Re: [mailop] [EXTERNAL] Anyone have any luck delisting from Microsoft's Advanced Threat Protection (ATP)?

2020-05-11 Thread Michael Wise via mailop

Normally a recipient tenant raises an FP ticket, and that gets the ball rolling.
External escalations are rare.

Aloha,
Michael.
--
Michael J Wise
Microsoft Corporation| Spam Analysis
"Your Spam Specimen Has Been Processed."
Open a ticket for Hotmail ?

From: mailop  On Behalf Of David Carriger via mailop
Sent: Monday, May 11, 2020 11:21 AM
To: mailop@mailop.org
Subject: [EXTERNAL] [mailop] Anyone have any luck delisting from Microsoft's 
Advanced Threat Protection (ATP)?

Hi everyone,

Has anyone had any success in getting false positives removed from ATP? There 
isn't any public delisting endpoint available, and emails to various Microsoft 
email addresses, as well as open support cases, have not been met with much 
success.

The support case is #19907517, for any interested Microsoft folks who might be 
on here.

Best regards,
David Carriger
ActiveCampaign / Deliverability Engineer
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop


Re: [mailop] SendGrid Abuse unresponsive

2020-05-11 Thread Chris via mailop

On 2020-05-11 14:15, Brielle via mailop wrote:

On 5/11/2020 11:45 AM, Matt V via mailop wrote:

On 2020-05-05 11:09 p.m., Andy Smith via mailop wrote:

I've been told by at least one Sendgrid person that they have 
requested membership to the list and are awaiting administrator 
approvals...



Better late than never I guess...


To be blunt, they've been members of M3AAWG for many many years.  M3AAWG 
is better at dealing with these sorts of laxness on the part of an ESP 
who wants to remain on everybody's good books/sheer clout, than any 
"ordinary mailing list" (sorry guys ...;-) could possibly have.


I knew about 6 Sendgrid people from years of collaborating with them in 
person and online.  They were one of the best at fixing problems.


For a variety of reasons I've not been dealing with M3AAWG nearly as 
much as I used to, but I can only assume, for this degree of crap coming 
out (and oh my yes, I see it too), that none of the people I knew are 
still there OR no longer have the authority to deal with it.


___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop


Re: [mailop] SendGrid Abuse unresponsive

2020-05-11 Thread Luke via mailop
The very first reply to this thread was from a SendGrid representative.
They generally respond pretty quickly any time they are mentioned here.

Luke

On Mon, May 11, 2020 at 11:24 AM Brielle via mailop 
wrote:

> On 5/11/2020 11:45 AM, Matt V via mailop wrote:
> > On 2020-05-05 11:09 p.m., Andy Smith via mailop wrote:
> >
> > I've been told by at least one Sendgrid person that they have requested
> > membership to the list and are awaiting administrator approvals...
> >
> >
>
> Better late than never I guess...
>
> --
> Brielle Bruns
> The Summit Open Source Development Group
> http://www.sosdg.org/ http://www.ahbl.org
>
> ___
> mailop mailing list
> mailop@mailop.org
> https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
>
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop


[mailop] Anyone have any luck delisting from Microsoft's Advanced Threat Protection (ATP)?

2020-05-11 Thread David Carriger via mailop
Hi everyone,

Has anyone had any success in getting false positives removed from ATP?
There isn't any public delisting endpoint available, and emails to various
Microsoft email addresses, as well as open support cases, have not been met
with much success.

The support case is #19907517, for any interested Microsoft folks who might
be on here.

Best regards,
David Carriger
ActiveCampaign / Deliverability Engineer
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop


Re: [mailop] SendGrid Abuse unresponsive

2020-05-11 Thread Brielle via mailop

On 5/11/2020 11:45 AM, Matt V via mailop wrote:

On 2020-05-05 11:09 p.m., Andy Smith via mailop wrote:

I've been told by at least one Sendgrid person that they have requested 
membership to the list and are awaiting administrator approvals...





Better late than never I guess...

--
Brielle Bruns
The Summit Open Source Development Group
http://www.sosdg.org/ http://www.ahbl.org

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop


Re: [mailop] SendGrid Abuse unresponsive

2020-05-11 Thread Matt V via mailop

On 2020-05-05 11:09 p.m., Andy Smith via mailop wrote:

I've been told by at least one Sendgrid person that they have requested 
membership to the list and are awaiting administrator approvals...



--
~
MATT


___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop


Re: [mailop] DMARC policy application

2020-05-11 Thread Alessandro Vesely via mailop
On Thu 07/May/2020 19:35:38 +0200 Michael Peddemors via mailop wrote:
> On 2020-05-07 10:19 a.m., Nick via mailop wrote:
>> On 2020-05-07 18:07 BST, John Levine via mailop wrote:
>>> My users have lots of addresses and my mail system lets them use
>>> whatever From: address they want.
>>
>> Interesting.  That seems liberal, and also risky isn't it?  What's the
>> advantage that makes up for the risk (if you agree there is some)?
>>
> 
> Common technique done by compromised accounts, is to use a fake MAIL FROM,
> hoping you see less bounce traffic.
> 
> We strongly recommend, 'require_local_sender_domain' and preferably
> 'require_local_sender', however there are always ISP's who want to allow some
> customers to relay, or are worried that blocking it will impact users, and
> cause them to loose money/customers..
> 
> Not always easy pointing out the risks outweigh the rewards.


The famous DKIM incipit says "to claim /some/ responsibility" [my emphasis],
without even trying to specify which.  Perhaps, the possibility to be less
ambiguous would meet the wants of some kind of filter...?

And this thread is really about DKIM, not DMARC.


Best
Ale
-- 
























___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop


Re: [mailop] Webiron down

2020-05-11 Thread Atro Tossavainen via mailop
On Mon, May 11, 2020 at 02:07:10PM +0200, Hetzner Blacklist via mailop wrote:
> Just a quick heads-up: Webiron appears to be having issues. Their
> website is down, and their blacklists (combined in all.rbl.webiron.net)
> are listing the world.

Thanks Bastiaan!

The domain was last updated Apr 22.

However, the name servers for the .net are on the corresponding .com,
which was updated four days ago, May 7 - and the new nameservers for
that domain are...

drum roll...

   Name Server: NS1.PENDINGRENEWALDELETION.COM
   Name Server: NS2.PENDINGRENEWALDELETION.COM

which probably explains why there is a problem.

$ host 2.0.0.127.all.rbl.webiron.net
2.0.0.127.all.rbl.webiron.net has address 208.91.197.132

$ host -t txt 2.0.0.127.all.rbl.webiron.net
2.0.0.127.all.rbl.webiron.net descriptive text "v=spf1 a -all"

I guess I wasn't expecting to see a SPF record. :-D

As for the functional listings, you get a wildcard pointing to what I
think would usually be a web server for parked domain names.

If your DNSBL use isn't checking for the result codes to be in the
127.x.x.x range, you would be up shit creek right about now, yes.

> Their live feed bot stopped tweeting around 3 weeks ago:
> https://twitter.com/WebironBots
> 
> This has happened with other blacklists, and might just be a temporary
> issue, but is often the start of the end.
> 
> If anybody is using them to filter/reject emails, you might want to
> change that (at least temporarily) to avoid false positives.
> 
> Kind regards
> Bastiaan

Thanks,
-- 
Atro Tossavainen, Chairman of the Board
Infinite Mho Oy, Helsinki, Finland
tel. +358-44-5000 600, http://www.infinitemho.fi/

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop


[mailop] Webiron down

2020-05-11 Thread Hetzner Blacklist via mailop
Just a quick heads-up: Webiron appears to be having issues. Their
website is down, and their blacklists (combined in all.rbl.webiron.net)
are listing the world.

Their live feed bot stopped tweeting around 3 weeks ago:
https://twitter.com/WebironBots

This has happened with other blacklists, and might just be a temporary
issue, but is often the start of the end.

If anybody is using them to filter/reject emails, you might want to
change that (at least temporarily) to avoid false positives.

Kind regards
Bastiaan

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop


Re: [mailop] Reg. Bounces at Yahoo / AOL

2020-05-11 Thread Maarten Oelering via mailop
Hi Vaibhav,

We saw this reply appear 1-2 months ago. I think you should treat it as invalid 
address, so hard bounce.

Maarten

> On 11 May 2020, at 04:34, Vaibhav via mailop  wrote:
> 
> Hi Everyone,
> 
> Recently we observed below error while delivering emails to Yahoo / AOL 
> recipients. 
> 
> Is it expected or some error ?
> 
> SMTP Error : 554 delivery error: dd Not a valid recipient - 
> 
> Does anyone noticed the same ?
> 
> --Vaibhav
> ___
> mailop mailing list
> mailop@mailop.org
> https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop


Re: [mailop] DMARC policy application

2020-05-11 Thread Evan Booyens via mailop


Unfortunately we have a legacy in South Africa of allowing users to send 
from any domain as long as they are authenticated.


Trying to change this gets major push back from both Management and 
Marketing as well as many users then threatening to leave for other 
providers.


Thus we have to deal with it as best as possible.

Kind Regards

Evan

On 5/8/20 5:04 AM, Michael Rathbun via mailop wrote:

On 7 May 2020 15:14:10 -0400, John Levine via mailop 
wrote:


Maybe I'm lucky but I haven't had much trouble.  My users do know that should
there be problems, it won't be pretty.

Aye.  Anybody can send any mail from any address to any address through this
system.  They just have to have opened an authenticated session on a
particular non-standard port.  NP.

mdr

--

Evan Booyens
Platform Engineer
xneelo (Pty) Ltd

SA Contact Centre: 0861 0861 08
International: +27 21 970 2000



Disclaimer: xneelo.co.za/email-disclaimer 

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop