Re: [mailop] Mailbox Filling w. Opt-In/Sign-Up mails

In message <6104b9876b594050d36ca90ca6a169cda7a8e684.ca...@fiebig.nl>, Tobias Fiebig via mailop writes >A bit of digging found several end-user reports of the following MO: > >- Get phished >- Something expensive is bought >- Mailbox is overflown right when the notification of the transaction

Re: [mailop] DKIM validity period (anti-forgery vs. anti-spying)

In message <65860e95.20895.448c...@postmaster.inter-corporate.com>, Randolf Richardson, Postmaster via mailop writes > Would you mind sending me a linjk to your thesis? That's an >interesting topic, and based on what you've written I get the >impression that you have a lot more

Re: [mailop] DKIM validity period (anti-forgery vs. anti-spying)

In message <6585e535.11582.3a72...@postmaster.inter-corporate.com>, Randolf Richardson, Postmaster via mailop writes >> The most commonly seen method of tracking is probably inclusion of >> specifically crafted links in the message, that refer to a tracking server >> run by the sender, so the

Re: [mailop] Convincing clients of the importance of eMail recipient consent for mailing list subscriptions

In message , Byron Lunz via mailop writes >We've required confirmed-opt-in for years. But a few months ago, I noticed >that our servers were sending out hundreds of 'confirmation required' >messages every day. They were going to obviously-bogus addresses, likely >submitted to our submission

Re: [mailop] Success MiTM attack

In message , Matt Corallo via mailop writes > > >On 10/23/23 3:26 AM, Jaroslaw Rafa via mailop wrote: >> However, all this discussion is hardly related to email, as - as many have >> noted - there's hardly any certificate checking at all between MTAs. > >Indeed, MTAs mostly use DNSSEC/DANE which

Re: [mailop] Success MiTM attack

In message <07d58480-7dde-4d15-a5ca-5bb6c8e10...@mtasv.net>, Matt Palmer via mailop writes >The relative "noisiness" of the attack, in fact, is a fairly strong signal >that it *isn't* lawful intercept; western law enforcement agencies are >typically very hesitant to do anything that could "tip

Re: [mailop] [E] Re: AOL/Yahoo requiring SOA record for MAIL FROM domain name?

In message <56b83491-6441-4d1e-a3ef-008da3311...@slavino.sk>, Slavko via mailop writes >When spammers are able to create proper DNS records directly used >in email authentification, what problem will be the SOA record for them? In order to have a domain with an SOA record they have to purchase

Re: [mailop] AOL/Yahoo requiring SOA record for MAIL FROM domain name?

In message <601b01c7-1475-32e0-5aba-e595272e9...@tnetconsulting.net>, Grant Taylor via mailop writes >My concern is that Yahoo / AOL isn't creating an arbitrary "every domain >must have an SOA record" and completely loosing sight of the fact that >SOAs belong to the /zone/ apex and are not

Re: [mailop] Guide for setting up a mail server ?

In message <20230709223922.dd59afd9f...@ary.qy>, John Levine via mailop writes >A friend of mine wants to set up a mail server on a VPS and asked me what >he needs to do beyond the obvious setting up postfix and dovecot. Is there >a good summary somewhere? not that I know of -- arguably there