|
15.0.1367.3; Tue, 30 Apr 2019 04:09:09 +0200
|
|
Received: from DENU02MS0016.someserver.loc ([127.0.0.1]) by
|
|
DENU02MS0016.someserver.loc ([10.10.10.8]) with Microsoft SMTP Server id
|
|
15.00.1367.000; Tue, 30 Apr 2019 04:09:09 +0200
|
|
From: Sender <sender@example.com>
|
|
To: LinkedIn <recipient@linkedin.com>
|
|
Subject: Subject line, could be UTF8 encoded
|
|
Thread-Topic: Thread Topic line, could be UTF8 encoded
|
|
Thread-Index: AQHU/abcdW8+abcdLkClF52hP4alIaZT9XGh
|
|
Date: Tue, 30 Apr 2019 02:09:09 +0000
|
|
Message-ID: <01010101010101010101010101010101@ABAB01MS0016.someserver.loc>
|
|
References: <1111111111.1111111.1111111111111.JavaMail.app@lor1-app3586.prod.linkedin.com>
|
|
In-Reply-To: <1111111111.1111111.1111111111111.JavaMail.app@lor1-app3586.prod.linkedin.com>
|
|
X-MS-Has-Attach:
|
|
X-Auto-Response-Suppress: All
|
|
X-MS-Exchange-Inbox-Rules-Loop: sender@example.com
|
|
X-MS-TNEF-Correlator:
|
|
x-ms-exchange-transport-fromentityheader: Hosted
|
|
x-ms-exchange-parent-message-id: <1111111111.1111111.1111111111111.JavaMail.app@lor1-app3586.prod.linkedin.com>
|
|
auto-submitted: auto-generated
|
|
x-ms-exchange-generated-message-source: Mailbox Rules Agent
|
|
x-exclaimer-md-config: 11111111-1111-1111-1111-111111111111
|
|
Content-Type: multipart/alternative;
|
|
boundary="_000_0d00000000000000000d000000000000f00000s00000someserverloc_"
|
|
MIME-Version: 1.0
|
|
X-Linkedin-fe: false
|
|
|
|
--_000_0d00000000000000000d000000000000f00000s00000someserverloc_
|
|
Content-Type: text/plain; charset="iso-8859-1"
|
|
Content-Transfer-Encoding: quoted-printable
|
|
|
|
Alternative
|
|
Text
|
|
|
|
--_000_0d00000000000000000d000000000000f00000s00000someserverloc_
|
|
Content-Type: text/html; charset="iso-8859-1"
|
|
Content-Transfer-Encoding: quoted-printable
|
|
|
|
<html>
|
|
<head>
|
|
</head>
|
|
<body>
|
|
HTML Text
|
|
</body>
|
|
</html>
|
|
|
|
--_000_0d00000000000000000d000000000000f00000s00000someserverloc_--
|
|
--_----abcdefghijklmnopqrstuv===_AA/01-16018-D1AA1CC5--
|