Checks/check-ORCA235.ps1
|
using module "..\ORCA.psm1" class ORCA235 : ORCACheck { <# CONSTRUCTOR with Check Header Data #> ORCA235() { $this.Control="235" $this.Area="SPF" $this.Name="SPF Records" $this.PassText="SPF records is set up for all your custom domains" $this.FailRecommendation="Set up SPF records to prevent spoofing" $this.Importance="SPF helps validate outbound email sent from your custom domain. Microsoft 365 uses the Sender Policy Framework (SPF) TXT record in DNS to ensure that destination email systems trust messages sent from your custom domain." $this.ExpandResults=$True $this.CheckType=[CheckType]::ObjectPropertyValue $this.ObjectType="Domain" $this.ItemName="SPF Record Lookup" $this.DataType="Is HardFail" $this.ChiValue=[ORCACHI]::Low $this.Links= @{ "Use SPF to validate outbound email sent from your custom domain in Office 365"="https://aka.ms/orca-spf-docs-1" } } <# RESULTS #> GetResults($Config) { # Check pre-requisites for DNS resolution If(!(Get-Command "Resolve-DnsName" -ErrorAction:SilentlyContinue)) { # No Resolve-DnsName command ForEach($AcceptedDomain in $Config["AcceptedDomains"]) { $ConfigObject = [ORCACheckConfig]::new() $ConfigObject.Object = $($AcceptedDomain.Name) $ConfigObject.SetResult([ORCAConfigLevel]::All,[ORCAResult]::Informational) $ConfigObject.ConfigItem = "Pre-requisites not installed" $ConfigObject.ConfigData = "Resolve-DnsName is not found on ORCA computer. Required for DNS checks." $this.AddConfig($ConfigObject) } $this.CheckFailed = $true $this.CheckFailureReason = "Resolve-DnsName is not found on ORCA computer and is required for DNS checks." } else { # Check SPF ForEach($AcceptedDomain in $Config["AcceptedDomains"]) { $SplatParameters = @{ 'ErrorAction' = 'SilentlyContinue' } # If alternate DNS specified, add Server param if($null -ne $this.ORCAParams.AlternateDNS) { $SplatParameters["Server"] = $this.ORCAParams.AlternateDNS } $HasMailbox = $false try { $mailbox = Resolve-DnsName -Name $($AcceptedDomain.Name) -Type MX -ErrorAction:Stop @SplatParameters if($null -ne $mailbox -and $mailbox.Count -gt 0) { $HasMailbox = $true } } Catch{} If($HasMailbox) { # Check objects $ConfigObject = [ORCACheckConfig]::new() $ConfigObject.Object = $($AcceptedDomain.Name) $SPF = Resolve-DnsName -Name $($AcceptedDomain.Name) -Type TXT @SplatParameters | where-object { $_.strings -match "v=spf1" } | Select-Object -ExpandProperty strings -ErrorAction SilentlyContinue if ($SPF -match "redirect") { $redirect = $SPF.Split(" ") $RedirectName = $redirect -match "redirect" -replace "redirect=" $SPF = Resolve-DnsName -Name "$RedirectName" -Type TXT @SplatParameters | where-object { $_.strings -match "v=spf1" } | Select-Object -ExpandProperty strings -ErrorAction SilentlyContinue } $SpfAdvisory = "No SPF record" if ( $null -eq $SPF) { $SpfAdvisory = "No SPF record" } if ($SPF -is [array]) { $SpfAdvisory = "More than one SPF-record" } Else { switch -Regex ($SPF) { '~all' { $SpfAdvisory = "Soft Fail" } '-all' { $SpfAdvisory = "Hard Fail" } Default { $SpfAdvisory = "No qualifier found" } } } # Get matching DKIM signing configuration If($true) { $ConfigObject.ConfigItem="$($SPF)" if($SpfAdvisory -eq "Hard Fail") { $ConfigObject.ConfigData = "Yes" } Elseif( ($SpfAdvisory -eq "Soft Fail") -or ($SpfAdvisory -eq "No qualifier found")) { $ConfigObject.ConfigData = "No" } Else { $ConfigObject.ConfigData = "Not Detected" } if($SpfAdvisory -eq "Hard Fail") { $ConfigObject.SetResult([ORCAConfigLevel]::Standard,"Pass") } Else { $ConfigObject.SetResult([ORCAConfigLevel]::Standard,"Fail") } } Else { $ConfigObject.ConfigItem = "Not Detected" $ConfigObject.ConfigData = "Not Detected" $ConfigObject.SetResult([ORCAConfigLevel]::Standard,"Fail") } # Add config to check $this.AddConfig($ConfigObject) } } } } } # SIG # Begin signature block # MIImZgYJKoZIhvcNAQcCoIImVzCCJlMCAQExDzANBglghkgBZQMEAgEFADB5Bgor # BgEEAYI3AgEEoGswaTA0BgorBgEEAYI3AgEeMCYCAwEAAAQQH8w7YFlLCE63JNLG # KX7zUQIBAAIBAAIBAAIBAAIBADAxMA0GCWCGSAFlAwQCAQUABCC4zwOAPNRTasSS # mNzaXxtk7QJ27YFs3sy6WL9uYD+yD6CCC7UwggUaMIIEAqADAgECAhMzAAAFwWtu # fQG/Bj+tAAEAAAXBMA0GCSqGSIb3DQEBCwUAMHkxCzAJBgNVBAYTAlVTMRMwEQYD # VQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24xIzAhBgNVBAMTGk1pY3Jvc29mdCBUZXN0aW5nIFBD # QSAyMDEwMB4XDTIzMDkyMTE4MTE0MloXDTI0MDkxODE4MTE0MlowfDELMAkGA1UE # BhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAc # BgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEmMCQGA1UEAxMdQ29kZSBTaWdu # IFRlc3QgKERPIE5PVCBUUlVTVCkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK # AoIBAQCjZPhOmWqhsCZshcxkJdnaUWYvbT72V/l1hgVjHnd6h5WrFUenJ0EswFmi # f0kY9NnUq0R/WB1mo0kIjRgqxnVUdCbaHEl7Dl2yq2Qa086tf/zbRBXo5kitssgq # zzQr/pvNTM93zH5SVcWsRCOFyLyEgR2foSzdC83bUpaSNT9YskbkiWUD5S4nyLBi # HRMP2fshdykl6q0XP2RM0020vv93miIrnc69ZmQak1KmZlwWgWtK9uSc/3m3T1sk # 9piA5LP2csBfgi37qtGuuyh+2D3e9Ds25JutIvlOSFVrWVrQlYhvvyztwzbrAlbG # ZGivyw6zO4S59daxxsRUWFDWPKtFAgMBAAGjggGWMIIBkjAOBgNVHQ8BAf8EBAMC # B4AwEwYDVR0lBAwwCgYIKwYBBQUHAwMwHQYDVR0OBBYEFGByvk1Je5Cl5oP8kQWu # IV7lpwtVMFQGA1UdEQRNMEukSTBHMS0wKwYDVQQLEyRNaWNyb3NvZnQgSXJlbGFu # ZCBPcGVyYXRpb25zIExpbWl0ZWQxFjAUBgNVBAUTDTIzMDA3Mis1MDE1NjcwHwYD # VR0jBBgwFoAUv2Wiq291o05FllcFzzmH9MAVHBwwXAYDVR0fBFUwUzBRoE+gTYZL # aHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraW9wcy9jcmwvTWljcm9zb2Z0JTIw # VGVzdGluZyUyMFBDQSUyMDIwMTAoMSkuY3JsMGkGCCsGAQUFBwEBBF0wWzBZBggr # BgEFBQcwAoZNaHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraW9wcy9jZXJ0cy9N # aWNyb3NvZnQlMjBUZXN0aW5nJTIwUENBJTIwMjAxMCgxKS5jcnQwDAYDVR0TAQH/ # BAIwADANBgkqhkiG9w0BAQsFAAOCAQEAntepJCM1sNEpjz+qB6VNV+W3+m4tLLA/ # 3S+8iay6i7OOndw7+QZ18l0aYaVzBTUXkCFARqYCCoXNOWdQ5QODJpUgdcOjDCK6 # X+/EPOx4jh0nLMTnJrwg0LGWpBEOv+rG+kR5Aoy3NG1NAbNaGcGl10wlpuMDjOFO # GVDTYqBM8XsgtmnekyUzmWxfzdAN532ABD+NwOy35LdrBJbsjIARh8ydZA8qeuBV # IKVngA/JGGx55N9QsbilyKVipuL+kxZJb1qYXusnqNufi8MEU3vgwfQFjVtj3k13 # R4H5vbHaHc0arlodPjhRrBcAAl0di6Lo+SI8J96X48GZUeC8iud24TCCBpMwggR7 # oAMCAQICEzMAAAAtNXpGiMkHcdgAAAAAAC0wDQYJKoZIhvcNAQELBQAwgZAxCzAJ # BgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25k # MR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xOjA4BgNVBAMTMU1pY3Jv # c29mdCBUZXN0aW5nIFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IDIwMTAwHhcN # MjAxMjEwMjA0MzIwWhcNMzUwNjE3MjEwNDExWjB5MQswCQYDVQQGEwJVUzETMBEG # A1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWlj # cm9zb2Z0IENvcnBvcmF0aW9uMSMwIQYDVQQDExpNaWNyb3NvZnQgVGVzdGluZyBQ # Q0EgMjAxMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL88YIGrvuz/ # 1xdj8qZC0RNinLAXzrpGGnsiLlVzmlS5xtTRypj+d0cNjp3wXsz4VO/yzyrUYvGp # NAoE18UFhvIQ9U3TlghmhdsCfRjc4nojp5opXa55GM8MY/Aa/4GpqUM/qQu5UfGz # SDr8RC5fEcVWOv/KDs2ICMH9x9X1Pu/qThtyiyO9RTeeH3DBp8m4IHPt82w9iyEF # z3cS/qHcB+kNW3gJbDJVEEfQN8jH9/pz/kY05FYWqDdkU9Y1+8OAto62hpGhENbB # SvbjetQRCrLeLp4Ql+CBrhJdiAFdzKTEKFKcYPAK5oivS+lXiuyjDzceKfZdIdPX # 2l0OyU7bjW0CAwEAAaOCAfowggH2MA4GA1UdDwEB/wQEAwIBhjASBgkrBgEEAYI3 # FQEEBQIDAQABMCMGCSsGAQQBgjcVAgQWBBTqn18zttBfnq3rLabBArtAOMvntTAd # BgNVHQ4EFgQUv2Wiq291o05FllcFzzmH9MAVHBwwVAYDVR0gBE0wSzBJBgRVHSAA # MEEwPwYIKwYBBQUHAgEWM2h0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2lvcHMv # RG9jcy9SZXBvc2l0b3J5Lmh0bTAZBgkrBgEEAYI3FAIEDB4KAFMAdQBiAEMAQTAP # BgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFKMBBH4wiDPruTGcyuuFdmf8ZbTR # MFkGA1UdHwRSMFAwTqBMoEqGSGh0dHA6Ly9jcmwubWljcm9zb2Z0LmNvbS9wa2kv # Y3JsL3Byb2R1Y3RzL01pY1Rlc1Jvb0NlckF1dF8yMDEwLTA2LTE3LmNybDCBjQYI # KwYBBQUHAQEEgYAwfjBNBggrBgEFBQcwAoZBaHR0cDovL3d3dy5taWNyb3NvZnQu # Y29tL3BraS9jZXJ0cy9NaWNUZXNSb29DZXJBdXRfMjAxMC0wNi0xNy5jcnQwLQYI # KwYBBQUHMAGGIWh0dHA6Ly9vbmVvY3NwLm1pY3Jvc29mdC5jb20vb2NzcDANBgkq # hkiG9w0BAQsFAAOCAgEAJ7TQhbKezA+kKlNz1W3a1zEAyPb/Y8j2ARG1GJLa3LT5 # rybo/Ep5vcFnsIgDeWXPNTUFWI7igwaW9bp+EllQm+Dw1T2dCfO7Rs2HvXTid9BG # BnoiGmkrZCy5izmADOqCJyKiMFciJNkhP6tpRrfDr8HGXrzZj5FWI5Op8iYuRHb0 # unIj0ZlvW0VkU+KVlPG2SEC/d/CxOJRzkAIsawEIlnrOUs6dlPORNJy3Wg6+cPyN # vCf2dfuM1tTWqNaa1Qjqq6LJ6DVH1X9ZL7MH1txWNpdT4gGKfLBsjuexms7V3QaB # DgXAy3nX3D62vfjS3RBd+jZBNIPvXW6JBWOysYVCfFqTIgpjeMo/SyhS70G3LRjC # SWPRMBxYn5tqYGommnyhdRss/ja7icxBIKcrDKP3/QFQUP6gnT0EBhFqd0AyGnn+ # LbPUE8fkZgyggQzExS4BZpoW7VGNCVoy5Cp+7KM/yyHA1JXv6eU4hQ+FYX2ZwHL2 # EB137rJZ8qfsroVswEpwEDZziDun3NSRSMJA5HDPpP07KXwGo8x6KEgMF5Kzlq40 # Q1esCNGMzFR6xMkNIWeTZyF2y95a05Dj439zQbtZ2kjRGsknbkrQ2xVY1d016BDR # J2YroCSmEsJoc6GBzNZ4IqTeazXaiYiubpKehPCw84t5ef+13LSUGN/mYBwyaLIx # ghoHMIIaAwIBATCBkDB5MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3Rv # bjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0 # aW9uMSMwIQYDVQQDExpNaWNyb3NvZnQgVGVzdGluZyBQQ0EgMjAxMAITMwAABcFr # bn0BvwY/rQABAAAFwTANBglghkgBZQMEAgEFAKCBsDAZBgkqhkiG9w0BCQMxDAYK # KwYBBAGCNwIBBDAcBgorBgEEAYI3AgELMQ4wDAYKKwYBBAGCNwIBFTAvBgkqhkiG # 9w0BCQQxIgQgvd9X06/qOnjIJsUapuq7a10io4a7tuiNQ5p2bu3+vjgwRAYKKwYB # BAGCNwIBDDE2MDSgFIASAE0AaQBjAHIAbwBzAG8AZgB0oRyAGmh0dHBzOi8vd3d3 # Lm1pY3Jvc29mdC5jb20gMA0GCSqGSIb3DQEBAQUABIIBABJMd2e20qAnob4/5VU0 # drl4sfNmcE5GFhRWJ8s4UiEWupZ6OTLaNpjINYrBkptqKqv7aJgkxTiAi7QdkVyy # KKNLiqcvxG3C2y4a9S6+O2tqTzfn5Itrlu1AXBNsCUd1THA5SxNDaKhETRKxMC3f # qJpwx5x1IPo16Z1QTglBeh3Mbw6Dg28ED9iQTxq5kY4CaY+Um/PmEr5FnQOZe72X # Wf+VEGPHHcMmXcUHsiwBh4YSXtFE3Ua6vi0aSEdTSDndD/0FNmfXHU3437bUH8/G # D84pxaBncXfRLF1M16R8sMnaLXH6ytysCwowBpiwkLw0Wtv0VrwzKpnu6OYa9sAf # 5FGhgheUMIIXkAYKKwYBBAGCNwMDATGCF4Awghd8BgkqhkiG9w0BBwKgghdtMIIX # aQIBAzEPMA0GCWCGSAFlAwQCAQUAMIIBUgYLKoZIhvcNAQkQAQSgggFBBIIBPTCC # ATkCAQEGCisGAQQBhFkKAwEwMTANBglghkgBZQMEAgEFAAQgOH0shg7FFePwWyoT # nGnH+5zVglZEMAwOHslH0lQeozoCBmUoeXeePhgTMjAyMzExMTQyMjMwMjkuMDQ3 # WjAEgAIB9KCB0aSBzjCByzELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0 # b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3Jh # dGlvbjElMCMGA1UECxMcTWljcm9zb2Z0IEFtZXJpY2EgT3BlcmF0aW9uczEnMCUG # A1UECxMeblNoaWVsZCBUU1MgRVNOOjhEMDAtMDVFMC1EOTQ3MSUwIwYDVQQDExxN # aWNyb3NvZnQgVGltZS1TdGFtcCBTZXJ2aWNloIIR6jCCByAwggUIoAMCAQICEzMA # AAHNVQcq58rBmR0AAQAAAc0wDQYJKoZIhvcNAQELBQAwfDELMAkGA1UEBhMCVVMx # EzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoT # FU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEmMCQGA1UEAxMdTWljcm9zb2Z0IFRpbWUt # U3RhbXAgUENBIDIwMTAwHhcNMjMwNTI1MTkxMjA1WhcNMjQwMjAxMTkxMjA1WjCB # yzELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1Jl # ZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjElMCMGA1UECxMc # TWljcm9zb2Z0IEFtZXJpY2EgT3BlcmF0aW9uczEnMCUGA1UECxMeblNoaWVsZCBU # U1MgRVNOOjhEMDAtMDVFMC1EOTQ3MSUwIwYDVQQDExxNaWNyb3NvZnQgVGltZS1T # dGFtcCBTZXJ2aWNlMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0zgi # 1Uto5hFjqsc8oFu7OmC5ptvaY7wPgoelS+x5Uy/MlLd2dCiM02tjvx76/2ic2tah # FZJauzT4jq6QQCM+uey1ccBHOAcSYr+gevGvA0IhelgBRTWit1h4u038UZ6i6IYD # c+72T8pWUF+/ea/DEL1+ersI4/0eIV50ezWuC5buJlrJpf8KelSagrsWZ7vY1+Km # lMZ4HK3xU+/s75VwpcC2odp9Hhip2tXTozoMitNI2Kub7c6+TWfqlcamsPQ5hLI/ # b36mJH0Ga8tiTucJoF1+/TsezyzFH6k+PvMOSZHUjKF99m9Q+nAylkVL+ao4mIeK # P2vXoRPygJFFpUj22w0f2hpzySwBj8tqgPe2AgXniCY0SlEYHT5YROTuOpDo7vJ2 # CZyL8W7gtkKdo8cHOqw/TOj73PLGSHENdGCmVWCrPeGD0pZIcF8LbW0WPo2Z0Ig5 # tmRYx/Ej3tSOhEXH3mF9cwmIxM3cFnJvnxWZpSQPR0Fu2SQJjhAjjbXytvBERBBO # cs6vk90DFT4YhHxIYHGLIdA3qFomBrA4ihLkvhRJTDMk+OevlNmUWtoW0UPe0HG7 # 2gHejlUC6d00KjRLtHrOWatMINggA3/kCkEf2OvnxoJPaiTSVtzLu+9SrYbj5TXy # rLNAdc4dMWtcjeKgt86BPVKuk/K+xt/zrUhZrOMCAwEAAaOCAUkwggFFMB0GA1Ud # DgQWBBShk/mmNmmawQCVSGYeZInKJHzVmjAfBgNVHSMEGDAWgBSfpxVdAF5iXYP0 # 5dJlpxtTNRnpcjBfBgNVHR8EWDBWMFSgUqBQhk5odHRwOi8vd3d3Lm1pY3Jvc29m # dC5jb20vcGtpb3BzL2NybC9NaWNyb3NvZnQlMjBUaW1lLVN0YW1wJTIwUENBJTIw # MjAxMCgxKS5jcmwwbAYIKwYBBQUHAQEEYDBeMFwGCCsGAQUFBzAChlBodHRwOi8v # d3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2NlcnRzL01pY3Jvc29mdCUyMFRpbWUt # U3RhbXAlMjBQQ0ElMjAyMDEwKDEpLmNydDAMBgNVHRMBAf8EAjAAMBYGA1UdJQEB # /wQMMAoGCCsGAQUFBwMIMA4GA1UdDwEB/wQEAwIHgDANBgkqhkiG9w0BAQsFAAOC # AgEAUqht6aSiFPovxDMMLaLaMZyn8NEl/909ehD248LACJljmeZywG2raKZfMxWP # ONYG+Xoi9Y/NYeA4hIl7fgSYByANiyISoUrHHe/aDG6+t9Q4hKn/V+S2Ud1dyiGL # LVNyu3+Q5O7W6G7h7vun2DP4DseOLIEVO2EPmE2B77/JOJjJ7omoSUZVPxdr2r3B # 1OboV4tO/CuJ0kQD51sl+4FYuolTAQVBePNt6Dxc5xHB7qe1TRkbRntcb55THdQr # ssXLTPHf6Ksk7McJSQDORf5Q8ZxFqEswJGndZ1r5GgHjFe/t/SKV4bn/Rt8W33yo # sgZ493EHogOEsUsAnZ8dNEQZV0uq/bRg2v6PUUtNRTgAcypD+QgQ6ZuMKSnSFO+C # rQR9rBOUGGJ+5YmFma9n/1PoIU5nThDj5FxHF/NR+HUSVNvE4/4FGXcC/NcWofCp # /nAe7zPx7N/yfLRdd2Tz/vDbV977uDa3IRwyWIIzovtSbkn/uI6Rf6RBD16fQLrI # s5kppASuIlU+zcFbUZ0tbbPKgBhxj4Nhz2uG9rvZnrnlKKjVbTIW7piNcvnfWZE4 # TVwV89miLU9gvfQzN096mKgFJrylK8lUqTC1abHuI3uVjelVZQgxSlhUR9tNmMRF # VrGeW2jfQmqgmwktBGu7PThS2hDOXzZ/ZubOvZQ/3pHFtqkwggdxMIIFWaADAgEC # AhMzAAAAFcXna54Cm0mZAAAAAAAVMA0GCSqGSIb3DQEBCwUAMIGIMQswCQYDVQQG # EwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwG # A1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMTIwMAYDVQQDEylNaWNyb3NvZnQg # Um9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgMjAxMDAeFw0yMTA5MzAxODIyMjVa # Fw0zMDA5MzAxODMyMjVaMHwxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5n # dG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9y # YXRpb24xJjAkBgNVBAMTHU1pY3Jvc29mdCBUaW1lLVN0YW1wIFBDQSAyMDEwMIIC # IjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA5OGmTOe0ciELeaLL1yR5vQ7V # gtP97pwHB9KpbE51yMo1V/YBf2xK4OK9uT4XYDP/XE/HZveVU3Fa4n5KWv64NmeF # RiMMtY0Tz3cywBAY6GB9alKDRLemjkZrBxTzxXb1hlDcwUTIcVxRMTegCjhuje3X # D9gmU3w5YQJ6xKr9cmmvHaus9ja+NSZk2pg7uhp7M62AW36MEBydUv626GIl3GoP # z130/o5Tz9bshVZN7928jaTjkY+yOSxRnOlwaQ3KNi1wjjHINSi947SHJMPgyY9+ # tVSP3PoFVZhtaDuaRr3tpK56KTesy+uDRedGbsoy1cCGMFxPLOJiss254o2I5Jas # AUq7vnGpF1tnYN74kpEeHT39IM9zfUGaRnXNxF803RKJ1v2lIH1+/NmeRd+2ci/b # fV+AutuqfjbsNkz2K26oElHovwUDo9Fzpk03dJQcNIIP8BDyt0cY7afomXw/TNuv # XsLz1dhzPUNOwTM5TI4CvEJoLhDqhFFG4tG9ahhaYQFzymeiXtcodgLiMxhy16cg # 8ML6EgrXY28MyTZki1ugpoMhXV8wdJGUlNi5UPkLiWHzNgY1GIRH29wb0f2y1BzF # a/ZcUlFdEtsluq9QBXpsxREdcu+N+VLEhReTwDwV2xo3xwgVGD94q0W29R6HXtqP # nhZyacaue7e3PmriLq0CAwEAAaOCAd0wggHZMBIGCSsGAQQBgjcVAQQFAgMBAAEw # IwYJKwYBBAGCNxUCBBYEFCqnUv5kxJq+gpE8RjUpzxD/LwTuMB0GA1UdDgQWBBSf # pxVdAF5iXYP05dJlpxtTNRnpcjBcBgNVHSAEVTBTMFEGDCsGAQQBgjdMg30BATBB # MD8GCCsGAQUFBwIBFjNodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL0Rv # Y3MvUmVwb3NpdG9yeS5odG0wEwYDVR0lBAwwCgYIKwYBBQUHAwgwGQYJKwYBBAGC # NxQCBAweCgBTAHUAYgBDAEEwCwYDVR0PBAQDAgGGMA8GA1UdEwEB/wQFMAMBAf8w # HwYDVR0jBBgwFoAU1fZWy4/oolxiaNE9lJBb186aGMQwVgYDVR0fBE8wTTBLoEmg # R4ZFaHR0cDovL2NybC5taWNyb3NvZnQuY29tL3BraS9jcmwvcHJvZHVjdHMvTWlj # Um9vQ2VyQXV0XzIwMTAtMDYtMjMuY3JsMFoGCCsGAQUFBwEBBE4wTDBKBggrBgEF # BQcwAoY+aHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraS9jZXJ0cy9NaWNSb29D # ZXJBdXRfMjAxMC0wNi0yMy5jcnQwDQYJKoZIhvcNAQELBQADggIBAJ1VffwqreEs # H2cBMSRb4Z5yS/ypb+pcFLY+TkdkeLEGk5c9MTO1OdfCcTY/2mRsfNB1OW27DzHk # wo/7bNGhlBgi7ulmZzpTTd2YurYeeNg2LpypglYAA7AFvonoaeC6Ce5732pvvinL # btg/SHUB2RjebYIM9W0jVOR4U3UkV7ndn/OOPcbzaN9l9qRWqveVtihVJ9AkvUCg # vxm2EhIRXT0n4ECWOKz3+SmJw7wXsFSFQrP8DJ6LGYnn8AtqgcKBGUIZUnWKNsId # w2FzLixre24/LAl4FOmRsqlb30mjdAy87JGA0j3mSj5mO0+7hvoyGtmW9I/2kQH2 # zsZ0/fZMcm8Qq3UwxTSwethQ/gpY3UA8x1RtnWN0SCyxTkctwRQEcb9k+SS+c23K # jgm9swFXSVRk2XPXfx5bRAGOWhmRaw2fpCjcZxkoJLo4S5pu+yFUa2pFEUep8beu # yOiJXk+d0tBMdrVXVAmxaQFEfnyhYWxz/gq77EFmPWn9y8FBSX5+k77L+DvktxW/ # tM4+pTFRhLy/AsGConsXHRWJjXD+57XQKBqJC4822rpM+Zv/Cuk0+CQ1ZyvgDbjm # jJnW4SLq8CdCPSWU5nR0W2rRnj7tfqAxM328y+l7vzhwRNGQ8cirOoo6CGJ/2XBj # U02N7oJtpQUQwXEGahC0HVUzWLOhcGbyoYIDTTCCAjUCAQEwgfmhgdGkgc4wgcsx # CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRt # b25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xJTAjBgNVBAsTHE1p # Y3Jvc29mdCBBbWVyaWNhIE9wZXJhdGlvbnMxJzAlBgNVBAsTHm5TaGllbGQgVFNT # IEVTTjo4RDAwLTA1RTAtRDk0NzElMCMGA1UEAxMcTWljcm9zb2Z0IFRpbWUtU3Rh # bXAgU2VydmljZaIjCgEBMAcGBSsOAwIaAxUAaKn3ptiis7kWYyEmInxqJVTncgSg # gYMwgYCkfjB8MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4G # A1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSYw # JAYDVQQDEx1NaWNyb3NvZnQgVGltZS1TdGFtcCBQQ0EgMjAxMDANBgkqhkiG9w0B # AQsFAAIFAOj9zqcwIhgPMjAyMzExMTQxMDQ3MDNaGA8yMDIzMTExNTEwNDcwM1ow # dDA6BgorBgEEAYRZCgQBMSwwKjAKAgUA6P3OpwIBADAHAgEAAgIPfDAHAgEAAgIc # OzAKAgUA6P8gJwIBADA2BgorBgEEAYRZCgQCMSgwJjAMBgorBgEEAYRZCgMCoAow # CAIBAAIDB6EgoQowCAIBAAIDAYagMA0GCSqGSIb3DQEBCwUAA4IBAQB1tz6/R5ig # jFinmRdECXao81pHpXKvFaOLZ86ALdaL/Fwu4a+MBRwrpyrhDk9E+XKClP2ZLThI # hBU8x30y67UgUGp/hndxdXHKZUe/D45+VtmMMtt/qZXy8i8oKs+9HR02giANaMOn # 8S+PmszqlNpDwjs4uMT76r+NNXhcur8cZWWAPPLCQnt7VTLWsqEZ4HOumEyBZfKL # b9XjwwuUgFj4dweok9ukB26gXDb+kjrNu9DvpR96dWTdFOrlXgMAKcr5LQ1L6ywu # Y/GhjNuQnwn5tkTVA+L0dUCQZv//Zawf8AkxtrizgY1+f3ma+zVblOs219ZmtCvR # GiQJo2L87g7GMYIEDTCCBAkCAQEwgZMwfDELMAkGA1UEBhMCVVMxEzARBgNVBAgT # Cldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29m # dCBDb3Jwb3JhdGlvbjEmMCQGA1UEAxMdTWljcm9zb2Z0IFRpbWUtU3RhbXAgUENB # IDIwMTACEzMAAAHNVQcq58rBmR0AAQAAAc0wDQYJYIZIAWUDBAIBBQCgggFKMBoG # CSqGSIb3DQEJAzENBgsqhkiG9w0BCRABBDAvBgkqhkiG9w0BCQQxIgQgDNKPXqnU # 2od9x2gQA+jAzF7tnBFRGlnQnSqHdikUWocwgfoGCyqGSIb3DQEJEAIvMYHqMIHn # MIHkMIG9BCDiZqX4rVa9T2RoL0xHU6UrVHOhjYeyza6EASsKVEaZCjCBmDCBgKR+ # MHwxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdS # ZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xJjAkBgNVBAMT # HU1pY3Jvc29mdCBUaW1lLVN0YW1wIFBDQSAyMDEwAhMzAAABzVUHKufKwZkdAAEA # AAHNMCIEIFtPHzsF4yIyiPnaUkmwm60MWFNlRy/eAD9FD4HdsqcGMA0GCSqGSIb3 # DQEBCwUABIICAByhNv8LN5QQoebbG3EN/J6HqW2C0T9UF/Vxk6pp8YdCJOKJdp62 # Ss4inBxd6NvgDUrMAoKCPy8bwBbCSOcbFL3LEWwMxga112XzsjjhARW1Ri7wTed7 # dOIJIp7rBtBK/J7QI48+MhijtcSe/ey13jeV4xE6EB4PHF+DXdiv+kSPTDNjNdGH # wvdIfoKeaVvIzRjEznQCAWmMGc46XkmdXUjk/rZqVy52+t/VPn/C4iWmH99HIMtL # uzHCyM6d4mjgfKf4cYDrvkJxFq6H9VJp4KEMDoIhkuH6GbNsPBM1JhwIKh3NxE0m # eRlUmqvU/vUWCLV93Hk/3GMPf0n2wCUaH5jb7sDU9SvmBlewaMwKj3h4qKSAcMcd # 78/96PWPg9S9NRW7F9QpuXyV3BhGV+/LTplypaFReghwyuzJ2Fi3QONoHWccJYfD # aQX0m7u86j189vhIEaRDkpsWWRESOnVh5FzdSvg+QuH+vOOXfbhvsjw7TNhPzzGh # 1gLDWF8UuVMRKBXwzD2tZM6T3dQz2zCecBwugKGgsmrbCRSNAHeiPPP2/4eto6gM # HKaApfLMCG5a+1kzCInx/17KgZWFcUyfphaFUsgO0oclaY95B85EQ27N02p8UQ/P # cmMoe9S+HRZzMw5X6EotU1B0tn34++QU1yYZFxJZ9a6O5pY/WITla9Mt # SIG # End signature block |