Re: [mailop] [EXTERNAL] Re: Best email server for home use...

2022-02-23 Thread Erwin Harte via mailop 
On 2/23/22 5:27 AM, Mary via mailop wrote:
> [...]
> I use them with Linode's smallest offering ($5 for a 1GB server) as a hosting 
> platform. But can't run ClamAV anti-virus because it requires at least 4GB of 
> ram to load its default data set.

For what it's worth, in my experience ClamAV/clamd becomes 100x happier
when I give it some swap into which to offload its "toxic waste":

$ ps u $(pgrep clamd)
USER   PID %CPU %MEMVSZ   RSS TTY  STAT START   TIME COMMAND
clamav1136  0.0 24.1 1645912 483592 ?  Ssl Jan19  21:27
/usr/sbin/clamd --foreground=true

$ free -m
   totalusedfree  shared buff/cache
available
Mem:   1955 849 142 0 963 924
Swap:  20471156 891

Not the smallest AWS instance, but not far off (and I could possibly go
down a notch):

$ curl -s http://169.254.169.254/latest/meta-data/instance-type; echo
t3a.small

My $0.02,
Erwin

Get the 13 Email Threat Types eBook

https://www.barracuda.com/

This e-mail and any attachments to it contain confidential and proprietary 
material of Barracuda, its affiliates or agents, and is solely for the use of 
the intended recipient. Any review, use, disclosure, distribution or copying of 
this transmittal is prohibited except by or on behalf of the intended 
recipient. If you have received this transmittal in error, please notify the 
sender and destroy this e-mail and any attachments and all copies, whether 
electronic or printed.


___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] .eml Attachments and the 1000-character SMTP Limit

2021-10-13 Thread Erwin Harte via mailop 

On 10/11/21 10:19 PM, John via mailop wrote:

Hello Matt,

The answer is yes, it's not good practice to block messages containing long 
lines in emails. That will likely cause problems at either the sender or 
recipient. Senders may receive non-delivery notifications, recipients may miss 
mails.

RFC5322 (2008) advises to handle long lines at least up to 998 characters. 
However, there is no pressing technical need to filter. The 1000 character rule 
appeared in rfc821 (1982), probably because it was believed that it was a good 
idea to limit the format to the capacity of hardware and software at the time. 
We've moved on, systems have sufficient memory and mail readers have been smart 
enough to wrap long lines for a long time already.
IME the MUAs are generally not the problem here. The (semi)automated 
emails that include (template-based, often) text/html MIME parts that 
include lines of tens of thousands of characters long, and no end in 
sight, are. Depending on your infrastructure and implementation language 
of choice that can be a bit of a challenge to handle correctly.


--Erwin

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] [EXTERNAL] Any Barracuda contacts?

2021-10-04 Thread Erwin Harte via mailop 

I've sent a reply off list.

Thanks,
Erwin

On 10/4/21 1:15 PM, Michael Sofka via mailop wrote:
Most of our SMTP servers started being rejected by systems using 
barracuda.  The rejection included a link that provided no additional 
information.  I was able to find Barracuda's reputation page, and the 
IPs were listed as having "poor" reputation, even as the domain was fine.


I've already done the remove request for each IP, and they now have a 
fine reputation, but it is taking a long time for this to propagate.  
Meanwhile, I am at a loss as to why they were listed to begin with.  I 
submitted a "feedback" message on the barracuda reputation site.


Anything else I should try?  All help appreciated.

Thank you,

Mike


___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Paging Barracuda/EmailReg

2021-04-05 Thread Erwin Harte via mailop 

On 4/5/21 9:35 AM, L. Mark Stone wrote:

And...

The barracudacentral.org website certificate expired yesterday as well.


Indeed. The relevant group is aware and working to fix that.

--Erwin

===
Get the 13 Email Threat Types eBook

https://www.barracuda.com/13-threats-report?utm_source=email_signature_campaign=13tt_medium=email_content=13tt-ebook

DISCLAIMER:
This e-mail and any attachments to it contain confidential and proprietary 
material of Barracuda, its affiliates or agents, and is solely for the use of 
the intended recipient. Any review, use, disclosure, distribution or copying of 
this transmittal is prohibited except by or on behalf of the intended 
recipient. If you have received this transmittal in error, please notify the 
sender and destroy this e-mail and any attachments and all copies, whether 
electronic or printed.
===
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Paging Barracuda/EmailReg

2021-04-05 Thread Erwin Harte via mailop 

On 4/3/21 8:59 AM, Jim Popovitch via mailop wrote:

Paging someone from Barracuda or EmailReg.  EmailReg.org has been
offline for a while now.

https://www.barracudacentral.org/about/emailreg


As I understand it that should be deprecated/removed, I've nudged 
someone about it.


--Erwin


===
Get the 13 Email Threat Types eBook

https://www.barracuda.com/13-threats-report?utm_source=email_signature_campaign=13tt_medium=email_content=13tt-ebook

DISCLAIMER:
This e-mail and any attachments to it contain confidential and proprietary 
material of Barracuda, its affiliates or agents, and is solely for the use of 
the intended recipient. Any review, use, disclosure, distribution or copying of 
this transmittal is prohibited except by or on behalf of the intended 
recipient. If you have received this transmittal in error, please notify the 
sender and destroy this e-mail and any attachments and all copies, whether 
electronic or printed.
===
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] bell.ca/bell.net contact?

2020-10-23 Thread Erwin Harte via mailop 

On 10/23/20 11:04 AM, Erwin Harte wrote:

Hello,

We appear to be hitting a capacity ceiling from one of our ranges 
(15.222.16.128/25) in delivering to their servers at 184.150.200.82 
(smtpvipmtrlin.bell.net/mxmta.owm.bell.net) and 184.150.200.210 
(smtpviptorin.bell.net/mxmta.owm.bell.net).


I reached out to postmas...@bell.ca (postmas...@bell.net bounced, 
alas) at the end of yesterday afternoon (PDT) but no response yet, so 
maybe someone here can put me in touch with them, or suggest a way?


A suggestion I received off-list was ispsupp...@bell.ca but that address 
doesn't seem to exist at this time.


: host mx-wyn.bell.ca[67.69.243.161] said: 550 #5.1.0
    Address rejected. (in reply to RCPT TO command)

Thanks,
Erwin

===
Get the 13 Email Threat Types eBook

https://www.barracuda.com/13-threats-report?utm_source=email_signature_campaign=13tt_medium=email_content=13tt-ebook

DISCLAIMER:
This e-mail and any attachments to it contain confidential and proprietary 
material of Barracuda, its affiliates or agents, and is solely for the use of 
the intended recipient. Any review, use, disclosure, distribution or copying of 
this transmittal is prohibited except by or on behalf of the intended 
recipient. If you have received this transmittal in error, please notify the 
sender and destroy this e-mail and any attachments and all copies, whether 
electronic or printed.
===
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

[mailop] bell.ca/bell.net contact?

2020-10-23 Thread Erwin Harte via mailop 

Hello,

We appear to be hitting a capacity ceiling from one of our ranges 
(15.222.16.128/25) in delivering to their servers at 184.150.200.82 
(smtpvipmtrlin.bell.net/mxmta.owm.bell.net) and 184.150.200.210 
(smtpviptorin.bell.net/mxmta.owm.bell.net).


I reached out to postmas...@bell.ca (postmas...@bell.net bounced, alas) 
at the end of yesterday afternoon (PDT) but no response yet, so maybe 
someone here can put me in touch with them, or suggest a way?


Thanks in advance,
Erwin

===
Get the 13 Email Threat Types eBook

https://www.barracuda.com/13-threats-report?utm_source=email_signature_campaign=13tt_medium=email_content=13tt-ebook

DISCLAIMER:
This e-mail and any attachments to it contain confidential and proprietary 
material of Barracuda, its affiliates or agents, and is solely for the use of 
the intended recipient. Any review, use, disclosure, distribution or copying of 
this transmittal is prohibited except by or on behalf of the intended 
recipient. If you have received this transmittal in error, please notify the 
sender and destroy this e-mail and any attachments and all copies, whether 
electronic or printed.
===
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Anyone from Barracuda to contact please?

2020-02-11 Thread Erwin Harte via mailop 

On 2/6/20 1:43 PM, Kevin A. McGrail via mailop wrote:

Have IPs showing clean from BRBL with tickets open from recipients aka
Barracuda customers.  Traceroutes show it gets fair enough that it's
unclear if it is an AWS or barracuda issue but we can't get to port 25.

Looking for any guidance to find out what might be the issue to help
Barracuda support.

Hello Kevin,

Since your description is relatively vague I can only /guess/ that 
you're talking about ESS customers here. There are (currently) no ACLs 
on port 25 there, so hopefully that will give you an idea for where to 
look next.


Sincerely,
Erwin


===
Get all the latest cyber security industry news directly in your inbox

Subscribe to the Barracuda blog for daily or weekly updates:

https://blog.barracuda.com/subscription

DISCLAIMER:
This e-mail and any attachments to it contain confidential and proprietary 
material of Barracuda, its affiliates or agents, and is solely for the use of 
the intended recipient. Any review, use, disclosure, distribution or copying of 
this transmittal is prohibited except by or on behalf of the intended 
recipient. If you have received this transmittal in error, please notify the 
sender and destroy this e-mail and any attachments and all copies, whether 
electronic or printed.
===
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] signup form abuse

2016-05-25 Thread Erwin Harte 

On 5/25/16 4:40 PM, Michelle Sullivan wrote:

Vick Khera wrote:

On Wed, May 25, 2016 at 3:02 PM, Erwin Harte <eha...@barracuda.com
<mailto:eha...@barracuda.com>> wrote:


 I did a spot check of a recent attack. The email address was
 jabradb...@kanawhascales.com
 <mailto:jabradb...@kanawhascales.com> and it got signed up to 12
 lists during May 17 and 18. Amazingly, whoever is on the other
 end of that address clicked to confirm every one of those
 confirmation messages. All confirmation clicks appear to come
 from a netblock owned by Barracuda Networks... Hmm...

 Which netblock was that?


64.235.144.0/20 <http://64.235.144.0/20>

Specifically: 64.235.154.109,
64.235.153.2, 64.235.150.252, 64.235.153.10, 64.235.154.105, 64.235.154.109



Single click through?  (as in everything in the URL?) - if so probably
automated mail scanning.

That's what I expect as well. Those addresses are all from ESS 
(https://www.barracuda.com/products/emailsecurityservice) which does 
'intent' checking.


--Erwin

===


Considering Office 365?  Barracuda security and storage solutions can help. 
Learn more about Barracuda solutions for Office 365 at 
http://barracuda.com/office365.

DISCLAIMER:
This e-mail and any attachments to it contain confidential and proprietary 
material of Barracuda, its affiliates or agents, and is solely for the use of 
the intended recipient. Any review, use, disclosure, distribution or copying of 
this transmittal is prohibited except by or on behalf of the intended 
recipient. If you have received this transmittal in error, please notify the 
sender and destroy this e-mail and any attachments and all copies, whether 
electronic or printed.


___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] signup form abuse

2016-05-25 Thread Erwin Harte 

On 5/25/16 10:36 AM, Vick Khera wrote:
On Tue, May 24, 2016 at 2:18 PM, Michael Wise 
> wrote:


Are these IP addresses on CBL?

I did a spot check of a recent attack. The email address was 
jabradb...@kanawhascales.com  and 
it got signed up to 12 lists during May 17 and 18. Amazingly, whoever 
is on the other end of that address clicked to confirm every one of 
those confirmation messages. All confirmation clicks appear to come 
from a netblock owned by Barracuda Networks... Hmm...

Which netblock was that?

--Erwin

===


Considering Office 365?  Barracuda security and storage solutions can help. 
Learn more about Barracuda solutions for Office 365 at 
http://barracuda.com/office365.

DISCLAIMER:
This e-mail and any attachments to it contain confidential and proprietary 
material of Barracuda, its affiliates or agents, and is solely for the use of 
the intended recipient. Any review, use, disclosure, distribution or copying of 
this transmittal is prohibited except by or on behalf of the intended 
recipient. If you have received this transmittal in error, please notify the 
sender and destroy this e-mail and any attachments and all copies, whether 
electronic or printed.

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop