Re: [mailop] fastmail and sender score snafu

> I see that current setup might be useful in case some user changes MX > before the domain is activated at Fastmail, in which case giving 4xx > could make sense. But it is not right to report such re-tries to sender > score as attempts to deliver to non-existing users. Yes, this is why we

[mailop] Anyone from chello.nl here?

We're seeing a strange rejection message with emails containing a particular link. Can someone please contact me off list. Thanks -- Rob Mueller r...@fastmail.fm ___ mailop mailing list mailop@mailop.org

Re: [mailop] Trying to work out cause of "Certificate rejected over TLS. (unknown protocol)" error

> I'm thinking that perhaps your cert is using SHA-(256|512) and > something better than 3DES for HMAC, and therefore the remote servers > are unable to work with the certificate as they don't have access to > the required crypto. I sincerely hope this is not the case, but > perhaps you can test

Re: [mailop] Trying to work out cause of "Certificate rejected over TLS. (unknown protocol)" error

> We've suddenly had a couple of reports from users about people sending > to them (e.g. sending from a remote service to our servers) failing and > bouncing with the error message: > > Certificate rejected over TLS. (unknown protocol) Just to update with more information. So it turns out we'd

[mailop] Trying to work out cause of "Certificate rejected over TLS. (unknown protocol)" error

We've suddenly had a couple of reports from users about people sending to them (e.g. sending from a remote service to our servers) failing and bouncing with the error message: Certificate rejected over TLS. (unknown protocol) There's not much more in the error message, I haven't managed to get

[mailop] Forwarding problem to cox.net, need a contact

Hi Is there anyone from cox.net on this list? Can you please contact me off list, we're having a problem with email forward to @cox.net accounts. Thanks -- Rob Mueller r...@fastmail.fm ___ mailop mailing list mailop@mailop.org

Re: [mailop] Dealing with a DKIM replay attack and yahoo's use of DKIM domains for FBL reports

> Laura Atkins has some pretty cool ideas here: > https://wordtothewise.com/2014/05/dkim-injected-headers/ > I'd be interested to see if including those headers twice in the > signature works, so an altered or second instance of them would > fail DKIM. They didn't alter any of the headers or add

Re: [mailop] Dealing with a DKIM replay attack and yahoo's use of DKIM domains for FBL reports

> 1. Add timestamp (t=) to DKIM-Signature. It limits replay attacks in > time. Assuming the receiving side looks at it. But you probably mean the x= tag anyway to set the expiry time, the RFC explicitly says though: INFORMATIVE NOTE: The "x=" tag is not intended as an anti-

Re: [mailop] Dealing with a DKIM replay attack and yahoo's use of DKIM domains for FBL reports

> Use a different selector for each account holder, and then revoke > selectors that are abused. That's an interesting idea, but I'm not sure it'll be a big help. The reality is that the timeline between signup a new account, send one email, copy it and mass send via AWS instance could all be

[mailop] Dealing with a DKIM replay attack and yahoo's use of DKIM domains for FBL reports

Hi mailop So it appears at the moment that we're experiencing a DKIM replay attack against us. Basically some people are signing up a trial FastMail account, sending a couple of emails to a gmail account (to get them DKIM signed by us), and then copying the entire content of the email and sending

Re: [mailop] signup form abuse

> I wonder what the point is. How does the bad guy monetize it, or is it a > coordinated attack against a specific victim? What other nefarious > issues? Making the address useless or burying some other mail in the > midst of the junk would seem to be a possibility. > > If an attack against a

Re: [mailop] outlook.com bouncing emails with ISO-8859-10 charsets?

> just as an fyi, Gmail switched to sending out utf-8 (for messages we > compose) by default in 2014 and removed the feature that allowed users > to override this a year ago.  Downgrading from utf-8 to some charset > that handles a much smaller subset of characters seems mostly > unnecessary at

[mailop] outlook.com bouncing emails with ISO-8859-10 charsets?

Reported by one of our users... --- Diagnostic information for administrators: Generating server: AM4PR0601MB1986.eurprd06.prod.outlook.com ville.kiiv...@ort.fi Remote Server returned '550 5.6.0 CAT.InvalidContent.Exception: InvalidCharsetException, Character set name (ISO-8859-10) is invalid

Re: [mailop] Delivery to btinternet.com / cpcloud.co.uk

>> Ok, just to confirm, does this mean you don't recommend or recognise >> SRS rewritten MAIL FROM addresses as special in any way? > > Does anyone understand SRS?  I thought it was pretty much a dead end. IMHO everything about SPF and SRS borders on somewhere between pointless and craziness. Is

Re: [mailop] Apple, iPhone setup, attempts SSL on port 587

A client with a new iPhone (not sure what model), attempts to setup imap/smtp using starttls. As part of the setup, the iPhone apparently probes the smtp server on port 587 with an SSL handshake: Jul 29 21:31:34 ns1 sendmail[20641]: t6U4VYQL020641: rejecting commands from

[mailop] Anyone from mailchimp here?

Is anyone from mailchimp on this list? I've got some examples of issues with your sending IPs that I'd like to discuss. Please contact me off list. Thanks -- Rob Mueller r...@fastmail.fm ___ mailop mailing list mailop@mailop.org