Re: [mailop] Feedback Loops and Sub-Domains

2023-02-09 Thread Grant Taylor via mailop 

On 2/9/23 2:21 AM, Gellner, Oliver via mailop wrote:
In my experience the spam report button is not only used as a sort 
of fast unsubscribe, but also as a replacement for the delete button.


Knowing how unreliable training the end user is, I wonder if it's worth 
altering the equation wherein we (as the email industry) train email 
client programs to conditionally react differently when the 
make-this-message-go-away button is pressed.  Wherein if the message is 
obviously ham, delete the message or if the message is obviously spam, 
report the message, or optionally ask what to do if it's not obvious and 
default to delete the message.


Alter the equation, sort of like making people remove their ATM / debit 
card before they get cash reduced the number of cards left in machines.


A "Smart Delete" button if you will, similar to the "Smart Reply" button 
that fairly gracefully handles multiple different types of replies.




--
Grant. . . .
unix || die



smime.p7s
Description: S/MIME Cryptographic Signature
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] DKIM record IONOS

2023-02-09 Thread H via mailop 
On February 9, 2023 9:01:38 PM EST, Al Iverson  wrote:
>
>> I think the selector, if I understood this correctly, is actually
>_domainkey.
>
>Nope. Example:
>x._domainkey.xnnd.com 
>For mine, x is the selctor.
>You _always_ include _domainkey
>
>
>> Where did you find the Ionos instructions? I have only found
>third-party instructions which I do not consider to be authoritative.
>As I wrote, the instructions I received from them were also different
>suggesting confusion (beyond my own).
>
>https://www.ionos.com/digitalguide/e-mail/e-mail-security/dkim-domainkeys/
>What is a DKIM record and how to create a DKIM record?
>ionos.com
>
>
>> And when/how do I use the private key?
>
>Ooh…depends on your mail server. I was assuming you were using somebody
>else’s mail server and you were just adding in the public bit after
>they did the private bit for you.
>
>If not, then … if you’re using something like postfix on *nix, you will
>need to install and configure opendkim. 
>
>See:
>https://www.spamresource.com/2021/11/more-on-opendkim-and-postfix-from.html
>
>Cheers,
>Al Iverson

I now did find that resource but it is written as general information and does 
not really tell how to get it going with IONOS if they run the email server...
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] DKIM record IONOS

2023-02-09 Thread H via mailop 
On February 9, 2023 9:01:38 PM EST, Al Iverson  wrote:
>
>> I think the selector, if I understood this correctly, is actually
>_domainkey.
>
>Nope. Example:
>x._domainkey.xnnd.com 
>For mine, x is the selctor.
>You _always_ include _domainkey
>
>
>> Where did you find the Ionos instructions? I have only found
>third-party instructions which I do not consider to be authoritative.
>As I wrote, the instructions I received from them were also different
>suggesting confusion (beyond my own).
>
>https://www.ionos.com/digitalguide/e-mail/e-mail-security/dkim-domainkeys/
>What is a DKIM record and how to create a DKIM record?
>ionos.com
>
>
>> And when/how do I use the private key?
>
>Ooh…depends on your mail server. I was assuming you were using somebody
>else’s mail server and you were just adding in the public bit after
>they did the private bit for you.
>
>If not, then … if you’re using something like postfix on *nix, you will
>need to install and configure opendkim. 
>
>See:
>https://www.spamresource.com/2021/11/more-on-opendkim-and-postfix-from.html
>
>Cheers,
>Al Iverson

Aha, understood.
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] DKIM record IONOS

2023-02-09 Thread H via mailop 
On February 9, 2023 9:03:26 PM EST, Eric Tykwinski  
wrote:
>I think you are confused about the key signing, the mail server sending
>the email is generating the keys.  They are the ones signing the
>emails.  So if you send emails through Ionos -> receiving MTA, they
>should be the one signing the emails.  This allows them to create the
>keys.  If you are smarthosting emails, ie Ionos -> your MTA ->
>receiving MTA then you would sign the emails.
>
>Sincerely,
>
>Eric Tykwinski
>TrueNet, Inc.
>P: 610-429-8300
>
>> On Feb 9, 2023, at 8:53 PM, H via mailop  wrote:
>> 
>> On 02/09/2023 07:51 PM, Al Iverson wrote:
>>> The DKIM public key is technically a TXT record.
>>> Some people do use a CNAME version, but then yeah, you put in the
>hostname of the real server (real DNS entry) that has the TXT entry.
>>> So in your case, you’re probably looking to paste that key value
>into the TXT record.
>>> 
>>> Your selector is “k1” in this example. That sounds right based on
>Googling the iONOS instructions, I think.
>>> 
>>> Cheers,
>>> Al Iverson
>>> 
>>> 
 On Feb 9, 2023, at 6:41 PM, H via mailop  wrote:
 
 Having successfully created a SPF record for my domain hosted by
>Ionos, I now wanted to create a DKIM record but have received two
>completely different answers from Ionos.
 
 The first instruction I received was to create a CNAME record,
>enter k1._domainkey in the Host field, and then a key the Value field.
>Well, there is no Value field, only a Points To field and that seems to
>accept another domain name, not a key.
 
 I then called the helpline and was told to create a TXT record,
>keep the Host Name field unchanged from the default suggested by Ionos
>and then enter the public DKIM key in the Value field. IOW, no
>particular selector to be entered. Upon inquiring how to use the
>private DKIM key they told me I do not need it for anything...
 
 By the way, I used easyDmarc.com to create the public/private key
>pair.
 
 Clearly at most one of the above can be correct - or possibly none
>of the two...
 
 If anyone could set me straight, it would be greatly appreciated.
 
 Thanks.
 
 ___
 mailop mailing list
 mailop@mailop.org
 https://list.mailop.org/listinfo/mailop
>> 
>> I think the selector, if I understood this correctly, is actually
>_domainkey.
>> 
>> Where did you find the Ionos instructions? I have only found
>third-party instructions which I do not consider to be authoritative.
>As I wrote, the instructions I received from them were also different
>suggesting confusion (beyond my own).
>> 
>> And when/how do I use the private key?
>> 
>> 
>> ___
>> mailop mailing list
>> mailop@mailop.org 
>> https://list.mailop.org/listinfo/mailop
>

Bringing this back to the list again instead of private email. I sent an email 
from another domain they host for me and checked that particular email upon 
arrival to another of email address I have. No DKIM signature so they do not 
default to DKIM signing. One wonders why not?
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] DKIM record IONOS

2023-02-09 Thread H via mailop 
On February 9, 2023 9:03:26 PM EST, Eric Tykwinski  
wrote:
>I think you are confused about the key signing, the mail server sending
>the email is generating the keys.  They are the ones signing the
>emails.  So if you send emails through Ionos -> receiving MTA, they
>should be the one signing the emails.  This allows them to create the
>keys.  If you are smarthosting emails, ie Ionos -> your MTA ->
>receiving MTA then you would sign the emails.
>
>Sincerely,
>
>Eric Tykwinski
>TrueNet, Inc.
>P: 610-429-8300
>
>> On Feb 9, 2023, at 8:53 PM, H via mailop  wrote:
>> 
>> On 02/09/2023 07:51 PM, Al Iverson wrote:
>>> The DKIM public key is technically a TXT record.
>>> Some people do use a CNAME version, but then yeah, you put in the
>hostname of the real server (real DNS entry) that has the TXT entry.
>>> So in your case, you’re probably looking to paste that key value
>into the TXT record.
>>> 
>>> Your selector is “k1” in this example. That sounds right based on
>Googling the iONOS instructions, I think.
>>> 
>>> Cheers,
>>> Al Iverson
>>> 
>>> 
 On Feb 9, 2023, at 6:41 PM, H via mailop  wrote:
 
 Having successfully created a SPF record for my domain hosted by
>Ionos, I now wanted to create a DKIM record but have received two
>completely different answers from Ionos.
 
 The first instruction I received was to create a CNAME record,
>enter k1._domainkey in the Host field, and then a key the Value field.
>Well, there is no Value field, only a Points To field and that seems to
>accept another domain name, not a key.
 
 I then called the helpline and was told to create a TXT record,
>keep the Host Name field unchanged from the default suggested by Ionos
>and then enter the public DKIM key in the Value field. IOW, no
>particular selector to be entered. Upon inquiring how to use the
>private DKIM key they told me I do not need it for anything...
 
 By the way, I used easyDmarc.com to create the public/private key
>pair.
 
 Clearly at most one of the above can be correct - or possibly none
>of the two...
 
 If anyone could set me straight, it would be greatly appreciated.
 
 Thanks.
 
 ___
 mailop mailing list
 mailop@mailop.org
 https://list.mailop.org/listinfo/mailop
>> 
>> I think the selector, if I understood this correctly, is actually
>_domainkey.
>> 
>> Where did you find the Ionos instructions? I have only found
>third-party instructions which I do not consider to be authoritative.
>As I wrote, the instructions I received from them were also different
>suggesting confusion (beyond my own).
>> 
>> And when/how do I use the private key?
>> 
>> 
>> ___
>> mailop mailing list
>> mailop@mailop.org 
>> https://list.mailop.org/listinfo/mailop
>

Let's keep this conversation on the list rather than private email. IONOS has 
failed to communicate this to me despite having received information on the 
setup from me.

Any suggestion on how I address this?
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] DKIM record IONOS

2023-02-09 Thread H via mailop 
On 02/09/2023 08:53 PM, H wrote:
> On 02/09/2023 07:51 PM, Al Iverson wrote:
>> The DKIM public key is technically a TXT record.
>> Some people do use a CNAME version, but then yeah, you put in the hostname 
>> of the real server (real DNS entry) that has the TXT entry.
>> So in your case, you’re probably looking to paste that key value into the 
>> TXT record.
>>
>> Your selector is “k1” in this example. That sounds right based on Googling 
>> the iONOS instructions, I think.
>>
>> Cheers,
>> Al Iverson
>>
>>
>>> On Feb 9, 2023, at 6:41 PM, H via mailop  wrote:
>>>
>>> Having successfully created a SPF record for my domain hosted by Ionos, I 
>>> now wanted to create a DKIM record but have received two completely 
>>> different answers from Ionos.
>>>
>>> The first instruction I received was to create a CNAME record, enter 
>>> k1._domainkey in the Host field, and then a key the Value field. Well, 
>>> there is no Value field, only a Points To field and that seems to accept 
>>> another domain name, not a key.
>>>
>>> I then called the helpline and was told to create a TXT record, keep the 
>>> Host Name field unchanged from the default suggested by Ionos and then 
>>> enter the public DKIM key in the Value field. IOW, no particular selector 
>>> to be entered. Upon inquiring how to use the private DKIM key they told me 
>>> I do not need it for anything...
>>>
>>> By the way, I used easyDmarc.com to create the public/private key pair.
>>>
>>> Clearly at most one of the above can be correct - or possibly none of the 
>>> two...
>>>
>>> If anyone could set me straight, it would be greatly appreciated.
>>>
>>> Thanks.
>>>
>>> ___
>>> mailop mailing list
>>> mailop@mailop.org
>>> https://list.mailop.org/listinfo/mailop
> I think the selector, if I understood this correctly, is actually _domainkey.
>
> Where did you find the Ionos instructions? I have only found third-party 
> instructions which I do not consider to be authoritative. As I wrote, the 
> instructions I received from them were also different suggesting confusion 
> (beyond my own).
>
> And when/how do I use the private key?
>
>
Perusing the internet a bit more, it seems that the TXT record should contain 
(selector)._domainkey.mydomainname.tld. IOW, since my TXT record I created 
right now contains just _domainkey, I need to change that to 
k1._domainkey.mydomainname.tld.

Would that be correct understanding?

Also, it seems that I need to ask Ionos where/how to put the private key since 
besides hosting the domain I am also using their email server.

Is that also correct understanding?

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] DKIM record IONOS

2023-02-09 Thread H via mailop 
On 02/09/2023 07:51 PM, Al Iverson wrote:
> The DKIM public key is technically a TXT record.
> Some people do use a CNAME version, but then yeah, you put in the hostname of 
> the real server (real DNS entry) that has the TXT entry.
> So in your case, you’re probably looking to paste that key value into the TXT 
> record.
>
> Your selector is “k1” in this example. That sounds right based on Googling 
> the iONOS instructions, I think.
>
> Cheers,
> Al Iverson
>
>
>> On Feb 9, 2023, at 6:41 PM, H via mailop  wrote:
>>
>> Having successfully created a SPF record for my domain hosted by Ionos, I 
>> now wanted to create a DKIM record but have received two completely 
>> different answers from Ionos.
>>
>> The first instruction I received was to create a CNAME record, enter 
>> k1._domainkey in the Host field, and then a key the Value field. Well, there 
>> is no Value field, only a Points To field and that seems to accept another 
>> domain name, not a key.
>>
>> I then called the helpline and was told to create a TXT record, keep the 
>> Host Name field unchanged from the default suggested by Ionos and then enter 
>> the public DKIM key in the Value field. IOW, no particular selector to be 
>> entered. Upon inquiring how to use the private DKIM key they told me I do 
>> not need it for anything...
>>
>> By the way, I used easyDmarc.com to create the public/private key pair.
>>
>> Clearly at most one of the above can be correct - or possibly none of the 
>> two...
>>
>> If anyone could set me straight, it would be greatly appreciated.
>>
>> Thanks.
>>
>> ___
>> mailop mailing list
>> mailop@mailop.org
>> https://list.mailop.org/listinfo/mailop

I think the selector, if I understood this correctly, is actually _domainkey.

Where did you find the Ionos instructions? I have only found third-party 
instructions which I do not consider to be authoritative. As I wrote, the 
instructions I received from them were also different suggesting confusion 
(beyond my own).

And when/how do I use the private key?


___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] DKIM record IONOS

2023-02-09 Thread Al Iverson via mailop 
The DKIM public key is technically a TXT record.
Some people do use a CNAME version, but then yeah, you put in the hostname of 
the real server (real DNS entry) that has the TXT entry.
So in your case, you’re probably looking to paste that key value into the TXT 
record.

Your selector is “k1” in this example. That sounds right based on Googling the 
iONOS instructions, I think.

Cheers,
Al Iverson


> On Feb 9, 2023, at 6:41 PM, H via mailop  wrote:
> 
> Having successfully created a SPF record for my domain hosted by Ionos, I now 
> wanted to create a DKIM record but have received two completely different 
> answers from Ionos.
> 
> The first instruction I received was to create a CNAME record, enter 
> k1._domainkey in the Host field, and then a key the Value field. Well, there 
> is no Value field, only a Points To field and that seems to accept another 
> domain name, not a key.
> 
> I then called the helpline and was told to create a TXT record, keep the Host 
> Name field unchanged from the default suggested by Ionos and then enter the 
> public DKIM key in the Value field. IOW, no particular selector to be 
> entered. Upon inquiring how to use the private DKIM key they told me I do not 
> need it for anything...
> 
> By the way, I used easyDmarc.com to create the public/private key pair.
> 
> Clearly at most one of the above can be correct - or possibly none of the 
> two...
> 
> If anyone could set me straight, it would be greatly appreciated.
> 
> Thanks.
> 
> ___
> mailop mailing list
> mailop@mailop.org
> https://list.mailop.org/listinfo/mailop

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

[mailop] DKIM record IONOS

2023-02-09 Thread H via mailop 
Having successfully created a SPF record for my domain hosted by Ionos, I now 
wanted to create a DKIM record but have received two completely different 
answers from Ionos.

The first instruction I received was to create a CNAME record, enter 
k1._domainkey in the Host field, and then a key the Value field. Well, there is 
no Value field, only a Points To field and that seems to accept another domain 
name, not a key.

I then called the helpline and was told to create a TXT record, keep the Host 
Name field unchanged from the default suggested by Ionos and then enter the 
public DKIM key in the Value field. IOW, no particular selector to be entered. 
Upon inquiring how to use the private DKIM key they told me I do not need it 
for anything...

By the way, I used easyDmarc.com to create the public/private key pair.

Clearly at most one of the above can be correct - or possibly none of the two...

If anyone could set me straight, it would be greatly appreciated.

Thanks.

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Compromised email account trends

2023-02-09 Thread Peter N. M. Hansteen via mailop 
On Wed, Feb 08, 2023 at 03:39:18PM -0600, Jarland Donnell via mailop wrote:
> 
> - Any email sent to ollegas2...@gmail.com, glob22aa.fun, or mx373.com
> consistently links to what I believe is a virus that sends out a user's
> email credentials to the bad actor.

I can add to the list of likely candidates these from my own logs:

afelix6...@gmail.com
t...@gmail.com
validx...@gmail.com

Most likely relay attempts, which means auto-LARTing since gmail.com is
*not* in the local /etc/mail/spamd.alloweddomains:

[Thu Feb 09 13:23:32] peter@skapet:~/website$ grep afelix6...@gmail.com 
/var/log/spamd
Feb  4 21:08:01 skapet spamd[50296]: (BLACK) 185.28.39.101:  
-> 
Feb  4 21:09:44 skapet spamd[50296]: 185.28.39.101: To: "afelix6872" 

Feb  4 23:44:29 skapet spamd[50296]: (BLACK) 185.28.39.101:  
-> 
Feb  4 23:46:12 skapet spamd[50296]: 185.28.39.101: To: "afelix6872" 

Feb  7 00:25:54 skapet spamd[95688]: (GREY) 185.28.39.33:  -> 

Feb  7 00:25:54 skapet spamd[39429]: Trapping 185.28.39.33 for tuple 
185.28.39.33 lvvqyc  
Feb  7 00:25:54 skapet spamd[39429]: new greytrap entry 185.28.39.33 from 
 to , helo lvvqyc
Feb  7 03:20:06 skapet spamd[95688]: (BLACK) 185.28.39.33:  -> 

Feb  7 03:21:50 skapet spamd[95688]: 185.28.39.33: To: "afelix6872" 

Feb  7 13:01:07 skapet spamd[95688]: (GREY) 185.28.39.101:  -> 

Feb  7 13:01:07 skapet spamd[39429]: Trapping 185.28.39.101 for tuple 
185.28.39.101 dpgVCD90  
Feb  7 13:01:07 skapet spamd[39429]: new greytrap entry 185.28.39.101 from 
 to , helo dpgVCD90
Feb  7 16:58:27 skapet spamd[95688]: (BLACK) 185.28.39.101:  
-> 
Feb  7 17:00:10 skapet spamd[95688]: 185.28.39.101: To: "afelix6872" 

[Thu Feb 09 13:23:38] peter@skapet:~/website$ grep t...@gmail.com /var/log/spamd
Feb  4 14:55:25 skapet spamd[50296]: (GREY) 147.78.103.226:  -> 

Feb  4 14:55:25 skapet spamd[32184]: Trapping 147.78.103.226 for tuple 
147.78.103.226 win-clj1b0gq6jp.domain  
Feb  4 14:55:25 skapet spamd[32184]: new greytrap entry 147.78.103.226 from 
 to , helo win-clj1b0gq6jp.domain
[Thu Feb 09 13:23:54] peter@skapet:~/website$ grep validx...@gmail.com 
/var/log/spamd
Feb  8 04:27:06 skapet spamd[95688]: (GREY) 94.247.241.70:  
-> 
Feb  8 04:27:06 skapet spamd[39429]: Trapping 94.247.241.70 for tuple 
94.247.241.70 mail.dataped.no  
Feb  8 04:27:06 skapet spamd[39429]: new greytrap entry 94.247.241.70 from 
 to , helo mail.dataped.no

All the best,
Peter

-- 
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
https://bsdly.blogspot.com/ https://www.bsdly.net/ https://www.nuug.no/
"Remember to set the evil bit on all malicious network traffic"
delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Compromised email account trends

2023-02-09 Thread John Quaglieri via mailop 
I have seen this trend recently as well. The subject is a utf byte order 
mark which looks blank on an email message or in logs, but not when 
being scanned.  The closest regex I was able to come up with in rspamd 
after many other attempts was


/^.{1}$/u

Which matches a single character utf8 subject.


- John Quaglieri

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Feedback Loops and Sub-Domains

2023-02-09 Thread Laura Atkins via mailop 

> On 9 Feb 2023, at 09:21, Gellner, Oliver via mailop  wrote:
> 
> On 2023-02-08 22:51, Support 3Hound via mailop wrote:
> 
>> Note that especially on some providers, most user "feel" the reporting as a 
>> sort of "fast unsubscribe"...
> 
> Just as a side note: In my experience the spam report button is not only used 
> as a sort of fast unsubscribe, but also as a replacement for the delete 
> button. We have countless examples of back-and-forth conversations of 
> hand-written messages between friends or relatives which then end up in a 
> FBL. In those cases it is obvious that the reporters do not want to not 
> receive any more messages of the other party, but more probably thought "I 
> have read this email, it can be removed now from my inbox". Who cares whether 
> its moved into the recycle bin, the spam folder or some other place.

This is why complaints is such a noisy metric to use and why many compliance 
teams work on the total volume of complaints rather than working each one 
individually. We know that some of the mail reported as spam isn’t actually 
actionable by the hosting company. This is actually true for the non-FBL 
complaints as well, although those are usually sent by more experienced folks. 
But, sometimes, it’s just not sensible to turn off a customer based on one or 
two complaints. 

> Of course with newsletter or other automated messages you cannot tell whether 
> the reporter wanted to actually mark this email as spam or just wanted to 
> delete it, so you end up unsubscribing them.

And adding the number to reporting so you can identify if this is simply a one 
off or if your customer is behaving badly.

laura 

-- 
The Delivery Experts

Laura Atkins
Word to the Wise
la...@wordtothewise.com 

Email Delivery Blog: http://wordtothewise.com/blog  






___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Feedback Loops and Sub-Domains

2023-02-09 Thread Gellner, Oliver via mailop 
On 2023-02-08 22:51, Support 3Hound via mailop wrote:

> Note that especially on some providers, most user "feel" the reporting as a 
> sort of "fast unsubscribe"...

Just as a side note: In my experience the spam report button is not only used 
as a sort of fast unsubscribe, but also as a replacement for the delete button. 
We have countless examples of back-and-forth conversations of hand-written 
messages between friends or relatives which then end up in a FBL. In those 
cases it is obvious that the reporters do not want to not receive any more 
messages of the other party, but more probably thought "I have read this email, 
it can be removed now from my inbox". Who cares whether its moved into the 
recycle bin, the spam folder or some other place.

Of course with newsletter or other automated messages you cannot tell whether 
the reporter wanted to actually mark this email as spam or just wanted to 
delete it, so you end up unsubscribing them.

--
BR Oliver


dmTECH GmbH
Am dm-Platz 1, 76227 Karlsruhe * Postfach 10 02 34, 76232 Karlsruhe
Telefon 0721 5592-2500 Telefax 0721 5592-2777
dmt...@dm.de * www.dmTECH.de
GmbH: Sitz Karlsruhe, Registergericht Mannheim, HRB 104927
Geschäftsführer: Christoph Werner, Martin Dallmeier, Roman Melcher

Datenschutzrechtliche Informationen
Wenn Sie mit uns in Kontakt treten, beispielsweise wenn Sie an unser 
ServiceCenter Fragen haben, bei uns einkaufen oder unser dialogicum in 
Karlsruhe besuchen, mit uns in einer geschäftlichen Verbindung stehen oder sich 
bei uns bewerben, verarbeiten wir personenbezogene Daten. Informationen unter 
anderem zu den konkreten Datenverarbeitungen, Löschfristen, Ihren Rechten sowie 
die Kontaktdaten unserer Datenschutzbeauftragten finden Sie 
hier.
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Compromised email account trends

2023-02-09 Thread Gellner, Oliver via mailop 
On 2023-02-08 22:51, Jarland Donnell via mailop wrote:
> Some bonus indications of similar but different compromises:

> - Any email sent to ollegas2...@gmail.com, glob22aa.fun, or mx373.com 
> consistently links to what I believe is a virus that sends out a user's email 
> credentials to the bad actor.

ollegas2...@gmail.com also seems to be very popular over at colocrossing.com, 
where servers like 107.174.142.121, 172.245.23.149, 172.245.23.164, 
172.245.244.101, 172.245.93.122, 192.227.244.59, which are on every RBL on the 
planet anyway, use this address to test for open relays. At least I have no 
other explanation why they connect to all kind of non-Gmail MTAs and try to 
deliver emails to this address.

--
BR Oliver


dmTECH GmbH
Am dm-Platz 1, 76227 Karlsruhe * Postfach 10 02 34, 76232 Karlsruhe
Telefon 0721 5592-2500 Telefax 0721 5592-2777
dmt...@dm.de * www.dmTECH.de
GmbH: Sitz Karlsruhe, Registergericht Mannheim, HRB 104927
Geschäftsführer: Christoph Werner, Martin Dallmeier, Roman Melcher

Datenschutzrechtliche Informationen
Wenn Sie mit uns in Kontakt treten, beispielsweise wenn Sie an unser 
ServiceCenter Fragen haben, bei uns einkaufen oder unser dialogicum in 
Karlsruhe besuchen, mit uns in einer geschäftlichen Verbindung stehen oder sich 
bei uns bewerben, verarbeiten wir personenbezogene Daten. Informationen unter 
anderem zu den konkreten Datenverarbeitungen, Löschfristen, Ihren Rechten sowie 
die Kontaktdaten unserer Datenschutzbeauftragten finden Sie 
hier.
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop