Re: [mailop] Verifying receipients?
On Fri, Feb 16, 2024 at 3:56 PM Bill Cole via mailop wrote: > > What is this current attitude on using something like > > Postfix's `reject_unverified_recipient`? > > ONLY use this when you are relaying for specific domains that you > service where you do not have any way to obtain a definitive user list. > > > Does probing for recipients work these days, is it considered abusive? > > Probing for recipients on systems where you do not have explicit prior > permission to do so is asking to be treated like a criminal. It also > tends not to work. > > The same goes for sender verification. Very helpful advice, thanks Bill ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
[mailop] Verifying receipients?
What is this current attitude on using something like Postfix's `reject_unverified_recipient`? Does probing for recipients work these days, is it considered abusive? Yours kindly, Jesse Hathaway ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
[mailop] Mailing Lists and domains with DMARC reject
My understanding is that there are a couple popular approaches which Mailing Lists can take to support domains with a DMARC reject policy: 1. Rewrite the RFC5322.From address to be an address from the mailing list domain, place the original RFC5322.From address in the Reply-To header. Sign the message with the mailing list's DKIM key. 2. Preserve the original DKIM signing of the message by only adding additional headers, i.e. do not modify the subject or add a trailer message. Does anyone have any knowledge on which methodology is the most successful for ensuring delivery. Option (1) anecdotally seems the most widely used. However, option (2) is attractive because it provides the recipient with high confidence that the message is from the purported author. Yours kindly, Jesse Hathaway ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] Gmail spam scoring via IPv6 different than IPv4?
Thanks everyone for the advice. For the immediate future I am going to continue to send to Gmail only over IPv4. After I have some confidence that I have checked all the boxes for our IPv6 IPs I will do some experimental sending to Gmail from those IPs. If I can achieve reliable delivery I will consider removing the IPv4 only config. ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
[mailop] Gmail spam scoring via IPv6 different than IPv4?
Back in 2013[1] we changed our mail config to force MX lookups for gmail to only use IPv4 addresses. We made these change after hearing reports of higher spam scoring when sending mail via IPv6. Would anyone from Google be able to comment as to whether forcing IPv4 is still needed? Yours kindly, Jesse Hathaway [1]: https://gerrit.wikimedia.org/r/c/operations/puppet/+/79753 ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] Email System Testing Methodologies?
On Wed, Jun 15, 2022 at 7:13 PM Ángel via mailop wrote: > On this line, there is the MECSA tool > https://mecsa.jrc.ec.europa.eu/ Thanks, added it to my list ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] Email System Testing Methodologies?
Thanks everyone for the suggestions, here is my summary of responses: Configuration Checkers: Web Based 1. mxtoolbox.com 2. gmail -> view source CLI 1. mailsec-check, https://github.com/foxcpp/mailsec-check Email Echo Testers: 1. check-a...@verifier.port25.com 2. https://www.mail-tester.com 3. e...@univie.ac.at 4. p...@stamper.itconsult.co.uk I was also hoping for some testing methodologies which could be used in a private staging or development environment, but none of those materialized. ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
[mailop] Email System Testing Methodologies?
I am working on some architectural changes to our email systems at the Wikimedia Foundation[1] and I am a bit befuddled as to the best way to test changes to the current system. As you all are all aware email is a distrubted system which encompases a wide variety of protocols. Ideally I would like to know that our system behaves as expected with regards to: mail routing, spam detection, and spam avoidance (SPF, DKIM, ARC). Do folks have any suggestions on methods or systems to do this type of whole system testing? Yours kindly, Jesse Hathaway [1]: https://wikitech.wikimedia.org/wiki/Email_System_Revamp ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] Troubleshooting MTA-STS reports
On Tue, Apr 26, 2022 at 6:18 PM John Levine wrote: > They're not that rare. Microsoft and Comcast also send them, along with a > few smaller places. Thanks John, I'll try sending some email from those domains to see If I can trigger a report. ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] Troubleshooting MTA-STS reports
On Tue, Apr 26, 2022 at 4:08 PM Eric Tykwinski wrote: > Everything looks fine to me, have you tried sending an email to a another > google account. > They are the one company I know sends MTA-STS reports, others sadly don’t. Thanks for checking, I didn't realize they were so rare. > My guess is that Google might not be sending inter-domain reports since your > hosted there. > Doesn’t make sense to me, but I’m sure if that’s the case Brandon or someone > else from Google will tell you. I was wondering whether that might be part of the problem. ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] Troubleshooting MTA-STS reports
On Tue, Apr 26, 2022 at 3:48 PM Eric Tykwinski wrote: > You need a place to send the emails to: > _smtp._tls.virtcolo.com. TXT Default v=TLSRPTv1; > rua=mailto:postmas...@virtcolo.com Thanks Eric, I forgot to include the TLSRPT piece, this is what I currently have: $ dig +short txt _smtp._tls.mbuki-mvuki.org "v=TLSRPTv1; rua=mailto:postmas...@mbuki-mvuki.org; ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
[mailop] Troubleshooting MTA-STS reports
Hello mailopers, I am trying to setup MTA-STS for my domain, I thought I had everything configured correctly, in testing mode, but I never receive any reports via TLSRPT. If anyone has any advice on how to troubleshoot, that would be greatly appreciated. Yours kindly, Jesse Hathaway My current config $ dig +short txt _mta-sts.mbuki-mvuki.org "v=STSv1; id=20220404T193755Z;" $ curl https://mta-sts.mbuki-mvuki.org/.well-known/mta-sts.txt version: STSv1 mode: testing mx: aspmx.l.google.com mx: *.aspmx.l.google.com max_age: 86400 ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop