[mailop] Mimecast anybody?

Hi *, is there anybody out there, affiliated with Mimecast? Please can you contact me via private mail? We're experiencing certifiate issues on incoming connections from (probably) mimecast operated servers after re-issuing our local certificates. Best regards from Dresden/Germany Viele

Re: [mailop] Zero-day RCE for exim - whacky stats?

John Levine via mailop (Sa 30 Sep 2023 21:14:31 CEST): > There seems to be significant disagreement about how serious these > bugs are and whether they'r really in Exim. The fact that the zeroday > people didn't notice that libspf2 is a separate package makes it > easy to believe that they're not

[mailop] Outlook creates overlong lines (actually it seems to fail breaking them properly)

Hello @Microsoft, every now and then I find messages with overlong (header) lines. Most probably created by a client, which leaves a `X-Mailer: Microsoft Outlook 16.0` in the header of the message. If I check these overlong lines, I get the impression, that this client *tries* to break the

Re: [mailop] mailgun anybody? (variable sender address) time

Hello Oliver, Gellner, Oliver via mailop (Di 28 Mär 2023 12:18:59 CEST): > > If the query for _domainkey.bsi.de would return a no-data answer, than > > I can assume that they have someing below that name (most probably > > selectors I do not know until I get a mail from them.) > > Ok, I see

Re: [mailop] NS DKIM

Lena--- via mailop (Mo 27 Mär 2023 17:40:29 CEST): > > If the DNS name xxx._domainkey.example.com exists, then > > _domainkey.example.com exists too. > > dig 3._domainkey.lena.kiev.ua txt > 3._domainkey.lena.kiev.ua. 66633 IN TXT "v=DKIM1; p=MIGfMA0GCSqGSIb... > > dig

Re: [mailop] mailgun anybody? (variable sender address) time

Slavko via mailop (Mo 27 Mär 2023 14:37:54 CEST): > That problem is more visible with DNSSEC and > DNS "nothing under" (sorry i don't remember exact > name nor RFC). The result is, that when _domainkey > returns NXDOMAIN, anything under it is considered > as NXDOMAIN too... If the DNS name

Re: [mailop] mailgun anybody? (variable sender address) time

Lena--- via mailop (Mo 27 Mär 2023 12:46:04 CEST): > > > > They have SPF, but no DKIM (NXDOMAIN for the _domainkey.bsi.de) > > > > Or did I miss something? > > > > > > The DKIM keys would be at ._domainkey.bsi.de > > > > Yes, but as long as the parent of *any* selector does not exist, there > >

Re: [mailop] mailgun anybody? (variable sender address) time

Gellner, Oliver via mailop (So 26 Mär 2023 10:46:22 CEST): > >;; Got answer: > >;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 16687 > > > > > > They have SPF, but no DKIM (NXDOMAIN for the _domainkey.bsi.de) > > Or did

Re: [mailop] mailgun anybody? (variable sender address) time

hg user via mailop (Sa 25 Mär 2023 18:39:06 CET): > A. extortion messages like "I recorded you doing bad things, pay me". Tons > deleted, but some in the inboxes. > > B. phishing, some generic, some specific for our web mail interface. The > latter, sometimes, carry our logo in the fake page...

Re: [mailop] mailgun anybody? (variable sender address) time

Grant Taylor via mailop (Sa 25 Mär 2023 17:07:23 CET): > Are you indicating that you had problems sending to others who were using > NoListing / MX sandwiching? Or are you saying that your equipment had > problems going through NoListing / MX sandwiching in your outbound > infrastructure? We

Re: [mailop] mailgun anybody? (variable sender address) time

Bill Cole via mailop (Sa 25 Mär 2023 03:55:26 CET): > > What does this change? From senders PoV it is a temporary error. The > > sender will retry. > > The point of greylisting and "NoListing" is to eliminate the spammers who do > not retry. They are harmless (aside from delay) for mail being

Re: [mailop] mailgun anybody? (variable sender address) time

Grant Taylor via mailop (Sa 25 Mär 2023 00:33:32 CET): > On 3/24/23 4:01 PM, Heiko Schlittermann via mailop wrote: > > NoListing works by causing the sending server to cascade through multiple > MXs. > First MX either doesn't respond /or/ sends a TCP reset. Thereby causing th

Re: [mailop] mailgun anybody? (variable sender address) time

Grant Taylor via mailop (Fr 24 Mär 2023 16:42:07 CET): > On 3/24/23 1:24 AM, Renaud Allard via mailop wrote: > > I would say, that's called greylisting. But with a changing envelope, > > the message has no chances to pass any greylisting process. The > > behaviour from mailgun would make them

Re: [mailop] mailgun anybody? (variable sender address) time

fh--- via mailop (Fr 24 Mär 2023 03:56:53 CET): > > does anybody from mailgun read here? > > Your messages are tmprejected at our systems, w/o any chance to pass > > ever. > b/c they were sending spams? I can't tell, because we rejected them with 4xx and they do not pass the greylisting with a

Re: [mailop] mailgun anybody? (variable sender address) time

Renaud Allard via mailop (Fr 24 Mär 2023 08:24:20 CET): > > > does anybody from mailgun read here? > > > Your messages are tmprejected at our systems, w/o any chance to pass > > > ever. > > > > Why are you using tmp rejections for something permanent? Yes, it *is* greylisting.

Re: [mailop] mailgun anybody? (variable sender address) time

Laura Atkins via mailop (Do 23 Mär 2023 16:31:38 CET): > > does anybody from mailgun read here? > > Your messages are tmprejected at our systems, w/o any chance to pass > > ever. > Why are you using tmp rejections for something permanent? Depending on the on several conditions the messages would

[mailop] mailgun anybody? (variable sender address) time

Hi, does anybody from mailgun read here? Your messages are tmprejected at our systems, w/o any chance to pass ever. -- Heiko signature.asc Description: PGP signature ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop

Re: [mailop] Freenet.de Contact

Hi Chris, Chris Huff via mailop (Mo 30 Jan 2023 23:27:55 CET): > Thank you for this. I usually avoid role-based addresses when trying to reach > out to someone about email if only because I rarely if every receive any > response, but I wrote to that one today hoping for a response. Yes, but

Re: [mailop] Freenet.de Contact

Hi Chris, Chris Huff via mailop (Fr 27 Jan 2023 22:52:39 CET): > I see that a fair number of us wanted help from someone at freenet.de last … > email won't be accepted anymore and I wanted to at least understand more if > not stop the block altogether. I had success in contacting postmaster@…

Re: [mailop] o365/Outlook one time passcode notification, MS forgets to remove the Return-Path, or sets it early..

Michael Peddemors via mailop (Mi 16 Nov 2022 16:55:58 CET): > > How can you tell that is was the sender who *forgot* to remove it? > > Maybe it was the recipient (or an intermediate system) who inserted it > > at the wrong place? > > > > It is just not the right place, it should be set at the

Re: [mailop] o365/Outlook one time passcode notification, MS forgets to remove the Return-Path, or sets it early..

Michael Peddemors via mailop (Mo 14 Nov 2022 23:52:18 CET): > Not going to send the whole headers.. > This should be enough for the MS people to investigate. Maybe I'm missing the point… How can you tell that is was the sender who *forgot* to remove it? Maybe it was the recipient (or an

[mailop] T-Online is now really blocking messages from non-commercial and simliar senders

Hello, I'm not sure how to complain and where. But I hope that here we can start a discussion again. I'm quite upset. Is this the new world? A given mailhost (ran privately for smaller entities) can't send messages to T-Online anymore. 554 IP=168.119.159.241 - A problem occurred. … The

Re: [mailop] Thread-Index header too long

Grant, thanks for your fast response. Grant Taylor via mailop (Di 18 Okt 2022 00:41:24 CEST): > I would (try to) configure my MTA to re-wrap the logical line to conform to … Modification of existing headers isn't something I would recommend. Except for headers that aren't protected by DKIM. >

Re: [mailop] Thread-Index header too long

Heiko Schlittermann (Di 18 Okt 2022 00:02:00 CEST): > Hi, > > (crossposting from exim-user mailing list, but I think, this isn't > specific to Exim) > > how do you deal whith incoming messages having a Thread-Index header (an > other header indicates that the originating MUA was MS Outlook

[mailop] Thread-Index header too long

Hi, (crossposting from exim-user mailing list, but I think, this isn't specific to Exim) how do you deal whith incoming messages having a Thread-Index header (an other header indicates that the originating MUA was MS Outlook 16.0) with about 1200 chars. The regular Exim config doesn't forward

Re: [mailop] freenet anybody?

Thanks for the various responses. I'm in contact with their postmaster@ now. W/o any reminders. Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de internet & unix support - Heiko Schlittermann, Dipl.-Ing.

[mailop] freenet anybody?

Hi, I'm seeking a responsible person for freenet.de. We're running into their ratelimits and need more information, in order to track this issue on our side. Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de

Re: [mailop] Anyone have a mail.ru contact?

Anne Mitchell via mailop (Do 21 Apr 2022 18:49:40 CEST): > I know that this is a heck of a time to ask for a mail.ru contact, but... > does anybody have one? I sent you a private message. Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann --

[mailop] hosteurope anybody? PRVS not working?

Hi, I'm seeking for somebody from hosteurope. For a client of us, the sender verification callout (<> -> prvs…) back to hosteurope doesn't seem to work as expected. Please contact me by private mail: h...@schlittermann.de Best regards from Dresden/Germany Viele Grüße aus Dresden

Re: [mailop] Haraka status? Exim the only choice? (v Postfix)

I forgot the "selling point" that hooked me: The specification. http://exim.org/exim-html-current/doc/html/spec_html/index.html It simply contains everything you need. But the reader has to understand, that setup/operation of mail server can be a complex task. As you're on *this* mailop

Re: [mailop] Haraka status? Exim the only choice? (v Postfix)

Hi Rob, I'm biased as part of the Exim development team. Exim - is actively maintained - has a huge user base - provides more flexibility than other MTA I'm aware of (but, this is *my* PoV) > That mean Exim is the only real choice? It was a good laughing from this > recent mailop post about

Re: [mailop] Greylisting never passing on retry

Stuart Henderson via mailop (Mi 21 Apr 2021 14:38:14 CEST): > On 2021/04/21 12:55, Tim Bray via mailop wrote: > > Like fire up an exim? > > This exim? > https://www.openwall.com/lists/oss-security/2021/04/21/1 > > "The current Exim versions (and likely older versions too) suffer from > several

Re: [mailop] Greylisting never passing on retry

Neil Youngman via mailop (Di 20 Apr 2021 11:06:10 CEST): > I have observed that messages from our system are temporarily rejected > as greylisted by one destination but they are never accepted on retry. > The response is logged as "DATA: 451 0.0.0 1 recipients being greylisted > for 5 minutes".

Re: [mailop] DKIM+DMARC at t-online.de (Deutsche Telekom's ISP branche)

Hi Florian, some more question on alignment: Hopefully "alignment" between 5322.from and 5321.from talks about the domain only: As used by myself (and others): 5321.from: prvs=07316f9e9c=h...@schlittermann.de 5322.from: h...@schlittermann.de @Florian: How will T-Online handle

Re: [mailop] DKIM+DMARC at t-online.de (Deutsche Telekom's ISP branche)

Hi Florian, I'm not sure if I got it right. T-Online renders the use of DMARC useless? By inventing its own version of it, and *forcing* me to sign my messages? (I'm doing so, and I'm using DMARC, but I do it voluntarily, and I expect the recipient honouring my p=reject policy.) I do not

Re: [mailop] Info - DMARC at WEB.DE, GMX, mail.com coming soon

John Levine via mailop (Sa 27 Mär 2021 16:05:59 CET): > For example, I handle the web site and mail for my local town > government, forwarding many of the addresses to their Gmail accounts. We > were losing a lot of mail from the US Census bureau which had p=reject > and no DKIM signatures. If

Re: [mailop] It there an "official" test domain for testing zrd.dql.spamhaus.com?

Chris via mailop (Di 21 Jul 2020 23:50:55 CEST): > dbltest.com does work for dbl. Does it not work for zrd? As pointed out in the other response: zrdtest.com works, as well as the RFC5782 suggested domain "test". > I think you meant ..zrd.dqs.spamhaus.net, right? Yes, typo. Thanks. .net

Re: [mailop] It there an "official" test domain for testing zrd.dql.spamhaus.com?

Atro Tossavainen via mailop (Di 21 Jul 2020 23:16:59 CEST): > On Mon, Jul 20, 2020 at 04:57:05PM +0200, Heiko Schlittermann via mailop > wrote: > > zrd..dbl.dqs.spamhaus.com? > > RFC 5782 suggests that all domain name DNSBLs should have an entry > for "test".

[mailop] It there an "official" test domain for testing zrd.dql.spamhaus.com?

Hi, I think, that queries for theses (A, TXT) records can be used to find if the blacklist is working: 2.0.0.127..zen.dqs.spamhaus.net dbltest.com..dbl.dqs.spamhaus.net Is anybody aware of a domain that can be used for zrd..dbl.dqs.spamhaus.com? Thank you. Best regards from

[mailop] antispamcloud anybody | DMARC failure

Hello, we're asked to analyze a DMARC failure from Feb 3rd, please contact me privately. It seems you're using Exim on your MXs. Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de internet & unix support -

Re: [mailop] SOLVED No response on DNS queries to NS for zen.spamhaus.org

Hi all, the problem is solved now. The details you'll find in the archives. The abstract is: - some IP ranges are blocked by spamhaus - no way to unblock it - use DQS (data query service) offered by spamtech.net https://www.spamhaustech.com/dqs/ For further information follow the thread

Re: [mailop] No response on DNS queries to NS for zen.spamhaus.org

Bjoern Franke via mailop (Mi 30 Okt 2019 13:20:15 CET): > > As a.gns.spamhaus.org has some IPv6 addresses, is resolving via IPv6 > blocked from the whole 64-prefix of the vserver, too? No, it isn't (I thought, that mentioned it already, the the issue is isolated to IPv4.) Though, I didn't test

Re: [mailop] No response on DNS queries to NS for zen.spamhaus.org

Bjoern Franke via mailop (Mi 30 Okt 2019 12:38:24 CET): > > No, it is a vServer at netcup: 46.38.236.101 > > Netcup support told me, that they checked from another vServer in the > > same network w/o any problem. (But I do not know *what* > > and *how* they checked.) > > ok, from 194.59.205.151

Re: [mailop] No response on DNS queries to NS for zen.spamhaus.org

Tim Bray via mailop (Mi 30 Okt 2019 12:09:59 CET): > Hi, > > I think you really need to use your own recursive resolver to use spamhaus.  > Like install unbound and use localhost as resolver. Exactly that is the point. I *really* want to use my own resolver, but as my own resolver sends its

Re: [mailop] No response on DNS queries to NS for zen.spamhaus.org

Bjoern Franke via mailop (Mi 30 Okt 2019 11:17:34 CET): > > from a vServer, I recently got, I'm not able to sucessfully > > receive answers from spamhaus: No, it is a vServer at netcup: 46.38.236.101 Netcup support told me, that they checked from another vServer in the same network w/o any

Re: [mailop] No response on DNS queries to NS for zen.spamhaus.org

Laura Atkins via mailop (Mi 30 Okt 2019 10:23:53 CET): … > I’d suggest talking to the guys who handle the datafeed > https://www.spamhaustech.com/#contact > . Tell them the situation and ask them > to assist. Thanks, I'll try this. Michael W already

[mailop] No response on DNS queries to NS for zen.spamhaus.org

Hello Mailops, from a vServer, I recently got, I'm not able to sucessfully receive answers from spamhaus: dig -4 @a.gns.spamhaus.org 2.0.0.127.zen.spamhaus.org runs in a timeout. Tcpdump shows only the outgoing packages. Using IPv6 works w/o any issue. I wasn't sucessful in finding any

[mailop] Mittwald anybody?

Hi, please contact me if you're in charge of mittwald.de's mailsystem. Thank you. Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) -

Re: [mailop] HEADER LENGTH as per RFC2822

John Levine via mailop (Di 20 Aug 2019 21:45:37 CEST): > In article <530230574.3626402.1566296780...@ss002889.tauri.ch> you write: > >-=-=-=-=-=- > >-=-=-=-=-=- > >Not quite, RFC5322 section 2.2.3 explicitly states at the end of the > >paragraph: > >"An unfolded header field has no length

Re: [mailop] DANE validation

Bjoern Franke via mailop (Fr 12 Jul 2019 18:47:40 CEST): > Am 11.07.19 um 21:29 schrieb Ross Tajvar via mailop: > > Yes, this is exactly what I was wondering. I'm sure it's possible to > > validate on any reasonably modern MTA, but I am curious if hosted mail > > providers (or even large

Re: [mailop] DANE validation

Ross Tajvar via mailop (Fr 12 Jul 2019 04:12:13 CEST): > >For mail clients this question isn't relevant, if this is meant as > >"MUA", since MUAs normally talk to their submission hosts, and often do > >certificate checking similar to that what HTTPS clients do: compare the > >certificate's CN,

Re: [mailop] CVE-2019-10149 Exim 4.87 - 4.91 possible remote exploit

The fix for CVE-2019-10149 is public now. https://git.exim.org/exim.git Branch exim-4_91+fixes. Thank you to - Qualys for reporting it. - Jeremy for fixing it. - you for using Exim. Sorry for confusion about the public release. We were forced to react, as details leaked.

Re: [mailop] Exim 4.87 - 4.91 possible remote exploit

We will publish the fix today 2019-06-05 15:15 UTC on the exim-4_91+fixes branch of our public Git repo git.exim.org. Distros can release their packages by that date. Sorry for the inconveniences. -- Heiko Schlittermann (unterwegs) signature.asc Description: PGP signature

Re: [mailop] Missing Message-ID?

Rob Nagler (Mo 19 Mär 2018 21:56:12 CET): .. > It seems Message-ID is a "should" field so our software shouldn't require > it. However, many mailers and spam filters treat Message-IDs as "must". > We'll probably just add one, because some of our users are starting to get >