Re: [mailop] Legit-looking mail to the wrong address with no unsubscribe
> (You could also try to reset the password, often sent to the registered > email address.) I have this issue with my gmail account. I get literally a TON of crap for other people who think they have my gmail account. Unfortunately putting the mail in spam and telling gmail to block it but it does absolutely no good. Mail continues to come and straight into my inbox in many if not most cases. Some repeat offenders are that I can't rid myself of: CVS - a pharmacy in the US. They have an unsub link but it's blocked outside the USA! Safeway Lifeline&ACP Mediacom mobile phone, I keep getting account notifications that someone's bill is about to be cut off for non payment because they never get notifications to log in and pay. Spectrum, same as above, presuably a different customer. Boost Mobile, again, same as above. Honda of New Rochelle - unsubscribed multiple times, mail put into spam, it keeps coming right back into my inbox. Someone has a Honda in my email. BMW of Fort Myers - same, unsubed, keeps coming. classmates.com, apparently no way to get off their list ever. New Row Dental Practice in the UK. They use some dental email spam engine named 'soegateway.com'. In one email I was getting from Sirus XM, I esclated it by phone through their abuse department. Their customer service refused to talk to me as I wasn't their actual customer. After more than a year and multiple phone calls, they finally started doing double-optin. In another case, a paper letter was sent in the mail to Cornell University. The IT director personally responded to me, appoligized, and it took another several weeks to fully extricate my email from their system. I have no idea if they managed to get their unsub working. In yet another case, Sprint, the now merged phone company with T-Mobile, I was getting someone else's bill. I just so happened to be friends with someone who worked in their security department and he walked my unsub request to the head of security there. In a very similar case, I did the same thing with Discover, the credit card company in the US. I have in some cases done a password reset and removed my email or set it to something like noreply@wherever. Unfortunately in some cases, they ask things like date of birth or social security number. To all of you out there creating these mailers: 1) always do double-option to verify the email address of clients you intend on sending account related stuff like statements or anything sensitive. 2) always provide a working unsub or not-me link, and 3) it does absolutely no good to put some ridiculous legal directive in an email. Your system sends me email at your peril, I will do whatever I want with it. Michael Grant signature.asc Description: PGP signature ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] Any old-school sendmail types here good with the m4?
On Wed, Aug 23, 2023 at 09:35:40AM -0600, Paul Ebersman via mailop wrote: > lena> They chose incomprehensible m4 in order to coerce you to buy > lena> support from them. > > > > nice shot. ;) > > sadly, as someone who still remembers doing raw sendmail.cf, m4 was a > major improvement over eric's fascinating attempt to create a new AI > language and claim it was a configuration syntax. > > of course, "better" is a term of relative worth... I've been waiting for someone to layer something like yaml on top of sendmail's M4. Come on, admit, i know some of you all have thought this too. Michael Grant signature.asc Description: PGP signature ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] IP RBLs and large cidr blocks
I've resolved this now. Thanks to Matthew Stith for pointing out that Spamhaus's largest ipv6 blocks are indeed /64 and not /32. Oddly, today I plainly see the spamhaus listing the /64 and not the /32 I saw yesterday. Did something change??? I am pretty sure I wasn't imagining things and pretty sure I copypasted that 2600:3c02::/32 from the 'Why was this IP listed?' section. Ahh well. What I did: My linodes have a /128 address (within a shared /64) and a separate /64 block. The /128 clearly has bad network neighbors and there's nothing I can do about that. I spent the day changing the ipv6 on these linodes to first addr in the separate /64 block. That block on all my servers is clean, not in any blacklists. I did ask Linode if they'd do rwhois on my /64 blocks but said they don't do that at this time but said I was not the only one who had asked for that and they said they added my request to their internal feature request. So maybe one day... Thanks also to Grant Taylor who provided some insite and some encouragement to persiste in getting this working. I absolutely understand there's some unpredictability here delivering mail over ipv6 but the future is now, ipv6 isn't going away. I fully realize there are probably no ipv6 only domains out there at this time. I have seen different levels of filtering and strictness even between different MXs within the same domain on ipv4, so honestly to say I shouldn't do this because there's there might be differences between ipv4 and ipv6 MXs is frankly no worse than what we already are seeing. If I see something so broken, I am known for letting someone know. Michael Grant signature.asc Description: PGP signature ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] IP RBLs and large cidr blocks
On Thu, Mar 09, 2023 at 08:45:58AM -0800, Michael Peddemors via mailop wrote: > Yes, it's called 'rwhois'. Of course, linode can SWIP the larger portions, > with a clear indication of what parts of the IP space are used for what. > > AS well, you 'could' change default PTR's for segments used differently. > > At least you are asking how you can do things differently. > > I know there has been a lot of Linode 'slagging' on the list, but it isn't > as bad as some other networks. > > Now, having said that that, you are looking at the IPv6 space. Are you > planning to run email on IPv6? Many challenges ahead. > > As a customer, ask Linode to provide 'rwhois' for you. But for email, you > should stick to IPv4. Just my two bits. I literally only tried enabling mail on my server the other day after running Tobias Fiebig's security scan test. I failed the ipv6 test so thought, well, let's enable that in sendmail and see if I can make that box green...what could possibly go wrong? Quite quickly we realized the ipv6 address of the box was on spamhaus's XBL. By 'rwhois', I think you mean running whois with an ip address versus a hostname. This is exactly how I use it to know who owns which netblock. That's how I can see Linode owns the /28. When you say "ask Linode to provide 'rwhois'", what specifically do you mean for them to do? Once that's done (if they're willing to do this for me), would spamhaus and other RBLs then know to list smaller blocks in that space? If I can get this spamhaus issue solved, why should I not just leave it in place so my mailer will talk ipv4 or ipv6? Why just stick with ipv4? I realize it's not necessary today to be able to send on ipv6 but why should I not get this working? signature.asc Description: PGP signature ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
[mailop] IP RBLs and large cidr blocks
Is there some way an ISP can tell an RBL how it's split up it's internal IP address space? For example, our Linode's ipv6 address is on the Spamhaus XBL, but it's the entire /28. (Thanks Tobias for prompting me to check this!) Anyway, it got me wondering, is there some way an ISP such as Linode can communicate to Spamhaus how it carves up it's large swatches of addresses? Or does this somehow happen automatically over time as I as a customer delist my single /128 address in their database? In the case of Spamhaus, I tried to delist my address and the delist page says I need to make sure the problem in 2600:3c02::/32 has been resolved. When I do a whois lookup on my ipv6 addr, Linode is responsible for the entire /28 yet Spamhaus seems already to have split that up down to the /32 level, yet really it probably should be split down to the /64 and in some cases /56 level. I was curious, does this happen and how? Is there some internet database that keeps track of how smaller swatches of the address space are actually carved up? Smaller than what whois reports. To be clear, I'm talking about how the address space is split up, NOT the actual customer like whois reports. Barring that, is there some way to tell Spamhaus how the address space is carved up so I can communicate that to Linode? I looked but didn't see anything obvious. Michael Grant signature.asc Description: PGP signature ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] Cyren
I don't see any changes in our use of Cyren yet, but the writing is on the wall and we are forced to move on. I don't see anything like all Swiss messages blocked or marked as spam. All of our contacts at Cyren are no longer there. signature.asc Description: PGP signature ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] Help with identifying invalid email domains
On Wed, May 25, 2022 at 03:00:19PM -0400, Omid Majdi via mailop wrote: > Examples of such would be typo domains and/or domains that accept all > local-part addresses such as gmai.com, gmail.co, googlemai.com, or > proton.com. If there's any resources someone could share for known > invalid domains that would be incredibly helpful. I believe Omid is looking for a list of look-alike domains also known as typosquatting domains. I too would be interested in similar resource. Specifically, I've been looking for something which I can look up a domain name and return to me if it is likely to be a look-alike domain and what domain the real brand owner is likely to be. I've not found such a general resource. However, there are several programs out there that will take a domain name and generate a ton of permutations, including puny coded IDNs that look exactly like or graphically very similar to the original domain in question. For example https://github.com/elceef/dnstwist Omid, you could create a list of popular email services (gmail.com, hotmail.com, protonmail.com...etc) and run them through dnstwist. dnstwist will also tell you which ones are currently registered. Michael Grant signature.asc Description: PGP signature ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
