[mailop] Anyone here from createsend ?
I got a message from createsend on behalf of the Godaddy registry, which had a DKIM signature with a screwed up key in the DNS. This is related to new passwords for .US sub-registries so it would be unfortunate if the broken signature made the mail disappear into spam folders. Details on request. R's, John ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] 2 questions about BCC and mailing lists
On 2022-01-31 at 10:43 -0700, Geoff Mulligan wrote: > 1. If a recipient on an email message is both in the To: or Cc: and > on the mailing list, should the listserver send the message to the > recipient: > a) By default > b) Not by default (but configurable) > c) Never Yes, it should be sent to that recipient. It's also simpler to explain and understand. It may be annoying for some people, in which case you might wish to make that configurable, but the default shall be to deliver. (The direct copy can annoying as well, since it won't have the list headers which would easily let replying to list) However, the more pushing issue is the security aspect. If the list skips you when it finds you in CC I can influence the mailing list server to send an email to everyone but you by simply including a Cc header saying I am copying you (but not actually adding a RCPT TO: with your address) Or, more innocently, should the direct copy fail for some reason (we have plenty of examples here), that person won't receive the direct email *nor* the indirect one through the mailing list. In such case, there should be a NDR, granted (perhaps received a week later), but even assuming the NDR is seen and understood by the sender, he will probably shrug and assume it will have been received through the mailing list. The most exotic case I remember right now happened when replying privately to a subscriber of this list, where their tagged email address refused receiving my email, since I wasn't mailop. The funny thing is I was providing the contact email address they had asked for. I had to do some twisting to get their MTA to accept the message, and it was probably dropped anyway, since I received no response. If I replied both directly and to the list, such configuration would have been a problem. > 2. If a mailing list is in the BCC: should a message be delivered to > the > list: > a) Yes - always > b) No - never > c) Configurable > d) Convert it to a CC: I'm with John here. I would reject mails not explicitly showing the list as a recipient. You can do so when incoming, in order to avoid backscatter. The only legitimate case I can think of that are chained list, such as when -users mailing list is itself a subscriber of -announce. But since both lists would be in your platform, taking that into account shouldn't be a problem. Best regards ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] Musings on Mail Service Operators
On 2022-02-02 at 21:31 -0600, Scott Mutter wrote: > Email - as we know it - should have been dead years ago. But instead > we keep adding band-aid after band-aid after band-aid to the system. Maybe what you call a band-aid was actually preferable? > Why is it impossible to take a look at what Instant Messaging > protocols, SMTP, SMS do that make them successful and then blend > those together into a new "email-like" system? https://xkcd.com/927/ > > I'm not going to pretend to know what the ultimate solution might > be. One of the major issues with email is the address spoofing that > goes on. Maybe a spoofed address doesn't authenticate with SPF or > DKIM... but that only works if EVERYONE else uses SPF and DKIM... > that's the bandaid. Instant messaging and SMS can't as easily be > spoofed, they may be fake but senders have to register on the > platform in some way (be it a Facebook account, Twitter account, > phone number, etc). Would more need to be done to lock this down? > Absolutely. But it's at least A obstacle that potential abusers have > to overcome. Email doesn't have that. We have seen *a lot* of SMS spoofing (Poland, UK, you're not alone!). Say you receive a SMS with a spoofed sender of "MailopBank" containint a phishing link. Your phone will fill this with all the other (legitimate) SMS you received with a sender of "MailopBank". It's not really the phone fault. It has no other information to tell one "MailopBank" from the other (one might perhaps blame being able to use text as SMS senders). It has no sending IP, no SPF, no DMARC… The reason SMS is still in use is because it provides the lowest level technology, for sending a code to a phone user, be that a flip phone or the latest smartphone release. > Email was first invented in 1971 - that's over 50 years ago. We've > learned a lot about how people tend to use email and how people tend > to abuse email within the past 50 years. Instead of adding new > constructs to email. Why not invent a new, more modern email > alternative? Something that takes a lot of what we've learned from > email usage over the years, what we've seen in instant messaging, > SMS, and other computer communication protocols and builds on that > from the ground up? Wouldn't that be better than constantly adding > band-aids to email/SMTP to fix problems that pop up? At which point does a system become "a more modern alternative"? We could build an email system that used protobufs rather than SMTP, for the sake of making something new, but if it doesn't provide an improvement over SMTP, it's better to use the extensibility mechanism of SMTP. Compatibility is very important. If your new system can be gradually rolled out, and is able to receive messages from the existing systems, that will be preferable. > I'm not a huge fan of mailing lists or distributed mailings (forums > accomplish the same thing with less of the hassle of email > deliverability concerns). So you are advocating for a better email which is able to do less things than mail? Plus, a mailing list is just the ability of sending to multiple users. You could easily have a WhatsApp mailing list bot replacing groups. > Not a huge fan of automatic email forwarders/redirects, which tend to > break SPF and DKIM. Maybe things like these don't need to be > allowed? But the users *really* want to have all their messages on the same mailbox, even if they could easily access the other mailbox. Otherwise we wouldn't need email forwarding. > Yet those platforms don't seem to have an issue in getting people to > use them. Why couldn't a properly reimagined email replacement do > the same thing? And email don't have an issue in getting people using it.* The issues lie on a lower level, like not receiving /certain/ messages, or in the management by some clients, which is interface (you will however face some problems in getting a mail client for your new protocol that is as good as every existing one for "traditional" mail). * Many people don't actually know how to *properly* use email, but that's a slightly different issue. They manage to "use" it. ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] [E] Verizon contact for deliverability issue
Il 5 febbraio 2022 17:53:19 CET, Lili Crowley via mailop ha scritto: >Hey Giovanni- >Are you looking for verizon.net or verizon.com. I can help with verizon.net. > >Thanks! > >On Sat, Feb 5, 2022 at 6:38 AM Giovanni Bechis via mailop >wrote: > >> Hi, >> could someone at Verizon contact me off-list to track a deliverability >> issue regarding their dns ? >> Thanks & regards >> Giovanni >> ___ >> mailop mailing list >> mailop@mailop.org >> https://list.mailop.org/listinfo/mailop >> Thanks Lili, unfortunately I am searching for a verizon.com contact. Thanks Giovanni ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] [E] Verizon contact for deliverability issue
Hey Giovanni- Are you looking for verizon.net or verizon.com. I can help with verizon.net. Thanks! On Sat, Feb 5, 2022 at 6:38 AM Giovanni Bechis via mailop wrote: > Hi, > could someone at Verizon contact me off-list to track a deliverability > issue regarding their dns ? > Thanks & regards > Giovanni > ___ > mailop mailing list > mailop@mailop.org > https://list.mailop.org/listinfo/mailop > -- Lili Crowley she/her Postmaster ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop