Checks/check-ORCA235.ps1
|
using module "..\ORCA.psm1" class ORCA235 : ORCACheck { <# CONSTRUCTOR with Check Header Data #> ORCA235() { $this.Control="235" $this.Area="SPF" $this.Name="SPF Records" $this.PassText="SPF records is set up for all your custom domains" $this.FailRecommendation="Set up SPF records to prevent spoofing" $this.Importance="SPF helps validate outbound email sent from your custom domain. Microsoft 365 uses the Sender Policy Framework (SPF) TXT record in DNS to ensure that destination email systems trust messages sent from your custom domain." $this.ExpandResults=$True $this.CheckType=[CheckType]::ObjectPropertyValue $this.ObjectType="Domain" $this.ItemName="SPF Record Lookup" $this.DataType="Is HardFail" $this.ChiValue=[ORCACHI]::Low $this.Links= @{ "Use SPF to validate outbound email sent from your custom domain in Office 365"="https://aka.ms/orca-spf-docs-1" } } <# RESULTS #> GetResults($Config) { # Check pre-requisites for DNS resolution If(!(Get-Command "Resolve-DnsName" -ErrorAction:SilentlyContinue)) { # No Resolve-DnsName command ForEach($AcceptedDomain in $Config["AcceptedDomains"]) { $ConfigObject = [ORCACheckConfig]::new() $ConfigObject.Object = $($AcceptedDomain.Name) $ConfigObject.SetResult([ORCAConfigLevel]::All,[ORCAResult]::Informational) $ConfigObject.ConfigItem = "Pre-requisites not installed" $ConfigObject.ConfigData = "Resolve-DnsName is not found on ORCA computer. Required for DNS checks." $this.AddConfig($ConfigObject) } $this.CheckFailed = $true $this.CheckFailureReason = "Resolve-DnsName is not found on ORCA computer and is required for DNS checks." } else { # Check SPF ForEach($AcceptedDomain in $Config["AcceptedDomains"]) { $SplatParameters = @{ 'ErrorAction' = 'SilentlyContinue' } # If alternate DNS specified, add Server param if($null -ne $this.ORCAParams.AlternateDNS) { $SplatParameters["Server"] = $this.ORCAParams.AlternateDNS } $HasMailbox = $false try { $mailbox = Resolve-DnsName -Name $($AcceptedDomain.Name) -Type MX -ErrorAction:Stop @SplatParameters if($null -ne $mailbox -and $mailbox.Count -gt 0) { $HasMailbox = $true } } Catch{} If($HasMailbox) { # Check objects $ConfigObject = [ORCACheckConfig]::new() $ConfigObject.Object = $($AcceptedDomain.Name) $SPF = Resolve-DnsName -Name $($AcceptedDomain.Name) -Type TXT @SplatParameters | where-object { $_.strings -match "v=spf1" } | Select-Object -ExpandProperty strings -ErrorAction SilentlyContinue if ($SPF -match "redirect") { $redirect = $SPF.Split(" ") $RedirectName = $redirect -match "redirect" -replace "redirect=" $SPF = Resolve-DnsName -Name "$RedirectName" -Type TXT @SplatParameters | where-object { $_.strings -match "v=spf1" } | Select-Object -ExpandProperty strings -ErrorAction SilentlyContinue } $SpfAdvisory = "No SPF record" if ( $null -eq $SPF) { $SpfAdvisory = "No SPF record" } if ($SPF -is [array]) { $SpfAdvisory = "More than one SPF-record" } Else { switch -Regex ($SPF) { '~all' { $SpfAdvisory = "Soft Fail" } '-all' { $SpfAdvisory = "Hard Fail" } Default { $SpfAdvisory = "No qualifier found" } } } # Get matching DKIM signing configuration If($true) { $ConfigObject.ConfigItem="$($SPF)" if($SpfAdvisory -eq "Hard Fail") { $ConfigObject.ConfigData = "Yes" } Elseif( ($SpfAdvisory -eq "Soft Fail") -or ($SpfAdvisory -eq "No qualifier found")) { $ConfigObject.ConfigData = "No" } Else { $ConfigObject.ConfigData = "Not Detected" } if($SpfAdvisory -eq "Hard Fail") { $ConfigObject.SetResult([ORCAConfigLevel]::Standard,"Pass") } Else { $ConfigObject.SetResult([ORCAConfigLevel]::Standard,"Fail") } } Else { $ConfigObject.ConfigItem = "Not Detected" $ConfigObject.ConfigData = "Not Detected" $ConfigObject.SetResult([ORCAConfigLevel]::Standard,"Fail") } # Add config to check $this.AddConfig($ConfigObject) } } } } } # SIG # Begin signature block # MIIlvwYJKoZIhvcNAQcCoIIlsDCCJawCAQExDzANBglghkgBZQMEAgEFADB5Bgor # BgEEAYI3AgEEoGswaTA0BgorBgEEAYI3AgEeMCYCAwEAAAQQH8w7YFlLCE63JNLG # KX7zUQIBAAIBAAIBAAIBAAIBADAxMA0GCWCGSAFlAwQCAQUABCC4zwOAPNRTasSS # mNzaXxtk7QJ27YFs3sy6WL9uYD+yD6CCC6UwggUKMIID8qADAgECAhMzAAAFqKL2 # J1+E5UEHAAEAAAWoMA0GCSqGSIb3DQEBCwUAMHkxCzAJBgNVBAYTAlVTMRMwEQYD # VQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24xIzAhBgNVBAMTGk1pY3Jvc29mdCBUZXN0aW5nIFBD # QSAyMDEwMB4XDTIzMDMxNjE4NTkyNloXDTI0MDMxNDE4NTkyNlowfDELMAkGA1UE # BhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAc # BgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEmMCQGA1UEAxMdQ29kZSBTaWdu # IFRlc3QgKERPIE5PVCBUUlVTVCkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK # AoIBAQDgrnNAupBi5n85+fjbka2mn+FNx0ytKZHV9iGVIT/STHYchvSe6u0rfS0j # z+DB8+oEjv4U7Fu+yavIM1/O8QP8mjQy85gYMIjUX1kTsbtV4AoXLp4ifN3BEQ0d # BoTrbBfKxC1J6WQ2R+kGsCitMiYSpAMoqgszTojz5HdJa0/Y5JyNmVQxJ9opg2qF # RA/tIQI+0FG3V9Sb3hChTmk12h9tHtHjN7ry1VxPMACQJ5EdPLwkVZ1JLvhue8yS # ClKRW7s9PCVRKcFDV4VZQCxwxSh3uZy/0vyCHN2KdxsN3WrMGgaaioQYsdNqcP+8 # GbGDtRpEaav2j7SiRNWy1Kj8Qx93AgMBAAGjggGGMIIBgjATBgNVHSUEDDAKBggr # BgEFBQcDAzAdBgNVHQ4EFgQUbBHFPAjJcVWl9t4Y1wkSUUsuL9YwVAYDVR0RBE0w # S6RJMEcxLTArBgNVBAsTJE1pY3Jvc29mdCBJcmVsYW5kIE9wZXJhdGlvbnMgTGlt # aXRlZDEWMBQGA1UEBRMNMjMwMDcyKzUwMDUwNTAfBgNVHSMEGDAWgBS/ZaKrb3Wj # TkWWVwXPOYf0wBUcHDBcBgNVHR8EVTBTMFGgT6BNhktodHRwOi8vd3d3Lm1pY3Jv # c29mdC5jb20vcGtpb3BzL2NybC9NaWNyb3NvZnQlMjBUZXN0aW5nJTIwUENBJTIw # MjAxMCgxKS5jcmwwaQYIKwYBBQUHAQEEXTBbMFkGCCsGAQUFBzAChk1odHRwOi8v # d3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2NlcnRzL01pY3Jvc29mdCUyMFRlc3Rp # bmclMjBQQ0ElMjAyMDEwKDEpLmNydDAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEB # CwUAA4IBAQBCK8FqWRHLIx+kyaG/gLWhuRjI/7OGcLxF0M/ovGWWyz9o6Li/YZQg # hqls7Hy5R8HSIoIIp4BFDZP8+/24dmdjSv+ZDYLx3pKhcw3b4GzeFu3nv6cQxNMC # QL621tOzjQr4Ma8WNOZN8/t8sBZ6a6U+9dbwPfNAGeNrSv3nFM85R/kiSxf9oBXh # hIAyZwrO0EwuyevBkIhHXf8Ydhn83xuQRogv1+3I7Uf6DC5P+QX5Hs7EQKgX7ppt # JHSIW4Qbxu1402Y1j0+XtHJDckCZa17F6ziuHrLN252deoU5cMB5w9ibXkE+evRl # kPOcV4pwh0LWFhjvkzfG7Pbp/gRaDSAUMIIGkzCCBHugAwIBAgITMwAAAC01ekaI # yQdx2AAAAAAALTANBgkqhkiG9w0BAQsFADCBkDELMAkGA1UEBhMCVVMxEzARBgNV # BAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jv # c29mdCBDb3Jwb3JhdGlvbjE6MDgGA1UEAxMxTWljcm9zb2Z0IFRlc3RpbmcgUm9v # dCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgMjAxMDAeFw0yMDEyMTAyMDQzMjBaFw0z # NTA2MTcyMTA0MTFaMHkxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9u # MRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRp # b24xIzAhBgNVBAMTGk1pY3Jvc29mdCBUZXN0aW5nIFBDQSAyMDEwMIIBIjANBgkq # hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvzxggau+7P/XF2PypkLRE2KcsBfOukYa # eyIuVXOaVLnG1NHKmP53Rw2OnfBezPhU7/LPKtRi8ak0CgTXxQWG8hD1TdOWCGaF # 2wJ9GNzieiOnmildrnkYzwxj8Br/gampQz+pC7lR8bNIOvxELl8RxVY6/8oOzYgI # wf3H1fU+7+pOG3KLI71FN54fcMGnybggc+3zbD2LIQXPdxL+odwH6Q1beAlsMlUQ # R9A3yMf3+nP+RjTkVhaoN2RT1jX7w4C2jraGkaEQ1sFK9uN61BEKst4unhCX4IGu # El2IAV3MpMQoUpxg8ArmiK9L6VeK7KMPNx4p9l0h09faXQ7JTtuNbQIDAQABo4IB # +jCCAfYwDgYDVR0PAQH/BAQDAgGGMBIGCSsGAQQBgjcVAQQFAgMBAAEwIwYJKwYB # BAGCNxUCBBYEFOqfXzO20F+erestpsECu0A4y+e1MB0GA1UdDgQWBBS/ZaKrb3Wj # TkWWVwXPOYf0wBUcHDBUBgNVHSAETTBLMEkGBFUdIAAwQTA/BggrBgEFBQcCARYz # aHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraW9wcy9Eb2NzL1JlcG9zaXRvcnku # aHRtMBkGCSsGAQQBgjcUAgQMHgoAUwB1AGIAQwBBMA8GA1UdEwEB/wQFMAMBAf8w # HwYDVR0jBBgwFoAUowEEfjCIM+u5MZzK64V2Z/xltNEwWQYDVR0fBFIwUDBOoEyg # SoZIaHR0cDovL2NybC5taWNyb3NvZnQuY29tL3BraS9jcmwvcHJvZHVjdHMvTWlj # VGVzUm9vQ2VyQXV0XzIwMTAtMDYtMTcuY3JsMIGNBggrBgEFBQcBAQSBgDB+ME0G # CCsGAQUFBzAChkFodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpL2NlcnRzL01p # Y1Rlc1Jvb0NlckF1dF8yMDEwLTA2LTE3LmNydDAtBggrBgEFBQcwAYYhaHR0cDov # L29uZW9jc3AubWljcm9zb2Z0LmNvbS9vY3NwMA0GCSqGSIb3DQEBCwUAA4ICAQAn # tNCFsp7MD6QqU3PVbdrXMQDI9v9jyPYBEbUYktrctPmvJuj8Snm9wWewiAN5Zc81 # NQVYjuKDBpb1un4SWVCb4PDVPZ0J87tGzYe9dOJ30EYGeiIaaStkLLmLOYAM6oIn # IqIwVyIk2SE/q2lGt8OvwcZevNmPkVYjk6nyJi5EdvS6ciPRmW9bRWRT4pWU8bZI # QL938LE4lHOQAixrAQiWes5Szp2U85E0nLdaDr5w/I28J/Z1+4zW1Nao1prVCOqr # osnoNUfVf1kvswfW3FY2l1PiAYp8sGyO57GaztXdBoEOBcDLedfcPra9+NLdEF36 # NkE0g+9dbokFY7KxhUJ8WpMiCmN4yj9LKFLvQbctGMJJY9EwHFifm2pgaiaafKF1 # Gyz+NruJzEEgpysMo/f9AVBQ/qCdPQQGEWp3QDIaef4ts9QTx+RmDKCBDMTFLgFm # mhbtUY0JWjLkKn7soz/LIcDUle/p5TiFD4VhfZnAcvYQHXfuslnyp+yuhWzASnAQ # NnOIO6fc1JFIwkDkcM+k/TspfAajzHooSAwXkrOWrjRDV6wI0YzMVHrEyQ0hZ5Nn # IXbL3lrTkOPjf3NBu1naSNEaySduStDbFVjV3TXoENEnZiugJKYSwmhzoYHM1ngi # pN5rNdqJiK5ukp6E8LDzi3l5/7XctJQY3+ZgHDJosjGCGXAwghlsAgEBMIGQMHkx # CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRt # b25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xIzAhBgNVBAMTGk1p # Y3Jvc29mdCBUZXN0aW5nIFBDQSAyMDEwAhMzAAAFqKL2J1+E5UEHAAEAAAWoMA0G # CWCGSAFlAwQCAQUAoIGwMBkGCSqGSIb3DQEJAzEMBgorBgEEAYI3AgEEMBwGCisG # AQQBgjcCAQsxDjAMBgorBgEEAYI3AgEVMC8GCSqGSIb3DQEJBDEiBCC931fTr+o6 # eMgmxRqm6rtrXSKjhru26I1DmnZu7f6+ODBEBgorBgEEAYI3AgEMMTYwNKAUgBIA # TQBpAGMAcgBvAHMAbwBmAHShHIAaaHR0cHM6Ly93d3cubWljcm9zb2Z0LmNvbSAw # DQYJKoZIhvcNAQEBBQAEggEA11LfhpTLBYeYRHhULM2rj2LzOLsQSvYx5nCgCozd # BCznA1aglLcY+czR37lk/MJYGzrFwt5d56Cv/bYlbX5F+2Djsz1Xm6tXduP2DBmb # TK4ISHnfjkcFfmrzMiHEf2jEoWa9f3NC174MBORMBzXaqOGnIRkmCfzCdjjsVSJ9 # QZFY4F+J/axvdmPrvUioEd/nwi+vVZjzBK+ntYeURueUH9BGV1JqJ5MqcBSConpF # Efme3CNjZbTw2cq+SgpNt3BZ1GgVMSbxl9oxvfCrNXMg7jtOQOKqPpb73FgaeAPc # o7MTF2kmm6Q6QH1ylDrNIr/gcWHOcqvknpRn95pVSJHEEaGCFv0wghb5BgorBgEE # AYI3AwMBMYIW6TCCFuUGCSqGSIb3DQEHAqCCFtYwghbSAgEDMQ8wDQYJYIZIAWUD # BAIBBQAwggFRBgsqhkiG9w0BCRABBKCCAUAEggE8MIIBOAIBAQYKKwYBBAGEWQoD # ATAxMA0GCWCGSAFlAwQCAQUABCAonhujOY11mRpxlP0CTXpdZrti4W/w7alNBBsq # iZmqSwIGZGzRjQDTGBMyMDIzMDYwOTAxMDMzOC4wMjdaMASAAgH0oIHQpIHNMIHK # MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVk # bW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSUwIwYDVQQLExxN # aWNyb3NvZnQgQW1lcmljYSBPcGVyYXRpb25zMSYwJAYDVQQLEx1UaGFsZXMgVFNT # IEVTTjpENkJELUUzRTctMTY4NTElMCMGA1UEAxMcTWljcm9zb2Z0IFRpbWUtU3Rh # bXAgU2VydmljZaCCEVQwggcMMIIE9KADAgECAhMzAAABx/sAoEpb8ifcAAEAAAHH # MA0GCSqGSIb3DQEBCwUAMHwxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5n # dG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9y # YXRpb24xJjAkBgNVBAMTHU1pY3Jvc29mdCBUaW1lLVN0YW1wIFBDQSAyMDEwMB4X # DTIyMTEwNDE5MDEzNVoXDTI0MDIwMjE5MDEzNVowgcoxCzAJBgNVBAYTAlVTMRMw # EQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVN # aWNyb3NvZnQgQ29ycG9yYXRpb24xJTAjBgNVBAsTHE1pY3Jvc29mdCBBbWVyaWNh # IE9wZXJhdGlvbnMxJjAkBgNVBAsTHVRoYWxlcyBUU1MgRVNOOkQ2QkQtRTNFNy0x # Njg1MSUwIwYDVQQDExxNaWNyb3NvZnQgVGltZS1TdGFtcCBTZXJ2aWNlMIICIjAN # BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr0LcVtnatNFMBrQTtG9P8ISAPyyG # mxNfhEzaOVlt088pBUFAIasmN/eOijE6Ucaf3c2bVnN/02ih0smSqYkm5P3ZwU7Z # W202b6cPDJjXcrjJj0qfnuccBtE3WU0vZ8CiQD7qrKxeF8YBNcS+PVtvsqhd5YW6 # AwhWqhjw1mYuLetF5b6aPif/3RzlyqG3SV7QPiSJends7gG435Rsy1HJ4XnqztOJ # R41I0j3EQ05JMF5QNRi7kT6vXTT+MHVj27FVQ7bef/U+2EAbFj2X2AOWbvglYaYn # M3m/I/OWDHUgGw8KIdsDh3W1eusnF2D7oenGgtahs+S1G5Uolf5ESg/9Z+38rhQw # LgokY5k6p8k5arYWtszdJK6JiIRl843H74k7+QqlT2LbAQPq8ivQv0gdclW2aJun # 1KrW+v52R3vAHCOtbUmxvD1eNGHqGqLagtlq9UFXKXuXnqXJqruCYmfwdFMD0UP6 # ii1lFdeKL87PdjdAwyCiVcCEoLnvDzyvjNjxtkTdz6R4yF1N/X4PSQH4FlgslyBI # XggaSlPtvPuxAtuac/ITj4k0IRShGiYLBM2Dw6oesLOoxe07OUPO+qXXOcJMVHhE # 0MlhhnxfN2B1JWFPWwQ6ooWiqAOQDqzcDx+79shxA1Cx0K70eOBplMog27gYoLpB # v7nRz4tHqoTyvA0CAwEAAaOCATYwggEyMB0GA1UdDgQWBBQFUNLdHD7BAF/VU/X/ # eEHLiUSSIDAfBgNVHSMEGDAWgBSfpxVdAF5iXYP05dJlpxtTNRnpcjBfBgNVHR8E # WDBWMFSgUqBQhk5odHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2NybC9N # aWNyb3NvZnQlMjBUaW1lLVN0YW1wJTIwUENBJTIwMjAxMCgxKS5jcmwwbAYIKwYB # BQUHAQEEYDBeMFwGCCsGAQUFBzAChlBodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20v # cGtpb3BzL2NlcnRzL01pY3Jvc29mdCUyMFRpbWUtU3RhbXAlMjBQQ0ElMjAyMDEw # KDEpLmNydDAMBgNVHRMBAf8EAjAAMBMGA1UdJQQMMAoGCCsGAQUFBwMIMA0GCSqG # SIb3DQEBCwUAA4ICAQDQy5c8ogP0y8xAsLVca07wWy1mT+nqYgAFnz2972kNO+KJ # 7AE4f+SVbvOnkeeuOPq3xc+6TS8g3FuKKYEwYqvnRHxX58tjlscZsZeKnu7fGNUl # pNT9bOQFHWALURuoXp8TLHhxj3PEq9jzFYBP2YNMLol70ojY1qpze3nMMJfpdurd # BBpaOLlJmRNTLhxd+RJGJQbY1XAcx6p/FigwqBasSDUxp+0yFPEBB9uBE3KILAtq # 6fczGp4EMeon6YmkyCGAtXMKDFQQgdP/ITe7VghAVbPTVlP3hY1dFgc+t8YK2obF # SFVKslkASATDHulCMht+WrIsukclEUP9DaMmpq7S0RLODMicI6PtqqGOhdnaRltA # 0d+Wf+0tPt9SUVtrPJyO7WMPKbykCRXzmHK06zr0kn1YiUYNXCsOgaHF5ImO2ZwQ # 54UE1I55jjUdldyjy/UPJgxRm9NyXeO7adYr8K8f6Q2nPF0vWqFG7ewwaAl5ClKe # rzshfhB8zujVR0d1Ra7Z01lnXYhWuPqVZayFl7JHr6i6huhpU6BQ6/VgY0cBiksX # 4mNM+ISY81T1RYt7fWATNu/zkjINczipzbfg5S+3fCAo8gVB6+6A5L0vBg39dsFI # Tv6MWJuQ8ZZy7fwlFBZE4d5IFbRudakNwKGdyLGM2otaNq7wm3ku7x41UGAmkDCC # B3EwggVZoAMCAQICEzMAAAAVxedrngKbSZkAAAAAABUwDQYJKoZIhvcNAQELBQAw # gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdS # ZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xMjAwBgNVBAMT # KU1pY3Jvc29mdCBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eSAyMDEwMB4XDTIx # MDkzMDE4MjIyNVoXDTMwMDkzMDE4MzIyNVowfDELMAkGA1UEBhMCVVMxEzARBgNV # BAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jv # c29mdCBDb3Jwb3JhdGlvbjEmMCQGA1UEAxMdTWljcm9zb2Z0IFRpbWUtU3RhbXAg # UENBIDIwMTAwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDk4aZM57Ry # IQt5osvXJHm9DtWC0/3unAcH0qlsTnXIyjVX9gF/bErg4r25PhdgM/9cT8dm95VT # cVrifkpa/rg2Z4VGIwy1jRPPdzLAEBjoYH1qUoNEt6aORmsHFPPFdvWGUNzBRMhx # XFExN6AKOG6N7dcP2CZTfDlhAnrEqv1yaa8dq6z2Nr41JmTamDu6GnszrYBbfowQ # HJ1S/rboYiXcag/PXfT+jlPP1uyFVk3v3byNpOORj7I5LFGc6XBpDco2LXCOMcg1 # KL3jtIckw+DJj361VI/c+gVVmG1oO5pGve2krnopN6zL64NF50ZuyjLVwIYwXE8s # 4mKyzbnijYjklqwBSru+cakXW2dg3viSkR4dPf0gz3N9QZpGdc3EXzTdEonW/aUg # fX782Z5F37ZyL9t9X4C626p+Nuw2TPYrbqgSUei/BQOj0XOmTTd0lBw0gg/wEPK3 # Rxjtp+iZfD9M269ewvPV2HM9Q07BMzlMjgK8QmguEOqEUUbi0b1qGFphAXPKZ6Je # 1yh2AuIzGHLXpyDwwvoSCtdjbwzJNmSLW6CmgyFdXzB0kZSU2LlQ+QuJYfM2BjUY # hEfb3BvR/bLUHMVr9lxSUV0S2yW6r1AFemzFER1y7435UsSFF5PAPBXbGjfHCBUY # P3irRbb1Hode2o+eFnJpxq57t7c+auIurQIDAQABo4IB3TCCAdkwEgYJKwYBBAGC # NxUBBAUCAwEAATAjBgkrBgEEAYI3FQIEFgQUKqdS/mTEmr6CkTxGNSnPEP8vBO4w # HQYDVR0OBBYEFJ+nFV0AXmJdg/Tl0mWnG1M1GelyMFwGA1UdIARVMFMwUQYMKwYB # BAGCN0yDfQEBMEEwPwYIKwYBBQUHAgEWM2h0dHA6Ly93d3cubWljcm9zb2Z0LmNv # bS9wa2lvcHMvRG9jcy9SZXBvc2l0b3J5Lmh0bTATBgNVHSUEDDAKBggrBgEFBQcD # CDAZBgkrBgEEAYI3FAIEDB4KAFMAdQBiAEMAQTALBgNVHQ8EBAMCAYYwDwYDVR0T # AQH/BAUwAwEB/zAfBgNVHSMEGDAWgBTV9lbLj+iiXGJo0T2UkFvXzpoYxDBWBgNV # HR8ETzBNMEugSaBHhkVodHRwOi8vY3JsLm1pY3Jvc29mdC5jb20vcGtpL2NybC9w # cm9kdWN0cy9NaWNSb29DZXJBdXRfMjAxMC0wNi0yMy5jcmwwWgYIKwYBBQUHAQEE # TjBMMEoGCCsGAQUFBzAChj5odHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpL2Nl # cnRzL01pY1Jvb0NlckF1dF8yMDEwLTA2LTIzLmNydDANBgkqhkiG9w0BAQsFAAOC # AgEAnVV9/Cqt4SwfZwExJFvhnnJL/Klv6lwUtj5OR2R4sQaTlz0xM7U518JxNj/a # ZGx80HU5bbsPMeTCj/ts0aGUGCLu6WZnOlNN3Zi6th542DYunKmCVgADsAW+iehp # 4LoJ7nvfam++Kctu2D9IdQHZGN5tggz1bSNU5HhTdSRXud2f8449xvNo32X2pFaq # 95W2KFUn0CS9QKC/GbYSEhFdPSfgQJY4rPf5KYnDvBewVIVCs/wMnosZiefwC2qB # woEZQhlSdYo2wh3DYXMuLGt7bj8sCXgU6ZGyqVvfSaN0DLzskYDSPeZKPmY7T7uG # +jIa2Zb0j/aRAfbOxnT99kxybxCrdTDFNLB62FD+CljdQDzHVG2dY3RILLFORy3B # FARxv2T5JL5zbcqOCb2zAVdJVGTZc9d/HltEAY5aGZFrDZ+kKNxnGSgkujhLmm77 # IVRrakURR6nxt67I6IleT53S0Ex2tVdUCbFpAUR+fKFhbHP+CrvsQWY9af3LwUFJ # fn6Tvsv4O+S3Fb+0zj6lMVGEvL8CwYKiexcdFYmNcP7ntdAoGokLjzbaukz5m/8K # 6TT4JDVnK+ANuOaMmdbhIurwJ0I9JZTmdHRbatGePu1+oDEzfbzL6Xu/OHBE0ZDx # yKs6ijoIYn/ZcGNTTY3ugm2lBRDBcQZqELQdVTNYs6FwZvKhggLLMIICNAIBATCB # +KGB0KSBzTCByjELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAO # BgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEl # MCMGA1UECxMcTWljcm9zb2Z0IEFtZXJpY2EgT3BlcmF0aW9uczEmMCQGA1UECxMd # VGhhbGVzIFRTUyBFU046RDZCRC1FM0U3LTE2ODUxJTAjBgNVBAMTHE1pY3Jvc29m # dCBUaW1lLVN0YW1wIFNlcnZpY2WiIwoBATAHBgUrDgMCGgMVAOIASP0JSbv5R23w # xciQivHyckYooIGDMIGApH4wfDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hp # bmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jw # b3JhdGlvbjEmMCQGA1UEAxMdTWljcm9zb2Z0IFRpbWUtU3RhbXAgUENBIDIwMTAw # DQYJKoZIhvcNAQEFBQACBQDoLGYdMCIYDzIwMjMwNjA4MjIzNzE3WhgPMjAyMzA2 # MDkyMjM3MTdaMHQwOgYKKwYBBAGEWQoEATEsMCowCgIFAOgsZh0CAQAwBwIBAAIC # IpAwBwIBAAICFAIwCgIFAOgtt50CAQAwNgYKKwYBBAGEWQoEAjEoMCYwDAYKKwYB # BAGEWQoDAqAKMAgCAQACAwehIKEKMAgCAQACAwGGoDANBgkqhkiG9w0BAQUFAAOB # gQA8GWnKCvU6UXAracKJudOJXywwBlrjtS+WvqWY2tFM5EdTX98k+9rFNGCaz5JQ # yb/PR8RsiBg7KVL8Y9nVSYctDTLQMU+nFHMwmDOn6xSMnSmB+0f017QHpievnPvJ # fKmifeub5B6wkTaO4LdgB9bhoo2sJF01axLRrRTYifnbpDGCBA0wggQJAgEBMIGT # MHwxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdS # ZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xJjAkBgNVBAMT # HU1pY3Jvc29mdCBUaW1lLVN0YW1wIFBDQSAyMDEwAhMzAAABx/sAoEpb8ifcAAEA # AAHHMA0GCWCGSAFlAwQCAQUAoIIBSjAaBgkqhkiG9w0BCQMxDQYLKoZIhvcNAQkQ # AQQwLwYJKoZIhvcNAQkEMSIEIMqyUIyBjY3E0VxrJbEwF58HRZvitEzoZZFYsLOG # UvasMIH6BgsqhkiG9w0BCRACLzGB6jCB5zCB5DCBvQQgR+fl2+JSskULOeVYLbeM # gk7HdIbREmAsjwtcy6MJkskwgZgwgYCkfjB8MQswCQYDVQQGEwJVUzETMBEGA1UE # CBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9z # b2Z0IENvcnBvcmF0aW9uMSYwJAYDVQQDEx1NaWNyb3NvZnQgVGltZS1TdGFtcCBQ # Q0EgMjAxMAITMwAAAcf7AKBKW/In3AABAAABxzAiBCB4TbDYR+herQ+SLodlbG5N # 8ASSybGxS+vGnI/bl/CT1DANBgkqhkiG9w0BAQsFAASCAgBU5N2lTH+VMsdyvyOp # /lRSChgdtGiyAYnwcTU7DB2qgtw6Tkmu4bDdXYyJ4VK5nh4gkWqQWHhPTRFr7qLF # x6jp4i1+nG3WjJXiUxnryrIpBQk9XgFJ+kNoFF532z0aVXH9HCLs1Kg9cTvHIHB6 # ifjylk36yj9gfD4ZaPQMC99EHHsI2h1Rnd658qYt18ToxQ6HjrwlO/1wGi/U+YO0 # h4n4wDzqJWHw7pV5B/Le2XlxjOYFWrPLyXOcDuJ+ne8YnIk0D+ZvPysiYcOj4kdb # BO2n0oZ5dZW+H363hc9j+qIASOkEvqAneIKu5addhHS+6V3Au1oZmUVU7c6Sl8Fl # SMP2EIQgEb0XkAWc+IEoeim6JVETYemQQOojqhoxkScDCIt39SsP9HjNiZ0mpgpY # GWkibeG3YTPB4G1re06vr0AXvRvy34l/m9itIIM6GMtwl0P6f4CY6F6AkmpXT2GH # I8XzjCL0qqC25sBDKeMlOQ6Waua0cPyd0o/r1Q61gebz6DXuIVyQB3pXf3GXIZa8 # Uh+hT3gDLvcWvYITb0kQATU4HMM2V0vxU2QOPXVDEF/fUOhwy1qrlojLCQt0Rlw4 # QPfqhckYH20wG97L0tWSeWq0RH63r9wU/uCgQDkbCfBpr8IuvSg5gZ83J54glAO6 # N/I02Mwy/4oZ81sEnKVgBGrrtg== # SIG # End signature block |