I was curious so found that Gmail started requiring
emails sent to personal Gmail to have SPF or DKIM
enabled or emails would be rejected or sent to
spam. Good for them to drag the bad email hosts
along for the ride in preventing spam.
These prevention measures are ridiculously easy to
implement so I don't have any patience for email
hosts who don't set them up. If you can't handle
simple tasks, outsource things to the big boys.
https://support.google.com/a/answer/174124?hl=en#:~:text=Important%3A%20Starting%20November%202022%2C%20new,to%20verify%20they're%20authenticated
<https://support.google.com/a/answer/174124?hl=en#:~:text=Important%3A%20Starting%20November%202022%2C%20new,to%20verify%20they're%20authenticated>.
On Sat, Mar 11, 2023, 7:33 PM Matt Hopkins
<mhopk...@hunterfiber.com> wrote:
Do you use any Microsoft products? If you use
Windows and care about data security then
you've already failed. I find Microsoft the
most deplorable, but I'm only one guy. I have
to pick my battles. I refuse to use Microsoft
(anything) but we use Gmail at work and it's
more or less flawless. We have had some people
report they can't reach us but the resolution
is always what has already been mentioned here.
Google made DKIM/SPF mandatory I want to say
just a few months ago but many of the smaller
mail providers do not have it set up yet.
On Sat, Mar 11, 2023, 4:49 PM Darin Steffl
<darin.ste...@mnwifi.com> wrote:
Jan,
Most of the links you shared aren't of
Google being hacked, but people being
scammed/phished. Tricking a user into
sharing their login info means the user was
scammed, not that google was hacked. ONE
link you shared says less than 24 gmails in
Iran were hacked somehow. None of your
links share that google has had a massive
data breach at any time. That's not to say
it can't/won't happen but there's been no
big hacks at Google as far as I can remember.
I stand by my claim that you're being
paranoid. I promise you that mail.com
<http://mail.com> or hosting your own email
is far less secure and more easily hacked
than Google is. Do you have thousands of
engineers working to keep your data secure?
That answer is NO. I am not delusional
enough to think that hosting my own Linux
server for email will be more secure than
Google. There's no way I can outsmart
hackers, keep updated on hourly or daily
updates and patches, etc. Nor do I want to
do that when I can outsource to a company
that does it much better than I do.
I don't host a single server for our WISP
in 11 years in business and I won't be
starting today. The cloud is the future and
keeps me hands off on servers and software.
If there's a problem, it's someone else's
job to fix it and my only job is to report
the issue. What if I'm on vacation and I
had one or more servers that failed? Now
that's my job to fix things while I'm
supposed to be off the clock. I don't need
that kind of stress in my life so I refuse
to host any servers that are mission
critical to my business. The only thing
resembling a server would be our Preseem
appliance but we have backup OSPF routes
around it in case that fails.
Our billing system is Azotel and they have
hosted it in the cloud for us since we
started 11 years ago. Total downtime in 11
years is under 1 hour. Not every cloud
service is that reliable. They handle the
multiple backups and securing of the
servers too. Slack, for example, has
probably had 12 hours of downtime or subpar
performance in the 5 years we've used it
but it still was an issue I didn't have to
fix myself.
On Sat, Mar 11, 2023 at 2:31 PM Steve Jones
<thatoneguyst...@gmail.com> wrote:
I like dmarc since you get to dictate
the strictness and get reports on your
overall deliverability
On Fri, Mar 10, 2023 at 7:44 PM Darin
Steffl <darin.ste...@mnwifi.com> wrote:
Jan,
I don't recall any hacks or data
breaches to Google at all. I've
seen plenty of other platforms with
breaches like t-mobile but Google
is pretty secure. I think you're
acting a little paranoid in
protecting your phone number. I can
pay some online service and get
your home address, phone numbers,
and social security number if I
wanted to. This information that
you think is very secure is almost
public knowledge for a fee.
As others have said, DKIM/SPF are
industry standards, not Google, and
they're pretty old at this point.
DMARC is newer, to me at least, in
the last several years so not every
platform gives much weight to this
but DKIM and SPF is a must nowadays
for any email provider.
On Fri, Mar 10, 2023, 4:03 PM Josh
Baird <joshba...@gmail.com> wrote:
DKIM/SPF/DFMARC aren't "made-up
standards" from Google.
On Fri, Mar 10, 2023 at 4:31 PM
Jan-GAMs
<j.vank...@grnacres.net> wrote:
I don't see how you come to
the conclusion that my paid
for mail service is
supposed to have recently
imposed made-up standards
from google that comply
only with google as some
sort of long-standing
standard. It's a recent
standard imposed by
google. And I'm never
going to willingly give
google my phone number so
that when they get hacked
again the hackers will have
my email and my phone
number. Why don't I just
broadcast on some public
website my social security
number too? Yeah, tiktok
or twitter, give them my
phone number, ssi, home
address, all my emails
along with my real name.
Because when you give
google your phone number,
they now have exactly who
you are and access to all
your private info. How many
times in the last couple
years has google been
hacked? Constantly! I am
not going to freely give
this shit to them.
Well, I'm wrong, you're
right. When I bought the
phone, google forced me
into an email address as
part of using the phone. I
never use that email and I
refuse to login to anything
using that email. Other
than that I don't know how
to tell them to sit on a
sharp stick and twirl.
On 3/10/23 12:02, Steve
Jones wrote:
if you had followed your
email providers
instructions, you wouldnt
have created your own
problems.
spam is floating score
based.
bulk/public/free/spamhost
email providers have high
scores to start. proper
spf loweres it, lack of
dkim raises it, lack of
dmarc raises it, content
cn raise it, all the IPs
in the mail chain can
raise it.
Thats why youre
responsible for doing your
part to increase your
deliverability. If you
were sending a business
correspondence you might
go as far as sending it
certified mail, becaus
eyou want deliverability.
But if you didnt go that
far, you wouldnt put the
correspondence in an
envelope that looks like
dish network advertising
because it would be
discarded as junk mail,
you wouldnt put it an odd
shaped envelope that can
get stuck in the sorting
machines, you wouldnt put
phrase like "sperm
burglar" on the exterior,
youd put it in a business
class envelope with
windows and clearly
visible address marking, a
proper return address, etc.
Weve been managing
deliverability with these
types of methods since
before emails. and even
that changed over time.
On Fri, Mar 10, 2023 at
1:50 PM Jan-GAMs
<j.vank...@grnacres.net>
wrote:
So, since grnacres
doesn't have dkim or
dmarc records, they
should be getting
bounced like the
mail.com
<http://mail.com>
records too. I don't
have any control over
the mail servers. I
rent the service
"easymail" along with
the domain name from
easydns. You know, it
sounds to me more like
google is a terrorist
organization stamping
on the competition
just because they can
get away with it.
They make shit up, and
terrorize those whom
they want to force
into compliance with
their made-up
bullshit. Next
they're going to be
asking for money
Where is the
anti-trust people when
you need them?
On 3/10/23 10:55,
Steve Jones wrote:
grnacres.net
<http://grnacres.net>
doesnt have dkim nor
a dmarc record. Thats
bad domain
deliverability
practice, nothing to
do with the mailhost
perse, but if
mail.com
<http://mail.com>
doesnt support dkim,
its a trash mail host
like sherweb. Cant
blame recipient mail
servers when the root
issue is the sending
server isnt current.
Its like getting
pissed that somebody
doesnt get
communications you
sent out by telegraph
On Fri, Mar 10, 2023
at 12:49 PM Steve
Jones
<thatoneguyst...@gmail.com> wrote:
X-Received: by
2002:a17:906:b0d9:b0:8af:3519:ea1 with SMTP id
bk25-20020a170906b0d900b008af35190ea1mr29983208ejb.57.1678462982507;
Fri, 10 Mar 2023
07:43:02 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256;
t=1678462982; cv=none;
d=google.com
<http://google.com>; s=arc-20160816;
b=bJKHFyjF+9UzBXciF4y3cYBJwrgmwap9OQ3AsQpf2nOFXGkTbLP4C0qHnlLFHXPcA5
TAdqmLZYourjPpwIUaAuOjrJO9npBlDZRwv5N/S7xI4iPV2aly79cft4VRXOcfmk7CA0
n0mVQfby5GZR1DD+W1UzAdSHRUH51Nn/V7ounZGXel07tvWfVO8Oso9xga3lPfnUACNp
TcgZPJSw+qZN7TBryDh9Wu1NFoyTBlKOGbgmQ/kCB0sSolGD+JqNOny+m40Pwdqh40ZD
jfEM9U9v6Wc6ORTM1FaDpf5Lp9kw8+8gZwnpXwXqFX4mb8gxYt+hZCPJm+kDipw/lDr3
bhLA==
ARC-Message-Signature: i=1;
a=rsa-sha256; c=relaxed/relaxed; d=google.com <http://google.com>;
s=arc-20160816;
h=content-transfer-encoding:subject:from:content-language:to
:user-agent:mime-version:date:message-id;
bh=IehNk68dy6Xm43VADrOc3Wts/VQhOY9VIh8QjaijTk8=;
b=NyqdCYZBzsrNlw9g7CPu4CfeQy64PQOMwX8TEIFWlUxO7XScd6qJ5xAmPDrypL8w2e
/h4c7ONmrtQsk65hcKCBSJxq4sztWtnPNbv9HZ2VBdC6R/JGcUovOQ5syUTVRAaGoGyg
6quG7biEF/Sud2xX/FBh1gMx50IFKJnscAlxCqvWnWzI5C01HgPhIT9hVh3Plz2YjWHQ
hgdmHROdvAdaX6uEl3nz7l4ojOhValcTQDuIakI9ydlRN2QZT12hL1OWX71MpeoGvVMA
jmEKbqXHlTu8rWPYvmL0M3Nx0V+oWCnCINPPYL1Pxu0Ob575PZS4DBo1hQE7tozljWxT
avNg==
ARC-Authentication-Results:
i=1;mx.google.com <http://mx.google.com>;
spf=pass (google.com
<http://google.com>: domain ofj.vank...@grnacres.net designates 64.68.200.34
as permitted sender) smtp.mailfrom=j.vank...@grnacres.net
Return-Path:
<j.vank...@grnacres.net>
Received: frommailout.easymail.ca
<http://mailout.easymail.ca> (mailout.easymail.ca
<http://mailout.easymail.ca>. [64.68.200.34])
bymx.google.com
<http://mx.google.com> with ESMTPS id
p5-20020a1709066a8500b008d490a104b2si49101ejr.523.2023.03.10.07.43.02
for
<thatoneguyst...@gmail.com>
(version=TLS1_3
cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Fri, 10 Mar 2023
07:43:02 -0800 (PST)
Received-SPF: pass (google.com
<http://google.com>: domain ofj.vank...@grnacres.net designates 64.68.200.34
as permitted sender) client-ip=64.68.200.34;
Authentication-Results:mx.google.com
<http://mx.google.com>;
spf=pass (google.com
<http://google.com>: domain ofj.vank...@grnacres.net designates 64.68.200.34
as permitted sender) smtp.mailfrom=j.vank...@grnacres.net
Received: from localhost (localhost
[127.0.0.1]) bymailout.easymail.ca <http://mailout.easymail.ca> (Postfix) with
ESMTP id 738E268D1A for <thatoneguyst...@gmail.com>; Fri, 10 Mar 2023 15:43:01 +0000
(UTC)
X-Virus-Scanned: Debian
amavisd-new at emo09-pco.easydns.vpn
Received: frommailout.easymail.ca
<http://mailout.easymail.ca> ([127.0.0.1]) by localhost (emo09-pco.easydns.vpn
[127.0.0.1]) (amavisd-new, port 10024) with ESMTP id csxoJG_y5IgL for
<thatoneguyst...@gmail.com>; Fri, 10 Mar 2023 15:43:01 +0000 (UTC)
Received: from [192.168.2.100]
(047-224-130-187.res.spectrum.com <http://047-224-130-187.res.spectrum.com>
[47.224.130.187]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)
key-exchange X25519
server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate
requested) bymailout.easymail.ca <http://mailout.easymail.ca> (Postfix) with
ESMTPSA id 03E3A68C4C for <thatoneguyst...@gmail.com>; Fri, 10 Mar 2023 15:43:00
+0000 (UTC)
Message-ID:
<7b07154d-8e71-69fc-f76a-bcfb5ec52...@grnacres.net>
Date: Fri, 10 Mar 2023 07:42:59
-0800
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11;
Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.8.0
To:thatoneguyst...@gmail.com
Content-Language: en-US
From: Jan-GAMs
<j.vank...@grnacres.net>
Subject: hellody
Content-Type: text/plain;
charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
On Fri, Mar 10,
2023 at 12:47 PM
Steve Jones
<thatoneguyst...@gmail.com>
wrote:
nope, this
gmail account
is standard
free account.
Im probably
special cause
all my
communications get routed
through the FBI servers for my online antics
On Fri, Mar
10, 2023 at
12:33 PM
Jan-GAMs
<j.vank...@grnacres.net>
wrote:
it was a
test.
Only the
ones
addressed
to you
went
through.
The
others
tested,
bounced.
Your
address
is
different
somehow.
You
mentioned
your
gmail is
a
paid-for
account,
the
others
that
bounced
were the
free-gmail type accounts one gets by
logging into google. The emails were sent from mail.com <http://mail.com> and from my own
business accounts. The business ones went through and the mail.com <http://mail.com> ones
bounced except for the one sent to you. I picked 4 gmail addresses and sent them out, all of
the ones sent from the mail.com <http://mail.com> got bounced except yours. What makes you
so special?
On
3/10/23
09:14,
Steve
Jones wrote:
i got
your
spam
emails
this
morning
On Fri,
Mar 10,
2023 at
11:04 AM
<dmmoff...@gmail.com>
wrote:
Apparently nobody
on gmail has noticed
*From:* AF
<af-boun...@af.afmug.com> *On Behalf Of *Jan-GAMs
*Sent:* Friday,
March 10, 2023 10:32 AM
*To:*
af@af.afmug.com
*Subject:* Re:
[AFMUG] mail servers
All
mail.com
<http://mail.com> users cannot send you email. How many other's are blocked as
well? Oblivion, must be sweet.
On
3/9/23 20:14, Darin
Steffl wrote:
Gmail is the
best. Been using them for our business since 2012. Virtually no issues at all
aside from a handful of short outages over the last 11 years.
It's hands off,
costs very little, and I've NEVER needed to contact them for support. We also
use Google drive and their version of office apps in the cloud. We don't store
any files locally at all. All business docs are at Google and they're safe
there and they handle the backups.
I don't see any
advantage to hosting local email on your own server. It's not worth your time.
My time is worth $550/hr roughly when looking at net profit so spending even
one hour a year trying to manage or fix my own email server would cost me more
than what I pay Google.
We're
grandfathered in and think we get 10 free users for gsuite and I pay to upgrade
storage to 100gb on 2-3 users so we pay less than $60 a year to Google for
everything. Dirt cheap and great peace mind.
This is
relating to our internal business use. For customer email, we never offered it
and never will. Just recommend a free Gmail account and go live your best life
not having to support email.
On Thu, Mar 9, 2023,
8:47 PM Steve Jones <thatoneguyst...@gmail.com> wrote:
O365
handles SMTP relay for scanners and such really well, we just dealt with it a
bunch. authenticated IP. I dont scan to a flatbed because the Edsel was before
my time :-)
On Thu, Mar 9,
2023 at 1:03 PM Chuck McCown via AF <af@af.afmug.com> wrote:
I
prefer to have it in house for the 10-20 email addresses it serves for
employees and other business email addresses. It is free that way and we don’t
have to worry about anything else. But for some reason the server hangs and
needs to get rebooted, usually about the same time each day.
Google
got difficult, especially for email chains and other things so we stopped using
them some time ago. For example, our scanner stopped being able to send emails
due to something gmail did.
*From:*Steve Jones
*Sent:*Thursday, March 9, 2023 11:24 AM
*To:*AnimalFarm Microwave Users Group
*Subject:*Re: [AFMUG] mail servers
How
much is your time worth. The free internal server is costing you this. We are
still using rackspace for subscriber mail and our office emails since its same
domain and a pita to set up split routing for the mail. The cost of our mail is
covered by the folks who have dropped service but wanted to keep their email,
we actually make a tidy profit to cover any administrative stuff.
for my
business I use google. 6 bucks a month per user. The way I look at it is if im
not making 6 bucks per guy a month I have bigger problems than my email. Im a
nerd, 20 years ago dicking around with email servers would have been a blast.
but now its like maintaining a battery powered inverter just so i can still use
my corded drill. I can, it will work, its not that complicated, but its
nonetheless a dumb waste of time.
dealing
with hosting email servers is a total waste of any resources unless your
monetizing it. too large an attack vector
On Thu, Mar
9, 2023 at 10:18 AM Chuck McCown via AF <af@af.afmug.com> wrote:
It
is only for our own company email. No customers on it.
