Re: [mailop] iCloud dropping all of our mail

2016-03-24 Thread Joel Beckham 
Ok, I think I'm all set. I've had a number of folks reach out and we've
identified a problem account which I've suspended. Thanks everyone for your
help!

On Thu, Mar 24, 2016 at 2:51 PM, Joel Beckham 
> wrote:

> I did and didn't get a response, so that's why I started expanding my
> search for help. Thanks.
>
> On Thu, Mar 24, 2016 at 2:48 PM, Suresh Ramasubramanian <
> ops.li...@gmail.com
> 
> > wrote:
>
>> Use this link -
>> https://support.apple.com/en-in/HT204137
>> 
>>
>> Scroll down to the last section "contact us"
>>
>> --srs
>>
>> On 25-Mar-2016, at 2:15 AM, Joel Beckham > >
>> wrote:
>>
>>
>> On Thu, Mar 24, 2016 at 2:40 PM, Suresh Ramasubramanian <
>> ops.li...@gmail.com
>> 
>> > wrote:
>>
>>> It would help if you posted the IPs as well
>>>
>>> --srs
>>
>>
>>
>> These are the IPs affected:
>> 173.213.231.164
>> 173.213.231.165
>> 173.213.231.166
>> 173.213.231.167
>> 173.213.231.168
>> 173.213.231.169
>> 173.213.231.170
>> 173.213.231.171
>> 104.193.74.128
>> 104.193.74.129
>> 104.193.74.130
>> 104.193.74.131
>> 104.193.74.132
>> 104.193.74.133
>> 104.193.74.134
>> 104.193.74.135
>>
>>
>> --
>> JOEL BECKHAM
>> Scalability Architect
>> [image: BombBomb | Face to Face with more people, more often]
>> W: BombBomb.com
>> 
>> [image: BombBomb | Face to Face with more people, more often]
>>
>>
>
>
> --
> JOEL BECKHAM
> Scalability Architect
> [image: BombBomb | Face to Face with more people, more often]
> W: BombBomb.com
> 
> [image: BombBomb | Face to Face with more people, more often]
>



-- 
JOEL BECKHAM
Scalability Architect
[image: BombBomb | Face to Face with more people, more often]
W: BombBomb.com

[image: BombBomb | Face to Face with more people, more often]
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] iCloud dropping all of our mail

2016-03-24 Thread Joel Beckham 
I did and didn't get a response, so that's why I started expanding my
search for help. Thanks.

On Thu, Mar 24, 2016 at 2:48 PM, Suresh Ramasubramanian 
> wrote:

> Use this link -
> https://support.apple.com/en-in/HT204137
> 
>
> Scroll down to the last section "contact us"
>
> --srs
>
> On 25-Mar-2016, at 2:15 AM, Joel Beckham  >
> wrote:
>
>
> On Thu, Mar 24, 2016 at 2:40 PM, Suresh Ramasubramanian <
> ops.li...@gmail.com
> 
> > wrote:
>
>> It would help if you posted the IPs as well
>>
>> --srs
>
>
>
> These are the IPs affected:
> 173.213.231.164
> 173.213.231.165
> 173.213.231.166
> 173.213.231.167
> 173.213.231.168
> 173.213.231.169
> 173.213.231.170
> 173.213.231.171
> 104.193.74.128
> 104.193.74.129
> 104.193.74.130
> 104.193.74.131
> 104.193.74.132
> 104.193.74.133
> 104.193.74.134
> 104.193.74.135
>
>
> --
> JOEL BECKHAM
> Scalability Architect
> [image: BombBomb | Face to Face with more people, more often]
> W: BombBomb.com
> 
> [image: BombBomb | Face to Face with more people, more often]
>
>


-- 
JOEL BECKHAM
Scalability Architect
[image: BombBomb | Face to Face with more people, more often]
W: BombBomb.com

[image: BombBomb | Face to Face with more people, more often]
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] iCloud dropping all of our mail

2016-03-24 Thread Suresh Ramasubramanian 
Use this link - 
https://support.apple.com/en-in/HT204137

Scroll down to the last section "contact us"

--srs

> On 25-Mar-2016, at 2:15 AM, Joel Beckham  wrote:
> 
> 
>> On Thu, Mar 24, 2016 at 2:40 PM, Suresh Ramasubramanian 
>>  wrote:
>> It would help if you posted the IPs as well
>> 
>> --srs
> 
> 
> These are the IPs affected:
> 173.213.231.164
> 173.213.231.165
> 173.213.231.166
> 173.213.231.167
> 173.213.231.168
> 173.213.231.169
> 173.213.231.170
> 173.213.231.171
> 104.193.74.128
> 104.193.74.129
> 104.193.74.130
> 104.193.74.131
> 104.193.74.132
> 104.193.74.133
> 104.193.74.134
> 104.193.74.135
> 
> 
> -- 
> JOEL BECKHAM
> Scalability Architect
>   
> W: BombBomb.com
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] iCloud dropping all of our mail

2016-03-24 Thread Joel Beckham 
I replied to Michelle directly.

Udeme -- I did take a look at that postmaster page and nothing really stood
out. We follow the best practices outlined there and I contacted the
support address listed there and didn't get a response.

On Thu, Mar 24, 2016 at 1:48 PM, Michelle Sullivan 
wrote:

> Joel Beckham wrote:
>
>> Does anyone have any advice for troubleshooting what we're doing to upset
>> icloud domains so that they're dropping our mail? All our normal signals
>> (feedbackloops, bounces, etc) we use to suspend and terminate users sending
>> unwanted mail aren't showing anything unusual as well as all the reputation
>> signals we use are all showing that we're good.
>>
>> We are getting some intermittent bounces pointing to a Proofpoint block
>> (which seems to be coming and going), but the majority of the mail is being
>> accepted and then appears to be getting discarded (based upon open rates
>> and our own testing).
>>
>
> Did you get URLs pointing to the block? (You should have)
>
> If you have some message IDs I could get them looked up to see if/why they
> were dropped.
>
> Regards,
>
> --
> Michelle Sullivan
> http://www.mhix.org/
>
>


-- 
JOEL BECKHAM
Scalability Architect
[image: BombBomb | Face to Face with more people, more often]
W: BombBomb.com 
[image: BombBomb | Face to Face with more people, more often]
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] iCloud dropping all of our mail

2016-03-24 Thread Udeme Ukutt 
Did you peek to see if anything correlates with their postmaster pages at
https://support.apple.com/en-us/HT204137?

That's normally where I start to dig & research.

Thanks,
Udeme

On Thursday, March 24, 2016, Joel Beckham  wrote:

> Does anyone have any advice for troubleshooting what we're doing to upset
> icloud domains so that they're dropping our mail? All our normal signals
> (feedbackloops, bounces, etc) we use to suspend and terminate users sending
> unwanted mail aren't showing anything unusual as well as all the reputation
> signals we use are all showing that we're good.
>
> We are getting some intermittent bounces pointing to a Proofpoint block
> (which seems to be coming and going), but the majority of the mail is being
> accepted and then appears to be getting discarded (based upon open rates
> and our own testing).
>
> Thanks!
>
> --
> JOEL BECKHAM
>
> [image: BombBomb | Face to Face with more people, more often]
> W: BombBomb.com
> 
> [image: BombBomb | Face to Face with more people, more often]
>


-- 
Thanks, Udeme

Sent from my iDevice; kindly excuse any typos.
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Yahoo DMARC changes

2016-03-24 Thread Franck Martin via mailop 
SMTP AUTH With or without OAUTH  (aka Submission) is the same functionally.
The difference is with OAUTH2 you don't have to share your password with
the ESP.

On Thu, Mar 24, 2016 at 7:09 AM, Suresh Ramasubramanian  wrote:

> If you are confident that all your customers doing this are low volume and
> legit, and none of them will ever be compromised, be my guest
>
> --srs
>
> > On 24-Mar-2016, at 7:27 PM, G. Miliotis 
> wrote:
> >
> > Now if you are suggesting that they will see multiple different logins
> on their SMTP from the same IP address, yes they will. If they consider
> this an attempt at spamming, i.e. I've harvested logins via phishing and am
> sending spam, maybe they should improve their filters.
>
> ___
> mailop mailing list
> mailop@mailop.org
> https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
>
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] iCloud dropping all of our mail

2016-03-24 Thread Michelle Sullivan 

Joel Beckham wrote:
Does anyone have any advice for troubleshooting what we're doing to 
upset icloud domains so that they're dropping our mail? All our normal 
signals (feedbackloops, bounces, etc) we use to suspend and terminate 
users sending unwanted mail aren't showing anything unusual as well as 
all the reputation signals we use are all showing that we're good.


We are getting some intermittent bounces pointing to a Proofpoint 
block (which seems to be coming and going), but the majority of the 
mail is being accepted and then appears to be getting discarded (based 
upon open rates and our own testing).


Did you get URLs pointing to the block? (You should have)

If you have some message IDs I could get them looked up to see if/why 
they were dropped.


Regards,

--
Michelle Sullivan
http://www.mhix.org/


___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

[mailop] iCloud dropping all of our mail

2016-03-24 Thread Joel Beckham 
Does anyone have any advice for troubleshooting what we're doing to upset
icloud domains so that they're dropping our mail? All our normal signals
(feedbackloops, bounces, etc) we use to suspend and terminate users sending
unwanted mail aren't showing anything unusual as well as all the reputation
signals we use are all showing that we're good.

We are getting some intermittent bounces pointing to a Proofpoint block
(which seems to be coming and going), but the majority of the mail is being
accepted and then appears to be getting discarded (based upon open rates
and our own testing).

Thanks!

-- 
JOEL BECKHAM

[image: BombBomb | Face to Face with more people, more often]
W: BombBomb.com

[image: BombBomb | Face to Face with more people, more often]
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Yahoo DMARC changes - Proxying SMTP auth for freemail users

2016-03-24 Thread G. Miliotis 

On 24/3/2016 18:17, Jay Hennigan wrote:
Once third-party mailers begin using the credentials of specific 
freemail accounts to send bulk mail that generates a non-trivial 
number of complaints and/or bounces, the battle has escalated.
I am only just recently mulling this over so I haven't really thought 
through the consequences of a mass adoption of this.


My first thoughts on the scenario you describe is that freemail 
providers can have a policy that outside mail sending access is NOT for 
bulk mail sending, via capping rates per IP/account/etc., using paypal 
features, etc. It will basically come down to the same basic problem 
they have now: identifying bulk email senders. They'll just have extra 
data points with their authenticated user to make that decision plus 
more ways to mitigate.


--GM

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Linux Anti-Virus software

2016-03-24 Thread Daniele Duca 

Hi,

if you are only interested in catching macros you may want to take a 
look at the clamd.conf's OLE2BlockMacros option and also consider using 
the clamav unofficial signatures 
(https://sourceforge.net/projects/unofficial-sigs/) enabling the 
badmacro.ndb database.


We prefer to strip all office files with macros by default, leaving the 
option to the user to decide to receive them


Regards
Daniele Duca

On 24/03/16 18:34, Marc Perkel wrote:


Been using ClamAV for years but wondering if there's something better. 
Running Centos 6 and would prefer RPM install. Anyone have 
recomendations?


I especially want to catch files with harmful macros.

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop


___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Outlook SPF Record change.. Is it true?

2016-03-24 Thread Michael Wise 
I suspect this is part of an IP consolidation move.
But I'm not completely certain.

Aloha,
Michael.
-- 
Michael J Wise | Microsoft | Spam Analysis | "Your Spam Specimen Has Been 
Processed." | Got the Junk Mail Reporting Tool ?

-Original Message-
From: mailop [mailto:mailop-boun...@mailop.org] On Behalf Of Michael Peddemors
Sent: Thursday, March 24, 2016 10:26 AM
To: mailop@mailop.org
Subject: [mailop] Outlook SPF Record change.. Is it true?

+ip4:40.107.0.0/16

That sounds like a big addition for Outlook.

They already using all the other IP(s) to send email? :)

  host -t TXT 
https://na01.safelinks.protection.outlook.com/?url=spfb.protection.outlook.com=01%7c01%7cmichael.wise%40microsoft.com%7c8275efcec7dd4c98c18e08d3540a2f41%7c72f988bf86f141af91ab2d7cd011db47%7c1=LlovwuHxIQ8ECb%2fxI42%2bJdR%2b2gNWQorcH4eGId34Kkk%3d
https://na01.safelinks.protection.outlook.com/?url=spfb.protection.outlook.com=01%7c01%7cmichael.wise%40microsoft.com%7c8275efcec7dd4c98c18e08d3540a2f41%7c72f988bf86f141af91ab2d7cd011db47%7c1=LlovwuHxIQ8ECb%2fxI42%2bJdR%2b2gNWQorcH4eGId34Kkk%3d
 descriptive text "v=spf1 ip6:2a01:111:f400::/48 ip4:23.103.128.0/19 
ip4:23.103.198.0/23 ip4:65.55.88.0/24 ip4:104.47.0.0/17 ip4:23.103.200.0/21 
ip4:23.103.208.0/21 ip4:23.103.191.0/24 ip4:216.32.180.0/23 ip4:40.107.0.0/16 
-all"

Don't tell me all the other ones got blacklisted (j/k)

Have a great holiday weekend everyone, just remember that the hackers don't 
rest on weekends.

-- Michael --

  
-- 
"Catch the Magic of Linux..."

Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at 
https://na01.safelinks.protection.outlook.com/?url=http%3a%2f%2fwww.linuxmagic.com=01%7c01%7cmichael.wise%40microsoft.com%7c8275efcec7dd4c98c18e08d3540a2f41%7c72f988bf86f141af91ab2d7cd011db47%7c1=S%2fbP6%2b6m9goMm3Tz%2fTTPFpTL5%2fbD3cqY7vONRHpyTq4%3d
 @linuxmagic

A Wizard IT Company - For More Info 
https://na01.safelinks.protection.outlook.com/?url=http%3a%2f%2fwww.wizard.ca=01%7c01%7cmichael.wise%40microsoft.com%7c8275efcec7dd4c98c18e08d3540a2f41%7c72f988bf86f141af91ab2d7cd011db47%7c1=BRjB64UhF%2bL27P3AcVA6bcq5MAXhK95gIUiup5B65qc%3d
"LinuxMagic" a Registered TradeMark of Wizard Tower TechnoServices Ltd.

604-682-0300 Beautiful British Columbia, Canada

This email and any electronic data contained are confidential and intended
solely for the use of the individual or entity to which they are addressed.
Please note that any views or opinions presented in this email are solely
those of the author and are not intended to represent those of the company.


___
mailop mailing list
mailop@mailop.org
https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2fchilli.nosignal.org%2fcgi-bin%2fmailman%2flistinfo%2fmailop%0a=01%7c01%7cmichael.wise%40microsoft.com%7c8275efcec7dd4c98c18e08d3540a2f41%7c72f988bf86f141af91ab2d7cd011db47%7c1=lqtT9kAiIHMTbQjfsyYBpv10cAFtpf%2fiXLcU8Pxtw38%3d
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

[mailop] Linux Anti-Virus software

2016-03-24 Thread Marc Perkel 


Been using ClamAV for years but wondering if there's something better. 
Running Centos 6 and would prefer RPM install. Anyone have recomendations?


I especially want to catch files with harmful macros.

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Yahoo DMARC changes - Proxying SMTP auth for freemail users

2016-03-24 Thread Michael Peddemors 

On 16-03-24 10:16 AM, Michael Wise wrote:

A question ...

Outside of the spam case, how typical is it for someone to send from one 
Freemail provider with a Reply-To: pointing to *ANOTHER* Freemail provider?

Just wondering.

Aloha,
Michael.



A lot in the spam box :)  It is actually one of our filtering rules to 
watch for this, (fairly low score by itself)..


And even worse, even in the Return-Path.

This is why I chuckle a little at Yahoo's new policy..

(redacted headers from a real spam)

Return-Path: 
Received: from ns502-vm11.bullet.mail.kks.yahoo.co.jp (HELO 
ns502-vm11.bullet.mail.kks.yahoo.co.jp) (183.79.57.66)

From: Serena Benson 
Reply-To: Serena Benson 

It would be helpful if Yahoo simply prevented anyone from sending out 
their email servers with a @gmail.com return path.




--
"Catch the Magic of Linux..."

Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic

A Wizard IT Company - For More Info http://www.wizard.ca
"LinuxMagic" a Registered TradeMark of Wizard Tower TechnoServices Ltd.

604-682-0300 Beautiful British Columbia, Canada

This email and any electronic data contained are confidential and intended
solely for the use of the individual or entity to which they are addressed.
Please note that any views or opinions presented in this email are solely
those of the author and are not intended to represent those of the company.

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Yahoo DMARC changes - Proxying SMTP auth for freemail users

2016-03-24 Thread Suresh Ramasubramanian 
There is of course the other part that various freemails just might not 
appreciate their customers sharing passwords  with a third party, like say an 
esp

--srs

On 24-Mar-2016, at 8:13 PM, G. Miliotis  wrote:

>> On 24-Mar-2016, at 7:27 PM, G. Miliotis  wrote:
>> 
>> Now if you are suggesting that they will see multiple different logins on 
>> their SMTP from the same IP address, yes they will. If they consider this an 
>> attempt at spamming, i.e. I've harvested logins via phishing and am sending 
>> spam, maybe they should improve their filters.
> 
>> On 24/3/2016 16:09, Suresh Ramasubramanian wrote:
>> If you are confident that all your customers doing this are low volume and 
>> legit, and none of them will ever be compromised, be my guest
>> 
>> --srs
> 
> A customer's account being compromised and sending spam will blacklist you 
> even via normal email operations, so I don't see any increased risk there. 
> We're supposed to have egress filtering anyway, right? Just set lower rate 
> limits for freemail accounts.
> 
> Lets compare a common scenario to this as a mental exercise. One of my 
> "normal" non-freemail customers gets compromised and starts sending spam to 
> freemail.com. Freemail.com bans my IP via their incoming filters, starts 
> 5xx'ing me. I see this, locate the customer, fix the problem and begin the 
> process of contacting freemail.com to get unbanned. How can I positively 
> PROVE to them that the compromise has gone away? They'll just have to take my 
> word for it. Probability of unban: zero, until enough time has passed for 
> filters to get wise to the fix. Which could be forever if you're a low volume 
> sender anyway (true story).
> 
> Conversely, in the case that a specific SMTP AUTH user sending from my server 
> getting compromised, they will ban me again, 5xx starts. I will notice 
> immediately and fix the problem with the client. Then, when I go to 
> freemail.com to get unbanned they will know the specific customer involved. 
> They will have a measure of how valid my claims that the issue is fixed are. 
> They have logs to check the account credentials were changed, they have a 
> contact and hey, it's a CUSTOMER or theirs telling them I've fixed it. Much 
> easier to believe. Much easier to unblock. At least in a reasonable world.
> 
> In addition, they can take escalating measures against this particular user 
> (rather than against all my customers) in the first place by disabling SMTP 
> auth for the account instead of outright banning the whole IP address. Then 
> the rest of THEIR CUSTOMERS using my server would not be impacted. For 
> example, Yahoo! does something similar by rate-limiting IPs rather than 
> outright banning them when their customers complain. So I just turn off 
> sending to Yahoo for 4 hours while I fix the customer and we're back in 
> business automagically. I may get 4 hours of queues and impact all Yahoo! 
> recipients, but at least I don't need to prove I'm not an elephant to a 
> support person that only has two buttons: "eject" and "patronize".
> 
> Sorry, this got rather long.
> 
> --GM

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Yahoo DMARC changes

2016-03-24 Thread Suresh Ramasubramanian 
At least in india most of those have moved to whatsapp 

--srs

> On 24-Mar-2016, at 6:50 PM, Tara Natanson  wrote:
> 
> but for everyone of those theres the local PTA and the Brownie troop, or 
> soccer club.  The person setting up a mailling list isn't given an address at 
> the brownies domain or the local schools domain.  So there really are a LOT 
> of folks sending from @freewebmail domains still. 

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Yahoo DMARC changes

2016-03-24 Thread Al Iverson 
On Thu, Mar 24, 2016 at 1:03 AM, Dave Warren  wrote:
> On 2016-03-23 16:32, Franck Martin via mailop wrote:
>>
>> In fact, these providers offer OAUTH2 to allow you to send as using their
>> infrastructure, and if you have bigger needs, many domains are going cheap
>> at the moment...
>>
>> Not ideal, but some options...
>>
>
> Are there really that many customers using freemail domains, yet paying for
> ESP services? For realsies?

Yes, at the SMB level. My friend's dive bar uses a Gmail address.
People whose "Tiny Letter" emails I've signed up for always seem to be
using webmail addresses. Even my other friend's jazz club, who does
have a domain for the website, it was a question of, do we pay to make
that domain available for email, or do we just use a free Gmail
account. They went the Gmail account route.

>And if so, wouldn't this be an obvious upsell
> opportunity or partnership to get these customers using their own domain?

And then somebody has to manage and map that domain. And then you have
the difficulty of making money off of that at the SMB level.

At the enterprise level, bigger customer level, sure, it makes total sense.

Even as a small business person myself in the past, I'd never
personally rely on a webmail domain for business. They could go under
or I could lose access to my mailbox. But you and I are smarter than
the average bear.

I think some ESPs offer use of a domain or subdomain by clients too
small / not smart enough to have their own domain. I expect that to
type of thing to become more common.

That's half of the ESP equation. The other half is reply forwarding.
Many ESPs have reply filtering and forwarding. Handling opt-outs
automatically, eating junk, and forwarding on legitimate replies.
Those forwarded replies are an issue in the new world order of DMARC.
Where I work, we have a setting that will rewrite the from address to
work around that, in a way similar to what mailing lists have been
doing. I'm in "wait in see" mode as far as whether or not I'd want to
utilize ARC to address that instead.

Regards,
Al
--
Al Iverson
www.aliverson.com
(312)725-0130

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Yahoo DMARC changes

2016-03-24 Thread G. Miliotis 

On 24/3/2016 15:38, Steve Atkins wrote:

They do. And there are already quite a few dedicated B2B spammers taking 
advantage of that. Most of the deluge of spam from gmail appears to be from 
this sort of spammer at the moment. If gmail becomes concerned about that then 
the ability to plug into an individuals gmail account is likely to go away.

Cheers,
   Steve
If this happened they'd be losing those who don't want to use the web 
interface for mail.
Maybe this issue could be fixed by allowing users to set up IPs or 
ranges that they explicitly allow SMTP auth connections from and block 
everyone else, per user. Of course that would actually drive people to 
upgrade their mail away from freemail providers, which I doubt they'd 
want to do.


Solve the problem vs lose ad revenue, hm


___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Yahoo DMARC changes

2016-03-24 Thread G. Miliotis 

>On 24-Mar-2016, at 6:33 PM, G. Miliotis  wrote:
>
>In fact, as someone mentioned, we're currently looking into setting up our 
outgoing SMTP servers to send via each client's freemail account via SMTP auth. So 
that would cover the DMARC issue, too. Provided they don't block us, of course.


On 24/3/2016 15:27, Suresh Ramasubramanian wrote:

You will light up their filters like a Christmas tree

--srs

Why would using valid authentication credentials to send mail 
originating from the actual owners of the account in question be against 
any policy? Isn't this why they provide access to send via SMTP in the 
first place?


Now if you are suggesting that they will see multiple different logins 
on their SMTP from the same IP address, yes they will. If they consider 
this an attempt at spamming, i.e. I've harvested logins via phishing and 
am sending spam, maybe they should improve their filters. The senders 
won't spamming, they will be sending extremely low volumes of mail and 
they will only be sending to the freemail provider's domains. They are 
easy to filter out, at least in my opinion.


Now if the freemail providers (in this case MS) can't be bothered with 
this edge case they're forcing us into, *shrug*. At least I will have 
tried my best for my customers.


--GM



___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Yahoo DMARC changes

2016-03-24 Thread Suresh Ramasubramanian 
You will light up their filters like a Christmas tree

--srs

> On 24-Mar-2016, at 6:33 PM, G. Miliotis  wrote:
> 
> In fact, as someone mentioned, we're currently looking into setting up our 
> outgoing SMTP servers to send via each client's freemail account via SMTP 
> auth. So that would cover the DMARC issue, too. Provided they don't block us, 
> of course.

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Yahoo DMARC changes

2016-03-24 Thread G. Miliotis 

On 24/3/2016 07:03, Dave Warren wrote:
Are there really that many customers using freemail domains, yet 
paying for ESP services? For realsies? And if so, wouldn't this be an 
obvious upsell opportunity or partnership to get these customers using 
their own domain? 
As a small ESP, my servers keep getting blocked by MS for no reason, so 
I actually have to recommend my customers keep their "old" hotmail/msn 
address so they can send to MS domains while I play hide-n-seek getting 
new IPs to send from/wait for delisting. So there's a real-life 
situation of freemail+paid ESP services.


In fact, as someone mentioned, we're currently looking into setting up 
our outgoing SMTP servers to send via each client's freemail account via 
SMTP auth. So that would cover the DMARC issue, too. Provided they don't 
block us, of course.


Another case is some customers want their managed mail services on their 
"proper" domain but want to keep their freemail accounts because they've 
given out business cards etc so during a transition period, which could 
be years, they keep both.


--GM



___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Mail accepted by outlook.com/hotmail.com disappears.

2016-03-24 Thread Rodgers, Anthony (DTMB) 
Props, Michael.

Thanks!
--
Anthony Rodgers
Security Analyst
Michigan Security Operations Center (MiSOC)
DTMB, Michigan Cyber Security

-Original Message-
From: mailop [mailto:mailop-boun...@mailop.org] On Behalf Of Michael Wise
Sent: Tuesday, March 22, 2016 13:40
To: Noel Butler ; mailop@mailop.org
Subject: Re: [mailop] Mail accepted by outlook.com/hotmail.com disappears.

We have convinced some of the Powers That Be that we should find another 
solution, and there is an open-ness to change on this behavior. Not gonna be 
this week or this month ... who can say for sure. But noise is being made about 
it.

Aloha,
Michael.
--
Michael J Wise | Microsoft | Spam Analysis | "Your Spam Specimen Has Been 
Processed." | Got the Junk Mail Reporting Tool ?

-Original Message-
From: mailop [mailto:mailop-boun...@mailop.org] On Behalf Of Noel Butler
Sent: Saturday, March 19, 2016 3:54 AM
To: mailop@mailop.org
Subject: Re: [mailop] Mail accepted by outlook.com/hotmail.com disappears.

On 19/03/2016 09:11, Renaud Allard via mailop wrote:
> On 18/03/16 01:38, Michael Wise wrote:
>> And yes, under certain circumstances, Hotmail/Outlook will 250 the 
>> mail, and may then if it considers the IP sufficiently toxic, delete 
>> it without delivering it to the intended recipient’s INBOX or Junk 
>> folder with no NDR.
> 
> May I suppose that you agree this is something that should never 
> happen? Even if you do not have the power yourself to stop this 
> behaviour.
> 
> 
> 

They cant stop it.
This has been going on since like early 2000's, they couldnt fix cleanfeed 
then, so why you think or expect they can now is beyond me :)


-- 
If you have the urge to reply to all rather than reply to list, you best
first read  
https://na01.safelinks.protection.outlook.com/?url=http%3a%2f%2fmembers.ausics.net%2fqwerty%2f=01%7c01%7cmichael.wise%40microsoft.com%7c35fe0c8a021849ee49b908d34fe6121b%7c72f988bf86f141af91ab2d7cd011db47%7c1=uoHJkueVwKBCr2Hz6O5CP6udx0gXKrwdymbizKpa9Uk%3d

___
mailop mailing list
mailop@mailop.org
https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2fchilli.nosignal.org%2fcgi-bin%2fmailman%2flistinfo%2fmailop=01%7c01%7cmichael.wise%40microsoft.com%7c35fe0c8a021849ee49b908d34fe6121b%7c72f988bf86f141af91ab2d7cd011db47%7c1=%2fvIQjV5PowhdwK7SeJbUlK06RrPjSsscRMnQHyH88PE%3d
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop