Shame on you, stupid spammers.. Sh4meful  DMARC Spoof Detection

IP Address: 170.10.150.241 โš  Network Confounder

This page shows DMARC authentication failure data for this IP address. Learn more about this data.

Geolocation Information
Country:
US United States
Coordinates:
37.751, -97.822
WHOIS Information
Network Name:
MNA-95
CIDR:
170.10.128.0/19
Owner:
Mimecast North America Inc
Org ID:
MNA-95
Address:
191 Spring St, Lexington, MA 02421
Reverse DNS:
usb-smtp-delivery-1.mimecast.com
Last updated: 6/21/2026

Analysis

This IP is classified as a confounder: Mimecast Email Security Gateway. Failures observed from this source are expected artifacts of legitimate mail-handling behavior, typically email forwarding or mailing-list processing, and do not indicate spoofing attempts.

The host is operated by Mimecast North America Inc and geolocates to United States. Its presence in DMARC aggregate reports is an artifact of how forwarded mail interacts with SPF and DKIM authentication, not a sign of abuse originating from this address.

Administrators observing this IP in their DMARC aggregate reports should not block or treat it as hostile. Mimecast is an email security and archiving service. Mail routed through Mimecast relays will appear in DMARC reports with Mimecast's IP addresses. Configure your SPF record to include Mimecast's published SPF ranges to suppress these entries.

Network Confounder: Mimecast Email Security Gateway

Mimecast is a cloud-based email security gateway that enterprises route all inbound and outbound corporate email through for spam filtering, malware scanning, URL click-protection, and archiving. It breaks DKIM authentication by modifying message bodies during inline security processing โ€” URL rewriting and footer insertion invalidate the original DKIM body hash. On the SPF side, Mimecast relay IPs become the actual sending IPs, breaking SPF alignment unless the domain owner has explicitly included Mimecast netblocks in their SPF record and enabled SPF alignment in the Mimecast admin console. DMARC failures originating from Mimecast IP ranges are almost always legitimate corporate email with a configuration gap, not spoofing or spam attempts.

Failures Detected from this IP
Showing 1-1 of 1 failures, affecting 2 messages
External Reputation Lookups

Look up this IP in external threat intelligence and reputation databases (opens in new tab):

Nearby IPs

Other IPs in the 170.10.150.0/24 range observed failing DMARC:

170.10.150.41 (4 failures)