Re: [mailop] SORBS Closing.

2024-06-04 Thread Ken Simpson via mailop 
Hi Michelle,

I just wanted to say a huge thank you for everything you've done with
SORBS. Since 2002, you've made a massive difference in fighting spam and
improving email security. Your dedication and hard work have helped
countless people and set high standards in our field.

I am saddened to hear that Proofpoint is discontinuing SORBS. Your
contributions have been invaluable, and you've made the internet a safer
place for everyone. I’m confident you'll continue to do amazing things
wherever you go next.

Ken

On Wed, Jun 5, 2024 at 9:47 AM Michelle Sullivan via mailop <
mailop@mailop.org> wrote:

> For those that haven't heard.  Proofpoint is retiring SORBS effective
> immediately(ish).
>
> Zones will be emptied shortly and within a few weeks the SORBS domain
> will be parked on dedicated "decommissioning" servers.
>
> I am being made redundant as part of the shutdown and my last day will
> be 30th June 2024.  I will be looking for new positions following that.
>
> I would like to thank all the SORBS supporters over the years and
> Proofpoint for keeping it going for the community for the last 13 years.
>
> Best regards,
>
> Michelle Sullivan
> SORBS.
>
> --
> Michelle Sullivan
> http://www.mhix.org/
>
> ___
> mailop mailing list
> mailop@mailop.org
> https://list.mailop.org/listinfo/mailop
>
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] UCEPROTECT L2 fact

2023-05-22 Thread Ken Simpson via mailop 
Hi Slavko

The UCEPROTECT list has a large bark, but very little bite. We have never
seen serious problems relating to a listing on their service. It is,
however, widely seen as having major significance by ISPs, particularly
those located in Asia. I have no idea why this is the case.

Regards
Ken

On Mon, May 22, 2023 at 1:27 AM Slavko via mailop  wrote:

> Hi,
>
> i read multiple times, from multiple sources about UCEPROTECT
> BL, how it is suspicious, etc...
>
> Recently i got notification from ShadowServer, that i am on
> blacklist, in particular on UCEPROTECT-L2 BL, which AFAIK
> blocks whole networks as anounced by ASN. Thus i was curious,
> what happens around me.
>
> Today UCEPROTECT reports 32 incidents for /22 net. We can
> discuss if 32 is enough for blocking whole network block or
> not, but OK -- 32 incidents is over their policy... But all these
> 32 incidents was generated by 1 (one) IP! In other words,
> one IP is enough for UCEPROTECT to block whole /22 network.
>
> Now i really can know how wrong is this BL (and no, i never
> used it, i even removed it from my check script)...
>
> I am not very interested in that list, nor in how bad that RBL
> is, but i am curious: is someone (bigger than personal) using
> it? Or do you know someone who is using it? What is/can be
> the reason to use it?
>
> thanks
>
> --
> Slavko
> https://www.slavino.sk/
> ___
> mailop mailing list
> mailop@mailop.org
> https://list.mailop.org/listinfo/mailop
>
-- 

Ken Simpson

CEO, MailChannels



Facebook   |  Twitter   |
LinkedIn  |  Help Center


Our latest case study video: watch here!

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Gmail blocking of good customer

2023-02-24 Thread Ken Simpson via mailop 
Hi Christine,
I wonder if the domain has been abused elsewhere?

Regards,
Ken

On Fri, Feb 24, 2023 at 8:21 AM Christine Borgia via mailop <
mailop@mailop.org> wrote:

> Hello! Long time no see. I have a customer whose email campaign was
> heavily blocked yesterday by Gmail with the error:
>
>
> 421 4.7.0 [149.72.90.158 15] Our system has detected that this message is
> suspicious due to the very low reputation of the sending domain. To best
> protect our users from spam, the message has been blocked. Please visit
> https://support.google.com/mail/answer/188131 for more information.
> v14-20020a05620a440e00b0073ba7884843si8095361qkp.8 - gsmtp
>
> I would love to speak to someone at Gmail about this because I don't think
> the customer should have a very low reputation. Of course, I could be
> wrong, and Gmail is seeing something I'm not seeing. The customer has
> double opt-in, low complaints, good opens, lots of purchases, and an active
> social media presence with a lot of followers/fans. I think the issue is
> that they only send every couple of months. They are a fashion retailer
> that announces their upcoming event via email (the email we saw blocked)
> and their inventory sells out during the event.
>
> If someone could reach out to me, I'd greatly appreciate it. I'm not sure
> what to advise this customer except to say that email may not work for
> their business model.
>
> Thx!
>
> --
> *Christine Borgia*
> Email Deliverability Manager
> [image: Shopify]
> 
> ___
> mailop mailing list
> mailop@mailop.org
> https://list.mailop.org/listinfo/mailop
>


-- 

Ken Simpson

CEO, MailChannels



Facebook   |  Twitter   |
LinkedIn  |  Help Center


Our latest case study video: watch here!

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Cyren

2023-02-13 Thread Ken Simpson via mailop 
Hi Benoit

We aren't hearing any specific reports of failure like this; however, for
anyone concerned, we have an SSL-secured ctasd endpoint that implements the
ctasd protocol but is backed by a different filter.

Reach out to me for details.

Regards,
Ken

On Mon, Feb 13, 2023 at 8:21 AM Benoit Panizzon via mailop <
mailop@mailop.org> wrote:

> > This is a good hypothesis but so far I have not seen any absolute
> > confirmation that they are "listing the world." I guess we will see...
>
> I fear this is the case. I have contacted the ISP in question whose
> ctasd instance was adding 6 SpamAssassin Points to every email sent by
> their customer.
>
> They immediately disabled the ctasd check.
>
> Mit freundlichen Grüssen
>
> -Benoît Panizzon-
> --
> I m p r o W a r e   A G-Leiter Commerce Kunden
> __
>
> Zurlindenstrasse 29 Tel  +41 61 826 93 00
> CH-4133 PrattelnFax  +41 61 826 93 01
> Schweiz Web  http://www.imp.ch
> __
> ___
> mailop mailing list
> mailop@mailop.org
> https://list.mailop.org/listinfo/mailop
>


-- 

Ken Simpson

CEO, MailChannels



Facebook   |  Twitter   |
LinkedIn  |  Help Center


Our latest case study video: watch here!

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Outgoing filtering Re: Cyren

2023-02-03 Thread Ken Simpson via mailop 
>
> So at least 43% of transactional email senders use you as an outgoing
> filter ? That is great.
>
> Now, if only the big email account providers would filter their outgoing
> mail too, there would be significantly less spam.


It’s a tough problem to solve at Google or Microsoft’s scale. When you’re
sending out tens of billions of messages a day, even a minuscule gap in
accuracy will lead to a lot of spam leaking out.

Ken

> --

Ken Simpson

CEO, MailChannels



Facebook   |  Twitter   |
LinkedIn  |  Help Center


Our latest case study video: watch here!

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Cyren

2023-02-03 Thread Ken Simpson via mailop 
Hi everyone,

To help Cyren customers, MailChannels is offering free access to the
MailChannels content filter API, which accurately filters billions of
messages for tens of millions of users and millions of domains within our
transactional email service. 43% of the domains

that use a transactional email service send their email via our SMTP
service.

We have no plans to charge for access; however, commercial support plans
will be available if you need an SLA. We can accommodate any size of
client; however, we are prioritizing Cyren customers who handle at least 1
million messages per month. If you are a very small user, this API is
probably not for you; however, as a mailop user you are welcome to contact
me for free access to our SMTP relay services for personal use.

If you have an interest in using the MailChannels content filter API,
please contact us here: https://info.mailchannels.com/cyren

Regards,
Ken Simpson
CEO, MailChannels

On Fri, Feb 3, 2023 at 5:56 AM Carsten Schiefner via mailop <
mailop@mailop.org> wrote:

> All -
>
> for those amongst you who have no real clue what Matthew's email is
> about, please be referred to:
>
> Cyren Announces Global Reduction in Force; Liquidity Challenges
>
> https://ir.cyren.com/websites/cyren/English/5015/press-release.html?airportNewsID=631c3a77-555f-4a78-be5b-ec30c5cdaaac
>
> Best,
>
> -C.
>
> On 03.02.2023 13:45, Matthew Stith via mailop wrote:
> > All,
> >
> > Spamhaus is offering our data query service for free for 90 days for
> > users impacted by Cyren's sudden liquidation. No strings attached just
> > an effort to get those that are impacted by the news this week protected
> > as quickly as possible. Our hopes is that this gives users protection
> > against abuse while they figure out their next steps.
> >
> https://www.spamhaus.com/free-trial/sign-up-for-a-free-data-query-service-account/
> >
> > And any Cyren employees that may be on this list. Know that you have the
> > support of the community behind you.
> >
> > Thanks,
> > Matt Stith
> > Spamhaus
> ___
> mailop mailing list
> mailop@mailop.org
> https://list.mailop.org/listinfo/mailop
>


-- 

Ken Simpson

CEO, MailChannels



Facebook   |  Twitter   |
LinkedIn  |  Help Center


Our latest case study video: watch here!

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Phishing and 2FA auth

2022-11-20 Thread Ken Simpson via mailop 
One-time passwords can always be man-in-the-middle'd, since there's no way
for the user to determine whether or not there is someone in the middle
snooping their OTP and password. The phishing attack only has to deceive
the user into entering their password and their OTP, both of which can then
be forwarded to the real login page behind the scenes.

Still, OTP is considered better than SMS because of attacks on the mobile
infrastructure that allow bad guys to potentially receive your SMS
messages, whereas the OTP code is generated directly on your device.

Hopefully, WebAuthn <https://www.w3.org/TR/webauthn-2/> gains traction,
making passwords irrelevant by allowing devices to maintain a secure
authentication key for each website within a trusted execution environment
such as Apple's so-called "Secure Enclave."

Regards,
Ken

On Sun, Nov 20, 2022 at 4:20 AM Slavko via mailop  wrote:

> Dňa 19. novembra 2022 17:07:22 UTC používateľ Ken Simpson via mailop <
> mailop@mailop.org> napísal:
>
> >Not all 2FA approaches are equal. The most robust 2FA systems are ones in
> >which both the service and the second-factor client robustly authenticate
> >each other. Two-way authentication eliminates the possibility that someone
> >can sit in the middle of the second-factor exchange to gain access.
> >
> > ...
>
> Thank you for details. I think that now i better understand that, now i
> asume,
> that particular SW is either outdated or that OTP phishing works only in
> some
> cases, not generally.
>
> regards
>
>
> --
> Slavko
> https://www.slavino.sk/
> ___
> mailop mailing list
> mailop@mailop.org
> https://list.mailop.org/listinfo/mailop
>


-- 

Ken Simpson

CEO, MailChannels
<https://www.mailchannels.com/?utm_source=Email%20Signature_medium=Ken%20Simpson_campaign=Website>


Facebook <http://bit.ly/2dnoP3K>  |  Twitter <http://bit.ly/2ehoWni>  |
LinkedIn <http://bit.ly/2dw87lU> |  Help Center
<https://mailchannels.zendesk.com/hc/en-us?utm_source=Email%20Signature_medium=Ken%20Simpson_campaign=Help%20Center>

Our latest case study video: watch here!
<https://www.youtube.com/watch?v=psb41xDIL9k>
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Phishing and 2FA auth

2022-11-19 Thread Ken Simpson via mailop 
Hi Slavko

Not all 2FA approaches are equal. The most robust 2FA systems are ones in
which both the service and the second-factor client robustly authenticate
each other. Two-way authentication eliminates the possibility that someone
can sit in the middle of the second-factor exchange to gain access.

For example, if SMS is used as the second factor, an attacker can present a
convincing website that collects your password and forwards it to the
service you are trying to log in to. That convincing website can also ask
you for the SMS code the service sends to your device, passing the second
factor along and completing the login.

The same goes for OTP systems like Authy or Google Authenticator.

With the advent of the secure enclave and other trusted execution
environments in mobile devices, services can now rely on an encrypted
exchange with your mobile device as the second factor. Many large,
frequently phished services, such as Google and Adobe, provide a
dedicated authentication app that fulfills this purpose. Enterprise options
like Duo perform the same function.

Fido U2F keys are yet another very secure 2FA option. These devices
participate in a secure exchange with the service, with the web browser
only acting as an intermediary to carry encrypted data between the hardware
key and the service itself. A phishing site would not gain anything of
value by intercepting the hardware key's information because the data is
encrypted directly with the service and cannot be tampered with by an
intermediary.

Unfortunately, authentication is only as secure as the weakest link. If a
service offers a weak two-factor option, some users will opt for that, and
their accounts will be less secure and more open to phishing.

Regards,
Ken



On Sat, Nov 19, 2022 at 7:51 AM Slavko via mailop  wrote:

> Hi all,
>
> recently i search in github projects to find some tools/templates for
> phishing messages as i want to train my colleagues (i am not
> interested in real phishing).
>
> As result i found one Go project for that, but i found a lot of projects,
> which declares itself as for training/learning of course, with pished
> sites templates/copies and some of them declares, that they are
> able even to get 2FA OTPs. I have no links to them and i didn't inspect
> in details how it works as i am not interested in that. I only remember,
> that they catch OTPs too by some way in their site copies.
>
> But my curiousity grows with time in topic what 2FA solves then,
> thus i want ask about it here, in hope to better understand it.
>
> Please, can it be really as "simple"? If yes, then my inderstanding is,
> that 2FA doesn't solves leaked passwords problem, as asvertised
> by many sites, but it solves only that this problem will be selfsolved
> as token expires (week or two), without user's password changes.
> Is my understanding right?
>
> If yes, then 2FA is not holly grail of solving the SPAM & leaked
> passwords problem, as attacker can send a lot of SPAM via this
> phished account (ignore rate limiting for now) until OTP expires.
> Right?
>
> Or i miss something?
>
> thanks
>
> --
> Slavko
> https://www.slavino.sk/
> ___
> mailop mailing list
> mailop@mailop.org
> https://list.mailop.org/listinfo/mailop
>


-- 

Ken Simpson

CEO, MailChannels



Facebook   |  Twitter   |
LinkedIn  |  Help Center


Our latest case study video: watch here!

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] [EXTERNAL] Really good paypal phishing email this morning

2022-11-19 Thread Ken Simpson via mailop 
PayPal is best positioned to solve this problem because it can police the
logo images its customers upload. That being said, this type of platform
abuse, while not entirely new, seems to be increasing.

Please get in touch with me if you are interested in testing our computer
vision API that recognizes brand impersonation by rendering messages in
headless browsers and then running a computer vision model. The API is
experimental, but we are keen to get feedback from others.

Regards,
Ken (MailChannels)

On Fri, Nov 18, 2022 at 2:53 PM Jarland Donnell via mailop <
mailop@mailop.org> wrote:

> Basically, you go here:
> https://www.paypal.com/invoice/s/manage
>
> Click the gear symbol, Business Information, fill out what you want and
> add a logo. Then click Save, create an invoice for someone, and PayPal
> will send it to them. There's not much of anything that any of us can do
> to filter it without risking false positives, because we'll never have
> any consistent idea of what's real and fake when it all comes from such
> a high reputation sender using a feature that we don't necessarily want
> to block recipients from being able to use.
>
> On 2022-11-18 15:30, Michael Wise via mailop wrote:
> > This .. is what I wanted to see.
> >
> > Did it really go to you, or did it stop off somewhere else first?
> >
> >   To: zachery Rose 
> >
> > It does appear that it went direct, so my initial theory is off I
> > guess.
> >
> > Aloha,
> >
> > Michael.
> >
> > --
> >
> > Michael J Wise
> > Microsoft Corporation| Spam Analysis
> >
> > "Your Spam Specimen Has Been Processed."
> >
> > Open a ticket for Hotmail [3] ?
> >
> > From: mailop  On Behalf Of Zach Rose via
> > mailop
> > Sent: Friday, November 18, 2022 11:38 AM
> > Cc: mailop@mailop.org
> > Subject: Re: [mailop] [EXTERNAL] Really good paypal phishing email
> > this morning
> >
> > Yeah, that's my theory at the moment, very likely that the call is
> > coming from inside the house, but they didn't find the person who made
> > the call before it was made.
> >
> > Delivered-To: REDACTED
> > Received: by 2002:a05:640c:1b81:b0:190:7afb:ee7a with SMTP id
> > r1csp516216eiw;
> > Fri, 18 Nov 2022 06:23:32 -0800 (PST)
> > X-Google-Smtp-Source:
> >
> AA0mqf6dcoQaNhG4JYaaq7jvwEAJxfF8XCQ2Zy1qPt4mGssaSyPzrvU0HsohJxkBvLOIjhuKLb6N
> > X-Received: by 2002:a65:67d1:0:b0:476:87ad:9d78 with SMTP id
> > b17-20020a6567d100b0047687ad9d78mr6785903pgs.169.1668781412334;
> > Fri, 18 Nov 2022 06:23:32 -0800 (PST)
> > ARC-Seal: i=1; a=rsa-sha256; t=1668781412; cv=none;
> > d=google.com [4]; s=arc-20160816;
> >
> > b=U4pbrfCYSxjulk8kCNLer1j7TfaCaowzf2yDYMqeQMVmG4g/JvAXzf0m4serzWoqTi
> >
> > OBEY9TrwfM2j3yQssfS8OMOnWmBP+pO7KYBmg67sBb57BdZlx/+txIylik9rNKuyXsEh
> >
> > O5+LN63Y1RqiSPLK44tgV3uHSeYS5n+qE0gJHgS1lojzvH/tEkxESiQHix+K7sWYnBUt
> >
> > EXjoD4UKa4x1WGOsOPsb64AYM/AMs2TImhoZCqg+tT2Otsn1/Hz34iMozy9tR0yBB15q
> >
> > +Eq4bNx9gjV8EpetyAjAQF7XHwWknzhig/MtiVy76GwNuCpUxd8yW+Bw3/fwTtBL6zl6
> >  QFYQ==
> > ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed;
> > d=google.com [4]; s=arc-20160816;
> > h=amq-delivery-message-id:mime-version:from:to:subject
> >  :pp-correlation-id:message-id:date:content-transfer-encoding
> >  :dkim-signature;
> > bh=+ooJ/KHJ7NcHSktaVA2Efxv2wUuyyzgRC9OcH8lTKPI=;
> >
> > b=PbkHny3v4CR7wqQUcdh8f9PRFBMO+7dUlCVLzG9d8uDG0Uc+4jNqlkRB5chwPq1AUw
> >
> > QG3rN1n+lpU1t/MEz0fnZ2k1Rwzrr0j/2L0fHhhX0eJ8UheOHbcVNDSF1hjDfwPayN43
> >
> > ggWon6WA5mEYJ6jTPt5ODvSC0shj5SrQBq2C57tCG4WOjWGK63UhilfiZS/GgpoyzgvG
> >
> > UItaCRQKijOkG9k8bNub0rZ77LEdRoCK6RaEe6mhKmTv0doesmgdyhlb8+1e8V8Uvy7T
> >
> > tqhqfvqUyzVOgL5HmUZIjNl/XkNXA966EGTLfDqf1DWDsf0LRjpZpJiJViixPJ63UMKA
> >  /azQ==
> > ARC-Authentication-Results: i=1; mx.google.com [5];
> >dkim=pass header.i=@paypal.com [6] header.s=pp-dkim1
> > header.b=i5V5Jd8P;
> >spf=pass (google.com [4]: domain of serv...@paypal.com
> > designates 66.211.170.89 as permitted sender)
> > smtp.mailfrom=serv...@paypal.com;
> >dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=paypal.com
> > [6]
> > Return-Path: 
> > Received: from mx1.phx.paypal.com [7] (mx3.phx.paypal.com [8].
> > [66.211.170.89])
> > by mx.google.com [5] with ESMTPS id
> > c5-20020a655a8500b0044fb332e9c2si4180181pgt.560.2022.11.18.06.23.32
> > for 
> > (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256
> > bits=128/128);
> > Fri, 18 Nov 2022 06:23:32 -0800 (PST)
> > Received-SPF: pass (google.com [4]: domain of serv...@paypal.com
> > designates 66.211.170.89 as permitted sender) client-ip=66.211.170.89;
> > Authentication-Results: mx.google.com [9];
> >dkim=pass header.i=@paypal.com [10] header.s=pp-dkim1
> > header.b=i5V5Jd8P;
> >spf=pass (google.com [11]: domain of serv...@paypal.com
> > designates 66.211.170.89 as permitted sender)
> > smtp.mailfrom=serv...@paypal.com;
> >dmarc=pass (p=REJECT sp=REJECT

Re: [mailop] [EXTERNAL] Really good paypal phishing email this morning

2022-11-18 Thread Ken Simpson via mailop 
Hi Michael,

I've seen the raw email; it did come from PayPal. PayPal needs to get
better at recognizing brand images so that this kind of impersonation is
more difficult on their platform. No doubt they are already working on that.

Ken

On Fri, Nov 18, 2022 at 11:32 AM Michael Wise via mailop 
wrote:

>
>
> Please share the headers; pictures are not forensic evidence.
>
> We’ve seen similar things, want to see if it’s the same issue.
>
>
>
> Hint: it may have really come from PayPal.
>
>
>
> Aloha,
>
> Michael.
>
> --
>
> *Michael J Wise*
> Microsoft Corporation| Spam Analysis
>
> "Your Spam Specimen Has Been Processed."
>
> Open a ticket for Hotmail 
> ?
>
>
>
> *From:* mailop  *On Behalf Of *Zach Rose via
> mailop
> *Sent:* Friday, November 18, 2022 7:10 AM
> *To:* mailop@mailop.org
> *Subject:* [EXTERNAL] [mailop] Really good paypal phishing email this
> morning
>
>
>
> https://www.screencast.com/t/dNPpByTSjrq
> 
>
>
>
> I rarely use paypal, if ever, and haven't shopped with Walmart in over a
> decade, but I can see how this would fool a lot of people. Passed
> DKIM/SPF/DMARC, and the code of the email itself referenced their own
> static file CDN, so this feels like a scam account internally rather than a
> spoofed email.
>
>
>
>
> ___
> mailop mailing list
> mailop@mailop.org
> https://list.mailop.org/listinfo/mailop
>


-- 

Ken Simpson

CEO, MailChannels



Facebook   |  Twitter   |
LinkedIn  |  Help Center


Our latest case study video: watch here!

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Forum/Blog spam turned up to 11

2022-05-27 Thread Ken Simpson via mailop 
Hi Michael,

We don't have intel on how these guys are interacting with the forms.

Regards
Ken

On Fri, May 27, 2022 at 7:34 AM Michael Peddemors via mailop <
mailop@mailop.org> wrote:

> Hey Ken,
>
> Are these contact info spammers using DSL Home style connections, or
> VPN's.. different actors are using different methods of course.
>
> "Eric Jones"  still leads the pack in automated methods, while a
> couple of other players use bots, and a couple of others appear to be
> 'human' aided.
>
> The recent Wordpress attack vector did increase the amounts of attacks,
> but not really the contact form ones.
>
> And of course, there is the email injection/replay attacks that use old
> contact form messages, that is now in play..
>
> But the actor mentioned below, based on the naming convention, has been
> up and operating for some time now...
>
> -- Michael --
>
> On 2022-05-26 18:48, Ken Simpson via mailop wrote:
> > No idea whether it’s bots or real people, but I suspect it’s bots given
> the scale. We’re seeing thousands of unique sites per hour being
> “compromised” in this manner.
> >
> >> On May 26, 2022, at 6:38 PM, Scott Mutter via mailop 
> wrote:
> >>
> >> Are you sure it's actual people registering or is it bots?
> >>
> >> Do the sign up pages have effective captcha or other anti-bot/prove
> >> you're human measures?
> >>
> >>> On Thu, May 26, 2022 at 7:30 PM Ken Simpson via mailop
> >>>  wrote:
> >>>
> >>> It's WooCommerce:
> https://github.com/woocommerce/woocommerce/blob/ab1a35719c8719c0065f6053892ca970f7f01deb/plugins/woocommerce/includes/emails/class-wc-email-customer-new-account.php#L83
> >>>
> >>>> On Thu, May 26, 2022 at 5:08 PM Ken Simpson <
> ksimp...@mailchannels.com> wrote:
> >>>>
> >>>> Hi Jarland,
> >>>>
> >>>> Yes, we see this as well - since this morning Pacific Time. They are
> snow-shoeing too, sending just one or two submissions per web form,
> presumably to keep a low profile. Same pattern of recipients as you are
> seeing.
> >>>>
> >>>> I'm trying to track down the victim software, which seems to be a
> WordPress plugin.
> >>>>
> >>>> Regards,
> >>>> Ken
> >>>>
> >>>> On Thu, May 26, 2022 at 4:15 PM Jarland Donnell via mailop <
> mailop@mailop.org> wrote:
> >>>>>
> >>>>> Over the last week or so I've noticed an exceptional increase in
> >>>>> outbound emails from my customers to invalid recipients. Obviously
> this
> >>>>> is problematic but understandable. All of the customers in question
> run
> >>>>> websites that send an email to confirm registration, and all of the
> >>>>> recipients are properly formatted email addresses. They just don't
> >>>>> exist, and they're increasing at an unusual rate. Others may have the
> >>>>> same going on but may not yet be aware of the pattern. My hope is
> that
> >>>>> by sharing the pattern others might begin to fight against it as
> well.
> >>>>>
> >>>>> Here is a look at some censored logs: https://clbin.com/Gxeoo
> >>>>>
> >>>>> Notice the trend being username + 4 digits, primarily at free email
> >>>>> providers and regional ISPs. Examples:
> >>>>>
> >>>>> heidireynoldsplad2...@gmail.com
> >>>>> susanpowersvgjfae2...@cox.net
> >>>>> pabloharveyfhi6...@rediffmail.com
> >>>>> florencenashhqjqj8...@orange.fr
> >>>>> carlosfranklinlydy2...@comcast.net
> >>>>>
> >>>>> It's really off the charts, and it's impacting a wide variety of
> >>>>> customers who have no relation to each other. The only similarity
> being
> >>>>> that they send out website registration confirmations in all cases.
> >>>>>
> >>>>> Of course, my first theory is forum spam / blog comment spam. Even if
> >>>>> they can't accomplish the spam, they have most likely built complete
> >>>>> automation to handle this process of mass registrations for a
> wonderful
> >>>>> "spray and pray" technique. Since the email accounts don't exist,
> >>>>> they're most likely hoping that a confirmation isn't actually
> required
> >>>>> to begin submitting content to the

Re: [mailop] Forum/Blog spam turned up to 11

2022-05-27 Thread Ken Simpson via mailop 
Hi Jarland,

Yes, we see this as well - since this morning Pacific Time. They are
snow-shoeing too, sending just one or two submissions per web form,
presumably to keep a low profile. Same pattern of recipients as you are
seeing.

I'm trying to track down the victim software, which seems to be a WordPress
plugin.

Regards,
Ken

On Thu, May 26, 2022 at 4:15 PM Jarland Donnell via mailop <
mailop@mailop.org> wrote:

> Over the last week or so I've noticed an exceptional increase in
> outbound emails from my customers to invalid recipients. Obviously this
> is problematic but understandable. All of the customers in question run
> websites that send an email to confirm registration, and all of the
> recipients are properly formatted email addresses. They just don't
> exist, and they're increasing at an unusual rate. Others may have the
> same going on but may not yet be aware of the pattern. My hope is that
> by sharing the pattern others might begin to fight against it as well.
>
> Here is a look at some censored logs: https://clbin.com/Gxeoo
>
> Notice the trend being username + 4 digits, primarily at free email
> providers and regional ISPs. Examples:
>
> heidireynoldsplad2...@gmail.com
> susanpowersvgjfae2...@cox.net
> pabloharveyfhi6...@rediffmail.com
> florencenashhqjqj8...@orange.fr
> carlosfranklinlydy2...@comcast.net
>
> It's really off the charts, and it's impacting a wide variety of
> customers who have no relation to each other. The only similarity being
> that they send out website registration confirmations in all cases.
>
> Of course, my first theory is forum spam / blog comment spam. Even if
> they can't accomplish the spam, they have most likely built complete
> automation to handle this process of mass registrations for a wonderful
> "spray and pray" technique. Since the email accounts don't exist,
> they're most likely hoping that a confirmation isn't actually required
> to begin submitting content to the sites that they register on.
>
> Use this how you will <3
>
> Jarland
> ___
> mailop mailing list
> mailop@mailop.org
> https://list.mailop.org/listinfo/mailop
>


-- 

Ken Simpson

CEO, MailChannels



Facebook   |  Twitter   |
LinkedIn  |  Help Center


Our latest case study video: watch here!

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Forum/Blog spam turned up to 11

2022-05-27 Thread Ken Simpson via mailop 
They are doing a very low volume per site. Possibly manually with a farm of
human operators. Sophisticated.

On Thu, May 26, 2022 at 9:01 PM Jarland Donnell via mailop <
mailop@mailop.org> wrote:

> Several of the ones I've seen have been using recaptcha, the latest
> stuff. That doesn't seem to be throwing them off any.
>
> On 2022-05-26 22:13, Scott Mutter via mailop wrote:
> > Are there effective anti-bot measures in place on the form?
> >
> > How effective captcha systems are can be debatable.  BUT, if there are
> > no anti-bot measures on the form... then shouldn't this type of
> > activity/abuse be expected?
> >
> > On Thu, May 26, 2022 at 8:48 PM Ken Simpson 
> > wrote:
> >>
> >> No idea whether it’s bots or real people, but I suspect it’s bots
> >> given the scale. We’re seeing thousands of unique sites per hour being
> >> “compromised” in this manner.
> > ___
> > mailop mailing list
> > mailop@mailop.org
> > https://list.mailop.org/listinfo/mailop
> ___
> mailop mailing list
> mailop@mailop.org
> https://list.mailop.org/listinfo/mailop
>
-- 

Ken Simpson

CEO, MailChannels



Facebook   |  Twitter   |
LinkedIn  |  Help Center


Our latest case study video: watch here!

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Forum/Blog spam turned up to 11

2022-05-26 Thread Ken Simpson via mailop 
No idea whether it’s bots or real people, but I suspect it’s bots given the 
scale. We’re seeing thousands of unique sites per hour being “compromised” in 
this manner.

> On May 26, 2022, at 6:38 PM, Scott Mutter via mailop  
> wrote:
> 
> Are you sure it's actual people registering or is it bots?
> 
> Do the sign up pages have effective captcha or other anti-bot/prove
> you're human measures?
> 
>> On Thu, May 26, 2022 at 7:30 PM Ken Simpson via mailop
>>  wrote:
>> 
>> It's WooCommerce: 
>> https://github.com/woocommerce/woocommerce/blob/ab1a35719c8719c0065f6053892ca970f7f01deb/plugins/woocommerce/includes/emails/class-wc-email-customer-new-account.php#L83
>> 
>>> On Thu, May 26, 2022 at 5:08 PM Ken Simpson  
>>> wrote:
>>> 
>>> Hi Jarland,
>>> 
>>> Yes, we see this as well - since this morning Pacific Time. They are 
>>> snow-shoeing too, sending just one or two submissions per web form, 
>>> presumably to keep a low profile. Same pattern of recipients as you are 
>>> seeing.
>>> 
>>> I'm trying to track down the victim software, which seems to be a WordPress 
>>> plugin.
>>> 
>>> Regards,
>>> Ken
>>> 
>>> On Thu, May 26, 2022 at 4:15 PM Jarland Donnell via mailop 
>>>  wrote:
>>>> 
>>>> Over the last week or so I've noticed an exceptional increase in
>>>> outbound emails from my customers to invalid recipients. Obviously this
>>>> is problematic but understandable. All of the customers in question run
>>>> websites that send an email to confirm registration, and all of the
>>>> recipients are properly formatted email addresses. They just don't
>>>> exist, and they're increasing at an unusual rate. Others may have the
>>>> same going on but may not yet be aware of the pattern. My hope is that
>>>> by sharing the pattern others might begin to fight against it as well.
>>>> 
>>>> Here is a look at some censored logs: https://clbin.com/Gxeoo
>>>> 
>>>> Notice the trend being username + 4 digits, primarily at free email
>>>> providers and regional ISPs. Examples:
>>>> 
>>>> heidireynoldsplad2...@gmail.com
>>>> susanpowersvgjfae2...@cox.net
>>>> pabloharveyfhi6...@rediffmail.com
>>>> florencenashhqjqj8...@orange.fr
>>>> carlosfranklinlydy2...@comcast.net
>>>> 
>>>> It's really off the charts, and it's impacting a wide variety of
>>>> customers who have no relation to each other. The only similarity being
>>>> that they send out website registration confirmations in all cases.
>>>> 
>>>> Of course, my first theory is forum spam / blog comment spam. Even if
>>>> they can't accomplish the spam, they have most likely built complete
>>>> automation to handle this process of mass registrations for a wonderful
>>>> "spray and pray" technique. Since the email accounts don't exist,
>>>> they're most likely hoping that a confirmation isn't actually required
>>>> to begin submitting content to the sites that they register on.
>>>> 
>>>> Use this how you will <3
>>>> 
>>>> Jarland
>>>> ___
>>>> mailop mailing list
>>>> mailop@mailop.org
>>>> https://list.mailop.org/listinfo/mailop
>>> 
>>> 
>>> 
>>> --
>>> 
>>> Ken Simpson
>>> 
>>> CEO, MailChannels
>>> 
>>> 
>>> Facebook  |  Twitter  |  LinkedIn |  Help Center
>>> 
>>> Our latest case study video: watch here!
>> 
>> 
>> 
>> --
>> 
>> Ken Simpson
>> 
>> CEO, MailChannels
>> 
>> 
>> Facebook  |  Twitter  |  LinkedIn |  Help Center
>> 
>> Our latest case study video: watch here!
>> ___
>> mailop mailing list
>> mailop@mailop.org
>> https://list.mailop.org/listinfo/mailop
> ___
> mailop mailing list
> mailop@mailop.org
> https://list.mailop.org/listinfo/mailop
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Forum/Blog spam turned up to 11

2022-05-26 Thread Ken Simpson via mailop 
It's WooCommerce:
https://github.com/woocommerce/woocommerce/blob/ab1a35719c8719c0065f6053892ca970f7f01deb/plugins/woocommerce/includes/emails/class-wc-email-customer-new-account.php#L83

On Thu, May 26, 2022 at 5:08 PM Ken Simpson 
wrote:

> Hi Jarland,
>
> Yes, we see this as well - since this morning Pacific Time. They are
> snow-shoeing too, sending just one or two submissions per web form,
> presumably to keep a low profile. Same pattern of recipients as you are
> seeing.
>
> I'm trying to track down the victim software, which seems to be a
> WordPress plugin.
>
> Regards,
> Ken
>
> On Thu, May 26, 2022 at 4:15 PM Jarland Donnell via mailop <
> mailop@mailop.org> wrote:
>
>> Over the last week or so I've noticed an exceptional increase in
>> outbound emails from my customers to invalid recipients. Obviously this
>> is problematic but understandable. All of the customers in question run
>> websites that send an email to confirm registration, and all of the
>> recipients are properly formatted email addresses. They just don't
>> exist, and they're increasing at an unusual rate. Others may have the
>> same going on but may not yet be aware of the pattern. My hope is that
>> by sharing the pattern others might begin to fight against it as well.
>>
>> Here is a look at some censored logs: https://clbin.com/Gxeoo
>>
>> Notice the trend being username + 4 digits, primarily at free email
>> providers and regional ISPs. Examples:
>>
>> heidireynoldsplad2...@gmail.com
>> susanpowersvgjfae2...@cox.net
>> pabloharveyfhi6...@rediffmail.com
>> florencenashhqjqj8...@orange.fr
>> carlosfranklinlydy2...@comcast.net
>>
>> It's really off the charts, and it's impacting a wide variety of
>> customers who have no relation to each other. The only similarity being
>> that they send out website registration confirmations in all cases.
>>
>> Of course, my first theory is forum spam / blog comment spam. Even if
>> they can't accomplish the spam, they have most likely built complete
>> automation to handle this process of mass registrations for a wonderful
>> "spray and pray" technique. Since the email accounts don't exist,
>> they're most likely hoping that a confirmation isn't actually required
>> to begin submitting content to the sites that they register on.
>>
>> Use this how you will <3
>>
>> Jarland
>> ___
>> mailop mailing list
>> mailop@mailop.org
>> https://list.mailop.org/listinfo/mailop
>>
>
>
> --
>
> Ken Simpson
>
> CEO, MailChannels
> 
>
>
> Facebook   |  Twitter   |
> LinkedIn  |  Help Center
> 
>
> Our latest case study video: watch here!
> 
>


-- 

Ken Simpson

CEO, MailChannels



Facebook   |  Twitter   |
LinkedIn  |  Help Center


Our latest case study video: watch here!

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Introducing CHAPPS: the Caching, Highly-Available Postfix Policy Service

2022-04-28 Thread Ken Simpson via mailop 
Hi Mark

Really great work and thank your for the open source contribution. What
sort of throughput can this manage? Have you done any stress testing?

Thanks
Ken

On Thu, Apr 28, 2022 at 7:54 AM Mark E. Jeftovic via mailop <
mailop@mailop.org> wrote:

>
> Hi all, we're pleased to release as open source our CHAPPS package.
> Developed by Caleb Cullen here, this is what we've been using for managing
> outbound email across multiple client domains.
>
>
> https://easydns.com/blog/2022/04/28/introducing-chapps-the-caching-highly-available-postfix-policy-service/
>
> https://github.com/easydns/chapps
>
> We hope the community finds it useful and builds on it going forward.
>
> - mark
> --
> Mark E. Jeftovic  
> Co-founder & CEO easyDNS Technologies Inc.
> +1-(416)-535-8672 ext 225
>
>
>
> *"Never expect a thing you do not want, and never desire a thing you do
> not expect." -- Bob Proctor *
> ___
> mailop mailing list
> mailop@mailop.org
> https://list.mailop.org/listinfo/mailop
>
-- 

Ken Simpson

CEO, MailChannels



Facebook   |  Twitter   |
LinkedIn  |  Help Center


Our latest case study video: watch here!

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] EmailDeliverablityReport.com?

2021-04-19 Thread Ken Simpson via mailop 
The owner is an affiliate marketer, so I would be cautious using this web
site:

Legal Notice
Betronate digitale Medien
Owner: Vitali Lutz

Eschersheimer Landstraße 42
60322 Frankfurt am Main (note: this is a Mailboxes Etc address
https://bit.ly/3mZOrZP)
Germany

Contact:
info [at] EmailDeliverabilityReport.com (Contact Form)

Responsible for the content:
Vitali Lutz, address as above

See his LinkedIn profile: https://www.linkedin.com/in/vitali-lutz/

*"Since 2010 I have been actively involved in the complex topic of online
marketing including SEO, marketing automation and niche marketing. I place
particular emphasis on the planning and implementation of niche projects. I
am also proficient in all relevant web technologies and programming
languages such as PHP, JavaScript, jQuery, HTML and CSS. I also have
extensive knowledge of web design and have been able to acquire UX basics
and "best practices" over the years."*

(translated)

Regards,
Ken


On Mon, Apr 19, 2021 at 10:10 AM Sam Tuke via mailop 
wrote:

> It may be simply chasing affiliate referral revenue, which can exceed 30%
> in perpetuity for some ESPs.
>
> On 19 April 2021 18:06:04 CEST, Mary via mailop  wrote:
>>
>>
>> I think it's a "satellite" website, not a real site. It's just there to push 
>> clicks and increase SEO for whoever is behind it. Usually, the "number 1" 
>> ranking is behind it.
>>
>> Notice, that if you hover your mouse over the right side, a text 
>> advertisement is advertising the "number 1" ranking.
>>
>>
>>
>> On Mon, 19 Apr 2021 09:37:23 -0600 "Anne P. Mitchell, Esq. via mailop" 
>>  wrote:
>>
>> Does anybody know who is behind EmailDeliverabilityReport.com?  I note it's 
>> only about a year old, and I want to know about the 
>> trustworthiness/reliability of what they are putting out - for example they 
>> are ranking ESPs based on deliverability... their data and info may be 
>> completely accurate based on their methods, but I'm always a bit suspicious 
>> of sites that purport to put out expert data but don't reveal who is 
>> actually behind the organization.
>>>
>> --
>> mailop mailing list
>> mailop@mailop.org
>> https://list.mailop.org/listinfo/mailop
>>
>> ___
> mailop mailing list
> mailop@mailop.org
> https://list.mailop.org/listinfo/mailop
>


-- 

Ken Simpson

CEO, MailChannels


Tel: +1 604 685 7488
Facebook   |  Twitter   |
LinkedIn  |  Help Center


Our latest case study video: watch here!

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Firefox Relay

2020-12-18 Thread Ken Simpson via mailop 
>
>
> >
> >"While Relay does not filter for spam, our email partner Amazon SES does
> block spam and malware. If Relay forwards
> >messages you don’t want, you can update your Relay settings to block
> messages from the alias forwarding them"
>
> "It's your job to filter the spam we send."
>
> Perhaps not. Firefox and Mozilla have an interesting idea both of how
> virtuous they are and how much people care.
>

I suppose we'll be seeing Mozilla at M3AAWG soon, then? /s

If the product lead for this project is listening to mailop (they likely
aren't), IMHO they should strongly consider receiving the relay email and
forwarding it over a different medium, such as smart phone notifications,
Slack, or even just web hooks. Indeed if they allowed folks to configure
their own web hook endpoints for relayed messages, then people could route
messages however they wish.

For that matter, why not have the relay service route messages into users'
Firefox accounts and have the messages pop up directly within Firefox? Your
Firefox account is a well authenticated, secure channel for receiving
messages already. Why not make us of it?

Regards,
Ken
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Trying to find the CIDR ranges for DigitalOcean

2020-10-08 Thread Ken Simpson via mailop 
Hi Michael

They’re all listed here:
https://ipinfo.io/AS14061

Regards
Ken

On Thu, Oct 8, 2020 at 8:59 PM Michael Wise via mailop 
wrote:

>
>
> I tried doing a WHOIS lookup, but it just referred me here, which doesn’t
> have it:
>
>
>
>   https://www.as14061.net
>
>
>
> So far, I’ve got:
>
>
>
> 157.230/16
>
> 159.89.16
>
> 159.203/16
>
> 161.35/16
>
> 165.227/16
>
>
>
> What lack I yet?
>
>
>
> Aloha,
>
> Michael.
>
> --
>
> *Michael J Wise*
> Microsoft Corporation| Spam Analysis
>
> "Your Spam Specimen Has Been Processed."
>
> Open a ticket for Hotmail 
> ?
>
>
> ___
> mailop mailing list
> mailop@mailop.org
> https://list.mailop.org/listinfo/mailop
>
-- 

Ken Simpson

CEO, MailChannels


Tel: +1 604 685 7488
Facebook   |  Twitter   |
LinkedIn  |  Help Center


Our latest case study video: watch here!

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] mailop.org: using STARTTLS for outgoing mail?

2020-09-30 Thread Ken Simpson via mailop 
On Wed, Sep 30, 2020 at 12:19 PM ml+mailop--- via mailop 
wrote:

> On Wed, Sep 30, 2020, Tim Bray via mailop wrote:
>
> > Should it be using TLS for outbound connections?  I'm not seeing that?
>
> Received: from mx.mailop.org (mx.mailop.org. [91.132.147.157])
> by ... with ESMTPS
> (TLS=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384, bits=256, verify=OK)
>
> > Received: from mx.mailop.org ([2a03:4000:37:599:d8ce:dff:fee1:81c2])
> >   by herm.doylem.co.uk with esmtps (Exim 4.92 #3 (Debian))
>^
> Doesn't the "s" mean STARTTLS was used?
>
>
>
RFC 3848 covers this topic: https://tools.ietf.org/html/rfc3848:

*The new keyword "ESMTPS" indicates the use of ESMTP when STARTTLS [1] is
also successfully negotiated to provide a strong transport encryption
layer.*

Yes, it means STARTTLS was used successfully.

Regards,
Ken

-- 

Ken Simpson

CEO, MailChannels


Tel: +1 604 685 7488
Facebook   |  Twitter   |
LinkedIn  |  Help Center


Our latest case study video: watch here!

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] mailop list server unreachable

2020-08-18 Thread Ken Simpson via mailop 
>
> > Is anyone else seeing this when they try to connect to the listserv?
> >
> > $ curl https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
> > *curl: (7) Failed to connect to chilli.nosignal.org
> >  port 443: Connection refused*
>
> I believe that the server moved recently, but the list information in
> the headers hasn't been updated yet. It appears that the list's
> mailman pages can be gotten to at:
>
>
>
>
Thank you everyone for helping out with this.

Regards,
Ken
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

[mailop] mailop list server unreachable

2020-08-18 Thread Ken Simpson via mailop 
Is anyone else seeing this when they try to connect to the listserv?

$ curl https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
*curl: (7) Failed to connect to chilli.nosignal.org
 port 443: Connection refused*

Thanks
Ken

-- 

Ken Simpson

CEO, MailChannels


Tel: +1 604 685 7488
Facebook   |  Twitter   |
LinkedIn  |  Help Center


Our latest case study video: watch here!

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] This is..Concerning: DatabaseUSA Wins Case Against The Spamhaus Project

2020-08-04 Thread Ken Simpson via mailop 
Curious. The document was served last September, if I'm reading it
correctly. Yet the organization was dissolved in March 2020. I suppose they
can enjoy the rich rewards of collecting from a dissolved entity in a
foreign country.

On Tue, Aug 4, 2020 at 2:35 AM Laura Atkins via mailop 
wrote:

>
>
> On 4 Aug 2020, at 03:29, John Levine via mailop  wrote:
>
> In article <28453035-f078-4311-8472-1aa190c45...@isipp.com> you write:
>
>
>
> Did you not read what I quoted from the Spamhaus website? They are based
> in Switzerland and Andorra, not the UK. My assumption is that there is
> basically no chance of any U.S. ruling being enforced in either of these
> two countries, unless it is related to a serious crime.
>
>
> From the judgement:
>
> "he plaintiff has shown that it has complied with the Hague Convention and
> personally served a representative authorized to accept service
> of process in London."
>
>
> The Spamhaus Project has not been located in the UK for a long time.
> Whoever the process server handed his paperwork to, it wasn't
> Spamhaus.
>
>
> It was Mr. Charles Benn who, according to the service of process
> affidavit, was authorized to receive process on their behalf.
>
>
> https://www.courtlistener.com/docket/16243626/6/databaseusacom-llc-v-the-spamhaus-project/
>
>
> Ever since the E360 fiasco Spamhaus hasn't responded to US suits. They
> have no assets in the US, and while responding to tell the US court
> that it doesn't have jurisdiction is possible, it's expensive and not
> very productive.
>
> They really do have their office in Andorra and could be served or
> sued there, but I doubt the kinds of organizations that are likely to
> sue them would make much headway in Andorran courts.
>
> It is my impression that for this particular suit, Spamhaus wasn't
> even aware of it until someone noticed a press release.
>
>
> Hah.
>
> Another relevant piece of data. The organization that was named in the
> suit and has received a permanent injunction against it has been
> voluntarily dissolved and struck off the UK registry of companies.
>
> https://beta.companieshouse.gov.uk/company/05303831
>
> There is no one covered under this injunction as the entity does not
> exist.
>
> laura
>
> --
> Having an Email Crisis?  We can help! 800 823-9674
>
> Laura Atkins
> Word to the Wise
> la...@wordtothewise.com
> (650) 437-0741
>
> Email Delivery Blog: https://wordtothewise.com/blog
>
>
>
>
>
>
>
> ___
> mailop mailing list
> mailop@mailop.org
> https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
>


-- 

Ken Simpson

CEO, MailChannels


Tel: +1 604 685 7488
Facebook   |  Twitter   |
LinkedIn  |  Help Center


Our latest case study video: watch here!

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] [EXTERNAL] Strange MIME headers from Microsoft

2020-03-06 Thread Ken Simpson via mailop 
>
> I looked at the logs, there's quite a few, all seem from outlook hosted
> accounts.
>
>
It seems like something a co-op student would do: MIME encoding the world.
I'd love to have an inside view of Michael's investigation.
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop