On 2024-02-06 at 15:55 +, Vitali wrote:
>
> Are they violating the RFC or is there a new DMARC report exception
> if both domains share the MX root domain?
>
> Thank you.
> Vitali
It would have been preferable that you shared that domain, but it does
seem to violate the RFC.
The only
On 2024-02-06 at 21:52 +0100, Andreas Schamanek wrote:
> Thanks, that's the aspect my foggy brain missed. It only matters for
> those who check URIs, especially if found in the body, or more
> precisely the IPs of the hostnames of these URIs.
>
> (...)
>
> So, I still got questions :) like why
On 2024-01-15 at 16:03 -0800, Randolf Richardson, Postmaster wrote:
> > I have seen my share of MUAs that behave in weird ways when
> > encountering things larger than it can handle, so you have
> > to always cope for them in the mail server. Implementing different
> > types of restrictions, and
On 2024-01-11 at 17:43 +0100, Jaroslaw Rafa wrote:
> And it's clearly visible from the Laurent's mail that if MUAs will display
> the unverified BIMI logos (and what would prohibit them from that?) the
> "authentication" factor can be even weaker than with no avatars at all -
> because user who is
On 2024-01-10 at 20:38 +, Gellner, Oliver wrote:
> > Its also may be yet another reader-engagement tracker. Why do those
> > things always have to be out of band.
>
> Well, there’s no automated way to connect a logo to a domain. The
> BIMI group has decided to build upon the work of trademark
On 2023-12-21 at 18:13 +0100, John R Levine wrote:
> > With the number of messages already arriving with multiple DKIM
> > signatures I can't imagine their reputation systems don't already handle
> > dual signing just fine. Granted this would be two signatures on the same
> > domain, but that
On 2023-10-24 at 14:11 +, Gellner, Oliver via mailop wrote:
> As far as I know this feature is not new but exists since a long time
> (years). It treats all messages from senders which are not on your
> safe senders list as spam and looks something like this:
>
On 2023-09-15 at 10:26 +0200, Alessandro Vesely via mailop wrote:
> I get this language, on forwarding:
>
> Remote-MTA: dns; gmail-smtp-in.l.google.com [74.125.71.27]
> Diagnostic-Code: smtp; 550-5.7.26 Unauthenticated email from
> intesasanpaolo.com is not accepted due to
> 550-5.7.26
On 2023-08-24 at 14:29 -0400, postfix--- via mailop wrote:
> (...)
> Needless to say: I will avoid restaurants using OpenTable, whether
> while visiting destinations or at home. If they cannot choose a
> service provider that is respectful of my choices, they do not
> deserve my business.
On 2023-07-25 at 17:14 +0200, Sebastian Nielsen via mailop wrote:
> Sadly not all MUAs implement ClientID either.
> Easiest way to implement 2FA on email, is to have a webpage, where
> you login with your 2FA token. When you have done that, the IP to
> visit that webpage is written to the
On 2023-06-19 at 07:01 +0100, Klaus Ethgen wrote:
> Am Mo den 19. Jun 2023 um 6:33 schrieb Hans-Martin Mosner:
> > I'm inclined to repeat what I said before: If your setup breaks
> > mail consistently, it's likely your setup that's to blame. Others
> > seem to be able
> > to receive Outlook mail
On 2023-06-18 at 17:53 +0100, Klaus Ethgen wrote:
> Hi,
>
> I have tighten my firewall a bit and seen many attacks from Microsoft
> (40.92.0.0/16). They contact once from a IP and then never again. If I
> greylist them, the will try to deliver from a different address which
> gets greylisted
On 2023-05-30 at 15:13 -0700, Michael Peddemors wrote:
> At least mailgun.us has transparent whois..
>(oops, careful, they might have forgotten to hide that one)
.us tld does not allow the use of anonymous whois services.
Still, it's possible that their registrar enabled the anonymous option
On 2023-05-26 at 13:16 -0500, Scott Mutter via mailop wrote:
> If you ask me - a better solution would be to do away with forwarding
> completely and incorporate POP checks, like Gmail does. This
> alleviates all of the issues with forwarding mail in relation to SPF
> and DKIM.
>
> But I know
On 2023-05-13 at 14:09 -0500, Jarland Donnell wrote:
> Curious if anyone else is seeing an event similar to this. Here's the
> logs of 1 hour on one of our servers, for what I propose to be a
> botnet: https://clbin.com/4khRA
> I'm leaving the recipient domains in it because they're not actually
>
On 2023-05-06 at 18:44 +0200, Christian Seitz via mailop wrote:
> If I am not wrong a DNS zone can only have a single SOA record. Yahoo
> requests
> an SOA record per subdomain. That does not make any sense to me. We
> would have
> to create one DNS zone per subdomain, but that's not how DNS is
On 2023-03-08 at 11:24 +0100, Alessandro Vesely wrote:
> On Tue 07/Mar/2023 20:02:48 +0100 Slavko wrote:
> >
> > > Why do you sign Content-Type: since you know it is going to be
> > > changed?
> >
> > Do you mean exactly me, or it was generic question? If you mean me:
> >
> > Do you want change
On 2023-03-04 at 01:37 +0100, Tobias Fiebig via mailop wrote:
Heho,
>
> On Fri, 2023-03-03 at 17:02 +0100, Ángel via mailop wrote:
> > Note you could use a > for
> > a refresh-every-10-seconds functionality. (meta refresh could be
> > blocked as well, though)
> Br
On 2023-03-03 at 09:37 -0700, Alex Burch via mailop wrote:
> We are an ESP and we have a lot of customers who send with characters
> like ü or á, usually in the local part but occasionally in the
> domain. I think if we converted all from addresses to pure ascii
> punycode, we'd solve our problems
On 2023-03-03 at 17:55 +, Laura Atkins via mailop wrote:
> The message he sent to mailop had the selector I used and is also
> failing DKIM.
>
> laura
No, sorry.
I am afraid you seem to have mistyped it.
DKIM-Signature: v=1; a=rsa-sha256; d=warwickri.gov; s=1; c=relaxed/relaxed;
On 2023-02-27 at 12:59 +0100, Tobias Fiebig via mailop wrote:
> Please note that setting up the tests (as we have to configure vhosts
> for some MTA-STS cases etc.) takes some time on our site. The test-
> site should periodically reload and provide the status. As we use JS
> for that part, please
On 2023-03-03 at 14:12 +, Salvatore Jr Walter P via mailop wrote:
> We are in the final stages of migrating our exchange server from 2013
> to 2019.
> I found out we had no SPF, DMARC, DKIM etc setup on our domains.
>
> Trying to get us setup properly and have SPF and DMARC working, DKIM
>
On 2023-01-23 at 09:53 +0100, Alessandro Vesely wrote:
> On Sun 22/Jan/2023 23:23:06 +0100 Ángel wrote:
> > I should note that the user-is-in-bcc approach could be helpful wrt
> > dkim-replay attacks, since the attacker-controlled account they
> > used to
> > receive the dkim-signed spam mail
On 2023-01-18 at 16:52 -0800, Brandon Long wrote:
> Note that Gmail implements
> https://www.rfc-editor.org/rfc/rfc5322#section-3.6.3 option 2, notably:
>In the second
> attac case, recipients specified in the "To:" and "Cc:" lines each are sent
>a copy of the message with the "Bcc:"
On 2023-01-17 at 20:34 -0600, Alberto Abrao wrote:
> Still, it generates an error message to the sender. I was looking to
> "split" my server, having the MX (inbound) at a cloud provider (OVH),
> and keeping outbound SMTP on the IP provided by my ISP.
>
> I see many posts saying that e-mails
On 2023-01-14 at 17:33 +0200, Mary wrote:
> Thank you, I'll take a closer look, because Shellshock implies that
> somehow the SMTPD executes a bash script, which I find highly
> unlikely. That is why I thought they are trying to exploit something
> further down the pipeline (Logstash, Prometheus,
On 2023-01-10 at 13:59 -0800, Dan Mahoney wrote:
> The way postfix handles these aliases, is that it preserves the
> original envelope sender and recipient (which we don’t want anyway),
> and o365 is rejecting on that envelope sender/recipient (that it’s
> not allowed to deliver to our internal
On 2023-01-08 at 18:21 +, Andrew C Aitchison via mailop wrote:
> Once upon a time SMS had a reputation for stronger security and
> privacy than email. I don't know how much that reputation was
> or is deserved.
Well, a SMS:
- Is not encrypted at any point
- Could be dropped with no
On 2022-12-19 at 13:49 -0700, Grant Taylor wrote:
> On 12/19/22 8:21 AM, Daniele Nicolodi wrote:
> > it seems that Nextdoor recently went on a mission to expand their
> > user base and are mailing former users with whatever crap.
>
> I assume that their excuse for why the contact is CAN-SPAM
On 2022-11-23 at 13:54 +0100, Tobias Fiebig wrote:
> But I am currently stuck at 'getting a /23', which is surprisingly
> difficult without $30k to blow... so if one of you has some spare v4,
> I wouldn't say no. ;-)
IPv4 addresses are scarce now, but universities and NRENs were assigned
large
On 2022-11-24 at 17:20 +0100, Martin Flygenring via mailop wrote:
> Is anyone else seeing similar issues when forwarding mails from
> gmail.com, back to other addresses at gmail.com?
Yes, it seems nitpicky again.
I recently received a report of one of those failing. Which are a pain
to figure
On 2022-11-24 at 15:28 -0800, Michael Peddemors wrote:
> Every modern email client can check multiple email accounts.
> The day when remote forwarding was a necessity has now passed, and
> now with things like SPF and other email tests, forwarding simply
> breaks..
When trying to get some user in
On 2022-11-25 at 00:10 -0500, Dave Anderson wrote:
> And even when it's possible it's not always desirable. An
> organization
> I'm involved with has many @ email aliases
> which forward to the person(s) responsible for those functions. This
> is convenient for people who need to communicate with
On 2022-11-18 at 11:38 -0800, Ken Simpson wrote:
> Hi Michael,
>
> I've seen the raw email; it did come from PayPal. PayPal needs to get
> better at recognizing brand images so that this kind of impersonation
> is more difficult on their platform. No doubt they are already
> working on that.
>
>
On 2022-11-20 at 18:58 +, Slavko via mailop wrote:
> Dňa 20. novembra 2022 17:55:18 UTC používateľ Ken Simpson <
> ksimp...@mailchannels.com> napísal:
> > One-time passwords can always be man-in-the-middle'd, since there's
> > no way
> > for the user to determine whether or not there is
On 2022-10-30 at 15:17 -0700, Michael Peddemors via mailop wrote:
> Can anyone give insight into this company?
>
> They have an IMMENSE amount of IP space from PSI/Cogent..
>
> (Someone might like to look into this from Cogent's end)
>
> Their website (https://www.code200.global/contact) has no
On 2022-10-19 at 11:37 -0700, Michael Peddemors wrote:
> > I hear your message, but I can't believe the only way out is to dox
> > myself.
>
> I don't think it is 'doxing' unless you are trying to hide ;)
>
> I am not going to go into whether operating a service on the internet
> is a 'right' or
On 2022-10-19 at 21:28 +0200, Bernardo Reino via mailop wrote:
> Yup. I have another server for which I have to request whitelisting..
> but it's a bit more difficult because the front page of the domain is
> the webmail (roundcube), so I have to figure out how to inject the
> Impressum there.
On 2022-09-29 at 08:19 +0200, Alessio Cecchi wrote:
> if you can identify a message as unwanted why do you have to send it
> anyway? It does not seem to me a positive contribution to the cause
> of a better internet, but only a discharge of responsibility on the
> receiving server.
The tricky
On 2022-09-16 at 20:47 +, Gellner, Oliver wrote:
> I can’t provide real research and I believe as well that 99% is
> exaggerated, but in my experience it’s more likely that a given
> random person is NOT regularly checking his spam folder than he is
> checking it. That‘s why I only vaguely
On 2022-09-13 at 11:48 -0700, Luke wrote:
> There's some serious irony throughout this thread. Out of one side of
> our mouths we despise "oligopolies" and service providers who get too
> big to block or, conversely, too big to care about their own spam
> footprint. And out of the other side of
On 2022-08-27 at 17:09 -0500, Darrell Budic wrote:
> Anyone else seeing this? Customer of mine just got some bounces from
> gmail for invalid SPF/DKIM. He doesn’t have either, so I’m not sure
> what this is about?
>
> Mind you, I did send him to setup a valid SPF entry, and
> authentication is
On 2022-08-21 at 15:18 -0500, Chris Adams wrote:
> Also, I believe you can offer both RSA and EC certs, so shouldn't be
> a negative to getting an EC cert (you just need to have RSA too).
How would you do that?
You could use different certificates on different interfaces, based on
the hostname
On 2022-08-13 at 18:46 -0400, John Levine wrote:
> Subject: IP address blacklisted(Child Pornography Act 1996 violated)
>
> Hello,
>
> We have found instances of child pornography accessed from your IP
> address. This is a punishable offence under The Child Pornography
> Prevention Act of 1996 .
On 2022-08-13 at 03:17 +0200, Tobias Fiebig wrote:
> Heho,
>
> > Brandon Long via mailop
> > https://developers.google.com/gmail/ampemail is the Google developer
> > information about dynamic email, that link was about controlling the
> > content with Google Workspace.
> Thanks for sharing,
On 2022-08-11 at 10:55 +, Gellner, Oliver wrote:
> In other MUAs they display like normal emails, Id expect that Googles
> dynamic emails behave the same way.
They seem to be a text/x-amp-html, and require a text/html or
text/plain fallback, so other clients would simply use the fallback.
At
On 2022-07-22 at 16:20 -0400, Luis E. Muñoz wrote:
> Going back to the example of an ESP, does the hash of the email
> address equate the email address as per GDPR?
IANAL, but...
GDPR is all about being able to identify someone, even if that would
require help from someone else.
So, the email
On 2022-06-19 at 12:22 -0700, Dave Crocker wrote:
> On 6/18/2022 3:40 PM, Noel Butler via mailop wrote:
>
> > I was a very early (even in testing) user of SPF, It's rather commical
> > reading these FUD sayers about SPF and mailing lists, it has never been
> > a problem with mailing lists, not
On 2022-06-17 at 09:12 +0200, Cyril - ImprovMX wrote:
> Obviously, this can't be it. One solution to this would be to set up
> a whitelist of services that you can rely on when you receive an ARC-
> Signed email, but this creates a two-way Internet and I prefer mine
> neutral, or at least
On 2022-06-15 at 23:53 +0200, Axel Rau wrote:
>
>
> > Am 15.06.2022 um 20:42 schrieb Ken O'Driscoll:
> >
> > This is incorrect. The return-path is the address used by receiving
> > the MTA to send bounce messages to when the recipient's 5322.From
> > is unreachable for whatever reason.
>
>
On 2022-06-13 at 18:18 +0200, Slavko wrote:
> There is better tool from Vienna
> University, which reports SPF, DKIM (both rsa & ed), DMARC and ARC
> results in similar simple txt response:
>
> e...@univie.ac.at
>
> regards
On this line, there is the MECSA tool
On 2022-05-05 at 13:09 -0700, Michael Peddemors wrote:
> Now, curious as to people's perspective on the requirement to use that
> header.. some email clients will render it even though that header is
> missing, and other ones absolutely will not render it, or see it as a
> valid attachment.
>
On 2022-04-29 at 10:28 -0700, Brandon Long wrote:
> There have been other reports on this list of Gmail requiring
> authenticated email.
>
> We don't require authenticated email... but we vastly prefer it, and
> that preference has only increased over time. And the dkim replay
> attacks have
That's an interesting attack.
I initially thought you were going to describe placing a victim as your
destination target which is something which is prevented by requiring
the receiver to authorize them:
https://www.rfc-editor.org/rfc/rfc7489.html#section-7.1
But this is getting a spamtrap to
On 2022-04-28 at 12:45 -0600, Geoff Mulligan via mailop wrote:
> I have a user on one of my servers that uses procmail to forward
> messages to their gmail account.
>
> Every once in a while messages sent to them are "bounced" to the
> sender with the error fro gmail:
>
> 550-5.7.26 This message
On 2022-04-18 at 19:32 +1000, Simon Wilson wrote:
> *Completely* and objectively not true.
>
> I've run Android phones for many years with a Google account based on
> my own personal non-Gmail email. I have never activated or used Gmail,
> and at no stage has an Android phone ever tried to
On 2022-04-16 at 14:26 +0200, Jaroslaw Rafa via mailop wrote:
> Dnia 15.04.2022 o godz. 20:18:54 John Levine via mailop pisze:
> > > You quoted that. Eu.org is a *domain registrar*. Only. They don't
> > > offer any
> > > email service and never did. So how can they "police users for
> > > email"?
On 2022-04-24 at 00:44 +0200, Jaroslaw Rafa via mailop wrote:
> Dnia 23.04.2022 o godz. 14:48:05 Dan Mahoney via mailop pisze:
> > I would LOVE there to be legal structure to say “Gee, Equifax, you failed
> > to demonstrate the basic opsec of paying some junior admin to type `yum
> > upgrade
On 2022-04-24 at 00:55 +0200, Jean-François Bachelet wrote:
> Hello ^^)
>
> Haven't read the full EU stuff yet, but question :
>
> How can we be possibly become aware of such possible threats without
> SPYING -read it all- the email passing by our mail servers ???
Well, it only applies *when*
On 2022-04-22 at 17:30 -0500, Faisal Misle via mailop wrote:
> Note the trailing dot on the second policy. Is that a valid MX for the
> policies of the file? I could not find anything about it on RFC 8461 and
> most validators were flagging it as an invalid MX.
>
> Looking forward to hearing
On 2022-04-21 at 10:04 +0800, Henrik S via mailop wrote:
> Hello
>
> My mail is sent by the third party smtp server, and the dkim
> signature
> is made for the third party domain (for this case, it's pobox.com).
>
> does this DKIM have helps to the authorization of my outgoing
> messages?
>
>
On 2022-04-10 at 18:35 +0100, Andrew C Aitchison via mailop wrote:
> On Sun, 10 Apr 2022, Byron Lunz via mailop wrote:
>
> > I don't recall seeing any discussion in this thread about how to
> > migrate
> > old email messages from a Google Workspace account to a different
> > host.
> > Anyone have
On 2022-03-10 at 15:28 -0500, John Levine via mailop wrote:
> If you really want to stop mail loops, use a Delivered-To header like
> qmail, Postfix, and Courier do:
>
> https://datatracker.ietf.org/doc/draft-duklev-deliveredto/
You still need to stop at *some* hop-count. This approach stops
On 2022-02-23 at 17:49 +0100, Jaroslaw Rafa via mailop wrote:
> Why are you looking for a webmail close to Gmail? Gmail's webmail
> interface is one of the worst possible. It is very inefficient to
> operate,
> counter-intuitive, hides many important information from the user
> etc., not
On 2022-01-31 at 10:43 -0700, Geoff Mulligan wrote:
> 1. If a recipient on an email message is both in the To: or Cc: and
> on the mailing list, should the listserver send the message to the
> recipient:
> a) By default
> b) Not by default (but configurable)
> c) Never
Yes, it
On 2022-02-02 at 21:31 -0600, Scott Mutter wrote:
> Email - as we know it - should have been dead years ago. But instead
> we keep adding band-aid after band-aid after band-aid to the system.
Maybe what you call a band-aid was actually preferable?
> Why is it impossible to take a look at what
On 2022-01-30 at 14:09 +0200, Edgaras | SENDER wrote:
> Hello,
>
> We noticed in Google Postmaster Tools a lot of bad reputation IPs
> which do not belong to us, and are actually forbidden from sending
> emails on our behalf via SPF -all, yet Gmail thinks the messages
> from these IPs were fully
On 2022-01-20 at 20:33 +0100, Klaus Ethgen via mailop wrote:.
> > Scroll down to the relay pool subheader and read up more about it.
>
> That means, Microsoft ist intentional breaking mail.
>
> > Hope this helps.
>
> Well, as I am not the sender than the recipient, no, it does not.
>
> When it
On 2021-10-16 at 02:52 +, John Levine wrote:
> According to John :
> > Which contemporary languages and infrastructures have a problem
> > with long lines? Old school used small buffers to handle
> > consecutive portions, the method
> > is not much different to line based handling. Today,
On 2021-07-19 at 23:27 +0200, Slavko wrote:
> Hi,
>
> Dňa Sun, 18 Jul 2021 13:56:18 -0400 Bill Cole:
>
> > > The only usable way seems to be GoiIP blocking countries, but i
> > > afraid that it is wrong way.
> >
> > Why?
>
> Hard to describe it in English for me, but i will try.
>
> I
On 2021-07-18 at 22:29 -0400, John Levine via mailop wrote:
>
> I do wish it were easier to report and kill the drop boxes, though.
>
> It would be nice if regasignsd...@yahoo.com went away.
I was only visited by that on July 9th.
Others like mx-server.org are much more persistent here.
Here
On 2021-05-21 at 11:48 -0400, John Lightfoot via mailop wrote:
> That option doesn’t seem to exist in Outlook for Mac. I can go to
> Preferences/AutoCorrect/Text Completion and turn off Show
> AutoComplete tip for AutoText and dates, but that doesn’t seem to
> affect autocomplete for email
On 2021-05-04 at 18:05 +0200, Raymond Dijkxhoorn wrote:
> Have fun patching!
>
> Bye, Raymond
Thanks Raymond
See as well
https://blog.qualys.com/vulnerabilities-research/2021/05/04/21nails-multiple-vulnerabilities-in-exim-mail-server
This has been a coordinated disclosure, hopefully those
On 2021-04-01 at 07:36 -0700, Marcel Becker wrote:
> On Thu, Apr 1, 2021 at 12:43 AM Hans-Martin Mosner wrote:
> > One option that you should consider to mitigate the effects for
> > recipients is to allow per-recipient DMARC exceptions, because the
> > recipient is the one who ultimately decides
Am 27.03.21 um 15:29 schrieb Hans-Martin Mosner:
> Forwarding is most often used by recipients to achieve their
> preferred way of handling mail, so rejecting mails that they want to
> receive would mean you ignore their wishes as recipients in
> favor of the wishes of the senders who often don't
On 2021-03-10 at 08:36 +, Hans-Martin Mosner via mailop wrote:
>
> Hello,
>
> does anyone have a pointer to technical details about the recently
> surfaced Exchange vulnerabilities? I would specifically be interested
> whether the exploit(s) depends on the server being exposed to the
>
On 2021-02-25 at 20:10 +0100, Jaroslaw Rafa wrote:
> I'm not a lawyer, and of course law may differ in different countries, but I
> guess that at least in my country it can have something to do whether you are
> selling something that can be classified as "consumer goods" or not.
> Selling
On 2021-01-29 at 14:36 -0800, Dave Crocker via mailop wrote:
> Although I showed some restraint in my earlier note, I will now point
> to
> two specifications I put together, seeking a less hacky way of
> dealing
> with this DMARC-generated issue:
>
> Author Header Field
>
On 2021-01-24 at 12:52 -0500, John Levine via mailop wrote:
> In article <6b96f527-0f53-494f-bb65-3e450a386...@wordtothewise.com>
> you write:
> > > Note: Some people will vehemently oppose to not placing filters,
> > > though. Some threads at RIPE anti-abuse-wg show that.
> >
> > There are
On 2021-01-23 at 23:56 +0100, Ángel wrote:
> If any, you would want to define some kind of rejection message that
> provided the equivalent of a "HTTP 301" so that the MTA itself could
> redirect it to the right mailbox.
And just minutes after sending this, I notice that reply code 551 is
On 2021-01-21 at 12:47 +0200, Mary via mailop wrote:
> The victim of a subscription bombing attack can't do much, they
> should be careful to shift through the garbage and find the real
> threat (password changes, bank transfers, etc).
>
> Email admins can only do manual work, because I haven't
On 2021-01-22 at 18:24 +, Laura Atkins via mailop wrote:
> I think it’s a great idea. We’ve even discussed putting a RFC
> together listing this as best practice but have not found the time to
> do it. Updating / superseding 2142 or whatever RFC that is would be
> a Good Thing.
>
> laura
I
On 2021-01-16 at 19:05 +0100, Jaroslaw Rafa via mailop wrote:
> Dnia 16.01.2021 o godz. 11:48:56 Tom Sommer via mailop pisze:
> > The user IS informed that "The message has been reported
> > as Junk" as they click the button.
>
> If they have no idea what "Junk" means, they won't understand this
SMTP uses _opportunistic_ encryption. It fails open.*
This has the unfortunate consequence that strengthening the encryption
often means to actually use no encryption at all. ☹
The client mta attempts to negotiate TLS1.2, is unable to and ends up
sending the email in plaintext, when it could have
For the record, here is the summary published by Google:
http://www.google.com/appsstatus/ir/4et50yp2ckm8otv.pdf
Probably already seen by most people on this list. The relevant piece
is:
> A configuration change during this migration shifted the formatting
> behavior of a service option so that
On 2020-12-18 at 15:58 +0100, Jaroslaw Rafa via mailop wrote:
> > SendGrid. They have a webpage that says "We continue to retry
> > messages for up to 72 hours," but they (sometimes?) don't.
>
> They do for most customers, but for some they don't.
>
> I remember this issue with password change
On 2020-12-08 at 12:13 +, Tim Bray wrote:
> If I stripped the name, they would have seen mablecri...@gmail.com
> and hopefully noticed sooner.
>
> Thoughts or ideas?
You would still have most of them falling when, next time, they email
you from darrensm...@bossmail.com though. :-/
I would
On 2020-10-24 at 14:38 +0100, Andrew C Aitchison via mailop wrote:
> How reliable is the SIZE value in the EHLO response ?
I would say it's reliable on how much they are able to receive.
Although it doesn't mean they are willing to send messages that big.
I was in the same boat as Adam a few
On 2020-09-30 at 11:08 +0200, Peter N. M. Hansteen via mailop wrote:
> Back in the day I suppose you could get a sort of working setup with
> UDP-only DNS, but this has me wondering, is there a quasi-rational
> historical reason for blocking 53/TCP?
I'd say that pretty much nothing broke back in
On 2020-09-17 at 11:27 +0200, Thomas Walter wrote:
> According to the UI headers, GMX thinks these are Schroedingers Spam
> -
> they are not, but they are?
>
> [...]
> X-Spam-Flag: NO
> X-UI-Filterresults:
> notjunk:1;V03:K0:Vf6iW93DjHQ=:AGDIE9XztBOZ9NwiPnKi2ALoF0
> [...]
> X-Spam-Flag: YES
>
On 2020-08-27 at 12:25 +1200, Mark Foster via mailop wrote:
> I think the option of forcing TLS within a closed community is fine.
> I think the option of forcing TLS on the wide-wide-internet is a
> minefield for anyone who needs to communicate outside of a relatively
> closed network...
while
On 2020-08-27 at 12:22 +0200, Jaroslaw Rafa via mailop wrote:
> This is so absurd that it's even hard to find words to describe it.
>
> And it should be - in my opinion - a reason for everyone to block all
> e-mails FROM t-online.de in return.
> Maybe such an Internet-wide block will force them
On 2020-08-22 at 12:46 -0400, Chris via mailop wrote:
(...)
> This is, I think, the inject-to-google point:
>
> > - IP address in X-Received header is different (first message:
> > 2002:a0c:f9cd:: ; second message: 2002:a2e:b4e1::)
> > - X-Google-DKIM-Signature, X-Gm-Message-State and
On 2020-08-21 at 09:23 +0200, Norbert Bollow via mailop wrote:
> On Fri, 21 Aug 2020 10:03:48 +0300 Lena wrote:
>
> > > I have searched a few emails, but fail to see why they would be a
> > > target. Maybe only a few of them are the real targets, with other
> > > addresses being added in order to
On 2020-08-19 at 19:49 +0800, Philip Paeps via mailop wrote:
> On 2020-08-19 17:51:51 (+0800), Andy Smith via mailop wrote:
> > Since yesterday I've been seeing a large number of attempted
> > subscriptions to all the public lists on one of my Mailman servers.
> > There's so far been 160
On 2020-08-20 at 09:35 +0200, Hans-Martin Mosner via mailop wrote:
> Am 20.08.20 um 09:10 schrieb Benoit Panizzon via mailop:
> >
> > Return-Path:
> >
> > Does the c581 part also belong to the account id?
> No, it's a short hash to verify that bounces were indeed caused by
> mails actually sent
On 2020-08-12 at 14:38 -0700, Michael Peddemors via mailop wrote:
> the phishing, don't even want to see that there,
> because end users will STILL click on phish bait, even in the spam
> folders sometimes ;)
>
> Doesn't matter HOW big the sender is.. When you are a billion dollar
> company,
On 2020-08-13 at 18:27 +0200, Hans-Martin Mosner via mailop wrote:
> The first thing you need to do is to know your customers. Don't send
> out mails on behalf of someone you don't really know, period.
>
>
> Apparently some customers themselves are victims of hacks now, so that
> alone would not
On 2020-08-07 at 20:24 +0200, Renaud Allard via mailop wrote:
>
> On 05/08/2020 20:16, Large Hadron Collider via mailop wrote:
> > you know, Mr Allard, it appears that you sent this message to the list at
> > least 5 times...
> >
>
> Actually, I only sent it once. From my logs, it was
On 2020-07-11 at 15:27 -0400, Matt Corallo via mailop wrote:
> "Sorry, I think what you're looking for isnt useful, you're misinformed"
> isn't exactly a useful response when someone,
> especially a customer, asks for something, sadly.
Your customer should detail their threat model, so that
1 - 100 of 122 matches
Mail list logo
