[MASOCH-L] Bloqueio de SPAM via grupos Outlook/Microsoft
Fabio Martins
fm+regbr+masoch-l+list at phosphorusnetworks.com
Sat Feb 20 23:46:26 -03 2021
Obrigado pela resposta Danton, mas acredito que o grupo seja legítimo -
o uso que não.
O que me surpreende é o fato de não haver a tal opção de "unsubscribe".
Caso o grupo seja legítimo, a Microsoft tá dando mole (a meu ver) ao não
incluir por padrão tal opção nos cabeçalhos, como é comum em listas de
discussão (mailman por exemplo).
Seguem os cabeçalhos (recebido no gmail, pasta Inbox e não na pasta
spam):
Original Message
Message ID
<SN6PR08MB395093435F039C30523E3A1DCA839 at SN6PR08MB3950.namprd08.prod.outlook.com>
Created at: Fri, Feb 19, 2021 at 10:39 PM (Delivered after 4 seconds)
From: Gonzalo Tejera <profegontejera at hotmail.com>
To: "18t.t at groups.outlook.com" <18t.t at groups.outlook.com>
Subject: HORARIO
SPF: PASS with IP 2a01:111:f400:fe46:0:0:0:829 Learn more
DKIM: 'PASS' with domain hotmail.com Learn more
DMARC: 'PASS' Learn more
Download Original Copy to clipboard
Delivered-To: fosforo at gmail.com
Received: by 2002:a05:6402:3491:0:0:0:0 with SMTP id v17csp1669edc;
Fri, 19 Feb 2021 17:39:18 -0800 (PST)
X-Google-Smtp-Source:
ABdhPJwi02KkcViFE2Qrf0XaPU4HgowzQ8qm3QpfR0kk7U3o4MBpU+qDCRPnETJwOwq2sudSYEWa
X-Received: by 2002:ac8:7512:: with SMTP id
u18mr11440968qtq.290.1613785158230;
Fri, 19 Feb 2021 17:39:18 -0800 (PST)
ARC-Seal: i=2; a=rsa-sha256; t=1613785158; cv=pass;
d=google.com; s=arc-20160816;
b=lZeEG2DI7MrH3xC4034r3zp85lPlTztVGXRjulen5JuBW1M1Wi1QTK4h8HtMgKej0i
pjx4RnCR2+jsbr5EjB2HfmDG8R27u9v8KFqESPRqEB/Kt3gpzANjNTzbiSSfEmx4GL3Z
oI3FGyw7linGnchu99/vjz0Fiu9TVlchXv5xmW5lXW2JGOQUwtixH6ArXeh8AtsfplA/
Gz6gOdtZSN29QdfdG/Prs7vkjuMH722R7/7oR6ZTxt6g3YRS+MMTB6cG69HCjUSF7VuY
whssxUhaWtMXuznkuh5w6/QW0K1v0OSRl2Xv5vBAkMN5fWwFGVh3QpJnM/ILhFqMDFJO
QGXQ==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed;
d=google.com; s=arc-20160816;
h=mime-version:content-language:accept-language:message-id:date
:thread-index:thread-topic:subject:to:from:dkim-signature;
bh=96z9d+PAnnAoGOasLeHW3UnCBOo8chMcNF8KTPu2XzA=;
b=fj07KIrdcdHcpzNIj+2eiVNnqSV1RCxMN5YLCpjTtOGiihH22PAuPydFfDb82a2cRI
6tS9/jY+ui5hUMCnhmn0khTegaqZFFhoC+4i92YTvQSr1REnK4yPFz/6KIvPwr+ko6+W
9iNOElaO/Xo+PtUZdiV2JeNmnOhPQPCq++dy4tVm/Nc2pKjlBH9Xt2OQOontQ8qTCvn6
WsQ2wG5HpXEkrHtPX7NW5GDaQKRgaSK1PokTUKztQghQRYgof1AVYVhBEhoPaZsqMSPL
yQlKw8h8qkY1TF+jkOXwC0ROLbe8Z3zSvBLh/VSS/uQTyPWavNPBDrt9AwQhqftyeDAm
45TA==
ARC-Authentication-Results: i=2; mx.google.com;
dkim=pass header.i=@hotmail.com header.s=selector1
header.b=eHGTyj2S;
arc=pass (i=1);
spf=pass (google.com: domain of
18t.t+srs=7vuax=hw=hotmail.com=profegontejera at groups.outlook.com
designates 2a01:111:f400:fe46::829 as permitted sender)
smtp.mailfrom="18t.t+SRS=7vUax=HW=hotmail.com=profegontejera at groups.outlook.com";
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=hotmail.com
Return-Path:
<18t.t+SRS=7vUax=HW=hotmail.com=profegontejera at groups.outlook.com>
Received: from NAM02-BL2-obe.outbound.protection.outlook.com
(mail-bl2nam02olkn0829.outbound.protection.outlook.com.
[2a01:111:f400:fe46::829])
by mx.google.com with ESMTPS id
s7si6077523qtw.258.2021.02.19.17.39.17
(version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256
bits=128/128);
Fri, 19 Feb 2021 17:39:18 -0800 (PST)
Received-SPF: pass (google.com: domain of
18t.t+srs=7vuax=hw=hotmail.com=profegontejera at groups.outlook.com
designates 2a01:111:f400:fe46::829 as permitted sender)
client-ip=2a01:111:f400:fe46::829;
Authentication-Results: mx.google.com;
dkim=pass header.i=@hotmail.com header.s=selector1
header.b=eHGTyj2S;
arc=pass (i=1);
spf=pass (google.com: domain of
18t.t+srs=7vuax=hw=hotmail.com=profegontejera at groups.outlook.com
designates 2a01:111:f400:fe46::829 as permitted sender)
smtp.mailfrom="18t.t+SRS=7vUax=HW=hotmail.com=profegontejera at groups.outlook.com";
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=hotmail.com
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com;
cv=none;
b=Yrft0RxUjJO8DczgcmWfDmDACBv/CbpEc8PxLMe2SnZtrWz47kiwg7OUKRPCP7Sgf99EH0m1KRenRtGrCOVHluts/pkpccGqu3spSlmoWcxTIZHIFkQSO21JPXhvroDvO1b5ujgPcAAM60GsMSSyICLxQqvBtxa03w6vF1qxqoKaqjqdju0gs+zm+RlDThE7jMurAtS4e6F97NIqPo3rUW7gnkLKn+Nor/JjDtvWcN4T7AaEJaV6qCrkU8mJOtiJvQ6jFm2iW7fFa2vPt5U1PsKZhxw6W5OQ+cGvsFhPuqBjBUWOyiRN/eSbzglp3pONPycEXuG1N5CCwxLU2h4tYw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed;
d=microsoft.com; s=arcselector9901;
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
bh=96z9d+PAnnAoGOasLeHW3UnCBOo8chMcNF8KTPu2XzA=;
b=IjA/4FxuirL/AB/9uHseGN9wvcfYKVI6o1gPFF34xesCTEnxbofVsi/Mbiloe34Faa7gbo7DeFxyyHinSFxdFWU4m5/ZmIgiaV+/ixe8NqG3qysHow/jIIVAeV64rpGytVsTUtaicP08N9PCzVjrWXKqJgSqRyWCPxrDkwC05a8BSMYZLEEFhsRjOkfh4cQZgNJTPYoGm9pBxmJfi+ScSkPHSvYTAlRLTSDTPhMDM5uPEP6+WSL9Ql0tydDzOEwlfmOkncVMPKSHZXr5ZiHJ7FYg4prMgASuLJi6xJOccxlGsVjlYW2+ad3uaz/nrnQkn5z622Rfyx7JTO7UQWu+ow==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none;
dmarc=none; dkim=none; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hotmail.com;
s=selector1;
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
bh=96z9d+PAnnAoGOasLeHW3UnCBOo8chMcNF8KTPu2XzA=;
b=eHGTyj2SrJlCZceMSrwu+Ov8EUdVfckFIjClUxdtQsFp1PpcTzcC7xOLtXVe4OBhOKk/EHq08gHiy7O/3KGkUWi+tnRZctdNre8dynA6O+SZijbdfjDK3RZwpWSlcVGrbLazpGlCKKelMRdy/TKeQGTZ1ENecTJ9Lk4TcQ7Y7eYPWUPmWpBs1rcZOdOJsdpl0iCCx9KDqWXxSML9zGAxESW4K4e7wVz2tm7wkRS75g8GelvSyXB0eUG/GKCsyUMeW522FoRfhNonQEodg+5DdC1L4FhDO59dF6TTOpdHEJmJUHtQw7ZNaHrPiFJcqEZl+NeYOy/kvALAedwTpBT3zw==
Received: from SN1NAM02FT024.eop-nam02.prod.protection.outlook.com
(10.152.72.53) by SN1NAM02HT192.eop-nam02.prod.protection.outlook.com
(10.152.73.243) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3868.27; Sat, 20
Feb 2021 01:39:14 +0000
Received: from SN6PR08MB3950.namprd08.prod.outlook.com
(2a01:111:e400:7e44::41) by SN1NAM02FT024.mail.protection.outlook.com
(2a01:111:e400:7e44::127) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3868.27 via
Frontend Transport; Sat, 20 Feb 2021 01:39:14 +0000
Received: from SN6PR08MB3950.namprd08.prod.outlook.com
([fe80::e122:453b:739c:e6a6]) by SN6PR08MB3950.namprd08.prod.outlook.com
([fe80::e122:453b:739c:e6a6%4]) with mapi id 15.20.3846.030; Sat, 20 Feb
2021 01:39:14 +0000
From: Gonzalo Tejera <profegontejera at hotmail.com>
To: "18t.t at groups.outlook.com" <18t.t at groups.outlook.com>
Subject: HORARIO
Thread-Topic: HORARIO
Thread-Index: AQHXBykg9B8jBF0kAEqYpoc4pa6osg==
Date: Sat, 20 Feb 2021 01:39:14 +0000
Message-ID:
<SN6PR08MB395093435F039C30523E3A1DCA839 at SN6PR08MB3950.namprd08.prod.outlook.com>
Accept-Language: es-AR, en-US
Content-Language: es-AR
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-incomingtopheadermarker:
OriginalChecksum:E3A76DF773524D84F0ED6380ABFB8330801EF7D8ED4C449FDF52B082FDC4AB3D;UpperCasedChecksum:55294B78ADC7EDB2E177001AB0E62F5685755E0587DB59D73C4A841D17C7C117;SizeAsReceived:6580;Count:41
x-tmn: [nbxgw5egDkHLSRHVx/k+j/rW+PcZ/iyv]
x-ms-publictraffictype: Email
x-incomingheadercount: 41
x-eopattributedmessage: 0
x-ms-office365-filtering-correlation-id:
46953fc3-3db0-4c2f-e367-08d8d54054bb
x-ms-traffictypediagnostic: SN1NAM02HT192:
x-ms-consumer-group-expansion-loop: 18t.t at groups.outlook.com
x-ms-exchange-transport-forked: True
x-ms-exchange-group-expansion-loop: 18t.t at groups.outlook.com
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info:
YmkMgOW1gKR7kcpLvzXhxVT2rEG696vRQzZYM4VVH94BYgXvDLzi+DoJYJTKzAcVKj+yuQCPHe+yIX2yLpHgCKmp/Cu2+ZthFBLdNyWtjYOALmhBquU7fmZfl398aFBjkk+7DzlN5OrFrBR3zHGSLR7ijSw/LMfYcylNA1L4RQdVpo9J0qjqydylEgX5euiRHVXarI5LipnPv8ITs/N5nbc7k6liZpqrTlpRdDnisWVoIHo/pTzb56oFC/4urgy+yXRg8qwBU4DZRtdTKloysGQ6lQpasf3QxoopvrUPxfZCZnVD7nLpUiqkAse/0BldvV9+dX1+7oj+yjaq70RCD3FkWZmDpcLF1L6c2Erzg924kMhvvjjuju7MRph6TlQoZ6zS2NSi3+OE7Bo8hAfZH4T/6vj2GBj69+GtoTY4IeOinMbYeqfFDij4fsvuIFIt
x-ms-exchange-antispam-messagedata:
XZUhmpHFslWrDYYaCrYrVfBbUsyuQWLJ5pPsY3qWdAAsu/bMUmtS4Vm2nyGPkbfw9RoOMwumoiRPYbkIPiUQzlTbVx99D1Ewkc1HOQ9/d3nOi288MAUsZtPcvEDPQ4nHHObyCCsv4+6NBSwplJ1mbQ==
Content-Type: multipart/alternative;
boundary="_000_SN6PR08MB395093435F039C30523E3A1DCA839SN6PR08MB3950namp_"
MIME-Version: 1.0
X-Auto-Response-Suppress: DR, OOF, AutoReply
X-OriginatorOrg: hotmail.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-AuthSource:
SN1NAM02FT024.eop-nam02.prod.protection.outlook.com
X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg:
00000000-0000-0000-0000-000000000000
X-MS-Exchange-CrossTenant-Network-Message-Id:
46953fc3-3db0-4c2f-e367-08d8d54054bb
X-MS-Exchange-CrossTenant-originalarrivaltime: 20 Feb 2021 01:39:14.7978
(UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Internet
X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa
X-MS-Exchange-CrossTenant-rms-persistedconsumerorg:
00000000-0000-0000-0000-000000000000
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN1NAM02HT192
On 2021-02-20 21:24, Danton Nunes wrote:
On 20/02/2021 21:08, Fabio Martins wrote:
Boa noite,
Sabem informar se a Microsoft disponibiliza links de "unsubscribe" dos
grupos de Outlook utilizados indevidamente para spam?
Ultimamente recebo emails com "Para:" esse formato:
To: "18t.t at groups.outlook.com" <18t.t at groups.outlook.com>
esses cabeçalhos podem conter qualquer porcaria, você tem que olhar
para o que veio no MAIL_FROM: do envelope, (cabeçalhos Return-Path: ou
Errors-To:). você vai ver que nem sempre são do mesmo domínio do From:
Aliás, envelope e From: de domínios diferentes já ganha alguns
pontinhos de "spamidade".
e uma inspeção dos cabeçalhos Received: vai te dar uma ideia do
caminho que a mensagem tomou.
Pesquisando na internet, não achei uma forma de "opt-out" para pedir a
remoção de tais grupos, nem existe cabeçalho para tal - o que geralmente
e boa prática em listas de discussão/grupos.
até porque pode ser que tais grupos nem mesmo existam!
-- Danton
__
masoch-l list
https://eng.registro.br/mailman/listinfo/masoch-l
More information about the masoch-l
mailing list