Background: One of the servers that the Wikileaks - Podesta - probablynotaboutScalia email passed through is registered to CH2M Hill, and can be geolocated to a location in Washington D.C. (the coordinates appear to not be precise, as they land in the middle of a park when plotting them on Google Earth).
In the headers it shows that this IP caused the email to fail some tests on its way to its destination:
----------------------
Authentication-Results: spf=fail (sender IP is 141.161.191.75)
smtp.mailfrom=law.georgetown.edu; gmail.com; dkim=none (message not signed)
header.d=none;gmail.com; dmarc=fail action=none header.from=outlook.com;
----------------------
although the email was still delivered successfully
Question: Who is CH2M Hill?
Analysis:
From CH2M Hill's website:
Many clients, many places, many skills. Through building trusted relationships, we partner with governments, communities, businesses and organizations all over the world.
We are dedicated to tackling our clients’ toughest infrastructure and natural resource challenges with optimism and imagination. Explore all our capabilities, see our projects and connect with us, so together, we can turn challenge into opportunity.
---------------
So they're a big, BIG company. Okay.
Question: why don't Georgetown servers like their IP (141.161.191.75)
IT is hard. You can have one problem and a thousand POSSIBLE reasons it's occuring and a dozen different ways you could fix it.
Here's a POSSIBLE reason the email failed its test (from here):
"It sounds to me like they have an email gateway that is accepting mail from your server and passing it on to their email server and then their server is doing an SPF check. Having their email server do an SPF check on emails that have already been accepted by their email gateway should cause every message that comes through their gateway to fail SPF."
Could this be the case at Georgetown? Possibly. IS it the case, Who knows? Without talking to the network administrators I think it would be difficult to determine this. So let's ask them. They probably won't answer, but you know, maybe they will!
I'll update this post if I hear back.
No comments:
Post a Comment