Re: [mailop] Yahoo no longer accepting email forwards?

It appears that Mark E. Jeftovic via mailop said: >The only difference between messages that get through vs ones that are >rejected (same message) is whether we send to the Yahoo email box >directly, or else via an email forward (which has SRS enabled, and >optionally SPF and even minimal

Re: [mailop] TLS inbound to comcast.net

It appears that Benny Pedersen via mailop said: >Suresh Ramasubramanian via mailop skrev den 2024-05-21 15:18: >> Yeah Benny – if you’re running 16 year old code and certificates >> that you’re still on TLS v1 or 1.1, it is time to upgrade, asap. >> What you have is not much better or worse than

Re: [mailop] (Mis)use of DKIM's length tag and it's impact on DMARC and BIMI

It appears that Bill Cole via mailop said: >Who uses it? In my logs most of the l= tags are l=1 on that libertarian newsletter, and one or two other newsletters. I see that Verisign puts an l= in the mail their employees send with the real message length. Other than that, I'm with you, it is

Re: [mailop] (Mis)use of DKIM's length tag and it's impact on DMARC and BIMI

It appears that Slavko via mailop said: >I feel as the problem lies elsewhere. Perhaps just mentioned gigants >fails properly parse the l= tag (or even do not parse it at all) and their >UI shows whole message (or all its parts) as signed, ... That's not how DKIM works, and not how l= works.

Re: [mailop] (Mis)use of DKIM's length tag and it's impact on DMARC and BIMI

It appears that Taavi Eomäe via mailop said: >> Every a few months we see a paper / blogpost that passes SPF / DKIM / >> DMARC. So maybe requiring both SPF and DKIM for BIMI would be a good idea. > >Both together might make sending a bit too error-prone. Hardening DKIM >seems more doable. I

Re: [mailop] Line too long

It appears that Brandon Long via mailop said: >-=-=-=-=-=- >-=-=-=-=-=- > >RFC 3030 which provides for the BDAT command and BINARYMIME which treats >the message not as text at all >and so I wouldn't expect that that text limit would apply, though the RFC >doesn't discuss any limits. It says that

Re: [mailop] (Mis)use of DKIM's length tag and it's impact on DMARC and BIMI

It appears that Taavi Eomäe via mailop said: >-=-=-=-=-=- >-=-=-=-=-=- >Hi! > >As part of coordinated disclosure, I am sharing it here as well. In >short, using the approach described below, attackers can replace the >entire contents of a letter, in a way the letters still pass DKIM’s

Re: [mailop] Does iCloud accept forwards?

It appears that Mark Fletcher via mailop said: >Can you please have your email administrators check your SPF / DKIM >> settings and ensure that mail sent from your domain has valid DMARC >> signatures in accordance with the DMARC policies that you have defined for >> your domain. > >As you can

Re: [mailop] v=spf1 -all SPF treewalk?

It appears that Mark Alley via mailop said: > >This claim stated that (and I'm quoting verbatim here), "/I forced many >ESPs to start failing SPF for any subdomain of a domain that has no >explicit SPF, and fails SPF at the *primary domain level* /(Context >note: when/v=spf1 -all /exists at

Re: [mailop] What is Yahoo TSS09 ?

It appears that Farhad Hedayatifard via mailop said: >I had this happen with a new IP block a couple of weeks ago as well. We're all set. Whenever Yahoo sees mail from a block that's never been announced before they assume that it's probably an abandoned block that's been hijacked so they block

[mailop] What is Yahoo TSS09 ?

I am moving my servers to new IP addresses, which is always fun. The new block is 192.55.226/24 which was allocated in 1989 and has never been live until this week. So here's what AOL says to innocuous messagee from my users. 553 5.7.2 [TSS09] All messages from 192.55.226.66 will be permanently

Re: [mailop] Apple mail admins?

It appears that Mendel Kucharzeck via mailop said: >Hi, > >I would try contacting icloudad...@apple.com Or, of course, you could tell us what domain and what server and quite possibly someone would spot the problem. R's, John

Re: [mailop] [External] Gmail has a thing about dots

It appears that Kevin A. McGrail via mailop said: >Gmail treats dots as non-existent.  These dots aren't in the Gmail address. They're in the return address in the message. >On 5/2/2024 3:02 PM, John Levine via mailop wrote: >> While debugging something else, I've been tr

[mailop] Gmail has a thing about dots

While debugging something else, I've been trying to send messages to myself from the address a...@m.jl.ly. RFC 5321 says two dots in a row need to be quoted, and I have checked that my mail system does indeed put in the quotes and it says MAIL FROM:<"a..b"@m.jl.ly> But Gmail still doesn't like

Re: [mailop] Problems with invoices.premierinn.de and postmas...@premierinn.de

It appears that Benny Pedersen via mailop said: >John Levine via mailop skrev den 2024-04-25 18:33: >> It appears that Andrew C Aitchison via mailop >> said: >>>> because the return path would not work. >>>> >>>>$ host invoices.premierinn.

Re: [mailop] Problems with invoices.premierinn.de and postmas...@premierinn.de

It appears that Andrew C Aitchison via mailop said: >> because the return path would not work. >> >>$ host invoices.premierinn.de It has an SPF record. What's the problem? >Should someone here not know, RFC 7505 > A "Null MX" No Service Resource Record for Domains That Accept No Mail >is

Re: [mailop] Google Mail rejects forwarded email despite `~all` in SPF

It appears that Paul Menzel via mailop said: > The following message to was undeliverable. > The reason for the problem: > 5.3.0 - Other mail system problem 550-'5.7.26 This mail has been >blocked because the sender is unauthenticated.\n5.7.26 Gmail requires >all senders to

Re: [mailop] Are there other comparable services like spamcop.net / spamhaus.org?

It appears that Aban Dokht via mailop said: >Hi list, > >are there other comparable services like spamcop.net or spamhaus.org worth >submitting SPAM samples to? By the way, how do you think you're submitting stuff to spamhaus? They do not accept third party samples and never have. R's, John

Re: [mailop] Are there other comparable services like spamcop.net / spamhaus.org?

It appears that Niels Dettenbach via mailop said: >Am Mittwoch, 3. April 2024, 10:41:01 CEST schrieb Aban Dokht via mailop: >> Currently we are reporting SPAM samples semi automated to those to services >> and would like to know, if the are other ones worth to contribute so. > >even if they work

Re: [mailop] how does mailhash.josephlist.net work?

It appears that Peter N. M. Hansteen via mailop said: >On Tue, Apr 02, 2024 at 04:09:48PM +0200, Benoit Panizzon via mailop wrote: >> I came across emails rejected by mailhash.josephlist.net >> >> reason: 550 5.7.1 block listed email address s...@example.com by >> mailhash.josephlist.net

Re: [mailop] Anyone from Google - Sudden Gmail bounces??

It appears that Odhiambo Washington via mailop said: >> checkrbl 41.212.32.15 >> Found in "Spamhaus ZEN DQS" (zen.dq.spamhaus.net): >> * PBL, end user (from Spamhaus) (127.0.0.11) >> >> checkrbl 41.212.32.16 >> Found in "Spamhaus ZEN DQS" (zen.dq.spamhaus.net): >> * PBL, end user (from

Re: [mailop] Debt Collection Client Email Servers

It appears that Jaroslaw Rafa via mailop said: >Does USA have a government-certfied platform for electronic delivery of >documents (like many European countries have) ... No, and given the political structure here, we never will. We do have a post office which delivers mail reliably to every

Re: [mailop] Debt Collection Client Email Servers

It appears that Michael Irvine via mailop said: >I can't say the specific lenders, but I can say that it is not just bank and >money lending. We have clients who are from the courts and other 3rd parties >that do >not fully validate the email that is given to them. We still must take it as

Re: [mailop] mailop and DKIM signatures

It appears that Alessandro Vesely via mailop said: >IME, my heuristic algorithm fails more often because senders "oversign", by >signing technical such as Content-Type: or Content-Transfer-Encoding: than >because it meets an unknown transformation, albeit I only see a limited number >of

Re: [mailop] Mailbox Filling w. Opt-In/Sign-Up mails

It appears that Richard Clayton via mailop said: >you have not been paying attention ... it's called list-bombing (Google >will find you many references) > >it dates from 2017 or so ... here's an early high-viz example > >

Re: [mailop] mailop and DKIM signatures

According to Marco Moock via mailop : >Am 16.03.2024 um 17:44:09 Uhr schrieb John Levine: > >> It appears that Marco Moock via mailop said: >> >> But who will follow 13 years old standard... ;-) >> > >> >When Google and Co. make DKIM mandatory, thi

Re: [mailop] mailop and DKIM signatures

It appears that Marco Moock via mailop said: >> But who will follow 13 years old standard... ;-) > >When Google and Co. make DKIM mandatory, this will be hard, because >those messages are likely to be rejected. Why do you imagine that Google is unable to read the specs? I know people at Google

Re: [mailop] mailop and DKIM signatures

It appears that Marco Moock via mailop said: >Hello! > >Since enabling DKIM outgoing and verify incoming, I notice the DKIM >fails (although, I don't reject). >One of them is this mailing list. > >Is there a reason for changing the content of the mail AND keeping the >original DKIM signature?

Re: [mailop] OpenSRS Delivery Issues

It appears that Chase Vance via mailop said: >-=-=-=-=-=- >-=-=-=-=-=- > > >Hello, >  >Wanted to reach out and see if there was anyone with OpenSRS ... Their white label service is entirely provided through resellers, and for the most part they'll only talk to their customers. You should

Re: [mailop] [spamhaus] de-listing requests successful, but only for a couple of days.

It appears that Michael Grimm via mailop said: >> Sharing a /64 among multiple customers doesn't make sense. It's not like OVH >> is in danger of running out of IPv6 space any time soon. > >OVH is sharing a /64 subnet among multiple customers since they started their >public cloud project. You

Re: [mailop] [spamhaus] de-listing requests successful, but only for a couple of days.

It appears that Slavko via mailop said: >Dňa 14. marca 2024 19:15:14 UTC používateľ John Levine via mailop > napísal: > >>It would not be hard to use a different address for every message. > >More precise, one can get/use new temporary IPv6 address every >5 s (less is ig

Re: [mailop] [spamhaus] de-listing requests successful, but only for a couple of days.

s IPv6 address reputation aggregates by /64 since it it trivial for hosts to hop around within the /64. It would not be hard to use a different address for every message. It's not like you're going to run out. -- Regards, John Levine, jo...@taugh.com, Primary Perpetrator of "The Internet

Re: [mailop] % in SRS ?

It appears that Julian Bradfield via mailop said: >An idle question: people who do SRS or similar things usually use >'=' as the replacement for '@' in the rewritten address >localpart=origdomain@mydomain > >Is there any reason not to use the old routing character '%' instead? You will still run

Re: [mailop] Filter out emoji from email adresses

It appears that Bill Cole via mailop said: >> AFAIK, for most of the world is US-ASCII not enough, not only for >> India or Thailand. > >Absolutely true. However, I believe that what John meant to point out is >that support for SMTPUTF8 *in MTAs operating as MXs* is not widespread >enough to

Re: [mailop] Filter out emoji from email adresses

It appears that Sebastian Nielsen via mailop said: >-=-=-=-=-=- >-=-=-=-=-=- > >Anyone that have a general algoritm to filter out emoji from sender >addresses? > >How I do in regexp to identify emoji? (its such a stupid thing).. Normal e-mail doesn't allow anything outside of ordinary ASCII in

Re: [mailop] Recommended ciphers used for ESMTP connections

It appears that Ken O'Driscoll via mailop said: >-=-=-=-=-=- >-=-=-=-=-=- > >I think you have to consider Postel's Law here. If your cipher choices are >causing problems for your clients, then... maybe relax them a bit? > >Transport encryption is not for confidentiality anyway. Agreed. My MTA

Re: [mailop] PTR check mechanism / gmail

It appears that Matus UHLAR - fantomas via mailop said: >>Received: from atlas.bondproducts.com (unknown [23.24.6.165]) >> by mx6.messagingengine.com (Postfix) with ESMTP id ... > >Here, atlas is the HELO/EHLO name the IP 23.24.6.165 introduced itself as. >The fcrdns lookup was unsuccessful,

Re: [mailop] Dot as the first character of a line ? (RFC 5321, Section 4.5.2)

It appears that Cyril - ImprovMX via mailop said: >@John Levine , I'm not sure which line you are mentioning, >the one I used from the RFC ("... If the first character is a period and >there are other characters on the line, the first character is deleted.") >does mention &q

Re: [mailop] Dot as the first character of a line ? (RFC 5321, Section 4.5.2)

It appears that Cyril - ImprovMX via mailop said: >-=-=-=-=-=- >-=-=-=-=-=- > >Just to clarify, I'm not trying to pin some issue on a company (Google) but >I'm trying to understand why aiosmtpd seems to follow an RFC that >appears to be clear on the behavior, that GMail doesn't do but doesn't

Re: [mailop] Contact of postmaster for hostedemail.com domains

It appears that Support 3Hound via mailop said: >About the hostedmail.com domain, I searched a bit before ask here. >The owner/registrant is redacted for privacy. >No web redirect. >No TXT records. >Abuse info was ab...@hostedmail.com ( on abuse.net ) >The registrar is Tucows (as thousand of

Re: [mailop] Contact of postmaster for hostedemail.com domains

It appears that Support 3Hound via mailop said: >In this case, the recipient is a phisycal shop manager, that is waiting  >some item sent from some supplier that used our customer service (a >shipping company) to send that packages. >The e-mail is telling something like "your items has been

Re: [mailop] Contact of postmaster for hostedemail.com domains

It appears that Grant Taylor via mailop said: >On 2/26/24 10:43 AM, Jaroslaw Rafa via mailop wrote: >> At least that's what I see all over from my experience. > >My experience is similar. That's certainly true for free mail systmes. Sometimes you only get what you pay for. Hostedmail is a

Re: [mailop] One click unsubscribe in mailing list messages

It appears that Benny Pedersen via mailop said: >Ken O'Driscoll via mailop skrev den 2024-02-25 21:38: >> Outlook has supported list-unsubscribe for at least a year, if not >> longer. But, it's an add-on you need to proactively install so... > >waiting for roundcube, since squirrelmail have had

Re: [mailop] One click unsubscribe in mailing list messages

It appears that Hans-Martin Mosner via mailop said: >Yes. I'm looking at you, thunderbird... > >This should be a no-brainer, and it's a shame that the major open source MUA >doesn't seem to support it. There's >probably an add-on to do this, I just can't access the thunderbird add-on >search

Re: [mailop] One click unsubscribe in mailing list messages

It appears that Marco Moock via mailop said: >Am Fri, 23 Feb 2024 13:39:46 -0800 >schrieb Mark Fletcher via mailop : > >> My question to you all is, do you think that the >> List-Unsubscribe=One-Click header is supported well enough these days >> such that I can replace the one-click unsub link

Re: [mailop] One click unsubscribe in mailing list messages

It appears that Anne P. Mitchell, Esq. via mailop said: > > >> On Feb 23, 2024, at 4:59 PM, John Levine via mailop >> wrote: >> >> 'd leave the links in the bodies for now. A lot of mail programs give >> you a way to use the ones in the header, but some ma

Re: [mailop] One click unsubscribe in mailing list messages

of the one-click is that it's a POST rather than GET, and the scanners just do a GET. I'd leave the links in the bodies for now. A lot of mail programs give you a way to use the ones in the header, but some major ones like Outlook still don't. -- Regards, John Levine, jo...@taugh.com, Primary P

Re: [mailop] Opinions on what qualifies as a "false positive" RBL listing that should be fixed?

It appears that Robert L Mathews via mailop said: >On Feb 15, 2024, at 6:13 PM, Dave Crocker via mailop wrote: > >> Not using COI, as well as hitting spamtraps are both solid, affirmative >> indications of spam. Full stop. > >Interesting, thanks. I find I disagree with the "full stop" part, but

Re: [mailop] Opinions on what qualifies as a "false positive" RBL listing that should be fixed?

It appears that Robert L Mathews via mailop said: >I was mostly surprised that after reviewing it, Spamhaus's policy is that this >behavior (not using COI and hitting spamtraps as a >result, for messages that in other respects are wanted by recipients and >transactional) is sufficient to

Re: [mailop] Opinions on what qualifies as a "false positive" RBL listing that should be fixed?

It appears that Robert L Mathews via mailop said: >Spamhaus says they don't remove such listings, though, because by their >definition, it's not a false positive if some of the messages >are reaching spamtraps -- in other words, that addresses sending to spamtraps >are correctly listed as "This

Re: [mailop] Is forwarding to Gmail basically dead?

It appears that Gellner, Oliver via mailop said: > >> On 13.02.2024 at 17:05 John Levine via mailop wrote: >> It appears that Taavi Eomäe via mailop said: >>> >>> On 13/02/2024 05:16, John Levine via mailop wrote: >>>> Right now if you get a

Re: [mailop] Is forwarding to Gmail basically dead?

It appears that Marco Moock via mailop said: >> >>S/MIME will be applied to the forwarded messages and people will >> >>assume everything is fine even when the original message is forged. >> >> >> That’s why you apply S/MIME only if the original message can be >> verified as genuine, if your

Re: [mailop] Is forwarding to Gmail basically dead?

It appears that Taavi Eomäe via mailop said: >-=-=-=-=-=- >-=-=-=-=-=- >-=-=-=-=-=- > >On 13/02/2024 05:16, John Levine via mailop wrote: >> Right now if you get a message from Gmail or Yahoo with a valid DKIM >> signature, you >> can be quite confident that it c

Re: [mailop] Is forwarding to Gmail basically dead?

It appears that Mark Milhollan via mailop said: >On Mon, 12 Feb 2024, Dave Crocker wrote: > >> 1. S/MIME has been around for 25 years.  While it has gained >>respectable amounts of implementation in MUAs, it has achieved use >>only in specialized environments.  > >Google could greatly

Re: [mailop] mail wrapping, Is forwarding to Gmail basically dead?

It appears that Laura Atkins via mailop said: >-=-=-=-=-=- >-=-=-=-=-=- > >The problem with encapsulating like that is it basically makes it impossible >to respond to the original email sender. It destroys >functionality that has been around since the early stages of email. If we’re >going to

Re: [mailop] Is forwarding to Gmail basically dead?

It appears that Sebastian Nielsen via mailop said: >-=-=-=-=-=- >-=-=-=-=-=- >You just regard all email which passes DMARC as trusted, as if the mail was >S/MIME signed by the sender personally.The sender has >chosen to trust that shared provider. Its not "your problem" as a receiver if >that

Re: [mailop] WKBI, was Why is mail forwarding such a mess?

It appears that Hal Murray via mailop said: > >I expect that there would be a protocol to handle it. I can't be the only one >who has thought of this. After a handshke to set things up, the sender adds a >forwarding header and the receiver verifies that a forwarded message is coming >from an

Re: [mailop] Is forwarding to Gmail basically dead?

It appears that Sebastian Nielsen via mailop said: >And also as a side note, this list server (mailop) also does sender rewriting >to From: mailop@mailop.org to prevent SPF and >DMARC from tripping on list mail. Yes, we know. DMARC has been screwing up mailing lists for a decade now. >So its

Re: [mailop] Is forwarding to Gmail basically dead?

It appears that Sebastian Nielsen via mailop said: >>>just because SPF and DMARC are so badly designed that they can't handle it >>>doesnt make it "forging" anything. > >It isn't badly designed. >Forwarding a email, is the equvalient of, when you receive a signed envelope >from me containing a

Re: [mailop] Is forwarding to Gmail basically dead?

It appears that Sebastian Nielsen via mailop said: >Or people could stop forwarding emails in idiotic ways, because when you >forward an email, you are actually forging the >original sender. Aw, come on. People have been forwarding mail for 40 years, and just because SPF and DMARC are so badly

Re: [mailop] problem setting up open-dmarc

It appears that Hans-Martin Mosner via mailop said: >This is mostly a matter of tooling, XML is not fit for human consumption. >Being a software developer, I wrote my own >tools to parse and present DMARC reports which are not perfect but ok for my >purposes. I'm not sure I could find

Re: [mailop] Is forwarding to Gmail basically dead?

akes maybe 5 minutes to set up. -- Regards, John Levine, jo...@taugh.com, Primary Perpetrator of "The Internet for Dummies", Please consider the environment before reading this e-mail. https://jl.ly ___ mailop mailing list mailop@mailop.org h

Re: [mailop] Article Describing Mail Policy Changes

It appears that Mike Hammett via mailop said: >-=-=-=-=-=- >-=-=-=-=-=- > >I'm seeing more and more people (not commercial mailers, but ISPs, individual >businesses, etc.) asking in groups about delivery issues to the major mail >companies. Most likely (though not guaranteed) that it's related

Re: [mailop] problem setting up open-dmarc

It appears that Royce Williams via mailop said: >Unfortunately, this is not correct, despite the official documentation. >There are multiple reports on Reddit and other places of people getting the >explicit "authentication required" SMTP response at much lower volumes. You definitely will if

Re: [mailop] problem setting up open-dmarc

uably, SPF would >suffice for most sending domains if it >were not for transparent forwarding. You might as well publish a p=none DMARC record anyway so you can collect the reports. Some of them can be quite amusing. I agree that p=reject is of no value unless you are big enough or famous enough to be

Re: [mailop] [EXTERNAL] It's almost getting funny out there now..

It appears that Michael Peddemors via mailop said: >Obviously.. ;) Unless you are renting from OBHost LLC > >But you can see the offender is using a onmicrosoft.com PTR record.. Please don't tell ua that you are using names from PTR records without checking that they resolve back to the same IP.

Re: [mailop] zen.spamhaus.org

It appears that Odhiambo Washington via mailop said: >-=-=-=-=-=- >-=-=-=-=-=- > >Today morning I woke up to all emails being rejected as I was using >zen.spamhaus.org in my dnslists. >Almost all incoming emails - even from gmail.com - were being rejected. >Did I maybe miss something? Are you

Re: [mailop] Spamhaus SBL listing fonts.googleapis.com

It appears that Andreas Schamanek via mailop said: > >Hi mailops, > >Thought some might be interested, though those affected sure already >know: > >On January 25 I was alerted to false positives due to Spamhaus SBL >listing IP addresses of fonts.googleapis.com. Are those IPs supposed to send

Re: [mailop] DMARC on srs forwarding domains?

It appears that Matus UHLAR - fantomas via mailop said: >>Am 02.02.24 um 16:08 schrieb Mark E. Jeftovic via mailop: >>>We're having a bit of a theological debate internally on whether to >>>implement DMARC on our SRS forwarder domains. > >On 02.02.24 16:26, Kai Bojens via mailop wrote: >>Skip

Re: [mailop] Meta outgoing servers in black list (SORBS, 0SPAM...)

It appears that Renaud Allard via mailop said: >-=-=-=-=-=- >-=-=-=-=-=- > > > >On 2/1/24 10:32, Eduardo Díaz Comellas via mailop wrote: >> Hi, >> >> I've got a customer complaining that they don't receive emails from Meta >> for password reset. We have tracked down this to see that a lot of

Re: [mailop] [E] Re: Spamfolder mini rant (Was: Contact Google Postmaster)

It appears that Marcel Becker via mailop said: >-=-=-=-=-=- >-=-=-=-=-=- > >On Mon, Jan 29, 2024 at 5:25 PM Randolf Richardson, Postmaster via mailop < >mailop@mailop.org> wrote: > >> Interestingly, Google's GMail allows access to external eMail >> accounts via POP3. There's no IMAP4

Re: [mailop] [E] Contact Google Postmaster

It appears that Scott Mutter via mailop said: >But as it stands now, it's only when our users notify us that their >messages are being sent to their Gmail spambox do I realize there's an >issue. There's no rejection or anything from Google's acceptance of the >message to indicate that there is

Re: [mailop] Contact Google Postmaster

It appears that Scott Mutter via mailop said: >-=-=-=-=-=- >-=-=-=-=-=- > >It seems messages being sent from 173.225.104.91 are being delivered into >Gmail user's spam boxes. > >These messages are DKIM signed, pass SPF and DMARC. > >I'm not seeing where 173.225.104.91 is on any public blacklist.

Re: [mailop] Extortion spam from OVH-hosted *.sbs domains

ren't penalized. When I look at my logs and see the amount of spam from OVH networks, it's just not worth the effort to try and pick out the trickle of non-spam. If you want people to accept your mail, act like you do and send it from a network that doesn't gush spam. -- Regards, John Levine,

Re: [mailop] Extortion spam from OVH-hosted *.sbs domains

It appears that Jaroslaw Rafa via mailop said: >Dnia 25.01.2024 o godz. 07:10:13 Hans-Martin Mosner via mailop pisze: >> It's probably pointless to call for a general OVH boycott, as much as I >> would like to do that :-) > >I would be the first to object to that, because my server is hosted at

Re: [mailop] Spamhaus contact?

It appears that hg user via mailop said: >Since most RBLs exchange data, ... No, they don't. Can we leave the conpsiracy theories at home, please? R's, John ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop

Re: [mailop] Spamhaus contact?

It appears that Atro Tossavainen via mailop said: >> On Spamhaus' suggestion, I built a reverification system late last year and >> tested it on a small group of users. Yesterday, I kicked off a >> reverification to a much larger segment of users. Yup, I got it yesterday for a list I'm on that's

Re: [mailop] Anyone else noticing an increase in spam from Office365 distribution lists?

It appears that Russell Clemings via mailop said: >"You can keep using the initial onmicrosoft.com domain even after you add >your domain. It still works for email and other services, so it's your >choice." > >... or am I misunderstanding? > >I'm tempted to block *. onmicrosoft.com completely but

Re: [mailop] Displaying logos

It appears that Randolf Richardson, Postmaster via mailop said: >> It might work to put a gold border around checked logos and a black/red >> dashed >> line around non-validated logos. > > That's actually a better solution than what I suggested. Extensive experience says that doesn't

Re: [mailop] BIMI boycott?

It appears that Andrew C Aitchison via mailop said: >X-Face was too far ahead of its time. Enough of the market did not have >the bandwidth to make it practical, and digitisers/cameras were not >readily available. It was, and it also predated phishing. All of the complication of BIMI comes from

Re: [mailop] Contact for TWC

It appears that Tarun Singh via mailop said: >Do we have folks from TWC (Time Warner Cable) on this distro? Can you please >reach out to me offline? It was merged into Charter's Spectrum quite a while ago. R's, John ___ mailop mailing list

Re: [mailop] SMTP smuggling

It appears that Brandon Long via mailop said: >-=-=-=-=-=- >-=-=-=-=-=- > >Hmm, doesn't this also depend on improper handling of pipelining? Yes. The postfix patch to fix this checks for early talking past data. R's, John >You can't pipeline past DATA,

Re: [mailop] Single deliveries are good for you was, Gmail now deferring

It appears that Michael Orlitzky via mailop said: >This will work, but you probably don't want to make your entire MTA >inefficient just to appease Google. Actually, you do, and it's not just Google. I've seen stats that say that the average number of recipients on legit mail is about 1.2,

Re: [mailop] DKIM validity period

age. R's, John -- Regards, John Levine, jo...@taugh.com, Primary Perpetrator of "The Internet for Dummies", Please consider the environment before reading this e-mail. https://jl.ly ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop

Re: [mailop] ECDSA DKIM validation?

It appears that Alessandro Vesely via mailop said: >RFC 8463 still reads out: > >Signers SHOULD implement and verifiers MUST implement the >Ed25519-SHA256 algorithm. Implement is not a synonym for use. Yes, your code should handle them. No, that doesn't mean you should sign with them.

Re: [mailop] ECDSA DKIM validation?

It appears that Gellner, Oliver via mailop said: >> Won't any Google insider shred some lite on why a generally technically >> sound company lags like that? > >I‘m not an insider but I could imagine that DKIM signatures which use EdDSA >and ECDSA are solutions to a problem that has >not yet

Re: [mailop] Docusign phishing campaign of the decade, brought to you by Microsoft?

It appears that Jarland Donnell via mailop said: >Hey friends, > >Do me a favor and search your logs for this domain: >SIBBERTLLC.onmicrosoft.com It's not just that subdomain. .onmicrosoft.com is free throwaway accounts and I've seen the Docusign phish from lots of them. It's kind of clever,

Re: [mailop] dnsbl.spam.fail

It appears that Gellner, Oliver via mailop said: >And to add a rant to that: I don’t have much sympathy for operators that are >trying to use their control over a MTA or DNSBL as some >kind of extortion tool or to put forward their own vendettas. I also block most mail from Hetzner's network.

Re: [mailop] Yahoo Feedback Loop

According to Alessandro Vesely via mailop : >On Mon 27/Nov/2023 19:28:17 +0100 John Levine via mailop wrote: >> It appears that Mike Hammett via mailop said: >>>-=-=-=-=-=- >>>-=-=-=-=-=- >>> >>>What do you do when someone keeps reporting conversati

Re: [mailop] Yahoo Feedback Loop

It appears that Mike Hammett via mailop said: >-=-=-=-=-=- >-=-=-=-=-=- > >What do you do when someone keeps reporting conversations on a mailman mailing >list that is opt-in only to Yahoo? > >It seems like they forgot they were on NANOG and are now reporting every >message sent to it. I

Re: [mailop] Today in sendgrid

s crypto scam, and a fake Bittrex >> crypto scam, along with the >usual deluge of ads that my users don't really want. >> >> I'm trying to remember why I accept any mail from them at all. >> >> Regards, >> John Levine, jo...@taugh.com, Taughannock Networks, Trum

Re: [mailop] Gmail deferrals resolved by transit encryption

It appears that Frank Bulk via mailop said: >We've been having delivery issues to gmail since November 15 at 12:17 pm >(Central). But there's still lots of email going through, too. > >Here's an example from our mail server's logs: > >Failed rr=Site gmail.com (2607:f8b0:4001:c5a::1a) said

Re: [mailop] If one signature is good, 72 signatures must be better

It appears that Gellner, Oliver via mailop said: >On 16.11.2023 at 03:05 John Levine via mailop wrote: > >> I just got a couple of quite remarkable messages from Sabre's Tripcase >> service, confirming that they'd received some info I mailed thmm. >> Below you can see th

[mailop] If one signature is good, 72 signatures must be better

I just got a couple of quite remarkable messages from Sabre's Tripcase service, confirming that they'd received some info I mailed thmm. Below you can see the Authentication Results header my mail server added. All 72 valid DKIM signatures really are there, and I am trying to imagine what kind of

Re: [mailop] valid DKIM-signed email spam-classified @gmail only; correct PASS @ other server recipients ?

It appears that Slavko via mailop said: >Dňa 30. októbra 2023 10:11:11 UTC používateľ John R Levine via mailop > napísal: > >> By the way, have you asked the author of RFC8463 which defines ed25519 >> signatures what his opinion is on this? > >No, i idn't. Please, can you share that? I'm

Re: [mailop] Zero-day RCE for exim - whacky stats?

It appears that Simon Arlott via mailop said: >On 30/09/2023 08:50, Andrew C Aitchison via mailop wrote: >> I see that there is an Exim release candidate out on test at the moment >>https://lists.exim.org/lurker/message/20230926.174111.cb403675.en.html >> but know nothing about whether it

[mailop] Gmail says "Message bounced due to organizational settings."

I'm doing some work for arxiv.org, the preprint server at Cornell university. Many gmail users have reported that when they try to send mail to arxiv.org addresses to update their subscriptions, it fails saying Message Blocked, with the explanation "Message bounced due to organizational

Re: [mailop] Authentication Bounces by Gmail

It appears that Gellner, Oliver via mailop said: >> Yes, I'm sure it does. >> Using simple/simple canonicalization is not for people who want robust DKIM >> signatures. > >The relaxed canonicalization of DKIM would fix this particular issue, but >relaxed means both the signer and the verifier

Re: [mailop] Opentable, Legit-looking mail to the wrong address with no unsubscribe

It appears that � ngel via mailop said: >On 2023-08-24 at 14:29 -0400, postfix--- via mailop wrote: >> (...) >> Needless to say: I will avoid restaurants using OpenTable, whether >> while visiting destinations or at home. If they cannot choose a >> service provider that is respectful of my

Re: [mailop] RNC v. Google Dispositioin

It appears that Anne Mitchell via mailop said: >I'm surprised that nobody has mentioned this here, because it was a big win >for Gmail plus has language which is applicable to any ISP. Mike Masnick at the always interesting Techdirt blog has a longer take. You can tell from the URL what he

  1   2   3   4   5   6   7   8   >