The curious case of microsoft.com

[ale5000-git]

After some researches:

• account-security-noreply@account.microsoft.com (signed by accountprotection.microsoft.com) => Include DKIM signature that inexplicably almost always fail but sometimes succeed
• maccount@microsoft.com (signed by microsoft.com) => Pass DKIM validation
• support@mail.support.microsoft.com (signed by mail.support.microsoft.com) => Pass DKIM validation
• postmaster@euroconsumers.onmicrosoft.com (signed by euroconsumers.onmicrosoft.com)
• CMMRC.WNST.WW.00.IT.ARV.BRS.CS.1FL.SPT.SG.PI@css.one.microsoft.com => It miss DKIM signature, although it look spammy it is real and I get it when I have requested a business invoice from Microsoft.

*@css.one.microsoft.com that is from account support maybe should be set to NEUTRAL.
For the others it need more researches.

I have sent you some samples.

[ale5000-git]

@lieser: I have sent you another mail that didn't come from Microsoft but it has Microsoft logo that shouldn't have.

It is signed by [custom-subdomains].onmicrosoft.com (these subdomains could probably be bought).

[lieser]

Thanks a lot for catching and reporting that onmicrosoft.com is used to sign e-mails not from Microsoft. Removed the favicon for the domain in pre release 2.1.0pre3.

I also did the following changes to the default rules:

• *@mail.support.microsoft.com can now also be signed by mail.support.microsoft.com
• *@css.one.microsoft.com no longer has to be signed (added a NEUTRAL rule for it)

[ale5000-git]

• microsoftrewards@email.microsoftrewards.com (signed by email.microsoftrewards.com) => need Microsoft icon

[lieser]

added icon for microsoftrewards.com in 2.1.0