Re: [mailop] Mail accepted by outlook.com/hotmail.com disappears.

[Aaron C. de Bruyn]

Interesting stats.  So in roughly 1 second you process more mail than I do
in about 3 months.

-A

On Tue, Mar 29, 2016 at 8:25 PM, Michael Wise 
wrote:

> No worries.
> One can only imagine.
>
> What is now Office365, when it was acquired, was also running on
> RH/Postfix way back in the day, whereas HotMail started out on FreeBSD, if
> memory serves.
>
> Volume has grown from tens of millions of emails daily to tens of
> Billions, again IIRC.
>
> Aloha,
> Michael.
> --
> Sent from my Windows Phone
> --
> From: Aaron C. de Bruyn 
> Sent: ‎3/‎29/‎2016 7:45 PM
> To: Michael Wise 
> Cc: Rich Kulawiec ; mailop@mailop.org
> Subject: Re: [mailop] Mail accepted by outlook.com/hotmail.com disappears.
>
> On Tue, Mar 29, 2016 at 7:39 PM, Michael Wise 
> wrote:
>
>> Yes.
>> A decade ago our service ran on it.
>>
>
> Yeah--that was my attempt at a bad joke.
>
> I would have paid good money to be a fly on the wall during the Hotmail
> conversion.
>
> -A
>
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Mail accepted by outlook.com/hotmail.com disappears.

[Michael Wise]

No worries.
One can only imagine.

What is now Office365, when it was acquired, was also running on RH/Postfix way 
back in the day, whereas HotMail started out on FreeBSD, if memory serves.

Volume has grown from tens of millions of emails daily to tens of Billions, 
again IIRC.

Aloha,
Michael.
--
Sent from my Windows Phone

From: Aaron C. de Bruyn
Sent: ‎3/‎29/‎2016 7:45 PM
To: Michael Wise
Cc: Rich Kulawiec; 
mailop@mailop.org
Subject: Re: [mailop] Mail accepted by outlook.com/hotmail.com disappears.

On Tue, Mar 29, 2016 at 7:39 PM, Michael Wise 
> wrote:
Yes.
A decade ago our service ran on it.

Yeah--that was my attempt at a bad joke.

I would have paid good money to be a fly on the wall during the Hotmail 
conversion.

-A
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Mail accepted by outlook.com/hotmail.com disappears.

[Aaron C. de Bruyn]

On Tue, Mar 29, 2016 at 7:39 PM, Michael Wise 
wrote:

> Yes.
> A decade ago our service ran on it.
>

Yeah--that was my attempt at a bad joke.

I would have paid good money to be a fly on the wall during the Hotmail
conversion.

-A
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Mail accepted by outlook.com/hotmail.com disappears.

[Michael Wise]

Yes.
A decade ago our service ran on it.

Aloha,
Michael.
--
Sent from my Windows Phone

From: Aaron C. de Bruyn
Sent: ‎3/‎29/‎2016 7:37 PM
To: Michael Wise
Cc: Rich Kulawiec; 
mailop@mailop.org
Subject: Re: [mailop] Mail accepted by outlook.com/hotmail.com disappears.

On Tue, Mar 29, 2016 at 6:53 PM, Michael Wise 
> wrote:
Oh wait, that means we have to get 10x the number of servers ... and data 
centers.

Actually, the measures I outlined require *fewer* servers, less storage,
and (in most cases) less network bandwidth.

Our engineers tell management otherwise.

Ok, I'll jump on that grenade.  Have the engineers heard of Linux or BSD? ;)

-A

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Mail accepted by outlook.com/hotmail.com disappears.

[Aaron C. de Bruyn]

On Tue, Mar 29, 2016 at 6:53 PM, Michael Wise 
wrote:

> Oh wait, that means we have to get 10x the number of servers ... and data
> centers.
>


> Actually, the measures I outlined require *fewer* servers, less storage,
> and (in most cases) less network bandwidth.
>


> Our engineers tell management otherwise.
>

Ok, I'll jump on that grenade.  Have the engineers heard of Linux or BSD? ;)

-A
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Mail accepted by outlook.com/hotmail.com disappears.

[Michael Wise]

Our engineers tell management otherwise.

Aloha,
Michael.
--
Sent from my Windows Phone

From: Rich Kulawiec
Sent: ‎3/‎29/‎2016 6:46 PM
To: mailop@mailop.org
Subject: Re: [mailop] Mail accepted by outlook.com/hotmail.com disappears.

On Wed, Mar 30, 2016 at 01:21:17AM +, Michael Wise wrote:
> Oh wait, that means we have to get 10x the number of servers ... and data 
> centers.

Actually, the measures I outlined require *fewer* servers, less storage,
and (in most cases) less network bandwidth.  That's one of the reasons
I mentioned them.

---rsk

___
mailop mailing list
mailop@mailop.org
https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2fchilli.nosignal.org%2fcgi-bin%2fmailman%2flistinfo%2fmailop=01%7c01%7cmichael.wise%40microsoft.com%7c2e2754afc6244e8df34608d3583d0c5b%7c72f988bf86f141af91ab2d7cd011db47%7c1=pr9uUOmUeSTjRkw92FUqxgKRIz5cig8uBOBGhAhSe4g%3d
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Mail accepted by outlook.com/hotmail.com disappears.

[Rich Kulawiec]

On Wed, Mar 30, 2016 at 01:21:17AM +, Michael Wise wrote:
> Oh wait, that means we have to get 10x the number of servers ... and data 
> centers.

Actually, the measures I outlined require *fewer* servers, less storage,
and (in most cases) less network bandwidth.  That's one of the reasons
I mentioned them.

---rsk

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Mail accepted by outlook.com/hotmail.com disappears.

[Michael Wise]

OF COURSE!
THAT'S THE SOLU...
Oh wait, that means we have to get 10x the number of servers ... and data 
centers.

Management won't like that.

So many people think that the things that work just spiffily when everything 
you do fits on a single mail server, will scale across a cluster that has tens 
if not hundreds of thousands of machines. In dozens of data centers. 
Geographically dispersed around the planet.

They don't.

Aloha,
Michael.
-- 
Michael J Wise | Microsoft | Spam Analysis | "Your Spam Specimen Has Been 
Processed." | Got the Junk Mail Reporting Tool ?

-Original Message-
From: mailop [mailto:mailop-boun...@mailop.org] On Behalf Of Rich Kulawiec
Sent: Tuesday, March 29, 2016 6:06 PM
To: mailop@mailop.org
Subject: Re: [mailop] Mail accepted by outlook.com/hotmail.com disappears.

On Wed, Mar 23, 2016 at 10:16:11AM -0700, Michael Peddemors wrote:
> For instance, if it believes
> the message is spam, and the recipient has requested that 'all'
> email be forwarded to a remote account, forwarding that email could
> make it appear that the forwarder is the source of spam.

Solution: reject it (as spam) during the SMTP connection.  Don't
(knowingly) forward spam to anyone, anywhere, anytime.  (If someone
is doing research and wants you to deliver it locally: fine.)

> Should you deliver malicious or harmful vectors to a person's email
> box?  (Eg, a Virus laden attachment?)

Solution: scan it and reject it during the SMTP connection.  There's no
point in delivering such traffic to anybody, even to those who are smart
enough not to use highly vulnerable mail clients and operating systems.
(Same comment as above in re research.)

> What if you are in jurisdiction where delivering emails of a
> specific content is illegal?

Solution: scan it and reject it during the SMTP connection.  If it's
illegal to deliver, it's probably illegal to possess: so arrange matters
so that you don't.

> What if the recipient has indicated that he wants it dropped, rather
> than be delivered?

Solution: do not offer this option.


Yes, there are *still* edge cases where mail gets dropped: the one that
occurs to me is spam addressed to a mailing list which makes it by all
perimeter defenses and arrives in the list's queue. (Where it may be
held for moderation; any well-run list does so with messages that don't
originate from subscribed addresses.)   Obviously it can't be
rejected any more, because the SMTP connection is closed.  And it sure
shouldn't be distributed to everyone on the list.  So the only viable
option here is to drop it.   But the cases above are better handled
either by policies that avoid them or by the scanning that's done
while the original SMTP connection is open.

---rsk

___
mailop mailing list
mailop@mailop.org
https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2fchilli.nosignal.org%2fcgi-bin%2fmailman%2flistinfo%2fmailop=01%7c01%7cmichael.wise%40microsoft.com%7c5ea9534123d1437e25d608d35838cebb%7c72f988bf86f141af91ab2d7cd011db47%7c1=5ERMlSm8JTfM8HAOEpHuW7QRRF%2fD7RIfnkeeW%2bEIdV4%3d
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Mail accepted by outlook.com/hotmail.com disappears.

[Rich Kulawiec]

On Wed, Mar 23, 2016 at 10:16:11AM -0700, Michael Peddemors wrote:
> For instance, if it believes
> the message is spam, and the recipient has requested that 'all'
> email be forwarded to a remote account, forwarding that email could
> make it appear that the forwarder is the source of spam.

Solution: reject it (as spam) during the SMTP connection.  Don't
(knowingly) forward spam to anyone, anywhere, anytime.  (If someone
is doing research and wants you to deliver it locally: fine.)

> Should you deliver malicious or harmful vectors to a person's email
> box?  (Eg, a Virus laden attachment?)

Solution: scan it and reject it during the SMTP connection.  There's no
point in delivering such traffic to anybody, even to those who are smart
enough not to use highly vulnerable mail clients and operating systems.
(Same comment as above in re research.)

> What if you are in jurisdiction where delivering emails of a
> specific content is illegal?

Solution: scan it and reject it during the SMTP connection.  If it's
illegal to deliver, it's probably illegal to possess: so arrange matters
so that you don't.

> What if the recipient has indicated that he wants it dropped, rather
> than be delivered?

Solution: do not offer this option.


Yes, there are *still* edge cases where mail gets dropped: the one that
occurs to me is spam addressed to a mailing list which makes it by all
perimeter defenses and arrives in the list's queue. (Where it may be
held for moderation; any well-run list does so with messages that don't
originate from subscribed addresses.)   Obviously it can't be
rejected any more, because the SMTP connection is closed.  And it sure
shouldn't be distributed to everyone on the list.  So the only viable
option here is to drop it.   But the cases above are better handled
either by policies that avoid them or by the scanning that's done
while the original SMTP connection is open.

---rsk

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Looking for someone to set up DKIM on a Windows server

[Michael Rathbun]

On Tue, 29 Mar 2016 16:02:50 +0100, Paul Smith  wrote:

>It really depends on what mail server software is running on the Windows 
>server, so can you give that information? There are many different mail 
>servers for Windows.

My question as well.  There are several well-done server packages.  And also
Exchange.

mdr
-- 
   Sometimes half-ass is exactly the right amount of ass.
   -- Wonderella


___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Yahoo DMARC changes

[Brett Schenker]

Dealing mainly with political campaigns and nonprofits I have a lot of them
sending from freemail, so do see this issue a lot. A lot of folks are just
low understanding when it comes to tech and email, volunteers for example,
so just don't know. I've been fighting to get us to just stop sending from
all freemail to "solve the problem." Pop up a warning telling them they
can't do it, and that's that. They're supposed to be professional
organizations and campaigns, they should be sending from their own domain.

Where a technical issue is being run in to is functions like "tell your
friends" where people do use their own personal addresses. That we're
working through solutions now.

On Tue, Mar 29, 2016 at 12:04 PM, Steve Atkins  wrote:

>
> > On Mar 29, 2016, at 8:17 AM, Laura Atkins 
> wrote:
> >
> >
> >> On Mar 28, 2016, at 8:20 PM, Vick Khera  wrote:
> >>
> >> On Wed, Mar 23, 2016 at 11:15 AM, Steve Atkins 
> wrote:
> >>
> >> > On Mar 22, 2016, at 9:35 PM,  
> wrote:
> >> >
> >> > Are you taking that approach because the workaround is less than
> ideal?  Otherwise the current “workaround” could be the new standard.
> >>
> >> The workaround is terrible and breaks basic email functionality.
> >>
> >> What's so terrible about setting the visible From address to something
> you control, and setting reply-to to the original address? I thought that
> was the acceptable workaround, at least as discussed at sessions at M3AAWG.
> >
> > Filters. - Hard to selectively filter particular mailing list users.
> >
> > Searches - nearly impossible to search for mail from a particular user.
> >
> > Reply-To - many lists want to set reply-to: list rather than reply to
> author.
>
> Also, email headers have well-defined meanings.
>
> The From: header specifies the author of the message, the email address of
> the person responsible for writing the message.
> The Sender: header specifies the email address of the agent responsible
> for sending the message, when that's different to the author.
> The Reply-To: header specifies the email address to which replies should
> be sent, when that's different to the author.
>
> They have different meanings, and they're all useful, and used.
>
> The problem with DMARC is that it insists that the From: field contain an
> email address in a domain from which it was sent. If that's not naturally
> the case - mailing lists and ESPs are two examples of that - then you
> cannot comply with both RFC 5322 originator field semantics and DMARC
> requirements.
>
> All the hacks that mailing list operators have put in place to allow
> people to use their mailing lists contrary to the DMARC-published
> requirements of the domain owner are based on violating the RFC 5322
> semantics.
>
> You need to put an email address in the From: field that's in the same
> domain as the mailing list manager - the email address that should be in
> the Sender: field has to go in the From: field. That destroys any record of
> who the author of the email is. That breaks quite a lot of functionality -
> filtering and searching, as laura mentioned, but even more obviously any
> ability to easily reply to just the author.
>
> To work around that last problem a list operator may put the real authors
> address in the reply-to field. That destroys any explicit reply-to that the
> author may have set. That in turn breaks other expectations. If a user
> wants to subscribe to a mailing list with one address, but wants individual
> replies to go to another one they can say "From: li...@blighty.com;
> Reply-To: st...@blighty.com" - this sort of DMARC mitigation breaks that.
>
> Also, many lists already set the Reply-To to the list submission address -
> so they can't put the author address in that field, leaving them with no
> choice other than to change (long established) expectations of how the
> mailing list works, or to have the author email address appear nowhere in
> the mail where it can be used mechanically by any variant of a reply
> command.
>
> All of these break user expectations for how email should work - all
> users, not just those at domains that are publishing DMARC p=reject
> records. Mailing list operators can make operational changes to mitigate
> the inconvenience for different classes of user, but they can't fix it
> entirely.
>
> There is *no way* to fix this without fundamental changes to either RFC
> 5322 or DMARC as they are inherently incompatible.
>
> ARC will make those fundamental changes to DMARC, but only for one
> specific use case - traditional email discussion lists. It'll be an
> improvement (though not a total fix) for that case, but it makes no
> improvement for other use cases (of which ESPs catering to smaller users
> are one major one, but there are others).
>
> Cheers,
>   Steve
>
>
> ___
> mailop mailing list
> 

Re: [mailop] Yahoo DMARC changes

[Steve Atkins]

> On Mar 29, 2016, at 8:17 AM, Laura Atkins  wrote:
> 
> 
>> On Mar 28, 2016, at 8:20 PM, Vick Khera  wrote:
>> 
>> On Wed, Mar 23, 2016 at 11:15 AM, Steve Atkins  wrote:
>> 
>> > On Mar 22, 2016, at 9:35 PM,   wrote:
>> >
>> > Are you taking that approach because the workaround is less than ideal?  
>> > Otherwise the current “workaround” could be the new standard.
>> 
>> The workaround is terrible and breaks basic email functionality.
>> 
>> What's so terrible about setting the visible From address to something you 
>> control, and setting reply-to to the original address? I thought that was 
>> the acceptable workaround, at least as discussed at sessions at M3AAWG.
> 
> Filters. - Hard to selectively filter particular mailing list users. 
> 
> Searches - nearly impossible to search for mail from a particular user. 
> 
> Reply-To - many lists want to set reply-to: list rather than reply to author. 

Also, email headers have well-defined meanings.

The From: header specifies the author of the message, the email address of the 
person responsible for writing the message.
The Sender: header specifies the email address of the agent responsible for 
sending the message, when that's different to the author.
The Reply-To: header specifies the email address to which replies should be 
sent, when that's different to the author.

They have different meanings, and they're all useful, and used.

The problem with DMARC is that it insists that the From: field contain an email 
address in a domain from which it was sent. If that's not naturally the case - 
mailing lists and ESPs are two examples of that - then you cannot comply with 
both RFC 5322 originator field semantics and DMARC requirements.

All the hacks that mailing list operators have put in place to allow people to 
use their mailing lists contrary to the DMARC-published requirements of the 
domain owner are based on violating the RFC 5322 semantics.

You need to put an email address in the From: field that's in the same domain 
as the mailing list manager - the email address that should be in the Sender: 
field has to go in the From: field. That destroys any record of who the author 
of the email is. That breaks quite a lot of functionality - filtering and 
searching, as laura mentioned, but even more obviously any ability to easily 
reply to just the author.

To work around that last problem a list operator may put the real authors 
address in the reply-to field. That destroys any explicit reply-to that the 
author may have set. That in turn breaks other expectations. If a user wants to 
subscribe to a mailing list with one address, but wants individual replies to 
go to another one they can say "From: li...@blighty.com; Reply-To: 
st...@blighty.com" - this sort of DMARC mitigation breaks that.

Also, many lists already set the Reply-To to the list submission address - so 
they can't put the author address in that field, leaving them with no choice 
other than to change (long established) expectations of how the mailing list 
works, or to have the author email address appear nowhere in the mail where it 
can be used mechanically by any variant of a reply command.

All of these break user expectations for how email should work - all users, not 
just those at domains that are publishing DMARC p=reject records. Mailing list 
operators can make operational changes to mitigate the inconvenience for 
different classes of user, but they can't fix it entirely.

There is *no way* to fix this without fundamental changes to either RFC 5322 or 
DMARC as they are inherently incompatible.

ARC will make those fundamental changes to DMARC, but only for one specific use 
case - traditional email discussion lists. It'll be an improvement (though not 
a total fix) for that case, but it makes no improvement for other use cases (of 
which ESPs catering to smaller users are one major one, but there are others).

Cheers,
  Steve


___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Yahoo DMARC changes

[Laura Atkins]

> On Mar 28, 2016, at 8:20 PM, Vick Khera  wrote:
> 
> On Wed, Mar 23, 2016 at 11:15 AM, Steve Atkins  > wrote:
> 
> > On Mar 22, 2016, at 9:35 PM, > 
> > > wrote:
> >
> > Are you taking that approach because the workaround is less than ideal?  
> > Otherwise the current “workaround” could be the new standard.
> 
> The workaround is terrible and breaks basic email functionality.
> 
> What's so terrible about setting the visible From address to something you 
> control, and setting reply-to to the original address? I thought that was the 
> acceptable workaround, at least as discussed at sessions at M3AAWG.

Filters. - Hard to selectively filter particular mailing list users. 

Searches - nearly impossible to search for mail from a particular user. 

Reply-To - many lists want to set reply-to: list rather than reply to author. 

laura

-- 
Having an Email Crisis?  800 823-9674 

Laura Atkins
Word to the Wise
la...@wordtothewise.com
(650) 437-0741  

Email Delivery Blog: http://wordtothewise.com/blog  





___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

[mailop] Looking for someone to set up DKIM on a Windows server

[Anne Mitchell]

Does anybody here have experience with setting up DKIM on a Windows server? We 
have someone needing that done, and our regular contractor that we use is 
unavailable right now. 

Thanks!

Anne

Anne P. Mitchell,
Attorney at Law
CEO/President, 
http://www.SuretyMail.com/
http://www.SuretyMail.eu/

"Email marketing is the one place where it's better to ask permission than 
forgiveness." - Me

Author: Section 6 of the CAN-SPAM Act of 2003 (the Federal anti-spam law)
Member, California Bar Cyberspace Law Committee
Member, Colorado Cybersecurity Consortium
Member, Asilomar Microcomputer Workshop Committee
Ret. Professor of Law, Lincoln Law School of San Jose
Ret. Chair, Asilomar Microcomputer Workshop


___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop