Sending an email to an Keio's alias often fails: "smtp; 550-5.7.26 This message does not have authentication"

[130s]

Don't know how often this is happening, but if it happens, I would not be aware that I'm not receiving the email. So this is critical.

Example log

``` From: MAILER-DAEMON@kolmail1.jukuin.keio.ac.jp (Mail Delivery System) Subject: Undelivered Mail Returned to Sender Date: April 20, 2022 20:34:16 EDT To: xxxx@yyyyyy.yyyyyy This is the mail system at host kolmail1.jukuin.keio.ac.jp. I'm sorry to have to inform you that your message could not be delivered to one or more recipients. It's attached below. For further assistance, please send mail to postmaster. If you do so, please include this problem report. You can delete your own text from the attached returned message. The mail system (expanded from ): host gmail-smtp-in.l.google.com[108.177.yyy.zzz] said: 550-5.7.26 This message does not have authentication information or fails to 550-5.7.26 pass authentication checks. To best protect our users from spam, the 550-5.7.26 message has been blocked. Please visit 550-5.7.26 https://support.google.com/mail/answer/81126#authentication for more 550 5.7.26 information. q9-20020a17090311c900b00153b2d1657esi3869487plh.390 - gsmtp (in reply to end of DATA command) Reporting-MTA: dns; kolmail1.jukuin.keio.ac.jp X-Postfix-Queue-ID: 5DEC5695B X-Postfix-Sender: rfc822; xxxx@yyyy.yyyyyy Arrival-Date: Thu, 21 Apr 2022 09:34:15 +0900 (JST) Final-Recipient: rfc822; sss@gmail.com Original-Recipient: rfc822;alias@baa.com Action: failed Status: 5.7.26 Remote-MTA: dns; gmail-smtp-in.l.google.com Diagnostic-Code: smtp; 550-5.7.26 This message does not have authentication information or fails to 550-5.7.26 pass authentication checks. To best protect our users from spam, the 550-5.7.26 message has been blocked. Please visit 550-5.7.26 https://support.google.com/mail/answer/81126#authentication for more 550 5.7.26 information. q9-20020a17090311c900b00153b2d1657esi3869487plh.390 - gsmtp Return-Path: Received: from www.fooooooo.bbbbb.cccccc (www.fooooooo.bbbbb.cccccc [aa.bb.cc.dd]) by kolmail1.jukuin.keio.ac.jp (Postfix) with ESMTP id 5DEC5695B for ; Thu, 21 Apr 2022 09:34:15 +0900 (JST) Received: from smtpclient.apple (unknown [67.191.236.xxx]) by www.fooooooo.bbbbb.cccccc (Postfix) with ESMTPSA id B46A8BC33A; Thu, 21 Apr 2022 09:34:13 +0900 (JST) From: XXXXXX ZZZZZ Message-Id: <776AC17E-0BD1-4A2C-8463-7AF4B63189BC@fooooooo.bbbbb.cccccc> Content-Type: multipart/alternative; boundary="Apple-Mail=_0BDCBC6D-F452-4A13-9848-E16725C9B505" Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.80.82.1.1\)) Subject: =?utf-8?B?UmU6IOeJueS+i+S8muitsA==?= Date: Wed, 20 Apr 2022 20:34:10 -0400 In-Reply-To: Cc: "Isao Nnnnnn (Isaac Saito)" , Dddd Nnnnnn To: MMMMMM NNNNN References: X-Mailer: Apple Mail (2.3696.80.82.1.1) ```

[130s]

https://github.com/ros-infrastructure/answers.ros.org/issues/206 may be relevant, although I'm not sure about that as the error msg

Keio Online said:

転​送​設​定​： ※​現​在​、​セ​キ​ュ​リ​テ​ィ​ポ​リ​シ​ー​の​改​訂​に​よ​り​G​m​a​i​l​へ​の​メ​ー​ル​転​送​が​で​き​な​い​場​合​が​ご​ざ​い​ま​す​。 転​送​メ​ー​ル​を​ご​利​用​い​た​だ​く​場​合​は​、​G​m​a​i​l​以​外​の​メ​ー​ル​ア​ド​レ​ス​を​ご​登​録​い​た​だ​け​ま​す​よ​う​お​願​い​い​た​し​ま​す​。

Maybe this is a culprit. But this time I don't see spf in the error output.

[130s]

As long as I get an email that is sent to my keio address it should be ok to me.

The chain of the recipient:

• Current: xxxx@keio.ac.jp -> yyyy@gmail.com
• Opt-1: xxxx@keio.ac.jp -> (Yet another forwarding service that doesn't cause the auth error) -> yyyy@gmail.com

[130s]

• :green_circle: No problem in SPF record with jukuin.keio.ac.jp (dmarcanalyzer.com)
• :green_circle: No problem in SPF record with 2000.jukuin.keio.ac.jp (dmarcanalyzer.com)
• :red_circle: No DMARC record with 2000.jukuin.keio.ac.jp (dmarcanalyzer.com)

[130s]

• Opt-1: xxxx@keio.ac.jp -> (Yet another forwarding service that doesn't cause the auth error) -> yyyy@gmail.com

I'm not sure if this resolves the issue.

• As a end recipient, yes I now no longer see encrypt failure in the email I receive to the address that used to be causing encryption failure.
• But that can just be between my end email address (i.e. yyyy@gmail.com in the example above) and the one before? What about b/w the yet-another one and xxxx@keio.ac.jp? Need to verify.

[130s]

• Opt-1: xxxx@keio.ac.jp -> (Yet another forwarding service that doesn't cause the auth error) -> yyyy@gmail.com

I'm not sure if this resolves the issue.

• As a end recipient, yes I now no longer see encrypt failure in the email I receive to the address that used to be causing encryption failure.
• But that can just be between my end email address (i.e. yyyy@gmail.com in the example above) and the one before? What about b/w the yet-another one and xxxx@keio.ac.jp? Need to verify.

Updated opinion:

• First of all, OP is about authentication failure, not encryption failure. I think those are 2 different error cases regarding email system.
• Hinted in https://nordvpn.com/blog/gmail-encryption/. Maybe TLS encryption ends when an email reaches the server the email sender targets (so in my example above, the server on keio.ac.jp), for which I don't know if I can tell as a recipient (at gmail.com) whether there was any error in b/w:

  TLS isn’t end-to-end encryption. This means that hackers can capture your email once it reaches the destination mail server.

[130s]

Please visit 550-5.7.26 https://support.google.com/mail/answer/81126#authentication for more 550 5.7.26 information. q9-20020a17090311c900b00153b2d1657esi3869487plh.390 - gsmtp (in reply to end of DATA command)

The log in OP suggests https://support.google.com/mail/answer/81126#authentication. So authentication problem.

Which authentication is the error about? It is unclear. My guess is SPF, somewhere b/w keio and gmail. Ref.

https://www.agari.com/email-security-blog/dkim-vs-spf-do-i-need-them-both-dkim-vs-spf/

During an SPF check, receiving email servers query the DNS records associated with your sending domain to verify that the IP address used to send the email is listed in the SPF record. If it isn’t, the email will fail authentication—helping to weed out malicious emails attempting to exploit the associated domain.

B/c I don't know what problem the IT dept. at Keio U. hasn't figured out, it's hard for me if my guess is right with the info I have. I only assume keio -> gmail failed but keio -> googlegroups.com still works. So regarding email delivery, despite my earlier post https://github.com/130s/hut_10sqft/issues/665#issuecomment-1111449148, I'm now ok to say opt-1 is working fine.

This doesn't mean the minimum security that all the email services for both outgoing and inbound emails offer is available. I'm not educated to say that yet.

[130s]

Hmm...https://stackoverflow.com/questions/71157383/this-message-does-not-have-authentication-information-or-fails-to-550-5-7-26-pas someone having an issue with GMail even though the checkers for all SPF, DKIM, DMARC passed.

Anwyays, I'm leaning toward assuming TLS is not failing at least b/w the sender and jukuin.keio.ac.jp. Asked security.stackexchange.com#q261730 for clarifying that.

[130s]

Once again I reviewed an example email that GMail warns as "keio.ac.jp (recipient) did not encrypt this message". From what I can tell from email headers, jukuin.keio.ac.jp doesn't seem to log encryption.

When GMail.com receives an email from the server of an interest, I do not see any log about encryption.

Received: from kolmail1.jukuin.recipient.org (kolmail1.jukuin.recipient.org. [xxx.xxx.134.67])
        by mx.google.com with ESMTP id b13-20020a63cf4d000000b00398d40dfc06si21118457pgj.482.2022.04.26.12.51.47
        for <RECIPENT-GMAIL-ACCT@gmail.com>;
        Tue, 26 Apr 2022 12:51:48 -0700 (PDT)

Almost complete header of the email example in quesiton (concrete info swapped)

Route: `sender.org` -> `recipient.org` -> `gmail.com` ``` Delivered-To: RECIPENT-GMAIL-ACCT@gmail.com Received: by 2002:ab0:4986:0:0:0:0:0 with SMTP id e6csp2244919uad; Tue, 26 Apr 2022 12:51:48 -0700 (PDT) X-Google-Smtp-Source: ABdhPJz8evPtyvg0pCMQ/DKoKYQ5EtHelZIbXUb+Bwutyv4HhiHys6eKZw2UF8j2MoDJgZvL+pLV X-Received: by 2002:a17:90b:3442:b0:1d9:8af8:28ff with SMTP id lj2-20020a17090b344200b001d98af828ffmr10317951pjb.201.1651002708219; Tue, 26 Apr 2022 12:51:48 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1651002708; cv=pass; d=google.com; s=arc-20160816; b=ndd Qbz9SLTZMWESN3dPPhSLJeYga5fCB9+PlLu/lSKI3jYeypyt/FLbDeck4wnzWKwSzSjC NzoxCETBbp0gTHN+KOhI419ww2B7uyiEyjHdXRmcoVUlFkyjR2E+MN9Rdqw2xkTp2OgN b6F07TOsVwlKAM5FbGvtlJwu1QQwTXM+McYeu6fLkvDel9Vz0WMNzN5vU6i95SpFveeN TtFNwE4XaRjB4GQ5k24dwGMRiPryxEjy7+QD30muXvSFtRVVujmJRIX8pDJOZZcyCR1u ynlA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=mime-version:content-language:accept-language:in-reply-to :references:message-id:date:thread-index:thread-topic:subject:to :from:dkim-signature:ironport-hdrordr:ironport-data:ironport-phdr :dkim-signature; bh=uU87leaqmZPcYXuXgfrnptu037AdqqhqlMkVvoen4uI=; b=ej2 sfkvXBfuigFegjVtCxV4FMxmbr1lbuylINJEnHjyaKUVq8nKLTpnQXe9JEKm5bAf9eim BeYbP8Dmpa7ny9SuXTd5j3J11/Cxf71U5YfHDO+WvhoOxxd5GwFZfRp0cySNjZClJWul caV6u3QVMBxfIbUvOOYtmF/qfnwyeIYG6PUophhKE0B/NZNUD4lzf8R4n2vP5DP3pTg6 nJz0LTfotc+3JTWBMoCu5C3xdtGR1QzamE2+/5w9MI3JSMg4ZwJHib5sJeyIdQw5ph4f iPKQ== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@sender.org header.s=cjis header.b=Zngp3eOy; dkim=pass header.i=@dojSENDER.onmicrosoft.com header.s=selector1-dojSENDER-onmicrosoft-com header.b=ElIvxSFf; arc=pass (i=1 spf=pass spfdomain=sender.org dkim=pass dkdomain=sender.org dmarc=pass fromdomain=sender.org); spf=fail (google.com: domain of prvs=1083d6bef=absenderFNAME@sender.org does not designate xxx.xxx.134.67 as permitted sender) smtp.mailfrom="prvs=1083d6bef=absenderFNAME@sender.org"; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=sender.org Return-Path: Received: from kolmail1.jukuin.recipient.org (kolmail1.jukuin.recipient.org. [xxx.xxx.134.67]) by mx.google.com with ESMTP id b13-20020a63cf4d000000b00398d40dfc06si21118457pgj.482.2022.04.26.12.51.47 for ; Tue, 26 Apr 2022 12:51:48 -0700 (PDT) Received-SPF: fail (google.com: domain of prvs=1083d6bef=absenderFNAME@sender.org does not designate xxx.xxx.134.67 as permitted sender) client-ip=xxx.xxx.134.67; Authentication-Results: mx.google.com; dkim=pass header.i=@sender.org header.s=cjis header.b=Zngp3eOy; dkim=pass header.i=@dojSENDER.onmicrosoft.com header.s=selector1-dojSENDER-onmicrosoft-com header.b=ElIvxSFf; arc=pass (i=1 spf=pass spfdomain=sender.org dkim=pass dkdomain=sender.org dmarc=pass fromdomain=sender.org); spf=fail (google.com: domain of prvs=1083d6bef=absenderFNAME@sender.org does not designate xxx.xxx.134.67 as permitted sender) smtp.mailfrom="prvs=1083d6bef=absenderFNAME@sender.org"; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=sender.org Received: from mx-east.sender.org (mx-east-ic.sender.org [153.31.119.142]) by kolmail1.jukuin.recipient.org (Postfix) with ESMTP id C4C666676 for ; Wed, 27 Apr 2022 04:51:46 +0900 (JST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sender.org; s=cjis; t=1651002707; x=1682538707; h=from:to:subject:date:message-id:references:in-reply-to: mime-version; bh=uU87leaqmZPcYXuXgfrnptu037AdqqhqlMkVvoen4uI=; b=zzzz X-IPAS-Result: aaaaq IronPort-PHdr: aaa39 IronPort-Data: a23 IronPort-HdrOrdr: a23 X-IronPort-Anti-Spam-Filtered: true Received: from unknown (HELO hybrid.sender.org) ([10.148.0.91]) by wvadc-dmz-pmo002-SENDER.enet.cjis with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 26 Apr 2022 19:51:44 +0000 Received: from HQPO-UME16-002.SENDER.ORG (10.148.0.92) by HQPO-UME16-001.SENDER.ORG (10.148.0.91) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2308.15; Tue, 26 Apr 2022 15:51:35 -0400 Received: from USG02-CY1-obe.outbound.protection.office365.us (10.148.63.3) by HQPO-UME16-002.SENDER.ORG (10.148.0.92) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2308.15 via Frontend Transport; Tue, 26 Apr 2022 15:51:34 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector5401; d=microsoft.com; cv=none; b=pELmsk1qWW2dpWRSy15qbwwRrHdMcuFmbvuSbiSDg7cq/ZfxPzqL99xjztXazYTs9HZh4blDgYoAR7eAOFd8qs+xG+UWc1IKo37n14zW1Inx4LcPO6pQiVJOI48GMK4dMmSoC8A9k8fi2MP4i7bwchg6mAyl96bsdCQC4QFC3S98fbGFDvtPYJk9WPq2cRGh3BOdHTJb6ujjWv3Vr68I6mJ5o6bgZ5Nui384caMK8QbQuK1nRSe6iow7NqdATHTbCV5GRooxFNPo6YLI7aEOf/qfrk3Dp5VbDYumBncoru43GUiurTGR3yTpEGOk6CXGuXQU6vqC0Ccp+1SXhwAZbg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector5401; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=uU87leaqmZPcYXuXgfrnptu037AdqqhqlMkVvoen4uI=; b=VgMSm+JCilhVtuHrD4g7CYy3sWQVej29YTiq0BjNdcDX2YvV9/ixs/01Rq0rxqyHyDZNA4ZIYgkXKRa+00DU9GTh3+fu8J5FMKk7SbBQhEO+HR6JJYvJMRJZvMxo4H7XNrFBh6WQgXRaeKJttcdUyGieB5aXvZewxPLQXFeK1Z3oL7HbQlrAM7cQGXpC/6zqTq2UmzzIXweK5dC5OcnL6aR6VSZlRTkbnBqCenb+vDNL1tEjGg20M3Q3LUkfq6fkoU6iZKRaj/uREM5LCYKJgwvCQJREWur1Q6+HkrzzQPrnvV9AwPSAxesZZfoskzXNCQGGu7SKZHNmqjgmyKzvZw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=sender.org; dmarc=pass action=none header.from=sender.org; dkim=pass header.d=sender.org; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=dojSENDER.onmicrosoft.com; s=selector1-dojSENDER-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=uU87leaqmZPcYXuXgfrnptu037AdqqhqlMkVvoen4uI=; b=ElIvxSFfy9RRwat6glFCwl74xeBEukwHrEXqrdiV1AAKDM+LIjXVcukaYKAaH01UPYg1O2bu+xzujNYJKuydBniBPdt/W7GnkKZio1DwaTz44hrpQwetQSg0xNUd6ND2mIQUy85la65O3hK/0xU4fkukQ9Hmr1QtKIm41Vld0ng= Received: from YYYYYYY.NAMP110.PROD.OUTLOOK.COM (2001:489a:200:133::15) by BN1P110MB0849.NAMP110.PROD.OUTLOOK.COM (2001:489a:200:133::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5186.14; Tue, 26 Apr 2022 19:51:26 +0000 Received: from YYYYYYY.NAMP110.PROD.OUTLOOK.COM ([fe80::161:cc70:bbd:5686]) by YYYYYYY.NAMP110.PROD.OUTLOOK.COM ([fe80::161:cc70:bbd:5686%6]) with mapi id 15.20.5186.021; Tue, 26 Apr 2022 19:51:26 +0000 From: SENDER1STNAME SENDERFNAME To: "RECIPIENT_F2NAME RECIPIENT_LNAME (RECIPIENT_FNAME RECIPIENT_L2NAME)" Subject: Re: [EXTERNAL EMAIL] - Re: SUBJECT-IN-EMAIL report Thread-Topic: [EXTERNAL EMAIL] - Re: SUBJECT-IN-EMAIL report Thread-Index: AQHYWLEBRrkQT6r60UqQOhTqhsi9G60CXZaAgAA/CCc= Date: Tue, 26 Apr 2022 19:51:26 +0000 Message-ID: References: In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=sender.org; x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: d90cd3f1-9eaa-49eb-7605-08da27be2672 x-ms-traffictypediagnostic: BN1P110MB0849:EE_ x-microsoft-antispam-prvs: x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: fffffffff : X-OriginatorOrg: sender.org : ```

Almost complete header of the email example, after inserting one more Google-hosted server and the encryption error disappeared on the Email client on gmail.com (concrete info swapped)

Route: `sender.org` -> `recipient.org` -> `googlegroups.com` -> `gmail.com` ``` Delivered-To: RECIPENT-GMAIL-ACCT@gmail.com Received: by 2002:ab0:4986:0:0:0:0:0 with SMTP id e6csp2882771uad; Wed, 27 Apr 2022 08:36:13 -0700 (PDT) X-Received: by 2002:a05:6a00:2494:b0:50d:805c:8cb7 with SMTP id c20-20020a056a00249400b0050d805c8cb7mr4361894pfv.21.1651073773039; Wed, 27 Apr 2022 08:36:13 -0700 (PDT) ARC-Seal: i=4; a=rsa-sha256; t=1651073773; cv=pass; d=google.com; s=arc-20160816; b=W78eYU3qMHfm/SmrD8MAbNzwiLrCuZdUy/4M63oyxWVG2MjRLtXXw1GnUMN5hj2EBk y6POQZ579vdZscjRPoisOxXDkTHPUdV0dU+Nd3F5eghExyUGnWpucF9LNfnF7ViTiz0s hrKFoynpFhwOeRNU/yVLJ2HrnvAa2hOeFrDuzAUgYxMFXf2SnUzkVWWZDWFZjUly1QPA iS0pSzNsN6cNGzrnASff8Q/DCdjmd48uPwBQt4wuHT1PP9ljaKjn8RgVSQuDLf6kh+Ew 8yjv5tA5dekYpZpY0yfIFlnn/nQeHbmUtVr/xHy0kwS9ykXdlOHvB2LfrC6rMF5h1Obi KmmA== ARC-Message-Signature: i=4; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-unsubscribe:list-archive:list-help:list-post:list-id :mailing-list:precedence:reply-to:mime-version:content-language :accept-language:in-reply-to:references:message-id:date:thread-index :thread-topic:subject:to:from:ironport-hdrordr:ironport-data :ironport-phdr:dkim-signature; bh=lSu6BVcown7LWWSsgK5orPbDYJeQVckeDjj9zOAo69w=; b=v/WfXOKnrlbRar5xMCH9PGIuxEQuGCE/TKNfMC0Yms1/4wYXRSiPMQIOgzWMMuAeCK noiwMq0mKRM1kW6dIx87zDDEoPSgCMuVXX3sg5KD1sU9sVwKxrODIQGy8oafjsuW67UW nD3NaoVIXC6moSjmUC9W8tbxbSuCjSpM2VlHkGZv8BSGa10JS6fY4tEvdfapOWi9dBok jasvIo/XXwTsU3nowZZpW+QXUcNBPUxNr3o1sLxx1P2qx0CaClKQZ3V4kOaSbIHwmvj5 +cbISfkb1UjhhSBg8V9u/ARrhESmKgHq8gghrk7nfYeW4StldGmrh4X0N/Ka57oVacPi AHdQ== ARC-Authentication-Results: i=4; mx.google.com; dkim=pass header.i=@googlegroups.com header.s=20210112 header.b=ixdHRUnN; arc=pass (i=3 dkim=pass dkdomain=sender.org dkim=pass dkdomain=dojsender.onmicrosoft.com dmarc=pass fromdomain=sender.org); spf=pass (google.com: domain of gnnnnns+bncbdtnvrpqumgrb3gfuwjqmgqec3jre3i@googlegroups.com designates 209.85.220.55 as permitted sender) smtp.mailfrom=gnnnnns+bncBDTNVRPQUMGRB3GFUWJQMGQEC3JRE3I@googlegroups.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=googlegroups.com Return-Path: Received: from mail-sor-f55.google.com (mail-sor-f55.google.com. [209.85.220.55]) by mx.google.com with SMTPS id y19-20020aa79af3000000b0050831bbd9dfsor1038714pfp.21.2022.04.27.08.36.12 for (Google Transport Security); Wed, 27 Apr 2022 08:36:13 -0700 (PDT) Received-SPF: pass (google.com: domain of gnnnnns+bncbdtnvrpqumgrb3gfuwjqmgqec3jre3i@googlegroups.com designates 209.85.220.55 as permitted sender) client-ip=209.85.220.55; Authentication-Results: mx.google.com; dkim=pass header.i=@googlegroups.com header.s=20210112 header.b=ixdHRUnN; arc=pass (i=3 dkim=pass dkdomain=sender.org dkim=pass dkdomain=dojsender.onmicrosoft.com dmarc=pass fromdomain=sender.org); spf=pass (google.com: domain of gnnnnns+bncbdtnvrpqumgrb3gfuwjqmgqec3jre3i@googlegroups.com designates 209.85.220.55 as permitted sender) smtp.mailfrom=gnnnnns+bncBDTNVRPQUMGRB3GFUWJQMGQEC3JRE3I@googlegroups.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=googlegroups.com ARC-Seal: i=3; a=rsa-sha256; t=1651073772; cv=pass; d=google.com; s=arc-20160816; b=usUUcrexXjCUlspe+aVt/oPQnHt46D4ZBLlditbdLXmgIqILqGvlqUXmG6i6PnbCLb oxKDUP72teVzfroPl1TEshY8dbiBq1DaZruWHb34eN/qJYHEOUt+Ux5M8lHFh8tgz47r yFdFO0l5t0f5pJqtxSrQRNDVlFgtsvzCVeMZkPQQef48ej6/ra2i1zCa6lC9WaOWhl9X PNmz+FMgoOfJYKfwA+iJU+Fg9/YVwjxS5ZiAl6baDwQ5n8S0ah4FC3N3G7e/Sl0TBNpx dfKyfG0yU6sr5eRB7fuP+DhYSLaerm+H3qDMiFw3PffrQnjZTHOiQU/moSfvDjSIQMi/ jRgg== ARC-Message-Signature: i=3; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-unsubscribe:list-archive:list-help:list-post:list-id :mailing-list:precedence:reply-to:mime-version:content-language :accept-language:in-reply-to:references:message-id:date:thread-index :thread-topic:subject:to:from:ironport-hdrordr:ironport-data :ironport-phdr:dkim-signature; bh=lSu6BVcown7LWWSsgK5orPbDYJeQVckeDjj9zOAo69w=; b=uocqFK3wAgUwL6Uttc3oPARg2V4SxioW0CnqDzkU61xrD0alH3VpEyGAa5qGFC4JKY /0rAPS5UON31JR5M2UlZA/IIsaXNp2RVppa/GrBaQ01r0JHq6ErI612ARDqo0OMkbsVA XaiPWqMRK2eo7PAfB+evo2h3+4hyZBa3pm7XyKFp2LenszqmL1ts9MalWWj2Ju10BLyK UQthTbTKdWumZZYUB9Syyk/+8DLE9QCJvOh3uux0N3NpmDCVNzOZGLmNAA44FfzSc7LB RNDN2rbOOdTD3Qk1WHqNDzq4eFcYizaETz+OQJPIJRUPsY6w9HjMCF3JprYsbxszqxmJ 1EVg== ARC-Authentication-Results: i=3; gmr-mx.google.com; dkim=pass header.i=@sender.org header.s=cjis header.b=CdBhXot0; dkim=pass header.i=@dojsender.onmicrosoft.com header.s=selector1-dojsender-onmicrosoft-com header.b="j0UiBB/I"; arc=pass (i=1 spf=pass spfdomain=sender.org dkim=pass dkdomain=sender.org dmarc=pass fromdomain=sender.org); spf=fail (google.com: domain of prvs=109eb4f8a=absenderFNAME@sender.org does not designate 131.113.134.67 as permitted sender) smtp.mailfrom="prvs=109eb4f8a=absenderFNAME@sender.org"; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=sender.org DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20210112; h=ironport-phdr:ironport-data:ironport-hdrordr:from:to:subject :thread-topic:thread-index:date:message-id:references:in-reply-to :accept-language:content-language:mime-version:x-original-sender :x-original-authentication-results:reply-to:precedence:mailing-list :list-id:list-post:list-help:list-archive:list-unsubscribe; bh=lSu6BVcown7LWWSsgK5orPbDYJeQVckeDjj9zOAo69w=; b=ixdHRUnN4g3XAVXizO/XrT5VRs4Zy7g6kqwva/B4iLY45iheQJB3EhBNfz37noTBFd rVyebgzyGbkHY1v3JP2wpxoyai7L2YlJjaUsGuSkxFTgQrJsfmFFudPLrnr1xnB1j5Oh jI2v+cjNd0DW1DU9Z56fmI6SUkWpm//4xcK3/HjYp71uU8QW1+yVL3Uk3ZdXUfNqMutQ sdyKTZu7wusuADM3TqrM8xg73A/Cmsi1d7mRk6AWeILEUmhYDCiwf7KlSZDPk33NzQk1 Hj88AOgh2oTPtCF2/hhx2R/T22gY7+umTkUoZXWcOt2O42VW/2U3JVwLSfsnTRSQGj+s NwSQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:ironport-phdr:ironport-data:ironport-hdrordr :from:to:subject:thread-topic:thread-index:date:message-id :references:in-reply-to:accept-language:content-language :mime-version:x-original-sender:x-original-authentication-results :reply-to:precedence:mailing-list:list-id:x-spam-checked-in-group :list-post:list-help:list-archive:list-unsubscribe; bh=lSu6BVcown7LWWSsgK5orPbDYJeQVckeDjj9zOAo69w=; b=Shex/R7LkAXzYMMRYPDjwcxFdBgwvdWCUljNdQlf5aFbK2svsiGmYFlaaHmgE3ul5b H3xf1XPrnfLg1ePl5+hCSLNBIhw5NSGELBV8XYVyDDODe3gbqKX9cWHUQKxXF8j9/7ba n8J8SAyMGq0Bh4WnRUi23OvSs8J6DQiCzFYO3RMcXpIMEQ9Bu+2CZWhV93AcdW0d94z5 PurTCfMHNzfHXio7Qu1pK4qp1+RMN0cApwW7t6t7nU5dAmez0YsH4tXmM1Iwcrnp8i/V O97A9suewcqcGIbz4J8aQI+gemK9tReceA9kRRJMyPpM2bUQaTM3SPLwpvc5c0/4XkFz ZWFA== X-Gm-Message-State: AOAM533DFP4UWkTBprWO7S336SMxwrhN8ilQsceDI1FnD9JC/gJKJmSf zF0T+NoRaXl7vw4bZRTbyQM= X-Google-Smtp-Source: ABdhPJw3ofBQEnFVqOiugoDSj2TWeFuUvWYMFR7NMJT3JfVpgRx+0dL1m+LWNmpqSjixbTnBsQOabg== X-Received: by 2002:a65:418b:0:b0:382:250b:4dda with SMTP id a11-20020a65418b000000b00382250b4ddamr24949445pgq.428.1651073772758; Wed, 27 Apr 2022 08:36:12 -0700 (PDT) X-BeenThere: gnnnnns@googlegroups.com Received: by 2002:a17:902:bb8c:b0:14d:d65a:dbdb with SMTP id m12-20020a170902bb8c00b0014dd65adbdbls5586120pls.6.gmail; Wed, 27 Apr 2022 08:36:12 -0700 (PDT) X-Received: by 2002:a17:90b:4c06:b0:1d9:80ca:c6d3 with SMTP id na6-20020a17090b4c0600b001d980cac6d3mr16915888pjb.242.1651073771873; Wed, 27 Apr 2022 08:36:11 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1651073771; cv=pass; d=google.com; s=arc-20160816; b=KVy+z4SSRp4xh5q8zr74fYLjl9Ni8ksuLNjWL12m8ObbwInPNGtE5Z/2Cqf1IN+vFU 7bicvw64fINfZd9nEpxxtqWJyyjDbUBnmZSJVLXqDtHF6CnLoIbCSpYi+vXV2E6kLQye 1Da97Kh8yIrQZjZjE4AgidKL1MSzWKN9fL962MPTLhqZjwadJNjR7MtKJVSXgTSRfQx7 MJQFi/vhg/6xIl9eYAkMwLcv03Lz18sgyNyvaHLJHA3ZsjDa4QJnIo58wnSUi/RtBStU xDit3pqFQHpJgOmyH0WSB6S9l2KgIqxkgAhXKOGhe1zCeGbvFfSK6tKKDYxYn+vkF6cQ +fBA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=mime-version:content-language:accept-language:in-reply-to :references:message-id:date:thread-index:thread-topic:subject:to :from:dkim-signature:ironport-hdrordr:ironport-data:ironport-phdr :dkim-signature; bh=zY/FTr74GzrRrmR+N88nwnutgs/NuCH2SWS8/F9aoPk=; b=qcGK9nksGuaDIvFEdnsUf31mCn1zrLQ3DHK4dvK80V0QIgc3ilbD6Sm5TKeTMiTrRN nq1ljaRtjpwSRUGeEhBdb4pRzG4xDzThpTMIDKcvleX5vtpTvAjOIjXB6FemenIQDN3J XuAJsW4YrvdXPWg9KIZ2DFQi36MkAwWKLLo8tpv1hzmMHj+b7OaOcAe0SCfy6Xay5vIR znEwJglByteertcR1GpZqdL7CdiTxlTv/3TjpN5RFpkfjywe/OD5UUihjrzH7Ss1ezvh S/1ArFyycWbtyDRg2MlgFtkSCKUbcC/NGTMWvu8zs2GPkSQq7Iq2IoCih8zbR2YZWx/M 7QSg== ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@sender.org header.s=cjis header.b=CdBhXot0; dkim=pass header.i=@dojsender.onmicrosoft.com header.s=selector1-dojsender-onmicrosoft-com header.b="j0UiBB/I"; arc=pass (i=1 spf=pass spfdomain=sender.org dkim=pass dkdomain=sender.org dmarc=pass fromdomain=sender.org); spf=fail (google.com: domain of prvs=109eb4f8a=absenderFNAME@sender.org does not designate 131.113.134.67 as permitted sender) smtp.mailfrom="prvs=109eb4f8a=absenderFNAME@sender.org"; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=sender.org Received: from kolmail1.jukuin.recipient.org (kolmail1.jukuin.recipient.org. [131.113.134.67]) by gmr-mx.google.com with ESMTP id h11-20020a17090aa88b00b001c75ad3207fsi212644pjq.3.2022.04.27.08.36.11 for ; Wed, 27 Apr 2022 08:36:11 -0700 (PDT) Received-SPF: fail (google.com: domain of prvs=109eb4f8a=absenderFNAME@sender.org does not designate 131.113.134.67 as permitted sender) client-ip=131.113.134.67; Received: from mx-east.sender.org (mx-east-ic.sender.org [153.31.119.142]) by kolmail1.jukuin.recipient.org (Postfix) with ESMTP id 807E663FC for ; Thu, 28 Apr 2022 00:36:09 +0900 (JST) X-IPAS-Result: A2HkIgDKYWli/10AlApCFQMOewmCbQFdKBkBYgKBVAOES44bgh1lA4J/gwqFC5ApgUKBDwIDGBYgBQELAQEBDQEBLAELCgQBAQECAwGEewKFGiY4EwECBAEBAQEDAgMBAQEBAQEDAQEBBQEBAQEBBwIBAQICgRiFaA2CcGNNAwM1AQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQECDAElLAEmAz0BAQEBAxENIgEBDAshDQICAQgNBAQBARQCEgcbFgEUCQgCBAgCBQQBBxUEggcLHiwCBQEBgg5XA0CVNYMtAY5AhCMaNXiBMxoCZYIIAQEGBARxRgGDVRhcgVwJBQQBgTOBVwwDgSuEJ4EigWKEG0OCDYFYgmc+aWcBUEICAhUDfwIQARIBDRYEGwwJCQiDRoIunBBrNDclBQETCA8BUDMHAQUBHh4KBwsBEzUBCC2RdxgEGgEBBps5kg1rg1SLGY5vhhkVg3SBT4pqF4YuA5FeGIcFj0OEdgEng1KBcFWBbAyDSZBkJ4Figw8CBAIEBQIOCIF4MywwcCsIAhgpgzMJCj4ZhE2JbhYtVwEKgkGBf4I/g0OCGEV1AQEBAQEMKgIGCwEBAwmKeYE8HkIbAQE IronPort-PHdr: A9a23:SqPT3BXECwF2rNMDJdZTjAZokunV8K34AWYlg6HPw5pCcaWmqpLlO kGXpfBgl0TAUoiT7fVYw/HXvKbtVS1lg96BvXkOfYYKW0oDjsMbzAAlCdSOXEv8KvOiZicmH cNEAVli+XzzMUVcFMvkIVPIpXjn4zQTXBr4K1kdGw== IronPort-Data: A9a23:pRQlQqLZgBwgO3rHFE+RQZclxSXFcZb7ZxGr2PjKsXjdYENS0TNTy mUYXWyEbviDMWSmeI91btuz8E1X75KHnIc3QQZorCE8RH9jl5b5CIXCJC8cHc8zwu4v7q5Dx 59DAjUVBJlsFhcwgD/zbuC5xZVb/fjQHeGkYAL8EnktA1ciEk/NsDo78wIDqtYAbeORXkXc4 bsen+WFYAX/g2IubTpNg06+gEoHUMra6WJwUmMWPZinjHeG/5XCJMtCTU0ZByKQrrh8R4ZWd c6apF2K1jqxEyMWNz+QuuqTnnvm41LlFVPmZnJ+A8BOizAb+XZiiv5T2PA0MC+7gB3Q9zx9J UkkWTVdhm7FM4WV8NnxXSW0HAlBZKlr15jELUG6kuyc8WboWWm8kudhWRRe0Y0woo6bAElO5 PYCKTxLYBqCwe2x3tpXSME13oJ6cJmtZMVO4RmMzhmAZRoiaZPHQ6zW7t9Vxh8+jMEIEvHAD yYcQWswMUWdPEIn1lE/MKIcuPzxgn3FcwJg+Qmwq5dpxGXrw1kkuFTqGJ+PEjCQfu0MxR6Dj jiepzy/AAwZKd2ZjzmI83Xqj+SJnzuTZW4JPOTgsKc20BvLgD1IYPELaWaGTTCCohbWc7pix 4Y8o0LCcYBaGJSXc+TA IronPort-HdrOrdr: A9a23:kPHl9qlKx8tf5+Ru2ohL5ihdsDfpDfPZimdD5ihNYBxZY6Wkfp +V88jzhCWZtN9OYhwdcIi7SdO9qADnhONICOgqTPyftWzd1ldAQ7sSi7cKrweQeBEWs9Qtrp uIEJIOQuEYb2IK9PoSiTPQe71Lobm6GeKT9J/jJh9WPENXgspbnmJE43OgYypLrX59dP4E/f Snl6h6jgvlXU5SQtWwB3EDUeSGjcbMjojabRkPAANiwBWSjBuzgYSKXiSw71M7aXdi0L0i+W /Kn0jS/aO4qcy2zRfayiv684lWot380dFObfb8xvT9aw+cxTpAVr4RGoFqjwpF4N1H3Wxa3u Uk7S1QfPiboEmhAl1d6SGdpDUIlgxerkMKgGXo/0fLsIj3Qik3BNFGgp8cehzF61A4tNU5y6 5T2XmF3qAney8osR6Nk+QgbSsa4XZcYEBS49I7njhaS88TebVRpYsQ8AdcF4oBBjvz7MQiHP N1BM/R6f5KeRfCBkqp9lVH0ZipRDA+Dx2GSk8Ntoic1CVXhmlwyw8dyNYElnkN+ZohQ91P5v jCMK5viLZSJ/VmJJ6VxN1xNPdfJla9MS4kaljiUGgPPJt3SE7wlw== X-IronPort-Anti-Spam-Filtered: true Received: from unknown (HELO hybrid.sender.org) ([10.148.0.93]) by wvadc-dmz-pmo003-sender.enet.cjis with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 27 Apr 2022 15:36:05 +0000 Received: from HQPO-UME16-004.SENDER.ORG (10.148.0.94) by HQPO-UME16-003.SENDER.ORG (10.148.0.93) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2308.15; Wed, 27 Apr 2022 11:36:09 -0400 Received: from USG02-BN3-obe.outbound.protection.office365.us (10.148.63.3) by HQPO-UME16-004.SENDER.ORG (10.148.0.94) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2308.15 via Frontend Transport; Wed, 27 Apr 2022 09:36:09 -0600 ARC-Seal: i=1; a=rsa-sha256; s=arcselector5401; d=microsoft.com; cv=none; b=EDbMEW0ZpyzqAtu8UZf1TLbhekMCQnQt0lJWYOwuVWdtazX95OY7wAXQICoZN098eDUmNROTWKN/j6rJfvSeQAXZ98dcACAcCRci/d3gwCgCasgam2uOEfYuJQ6k1ir24F2uKkTvMzSAlgzjjwAEYtpLu0+0QHphYMZkhOPH9qXk4q7uK3Ard6y4J5Gt4hr1flgrmu4xbxw7M8mXdUmnsYUd06AUg95cBnnQmtfblBnVIByZLJU0YmIMZYsEvBB9l61EeJKJPNqvRjSuayPAa24uTo93LXrx+/7nPCqZencOKKxQ4olh5gtYo1G7eWLsM1rfYIFh2S8+yAqXYXSR7Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector5401; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=zY/FTr74GzrRrmR+N88nwnutgs/NuCH2SWS8/F9aoPk=; b=Ge/jTlo7dQMvQwTxKhxPprEVhVsu6DdeKQfsftSllJ1so0mvCcBN3nghzDW5jivANk+ghDKzutSpSDdk/4yBHS9GkE9QnTImNcBtoggmINWsjMstFqKshTfT6waCOgRJSVEu+uSok7oLUI9Zwyzjd/9nwDtmSlnRxlypGM9viQVgxgj1DRJOZFQDosPkB9ysgF2sEX/ZhQ6VdO05K1EZfrsxm8HQxGMBuRaZ5ZJPWgjNOsJ1qAWXB5WBWmNojZn6CL9OcAQUYljAoJbLrTyH3PX0GDevtA40dO+n+D4Ot8WTP5CvhLcvodHePLe03osnThqlo3xBnCvz+7m3/8dygQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=sender.org; dmarc=pass action=none header.from=sender.org; dkim=pass header.d=sender.org; arc=none Received: from BN1P110MB0820.NAMP110.PROD.OUTLOOK.COM (2001:489a:200:133::15) by BN1P110MB0724.NAMP110.PROD.OUTLOOK.COM (2001:489a:200:133::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5186.14; Wed, 27 Apr 2022 15:36:01 +0000 Received: from BN1P110MB0820.NAMP110.PROD.OUTLOOK.COM ([fe80::161:cc70:bbd:5686]) by BN1P110MB0820.NAMP110.PROD.OUTLOOK.COM ([fe80::161:cc70:bbd:5686%6]) with mapi id 15.20.5186.021; Wed, 27 Apr 2022 15:35:59 +0000 From: "'Sender_FNAME sendr_LNAME' via nnnnns" To: "Aaaaao RECIPIENT_LNAME (Aaaaac RECIPIENT_L2NAME)" Subject: Re: [gnnnnns:122] Re: [EXTERNAL EMAIL] - Re: uoooooo report Thread-Topic: [gnnnnns:101] Re: [EXTERNAL EMAIL] - Re: uoooooo report Thread-Index: AQHYWagMeKNeCCmip0GkF8Hj+adVmK0DtUIAgAAUbOSAABVhgIAABlve Date: Wed, 27 Apr 2022 15:35:59 +0000 ```

Btw, "How Can You Tell if an Email Was Transmitted Using TLS Encryption?" (luxsci.com) helps me a lot to understand how to interpret the header of an email to see if its pathway is encrypted or not.

[130s]

Closing for now.

As a final confirmation, I sent an email to the organizer of this email forwarding service. Will post an update once I receive their response, but I'm "satisfied" with the result of my research for now.