I have been receiving a lot of spam originating from chinaunicom.cn servers that I report via spamcop.net. Spamcop claims the email is being send from numerous servers (ipv6 addresses) directly to the inbound mail gateway I use. Most of the mail passes SPF checks because the sending domain specified “softfail”. I was able to block some domains via my inbound mail gateway but could not do that for mail claimed to come from Google, Apple, and Microsoft domains. It seems odd that with all the churn about DKIM, these domains are still using SPF “softfail”. Am I missing something?
The good news is that with the help of the the information provided by dmarcian, I have been able to almost eliminate mail spoofing of my own domain.
