date:20211018

Re: [mailop] Reporting/detecting google groups spam

2021-10-18 Thread Dan Mahoney via mailop



> On Oct 18, 2021, at 1:02 PM, Atro Tossavainen via mailop  
> wrote:
> 
> On Sun, Oct 17, 2021 at 01:04:53PM -0700, Dan Mahoney (Gushi) via mailop 
> wrote:
>> All,
>> 
>> For years now I've been the target of a number of resumes from
>> UAE-based google-groups.
> 
> Have a look at these two things.
> 
>  https://www.spamhaus.org/rokso/spammer/SPM1559/syedsmarketing
> 
>  
> https://www.spamhaus.org/rokso/evidence/ROK13034/syedsmarketing/10-2021-group-uae

Yup, definitely them.  Any way I can aid in reporting this stuff more 
efficiently?  (Note this is my personal AS, not the dayjob's, but we're both no 
strangers to fighting the good fight).

-Dan
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] IMAP and SMTP in the same or separated IPs?

2021-10-18 Thread Dave Crocker via mailop




On 10/18/2021 12:35 PM, Brandon Long wrote:
Anyways, I stand by that there is unlikely to be overlap between people 
blocking your

smtp server and your customers accessing your imap server...


yup.  and that's why I asked for a detailed explanation from anyone 
claiming a linkage.  Haven't seen one appear, so far.


d/
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Reporting/detecting google groups spam

2021-10-18 Thread Atro Tossavainen via mailop

On Sun, Oct 17, 2021 at 01:04:53PM -0700, Dan Mahoney (Gushi) via mailop wrote:
> All,
> 
> For years now I've been the target of a number of resumes from
> UAE-based google-groups.

Have a look at these two things.

  https://www.spamhaus.org/rokso/spammer/SPM1559/syedsmarketing

  
https://www.spamhaus.org/rokso/evidence/ROK13034/syedsmarketing/10-2021-group-uae

-- 
Atro Tossavainen, Chairman of the Board
Infinite Mho Oy, Helsinki, Finland
tel. +358-44-5000 600, http://www.infinitemho.fi/
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Gmail - messages to self accepted by SMTP, not delivered

2021-10-18 Thread Brandon Long via mailop

There is no deliberate connection between the authentication method and
automatic-bcc... but bugs make fools of us all.

Are all of your tests using the same user?  If you can send me details
off-list, I can investigate further.

Brandon

On Sat, Oct 16, 2021 at 11:58 PM Kostya Vasilyev via mailop <
mailop@mailop.org> wrote:

> Well no, this one is different.
>
> It depends on whether the mail app uses OAUTH2 and on how recently this
> app was registered on Google Cloud.
>
> When such mail app is detected, Gmail will not automatically file messages
> submitted via SMTP into the Sent folder, as it's done for decades.
>
> This must be a deliberate change. Unfortunately as a side effect of this
> change, messages to self are silently dropped.
>
> Still hoping to get the attention of someone from Google, anyone out here?
>
> --
> Kostya Vasilyev
> k...@fastmail.com
>
> On Sat, Oct 16, 2021, at 10:48 PM, Jarland Donnell via mailop wrote:
> > I've had customers repeatedly approach me about a similar issue and I
> > ended up writing this in mass response:
> >
> https://mxroute.com/docs/im-forwarding-or-retrieving-email-to-at-gmail-and-when-i-send-a-test-email-from-the-same-address-that-will-ultimately-be-receiving-it-it-doesnt-work/
> >
> > I could probably argue that there's a logical case for not duplicating
> > an email that someone sent to themselves by displaying it in two folders
> > by default. I don't see people email themselves very often for any
> > purpose other than testing.
> >
> > On 2021-10-16 12:57, Kostya Vasilyev via mailop wrote:
> >> Anyone from Google here?
> >>
> >> I'm seeing a bug where messages sent to same Gmail account (same from
> >> and to @gmail.com address) are accepted by smtp.gmail.com but are
> >> never delivered, dropped instead.
> >>
> >> This happens if:
> >>
> >> - Messages are sent using a mail app using IMAP / SMTP
> >> - Mail app uses OAUTH2 for authentication
> >> - Mail app was created / registered on Google Cloud some time inside
> >> the last two years
> >> - The user saves the message to Drafts before sending
> >>
> >> Apps using "less secure" (login / password) auth are not affected.
> >> Apps using OAUTH2 but registered a long(er) time ago are not affected.
> >>
> >> So basically any new mail app that tries to follow Google's
> >> recommended OAUTH2 will be seen by users as broken (can't send
> >> messages to yourself, which people do).
> >>
> >> Feel free to contact me directly for more info.
> > ___
> > mailop mailing list
> > mailop@mailop.org
> > https://list.mailop.org/listinfo/mailop
> ___
> mailop mailing list
> mailop@mailop.org
> https://list.mailop.org/listinfo/mailop
>
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] IMAP and SMTP in the same or separated IPs?

2021-10-18 Thread Brandon Long via mailop

On Mon, Oct 18, 2021 at 11:22 AM Dave Crocker via mailop 
wrote:

>
>
> On 10/18/2021 10:56 AM, Brandon Long wrote:
> >
> >
> > On Sat, Oct 16, 2021 at 2:35 PM Dave Crocker via mailop
> > mailto:mailop@mailop.org>> wrote:
> >
> >
> >
> > On 10/15/2021 5:40 PM, Grant Taylor via mailop wrote:
> >  > The motivation for spreading service IPs across different /24
> > prefixes
> >  > is so that if
> >
> > The issue here is not the generic one of using multiple IPs.  It is
> > about using them to separate IMAP from SMTP.  That's an entirely
> > different matter.
> >
> > To the extent that anyone claims that there is a reptuation-related
> > reason for this kind of separate, for this kind of service
> distinction,
> > they need to provide substantial detail that makes the validity of
> the
> > reason crystal clear.
> >
> >
> > I have not seen it specifically for IMAP and SMTP, but I have seen it
> > for SMTP and HTTP.
>
> Indeed. Both of those get into the reputation game (and do need to.)
>
> IMAP is used with an internal login.  Separate reputation analysis, in
> the style of an abuse filtering engine, doesn't make sense to me.
>
>
> > Specifically, I've seen people block http(s) access to an A record based
> > on a hostname pointed at it
> > being advertised in spam or if the smtp server and web server are
> > shared, ie they don't block by port
> > instead, they use a broad block in both directions.
>
> Sure, if a bad actor -- who doesn't have to log in - connects to a
> service, it makes sense to accumulate whatever reputation of them you
> can, across services.
>
> But as soon as the system connecting has to privately register with you,
> for on-going access, I'd expect that to involve a /very/ different
> assessment engine, since there is more and persistent knowledge about
> them.
>
> I suppose that knowing the connect from an address that is problematic
> might be interesting, but, well... sigh.
>

Right, if spam is being sent from compromised hosts, the hosts could be
used for
other things like password/hijacking attacks against IMAP... but then, your
smtp
server has a lot of other problems already at that point though, you
could also
be blocking your customers infected desktops.

Anyways, I stand by that there is unlikely to be overlap between people
blocking your
smtp server and your customers accessing your imap server... you'd have to
suppose
a block list that for the former being used by your customers or someone
between them
and your imap server or your imap server using such a blocklist without
whitelisting itself,
I guess.

Brandon
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] IMAP and SMTP in the same or separated IPs?

2021-10-18 Thread Brandon Long via mailop

On Sat, Oct 16, 2021 at 2:35 PM Dave Crocker via mailop 
wrote:

>
>
> On 10/15/2021 5:40 PM, Grant Taylor via mailop wrote:
> > The motivation for spreading service IPs across different /24 prefixes
> > is so that if
>
> The issue here is not the generic one of using multiple IPs.  It is
> about using them to separate IMAP from SMTP.  That's an entirely
> different matter.
>
> To the extent that anyone claims that there is a reptuation-related
> reason for this kind of separate, for this kind of service distinction,
> they need to provide substantial detail that makes the validity of the
> reason crystal clear.
>

I have not seen it specifically for IMAP and SMTP, but I have seen it for
SMTP and HTTP.

Specifically, I've seen people block http(s) access to an A record based on
a hostname pointed at it
being advertised in spam or if the smtp server and web server are shared,
ie they don't block by port
instead, they use a broad block in both directions.

I wouldn't be overly worried about it for IMAP, given that your IMAP
customers are likely quite different than
who they are mailing, so it seems the likely overlap of those blocks is
going to be small.

Brandon
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] IMAP and SMTP in the same or separated IPs?

2021-10-18 Thread Dave Crocker via mailop

On 10/18/2021 10:56 AM, Brandon Long wrote:

On Sat, Oct 16, 2021 at 2:35 PM Dave Crocker via mailop 
mailto:mailop@mailop.org>> wrote:

On 10/15/2021 5:40 PM, Grant Taylor via mailop wrote:
 > The motivation for spreading service IPs across different /24
prefixes
 > is so that if

The issue here is not the generic one of using multiple IPs.  It is
about using them to separate IMAP from SMTP.  That's an entirely
different matter.

To the extent that anyone claims that there is a reptuation-related
reason for this kind of separate, for this kind of service distinction,
they need to provide substantial detail that makes the validity of the
reason crystal clear.

I have not seen it specifically for IMAP and SMTP, but I have seen it 
for SMTP and HTTP.

Indeed. Both of those get into the reputation game (and do need to.)

IMAP is used with an internal login.  Separate reputation analysis, in 
the style of an abuse filtering engine, doesn't make sense to me.

Specifically, I've seen people block http(s) access to an A record based 
on a hostname pointed at it
being advertised in spam or if the smtp server and web server are 
shared, ie they don't block by port

instead, they use a broad block in both directions.

Sure, if a bad actor -- who doesn't have to log in - connects to a 
service, it makes sense to accumulate whatever reputation of them you 
can, across services.

But as soon as the system connecting has to privately register with you, 
for on-going access, I'd expect that to involve a /very/ different 
assessment engine, since there is more and persistent knowledge about 
them.

I suppose that knowing the connect from an address that is problematic 
might be interesting, but, well... sigh.

I wouldn't be overly worried about it for IMAP, given that your IMAP 
customers are likely quite different than
who they are mailing, so it seems the likely overlap of those blocks is 
going to be small.

Exactly.

d/
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Google Postmaster Tools - No data since October 4th

2021-10-18 Thread Al Iverson via mailop

GPT is back but data is still backfilling for some folks (including me).
I'm a tiny sender, so I assume I'm way down their priority list.

Cheers,
Al Iverson

On Mon, Oct 18, 2021 at 7:04 AM Yitzhak Cohen via mailop 
wrote:

> Can back partially last week, sometime on Friday I think. When I looked
> again today it was fully back-filled.
>
>
>
>
> --
> *From:* mailop  on behalf of Ewald Kessler |
> Tripolis via mailop 
> *Sent:* Monday, October 18, 2021 13:19
> *To:* Antonie Popovic 
> *Cc:* mailop@mailop.org 
> *Subject:* Re: [mailop] Google Postmaster Tools - No data since October
> 4th
>
> Caution: This email is from an external sender. Please do not click links
> or open attachments unless you recognize the sender and know the content is
> safe. Forward suspicious emails to isitbad@.
>
>
>
> Must have been between Friday afternoon (CET) and this morning.
>
>
>
> *From:* Antonie Popovic 
> *Sent:* Monday, 18 October 2021 12:17
> *To:* Ewald Kessler | Tripolis 
> *Cc:* mailop@mailop.org
> *Subject:* Re: [mailop] Google Postmaster Tools - No data since October
> 4th
>
>
>
> Thank you for the info Ewald.
>
> Could you or anyone else please confirm when you got the reports for the
> missing week ?
>
>
>
> Much appreciated,
>
> Toni
>
>
>
> On Mon, Oct 18, 2021 at 11:33 AM Ewald Kessler | Tripolis via mailop <
> mailop@mailop.org> wrote:
>
> Data is back. And backfilled!
>
>
>
> *From:* mailop  *On Behalf Of *Danny Steinhoff
> via mailop
> *Sent:* Thursday, 14 October 2021 09:35
> *To:* Maarten Oelering 
> *Cc:* mailop 
> *Subject:* Re: [mailop] Google Postmaster Tools - No data since October
> 4th
>
>
>
> We do not get any data since 4 October
>
>
>
> On Thu, Oct 14, 2021 at 10:32 AM Maarten Oelering via mailop <
> mailop@mailop.org> wrote:
>
> We are monitoring hundreds of domains in GPT. Some of these domains never
> showed any data.
> But since October 8 all domains are returning 404 errors on the GPT API.
> So something is wrong at Google.
>
> Maarten
>
> ___
> mailop mailing list
> mailop@mailop.org
> https://list.mailop.org/listinfo/mailop
> 
>
> ___
> mailop mailing list
> mailop@mailop.org
> https://list.mailop.org/listinfo/mailop
> 
>
> ___
> mailop mailing list
> mailop@mailop.org
> https://list.mailop.org/listinfo/mailop
>


-- 
Al Iverson // Wombatmail // Chicago
Deliverability: https://spamresource.com
DNS Tools: https://xnnd.com
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Google Postmaster Tools - No data since October 4th

2021-10-18 Thread Antonie Popovic via mailop

Thank you for the info Ewald.
Could you or anyone else please confirm when you got the reports for the
missing week ?

Much appreciated,
Toni

On Mon, Oct 18, 2021 at 11:33 AM Ewald Kessler | Tripolis via mailop <
mailop@mailop.org> wrote:

> Data is back. And backfilled!
>
>
>
> *From:* mailop  *On Behalf Of *Danny Steinhoff
> via mailop
> *Sent:* Thursday, 14 October 2021 09:35
> *To:* Maarten Oelering 
> *Cc:* mailop 
> *Subject:* Re: [mailop] Google Postmaster Tools - No data since October
> 4th
>
>
>
> We do not get any data since 4 October
>
>
>
> On Thu, Oct 14, 2021 at 10:32 AM Maarten Oelering via mailop <
> mailop@mailop.org> wrote:
>
> We are monitoring hundreds of domains in GPT. Some of these domains never
> showed any data.
> But since October 8 all domains are returning 404 errors on the GPT API.
> So something is wrong at Google.
>
> Maarten
>
> ___
> mailop mailing list
> mailop@mailop.org
> https://list.mailop.org/listinfo/mailop
>
> ___
> mailop mailing list
> mailop@mailop.org
> https://list.mailop.org/listinfo/mailop
>
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] IMAP and SMTP in the same or separated IPs?

2021-10-18 Thread Alessio Cecchi via mailop


Hi Leandro,

with a load balancer (we are using Keepalived) you can provide to your 
customers both configurations:


- one IP for POP/IMAP/SMTP (es. mail.DOMAIN)

- two dedicated IP one for downloaded messages (POP/IMAP) and one for 
sending messages (SMTP)


If you have a small setup POP/IMAP/SMTP and MX probably are on the same 
IP but you cloud have some limits if MX and SMTP share the same IP and 
port 25, because with some old MTA could be more difficult to have relay 
and SMTP-Auth on the same port and apply DNSBL, for example.


Ciao

Il 15/10/21 17:15, Leandro Santiago via mailop ha scritto:

Hi list,

In which scenarios are there advantages on having IMAP and SMTP on 
different IPs?


I've been managing small servers using Postfix for smtp and Dovecot 
for mailbox, all in the same server using the same IP. But I'd like to 
know how widely used this scenario is by others, especially more 
experienced folks, and why.


What factors should affect such "splitting"? Performance, security , 
IP reputation or anything else?


I am mostly interested in office mail usage, but it's also interesting 
to hear from other usages.



___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop


--
Alessio Cecchi
Postmaster @ http://www.qboxmail.it
https://www.linkedin.com/in/alessice

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Google Postmaster Tools - No data since October 4th

2021-10-18 Thread Yitzhak Cohen via mailop

Can back partially last week, sometime on Friday I think. When I looked again 
today it was fully back-filled.






From: mailop  on behalf of Ewald Kessler | Tripolis 
via mailop 
Sent: Monday, October 18, 2021 13:19
To: Antonie Popovic 
Cc: mailop@mailop.org 
Subject: Re: [mailop] Google Postmaster Tools - No data since October 4th

Caution: This email is from an external sender. Please do not click links or 
open attachments unless you recognize the sender and know the content is safe. 
Forward suspicious emails to isitbad@.



Must have been between Friday afternoon (CET) and this morning.



From: Antonie Popovic 
Sent: Monday, 18 October 2021 12:17
To: Ewald Kessler | Tripolis 
Cc: mailop@mailop.org
Subject: Re: [mailop] Google Postmaster Tools - No data since October 4th



Thank you for the info Ewald.

Could you or anyone else please confirm when you got the reports for the 
missing week ?



Much appreciated,

Toni



On Mon, Oct 18, 2021 at 11:33 AM Ewald Kessler | Tripolis via mailop 
mailto:mailop@mailop.org>> wrote:

Data is back. And backfilled!



From: mailop mailto:mailop-boun...@mailop.org>> On 
Behalf Of Danny Steinhoff via mailop
Sent: Thursday, 14 October 2021 09:35
To: Maarten Oelering mailto:maar...@postmastery.net>>
Cc: mailop mailto:mailop@mailop.org>>
Subject: Re: [mailop] Google Postmaster Tools - No data since October 4th



We do not get any data since 4 October



On Thu, Oct 14, 2021 at 10:32 AM Maarten Oelering via mailop 
mailto:mailop@mailop.org>> wrote:

We are monitoring hundreds of domains in GPT. Some of these domains never 
showed any data.
But since October 8 all domains are returning 404 errors on the GPT API. So 
something is wrong at Google.

Maarten

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Google Postmaster Tools - No data since October 4th

2021-10-18 Thread Ewald Kessler | Tripolis via mailop

Must have been between Friday afternoon (CET) and this morning.

From: Antonie Popovic 
Sent: Monday, 18 October 2021 12:17
To: Ewald Kessler | Tripolis 
Cc: mailop@mailop.org
Subject: Re: [mailop] Google Postmaster Tools - No data since October 4th

Thank you for the info Ewald.
Could you or anyone else please confirm when you got the reports for the 
missing week ?

Much appreciated,
Toni

On Mon, Oct 18, 2021 at 11:33 AM Ewald Kessler | Tripolis via mailop 
mailto:mailop@mailop.org>> wrote:
Data is back. And backfilled!

From: mailop mailto:mailop-boun...@mailop.org>> On 
Behalf Of Danny Steinhoff via mailop
Sent: Thursday, 14 October 2021 09:35
To: Maarten Oelering mailto:maar...@postmastery.net>>
Cc: mailop mailto:mailop@mailop.org>>
Subject: Re: [mailop] Google Postmaster Tools - No data since October 4th

We do not get any data since 4 October

On Thu, Oct 14, 2021 at 10:32 AM Maarten Oelering via mailop 
mailto:mailop@mailop.org>> wrote:
We are monitoring hundreds of domains in GPT. Some of these domains never 
showed any data.
But since October 8 all domains are returning 404 errors on the GPT API. So 
something is wrong at Google.

Maarten

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Google Postmaster Tools - No data since October 4th

2021-10-18 Thread Ewald Kessler | Tripolis via mailop

Data is back. And backfilled!

From: mailop  On Behalf Of Danny Steinhoff via mailop
Sent: Thursday, 14 October 2021 09:35
To: Maarten Oelering 
Cc: mailop 
Subject: Re: [mailop] Google Postmaster Tools - No data since October 4th

We do not get any data since 4 October

On Thu, Oct 14, 2021 at 10:32 AM Maarten Oelering via mailop 
mailto:mailop@mailop.org>> wrote:
We are monitoring hundreds of domains in GPT. Some of these domains never 
showed any data.
But since October 8 all domains are returning 404 errors on the GPT API. So 
something is wrong at Google.

Maarten

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Reporting/detecting google groups spam

Re: [mailop] IMAP and SMTP in the same or separated IPs?

Re: [mailop] Reporting/detecting google groups spam

Re: [mailop] Gmail - messages to self accepted by SMTP, not delivered

Re: [mailop] IMAP and SMTP in the same or separated IPs?

Re: [mailop] IMAP and SMTP in the same or separated IPs?

Re: [mailop] IMAP and SMTP in the same or separated IPs?

Re: [mailop] Google Postmaster Tools - No data since October 4th

Re: [mailop] Google Postmaster Tools - No data since October 4th

Re: [mailop] IMAP and SMTP in the same or separated IPs?

Re: [mailop] Google Postmaster Tools - No data since October 4th

Re: [mailop] Google Postmaster Tools - No data since October 4th

Re: [mailop] Google Postmaster Tools - No data since October 4th

13 matches

Site Navigation

Mail list logo

Footer information