Re: [mailop] Microsoft/Lindo - junked,not blocked

[Jay Hennigan via mailop]

On 1/17/22 22:52, Camille - Clean Mailbox via mailop wrote:
Maybe your IP is not blocked (as they told you in form result) but what 
about any IP range that includes your IP? If it’s an IP range ban, your 
IP is not explicitly blocked so form won’t find it in the list.


I'm pretty sure that Microsoft knows how to subnet.

--
Jay Hennigan - j...@west.net
Network Engineering - CCIE #7880
503 897-8550 - WB6RDV
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Microsoft/Lindo - junked,not blocked

[Hans-Martin Mosner via mailop]

Am 18.01.22 um 07:52 schrieb Camille - Clean Mailbox via mailop:
Maybe your IP is not blocked (as they told you in form result) but what about any IP range that includes your IP? If 
it’s an IP range ban, your IP is not explicitly blocked so form won’t find it in the list.


Not checking IP ranges would be incredibly stupid yet totally in character for 
MS.

Cheers,
Hans-Martin

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Microsoft/Lindo - junked,not blocked

[Camille - Clean Mailbox via mailop]

Maybe your IP is not blocked (as they told you in form result) but what about 
any IP range that includes your IP? If it’s an IP range ban, your IP is not 
explicitly blocked so form won’t find it in the list.

> Le 18 janv. 2022 à 01:07, John Gateley via mailop  a écrit 
> :
> 
>  Hi Alex, and thank you for responding.
> 
> I went to that form, entered the info, got the confirmation email,
> and then when I do step 3 to unblock, it says: 
> 
> The IP address in question is not currently blocked in our system. Please 
> refer to the email message you received from Microsoft and follow the steps 
> it suggests.
> 
> I had done these steps several times (with the same results) several days 
> ago, but stopped when
> the "forward" stopped getting responses.
> 
> Reading between the lines, I think the response to the forward is a standard 
> "click here"
> message without any actual investigation, and just takes you to that link.
> 
> The full error message (sorry, should have put this in before) says:
> 
> microsoft-com.mail.protection.outlook.com[104.47.54.36] said: 550 5.7.511
> Access denied, banned sender[50.116.29.164]. To request removal from this
> list please forward this message to del...@messaging.microsoft.com. For
> more information please go to
> http://go.microsoft.com/fwlink/?LinkId=526653. AS(1410)
> [DM3NAM06FT011.Eop-nam06.prod.protection.outlook.com] (in reply to RCPT TO
> command)
> 
> 
> This looks like Outlook to me, not Office 365. I will try the support ticket 
> referenced at the
> tail end of the Office 365 process.
> 
> Thanks again for the response.
> 
> John
> 
> On 1/17/22 1:32 PM, Alex Irimia via mailop wrote:
>> Hi John,
>> 
>> The error message you've referenced is related to Office365 domains, not 
>> Outlook.
>> You should be able to unblock your IP on this form: 
>> https://sender.office.com/
>> 
>> On Mon, Jan 17, 2022 at 7:56 PM John Gateley via mailop  
>> wrote:
>>> Hello,
>>> 
>>> Thanks to a helpful message from Hetzner, I signed up for Microsoft SNDS.
>>> 
>>> According to SNDS my IP address is not blocked, but is "Junked due to user 
>>> complaints or other evidence of spamming"
>>> 
>>> I still get 
>>> 550 5.7.511
>>> Access denied, banned sender[50.116.29.164]
>>> 
>>> every time I send to a Microsoft Outlook address.
>>> I forward the bounce, as instructed, get the "we will respond in 24 hours" 
>>> response, but then nothing.
>>> 
>>> My server is very small, just my wife and I, and we do not spam ever. The 
>>> "junked" is due to someone else in a close by IP address.
>>> 
>>> I don't have enough information to open a ticket, I think. Any suggestions 
>>> for a next step?
>>> 
>>> Thanks!
>>> 
>>> John
>>> ___
>>> mailop mailing list
>>> mailop@mailop.org
>>> https://list.mailop.org/listinfo/mailop
>> 
>> 
>> -- 
>> Regards,
>> Alex Irimia
>> 
>> 
>> Postmastery
>> Email Infrastructure, Analytics, DMARC and Deliverability
>> Amsterdam, NL/Paris, FR
>> T: +31 20 261 0438
>> M: +40 757 192 953
>> SKYPE: alex-irimia
>> 
>> PS: If you are happy with our service, a review on Trustpilot would be 
>> greatly appreciated. 
>> 
>> 
>> 
>> ___
>> mailop mailing list
>> mailop@mailop.org
>> https://list.mailop.org/listinfo/mailop
> 
> ___
> mailop mailing list
> mailop@mailop.org
> https://list.mailop.org/listinfo/mailop
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] [SUBJECT CHANGE] Feedback loops

[Scott Mutter via mailop]

On Mon, Jan 17, 2022 at 6:06 PM Grant Taylor via mailop 
wrote:

> Why can't automated and manual reports go to the same address?  Isn't
> that what recipient side filtering is for?  E.g. separating RFC standard
> DSNs / MDNs from human generated messages, each handled by different teams.
>
> My problem with FBLs is that I have to know to sign up for FBLs.
> Conversely, mailbox operators can probably more easily send push
> notifications to published addresses, whatever the industry accepted
> method is.
>
>
I keep going back to the AOL Feedback Loop of yesteryear.  I didn't
actually READ every message in that mailbox.  But I could run a script
through a procmail recipe to increment counts by IP that AOL was sending
back to that FBL.  So that when an IP got 10 or so messages within a
certain period it would alert me at another email address that I watched.

The abuse email address and feedback loop email address don't have to be
different.  But, for me (which may not be the same thing for everyone
else), the FBL address was just means to tally information.  Sure, I could
go back into that address and manually review the feedback reports I got
and often that was the next step after being alerted to high number of
reports for a certain IP, but it's main purpose was just to automate a
tally.

I actually like feedback loops.  To my knowledge Microsoft is the only one
that has anything any where close to what the AOL Feedback Loop was like.
But it's a hassle to sign up for it, and it either goes through periods
where it's broken or it only sends reports if X number of mailings come
into Microsoft from an IP address.  Or maybe I just have some really nice
users that always send legitimate mail to Microsoft/Hotmail/Outlook
addresses and none of our servers ever get flagged as spam (begs the
question as to why Microsoft blocks our servers from time to time though).

Gmail and Yahoo all base their feedback loops on DomainKeys or something,
it's not IP based.  I know Comcast and some of the other ReturnPath
customers have feedback loops, but traffic on those are low too.

As a responsible server administrator - I don't mind signing up for
feedback loops to help safeguard my servers.  I would think any other
responsible server administrator would feel the same way.  I just want
those feedback loops to work.  If Microsoft is going to block my server IP
claiming that we sent them spam, but I never get anything in their feedback
loop - then that's an ineffective feedback loop.  Same for Yahoo and Gmail
and really any email service provider that's going to block my server IP.

Now if others in this discussion are arguing that Microsoft/Yahoo/Gmail/etc
are sending feedback loop reports to abuse contacts listed in RDAP, RP,
rWhois, any where else - then my bone to pick is with my IP delegation
provider because they're not forwarding these on to me.  Perhaps it's just
a lack of communication and they don't know that I want to receive these -
that's a fair point.  Or perhaps there's so many different ways to define
an abuse contact address (RDAP, RP, rWhois, etc) that different service
providers look for different contact structures and the feedback reports
all end up in a gobbled mess.  If that's the case then there needs to be a
SINGLE defined way to publish a contact address that receives feedback
reports.  BUT... I just really don't think Microsoft/Yahoo/Gmail/etc are
sending feedback reports for EVERY single spam message they get back to
these RDAP, RP, rWhois abuse contacts.  But I'm a big enough man to admit
that I've been wrong before.
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] still not a good way to publish contact info, was What am I supposed to do

[Bill Cole via mailop]

On 2022-01-17 at 18:08:15 UTC-0500 (17 Jan 2022 18:08:15 -0500)
John Levine via mailop 
is rumored to have said:

Dunno about you, but where I am, if an IP does not have matching 
forward and reverse DNS, that is a very strong signal that it's not 
supposed to be hosting a server and you don't want to accept mail from 
it.


Well, yes, but Microsoft's gonna Microsoft, so what is one to do?

And yes, it is true that >95% of M365 outbounds DO have matching forward 
and reverse DNS.


--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

[mailop] [SUBJECT CHANGE] Feedback loops

[Michael Peddemors via mailop]

Yeah, maybe we should close down this thread, simply because it is a 
high volume thread among only a few list members, and been going on a 
while...


For the record, for our shared mail platform that we operate for smaller 
ISP's and Telco's, we don't get a lot of traffic to our posted abuse 
address(s) at all, in general people have give up. (We don't even get 
much spam there, spammers know it is a quick trip to getting IPs 
blacklisted)


So, while there are many companies with terrible or no abuse handlers, 
the problem maybe is now that the other way, where noone reports it.


Automation might solve that.  But we only get reports from about three 
big email providers.  The Comcast ones are kind of useless, normally not 
spam and very aged.. The Hotmail ones are handy, but in our case it is 
usually only when a person turns off their spam protection AND forwards 
it to their hotmail account.  And I think we had like one Rackspace 
report in 4 or 5 years..


Now, it 'could' be are policies and/or customer base is not conducive to 
spam activity, and a lot less compromised email accounts, than our 
peers, but I doubt that is the whole picture.


We DO get compromised accounts, but our systems and people catch it 
fast, and rate limiters stop the HUGE outbreaks that quickly used to get 
servers blacklisted, but they do happen.  Surprised that we don't get 
ANY reports of those anymore. (To abuse contacts at least)


And look at all of the people reporting abuse on Twitter now.. or using 
back channels.  It is the lack of faith in timely reaction (or any) from 
abuse departments I think that has led us to this.


I think the only way feedback loops and abuse handles will become useful 
again, is for the community to say they MUST be useful, and simply stop 
accepting email from those companies that do not have one. 
Unfortunately, IMHO that means we have to stop accepting email from some 
of the largest providers in the world.. and since I don't see that 
happening any time soon, I think we might be wasting our breathes and 
time on this issue.


Instead, the status quo will continue.. detect spam, block the sender, 
and put the onus on the remote email operator.. Or buy a commercial 
product which makes and handles that decision making decision for you.


Trouble is, that puts us on a path where only the very large survive.

Enough doom and gloom..


My suggestion? Instead of focusing on making the little guys do things 
they probably aren't going to do, and having them loose their customers 
to the 'too big to block', let's start at the top.


Let's see if we can make a system that will stop the spam from leaking 
out of the biggest operators, those that SHOULD be able to afford to do 
it right..


Until we can get Gmail to terminate/change the password on THEIR the 
spammers immediately when reported, we don't have a viable system that 
will work.


-0-

(or even better, stop them before they do, how hard is it for them to 
rate limit? ;) force the use of separate mailing lists servers for bulk 
email, if I get ONE more 'Google Top Ranking' in my spam folder I will 
scream )




On 2022-01-17 3:47 p.m., Scott Mutter via mailop wrote:
We've really taken the original topic off course.  But I feel that we 
may be taking the secondary topic off course as well.


All the talk about abuse contacts in RDAP or RP DNS - I'm not saying 
that these have merits... BUT... Is Microsoft/Yahoo/Gmail/*insert 
whatever big name email service* sending EVERY spam/abuse complaint for 
messages from the IP address to these contact addresses?


That's part of the issue - and we're kind of seeing that within this 
discussion.  There's a lot of different ways to publish an abuse 
address, so many in fact... do the entities reporting the abuse (i.e. 
Microsoft/Yahoo/Gmail) follow all of these?  An abuse contact address is 
only as good as the abuse information that's being funneled into it.  
Another words, if Microsoft is never sending anything to the Abuse 
contact in RDAP... what good does it do to have an abuse contact in RDAP?


Additionally, are all of these big name email service providers going to 
automatically send feedback to these abuse contacts for every single 
message that their users flag as spam or that their systems flags as spam?


That's where a distinction needs to be made.

I feel like the abuse contact that's being suggested in RDAP, RP, 
rWhois, etc - are all intended to be manually sent by a human, i.e. 
someone from one of these big name email service providers 
(Microsoft/Yahoo/Gmail).  And I don't really see them having humans 
tasked with manually sending out these abuse notices for every spam 
message that an IP address sends.


That's where I feel feedback loops are more automated and generally 
better equipped to notify the difference makers that can really take 
action on the spam/abuse.


An example situation would be, if Microsoft/Hotmail/Outlook is getting 
spam from one of my 

Re: [mailop] still not a good way to publish contact info, was What am I supposed to do

[Grant Taylor via mailop]

On 1/17/22 4:47 PM, Scott Mutter via mailop wrote:
Additionally, are all of these big name email service providers going to 
automatically send feedback to these abuse contacts for every single 
message that their users flag as spam or that their systems flags as spam?


I suspect that the percentage of reported / detected spam will be sent 
to -- what I'm describing as -- the chosen abuse contact.  I suspect 
that the percentage will drop as the rate of reports / detentions increases.



That's where a distinction needs to be made.


I would like to have a 100% / 1:1 report if possible.  But I'm not going 
to hold my breath for that.


I feel like the abuse contact that's being suggested in RDAP, RP, 
rWhois, etc - are all intended to be manually sent by a human, i.e. 
someone from one of these big name email service providers 
(Microsoft/Yahoo/Gmail).


Why can't automated and manual reports go to the same address?  Isn't 
that what recipient side filtering is for?  E.g. separating RFC standard 
DSNs / MDNs from human generated messages, each handled by different teams.


What's more is I feel that having different addresses for the same 
thing, dependent on automatic vs manual is going to only further 
fracture the ecosystem that we're discussing.


That's where I feel feedback loops are more automated and generally 
better equipped to notify the difference makers that can really take 
action on the spam/abuse.


My problem with FBLs is that I have to know to sign up for FBLs. 
Conversely, mailbox operators can probably more easily send push 
notifications to published addresses, whatever the industry accepted 
method is.


Or are they just deciding at some point that they've received too 
much spam from my server, that they're just going to block the IP 
address and never tell anyone that could potentially make a difference?


This is why I suspect that the reporting rate will drop as the detection 
rate goes up; thus inversely related.




--
Grant. . . .
unix || die



smime.p7s
Description: S/MIME Cryptographic Signature
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Microsoft/Lindo - junked,not blocked

[John Gateley via mailop]

Hi Alex, and thank you for responding.

I went to that form, entered the info, got the confirmation email,
and then when I do step 3 to unblock, it says:

The IP address in question is not currently blocked in our system. 
Please refer to the email message you received from Microsoft and follow 
the steps it suggests.


I had done these steps several times (with the same results) several 
days ago, but stopped when

the "forward" stopped getting responses.

Reading between the lines, I think the response to the forward is a 
standard "click here"

message without any actual investigation, and just takes you to that link.

The full error message (sorry, should have put this in before) says:

microsoft-com.mail.protection.outlook.com[104.47.54.36] said: 550 5.7.511
Access denied, banned sender[50.116.29.164]. To request removal from this
list please forward this message todel...@messaging.microsoft.com. For
more information please go to
http://go.microsoft.com/fwlink/?LinkId=526653. AS(1410)
[DM3NAM06FT011.Eop-nam06.prod.protection.outlook.com] (in reply to RCPT TO
command)



This looks like Outlook to me, not Office 365. I will try the support 
ticket referenced at the

tail end of the Office 365 process.

Thanks again for the response.

John

On 1/17/22 1:32 PM, Alex Irimia via mailop wrote:

Hi John,

The error message you've referenced is related to Office365 domains, 
not Outlook.
You should be able to unblock your IP on this form: 
https://sender.office.com/


On Mon, Jan 17, 2022 at 7:56 PM John Gateley via mailop 
 wrote:


Hello,

Thanks to a helpful message from Hetzner, I signed up for
Microsoft SNDS.

According to SNDS my IP address is not blocked, but is "Junked due
to user complaints or other evidence of spamming"

I still get

550 5.7.511
 Access denied, banned sender[50.116.29.164]

every time I send to a Microsoft Outlook address.
I forward the bounce, as instructed, get the "we will respond in
24 hours" response, but then nothing.

My server is very small, just my wife and I, and we do not spam
ever. The "junked" is due to someone else in a close by IP address.

I don't have enough information to open a ticket, I think. Any
suggestions for a next step?

Thanks!

John
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop



--
Regards,
Alex Irimia


Postmastery
*Email Infrastructure, Analytics, DMARC and Deliverability*
Amsterdam, NL/Paris, FR
T: +31 20 261 0438 
M: +40 757 192 953
SKYPE: alex-irimia

PS: If you are happy with our service, a review on Trustpilot 
 would be greatly 
appreciated.



___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] still not a good way to publish contact info, was What am I supposed to do

[Scott Mutter via mailop]

We've really taken the original topic off course.  But I feel that we may
be taking the secondary topic off course as well.

All the talk about abuse contacts in RDAP or RP DNS - I'm not saying that
these have merits... BUT... Is Microsoft/Yahoo/Gmail/*insert whatever big
name email service* sending EVERY spam/abuse complaint for messages from
the IP address to these contact addresses?

That's part of the issue - and we're kind of seeing that within this
discussion.  There's a lot of different ways to publish an abuse address,
so many in fact... do the entities reporting the abuse (i.e.
Microsoft/Yahoo/Gmail) follow all of these?  An abuse contact address is
only as good as the abuse information that's being funneled into it.
Another words, if Microsoft is never sending anything to the Abuse contact
in RDAP... what good does it do to have an abuse contact in RDAP?

Additionally, are all of these big name email service providers going to
automatically send feedback to these abuse contacts for every single
message that their users flag as spam or that their systems flags as spam?

That's where a distinction needs to be made.

I feel like the abuse contact that's being suggested in RDAP, RP, rWhois,
etc - are all intended to be manually sent by a human, i.e. someone from
one of these big name email service providers (Microsoft/Yahoo/Gmail).  And
I don't really see them having humans tasked with manually sending out
these abuse notices for every spam message that an IP address sends.

That's where I feel feedback loops are more automated and generally better
equipped to notify the difference makers that can really take action on the
spam/abuse.

An example situation would be, if Microsoft/Hotmail/Outlook is getting spam
from one of my servers - I'd very much like to know about it.  I'd very
much like to see the headers of those messages, so that I can track down
the offending account and stop it.  But I can only do that if
Microsoft/Hotmail/Outlook tells me that they are receiving spam from one of
my servers.  I can only track it down if I have some message headers to go
on.  If Microsoft/Hotmail/Outlook is not going to send me that notice and
information... then how can I be expected to stop it?  Is
Microsoft/Hotmail/Outlook sending ALL of that information/notices to the
abuse address in RDAP, RP, rWhois, etc?  Or are they just deciding at some
point that they've received too much spam from my server, that they're just
going to block the IP address and never tell anyone that could potentially
make a difference?

On Mon, Jan 17, 2022 at 5:08 PM John Levine via mailop 
wrote:

> It appears that Grant Taylor via mailop  said:
> >-=-=-=-=-=-
> >-=-=-=-=-=-
> >
> >On 1/17/22 11:49 AM, Scott Mutter via mailop wrote:
> >> Do reverse DNS entries support the TXT structure?
> >
> >I can't remember the last time I used it to say with any certainty.  But
> >would completely expect that it would.  Remember, reverse DNS is simply
> >a permutation to a forward DNS query to an ARPA subdomain.
>
> There's no technical difference between a reverse DNS zone and any
> other DNS zone.  I have an MX in mine so you can send mail to me
> at jo...@18.183.57.64.in-addr.arpa, just because I can.
>
> BUT ...
>
> See my previous message about RDAP.  If people want to publish
> contact info for their IP ranges, they can do it now in the
> RIR WHOIS.  The problem is that they don't want to.
>
> Also, in most organizations there is a great distance between the
> people who run mail servers and the people who run rDNS.  As often
> as not, the rDNS is run by an upstream network, not the operator
> themselves.  So even if it were a good idea to put RP records into
> the rDNS, which it isn't (see above) the practical obstacles would
> be huge.
>
> R's,
> John
>
> PS:
>
> >> Or an IP address has to reverse back to a hostname - put the TXT record
> >> in that DNS zone.
> >
> >I don't think it's good to /rely/ or /depend/ on PTR records resolving
> >IPs to host names.
>
> Dunno about you, but where I am, if an IP does not have matching forward
> and reverse DNS, that is a very strong signal that it's not supposed to
> be hosting a server and you don't want to accept mail from it.
> ___
> mailop mailing list
> mailop@mailop.org
> https://list.mailop.org/listinfo/mailop
>
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] still not a good way to publish contact info, was What am I supposed to do

[Grant Taylor via mailop]

On 1/17/22 4:08 PM, John Levine via mailop wrote:
See my previous message about RDAP.  If people want to publish 
contact info for their IP ranges, they can do it now in the RIR WHOIS. 
The problem is that they don't want to.


In theory, maybe.

However in my experience, many small operators who want to publish 
information to have their systems appear as proper as possible often 
can't for one reason or another.  Usually because they are small 
operators they are dependent on their provider to support RWhoIs / SWIP 
/ etc.  As such they usually /can't/ publish information even if they 
want to because of the lack of flexibility / support from their providers.


Smaller operators will likely have more success getting an RP record 
added than getting their provider to implement support for more proper 
solutions.  Granted, the RP will likely require a support ticket for the 
record to be created manually.




--
Grant. . . .
unix || die



smime.p7s
Description: S/MIME Cryptographic Signature
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] still not a good way to publish contact info, was What am I supposed to do

[John Levine via mailop]

It appears that Grant Taylor via mailop  said:
>-=-=-=-=-=-
>-=-=-=-=-=-
>
>On 1/17/22 11:49 AM, Scott Mutter via mailop wrote:
>> Do reverse DNS entries support the TXT structure?
>
>I can't remember the last time I used it to say with any certainty.  But 
>would completely expect that it would.  Remember, reverse DNS is simply 
>a permutation to a forward DNS query to an ARPA subdomain.

There's no technical difference between a reverse DNS zone and any
other DNS zone.  I have an MX in mine so you can send mail to me
at jo...@18.183.57.64.in-addr.arpa, just because I can.

BUT ...

See my previous message about RDAP.  If people want to publish
contact info for their IP ranges, they can do it now in the
RIR WHOIS.  The problem is that they don't want to.

Also, in most organizations there is a great distance between the
people who run mail servers and the people who run rDNS.  As often
as not, the rDNS is run by an upstream network, not the operator
themselves.  So even if it were a good idea to put RP records into
the rDNS, which it isn't (see above) the practical obstacles would
be huge.

R's,
John

PS:

>> Or an IP address has to reverse back to a hostname - put the TXT record 
>> in that DNS zone.
>
>I don't think it's good to /rely/ or /depend/ on PTR records resolving 
>IPs to host names.

Dunno about you, but where I am, if an IP does not have matching forward
and reverse DNS, that is a very strong signal that it's not supposed to
be hosting a server and you don't want to accept mail from it.
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Best hosting platform was Re: [EXTERNAL] Microsoft IP Filtering - sort of full details

[Bill Cole via mailop]

On 2022-01-17 at 10:12:43 UTC-0500 (Mon, 17 Jan 2022 09:12:43 -0600)
John Gateley via mailop 
is rumored to have said:

As I said in my original message, everyone talks about how Linode (or 
any platform) is terrible, but nobody makes positive suggestions.


It does rather say something about the *concept* of running a mail 
system on a "cloud" platform in general.


One broad strategy in the fight against spam has been to intentionally 
make it difficult to stand up a high-functioning mail system quickly. 
This is a direct attack on the longstanding spammer tactic of abandoning 
'burnt' domains, IPs, etc. once they get noticed by reputation services 
and switching to unsullied resources. Any service provider that allows 
new users to stand up a new VM with unrestricted outbound port 25 access 
without human oversight and gatekeeping is going to be abused and is 
going to be noticed as a source of trouble.


Running your own mail system in 2022 is not usually a smart choice. The 
providers whose network space is not broadly shunned are those who will 
cost more and will try to talk you out of running your own mail system 
on their networks.



--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Microsoft/Lindo - junked,not blocked

[Alex Irimia via mailop]

Hi John,

The error message you've referenced is related to Office365 domains, not
Outlook.
You should be able to unblock your IP on this form:
https://sender.office.com/

On Mon, Jan 17, 2022 at 7:56 PM John Gateley via mailop 
wrote:

> Hello,
>
> Thanks to a helpful message from Hetzner, I signed up for Microsoft SNDS.
>
> According to SNDS my IP address is not blocked, but is "Junked due to
> user complaints or other evidence of spamming"
>
> I still get
>
> 550 5.7.511
> Access denied, banned sender[50.116.29.164]
>
>
> every time I send to a Microsoft Outlook address.
> I forward the bounce, as instructed, get the "we will respond in 24 hours"
> response, but then nothing.
>
> My server is very small, just my wife and I, and we do not spam ever. The
> "junked" is due to someone else in a close by IP address.
>
> I don't have enough information to open a ticket, I think. Any suggestions
> for a next step?
>
> Thanks!
>
> John
> ___
> mailop mailing list
> mailop@mailop.org
> https://list.mailop.org/listinfo/mailop
>


-- 
Regards,
Alex Irimia


Postmastery
*Email Infrastructure, Analytics, DMARC and Deliverability*
Amsterdam, NL/Paris, FR
T: +31 20 261 0438
M: +40 757 192 953
SKYPE: alex-irimia

PS: If you are happy with our service, a review on Trustpilot
 would be greatly
appreciated.
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Best hosting platform was Re: [EXTERNAL] Microsoft IP Filtering - sort of full details

[Bill Cole via mailop]

On 2022-01-17 at 05:46:02 UTC-0500 (Mon, 17 Jan 2022 11:46:02 +0100)
Jaroslaw Rafa via mailop 
is rumored to have said:


So I would like to ask: is there anybody who blocks Google?


By default, on my personal system, yes.

Exemptions to that default mean that I only ever actually reject spam 
from Google machines.  The only senders there who hit the default are 
those who use spammer tactics to find addresses.


--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] What am I supposed to do with abuse complaints on legit mail?

[Grant Taylor via mailop]

On 1/17/22 11:49 AM, Scott Mutter via mailop wrote:

Do reverse DNS entries support the TXT structure?


I can't remember the last time I used it to say with any certainty.  But 
would completely expect that it would.  Remember, reverse DNS is simply 
a permutation to a forward DNS query to an ARPA subdomain.


Why not just create a special, specific TXT record for a contact 
email address?


I like John's suggestion of reviving the Responsible Person record - RFC 
1183.


 192.0.2.1 = 1.2.0.192.in-addr.arap.

1.2.0.192.in-addr.arpa. IN  RP  abuse.example.net. 
abuse-info.example.net.
2.0.192.in-addr.arpa.   IN  RP  abuse.example.net. 
abuse-info.example.net.
abuse-info.example.net.	IN	TXT	"Please contact Example's support desk at 
abuse (at) example (dot) net."


I assume that if there isn't an RP record at a given level, that the 
parent level would be able to route the abuse report to the proper child 
level contact which they would be in the position to know about.  E.g. 
no RP for 192.0.2.3 thus use the RP for 192.0.2 = 2.0.192.in-addr.arpa.


Or an IP address has to reverse back to a hostname - put the TXT record 
in that DNS zone.


I don't think it's good to /rely/ or /depend/ on PTR records resolving 
IPs to host names.  If they do, great.  But prepare for them to not do 
so, or worse, be disinformation.


Re: other comments - I'd want to avoid additional complexity for the 
time being.


I'm willing to listen to any suggestions, but I have absolutely no pull 
within the industry to make things happen.


I'm in a similar position myself.



--
Grant. . . .
unix || die



smime.p7s
Description: S/MIME Cryptographic Signature
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

[mailop] RP RRs

[Carsten Schiefner via mailop]

Thanks, John - one indeed can get smarter every day; there is still 
enough stuff out there to become aware and to learn! ;-)


 Forwarded Message 
Subject: Re: [mailop] What am I supposed to do with abuse complaints on 
legit mail?

Date: 17 Jan 2022 14:09:55 -0500
From: John Levine via mailop 
Reply-To: John Levine 
Organization: Taughannock Networks
To: mailop@mailop.org
CC: mailopl...@amssupport.info

It appears that Scott Mutter via mailop  said:

-=-=-=-=-=-
-=-=-=-=-=-

On Mon, Jan 17, 2022 at 12:06 PM Grant Taylor via mailop 
wrote:


Drive by comment:

What if we had something like an MX record published for the IP
address(es) in reverse DNS / in-addr.arpa for
... and configure those MX records to route to a mail server
of the owners / administrators of the IP (space) in question?



Do reverse DNS entries support the TXT structure?  Why not just create a
special, specific TXT record for a contact email address?


This might be a good time to review the RP DNS record.  See RFC 1183.

As far as I can tell, I am the only person in the world that still
publishes them.

R's,
John
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] What am I supposed to do with abuse complaints on legit mail?

[John Levine via mailop]

It appears that Andrew C Aitchison via mailop  said:
>A more sophistication version of
>   postmaster@(whois a.b.c.d | grep -i techemail)
>but with a cleverer grep to support current whois server variants
>and redirection to a "better" whois server ?

That's what RDAP is.  Works great for IP addresses, not so great for domain 
names.

R's,
John
-- 
Regards,
John Levine, jo...@taugh.com, Primary Perpetrator of "The Internet for Dummies",
Please consider the environment before reading this e-mail. https://jl.ly
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] not a way to do abuse contacts, What am I supposed to do with abuse complaints on legit mail?

[John R Levine via mailop]

On Mon, 17 Jan 2022, Dan Mahoney wrote:

It is quite simple to use RDAP to get the abuse contact email for
anyone who has provided the info to their RIR.  I do it all the time.
The problem is that too many operators don't bother.  If they don't
tell the RIR, they are not likely to spend effort putting extra
stuff in their rDNS.


What do you do when abuse complaints are just observably bounced or blackholed, 
and not accepting email from gma^W that provider isn't an option?


Nothing surprising.  Sometimes you can tell it's a SWIP to a customer so I 
can add the host's contact address.  Sometimes a provider just doesn't 
care but I find in those cases, they rarely send any mail my users are 
likely to want so I just send their mail to the shredder.


Regards,
John Levine, jo...@taugh.com, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail. https://jl.ly
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] not a way to do abuse contacts, What am I supposed to do with abuse complaints on legit mail?

[Dan Mahoney via mailop]

> On Jan 17, 2022, at 11:06 AM, John Levine via mailop  
> wrote:
> 
> It appears that Grant Taylor via mailop  said:
>> What if we had something like an MX record published for the IP 
>> address(es) in reverse DNS / in-addr.arpa for 
>> ... and configure those MX records to route to a mail server 
>> of the owners / administrators of the IP (space) in question?
> 
> This idea has been floated before and misses the point.
> 
> It is quite simple to use RDAP to get the abuse contact email for
> anyone who has provided the info to their RIR.  I do it all the time.
> The problem is that too many operators don't bother.  If they don't
> tell the RIR, they are not likely to spend effort putting extra
> stuff in their rDNS.

What do you do when abuse complaints are just observably bounced or blackholed, 
and not accepting email from gma^W that provider isn't an option?

-Dan
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] What am I supposed to do with abuse complaints on legit mail?

[John Levine via mailop]

It appears that Scott Mutter via mailop  said:
>-=-=-=-=-=-
>-=-=-=-=-=-
>
>On Mon, Jan 17, 2022 at 12:06 PM Grant Taylor via mailop 
>wrote:
>
>> Drive by comment:
>>
>> What if we had something like an MX record published for the IP
>> address(es) in reverse DNS / in-addr.arpa for
>> ... and configure those MX records to route to a mail server
>> of the owners / administrators of the IP (space) in question?
>>
>
>Do reverse DNS entries support the TXT structure?  Why not just create a
>special, specific TXT record for a contact email address?

This might be a good time to review the RP DNS record.  See RFC 1183.

As far as I can tell, I am the only person in the world that still
publishes them.

R's,
John
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] not a way to do abuse contacts, What am I supposed to do with abuse complaints on legit mail?

[John Levine via mailop]

It appears that Grant Taylor via mailop  said:
>What if we had something like an MX record published for the IP 
>address(es) in reverse DNS / in-addr.arpa for 
>... and configure those MX records to route to a mail server 
>of the owners / administrators of the IP (space) in question?

This idea has been floated before and misses the point.

It is quite simple to use RDAP to get the abuse contact email for
anyone who has provided the info to their RIR.  I do it all the time.
The problem is that too many operators don't bother.  If they don't
tell the RIR, they are not likely to spend effort putting extra
stuff in their rDNS.

Regards,
jo...@18.183.57.64.in-addr.arpa (try it, it works)
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] What am I supposed to do with abuse complaints on legit mail?

[Andrew C Aitchison via mailop]

On Mon, 17 Jan 2022, Grant Taylor via mailop wrote:


On 1/17/22 9:40 AM, Scott Mutter via mailop wrote:

send abuse reports to the owner of the IP address


Drive by comment:

What if we had something like an MX record published for the IP address(es) 
in reverse DNS / in-addr.arpa for ... and 
configure those MX records to route to a mail server of the owners / 
administrators of the IP (space) in question?


I naively feel like this could be done independent of and in parallel with 
the existing email infrastructure.


A more sophistication version of
postmaster@(whois a.b.c.d | grep -i techemail)
but with a cleverer grep to support current whois server variants
and redirection to a "better" whois server ?

--
Andrew C. Aitchison Kendal, UK
and...@aitchison.me.uk
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] What am I supposed to do with abuse complaints on legit mail?

[Scott Mutter via mailop]

On Mon, Jan 17, 2022 at 12:06 PM Grant Taylor via mailop 
wrote:

> Drive by comment:
>
> What if we had something like an MX record published for the IP
> address(es) in reverse DNS / in-addr.arpa for
> ... and configure those MX records to route to a mail server
> of the owners / administrators of the IP (space) in question?
>

Do reverse DNS entries support the TXT structure?  Why not just create a
special, specific TXT record for a contact email address?

Or an IP address has to reverse back to a hostname - put the TXT record in
that DNS zone.

I'd be onboard with something like that.

To perhaps extend on this topic, perhaps there should be two contacts - a
blanket abuse contact and a specific contact for feedback loops (feedback
loops being defined as when a user flags a message as spam or a
receiving server automatically flags a message as spam).  This way a
dedicated email address can be used just for feedback loops.  I would
further recommend some type of standard feedback loop form.  If information
in the feedback loops need to be tied to a specific data structure, I might
suggest sending this information in an encoded JSON format.  The point
being, feedback loops aren't necessarily reviewed by a human every time,
but instead are tabulated to measure by account/email address/IP address
where the abuse is coming from.

On the other hand of all of this, we would have to deal with all of the
spam that would be forthcoming to the email address since it would be made
publicly available.  Distinguishing between legitimate complaints coming
into that email address and the spam coming into the email address can be
difficult.  Further separating the blanket abuse contact (i.e. for when
someone needs to speak to a human concerning this IP address) and the
feedback loop address - with a standard feedback loop structure, would at
least allow me to better distinguish known spam/abuse that is being
reported to the feedback loop address.

I'm willing to listen to any suggestions, but I have absolutely no pull
within the industry to make things happen.

My hope was to just steer/open a discussion that I don't think a lot of
people realize the disconnected relationship between IP address ownership
and mail server administrators.  I'm not pretending to suggest that I have
all of the answers.  But I don't think this disconnected relationship is
fully understood throughout the industry, and especially with the large,
big name email service providers.
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] What am I supposed to do with abuse complaints on legit mail?

[Grant Taylor via mailop]

On 1/17/22 9:40 AM, Scott Mutter via mailop wrote:

send abuse reports to the owner of the IP address


Drive by comment:

What if we had something like an MX record published for the IP 
address(es) in reverse DNS / in-addr.arpa for 
... and configure those MX records to route to a mail server 
of the owners / administrators of the IP (space) in question?


I naively feel like this could be done independent of and in parallel 
with the existing email infrastructure.


It should also allow abuse reports for IPs to go (more) directly to 
parties that can do something about it, as in suspend the IP.




--
Grant. . . .
unix || die



smime.p7s
Description: S/MIME Cryptographic Signature
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Best hosting platform was Re: [EXTERNAL] Microsoft IP Filtering - sort of full details

[John Gateley via mailop]

On 1/17/22 11:47 AM, John Levine via mailop wrote:

Some of us have limited enthusiasm for providing free consulting to 
organizations
who for whatever reason don't manage their users' misbehavior.

My opinion about Linode is that it's not the worst but it's far from the best.

I use a small hosting provider called Tektonic that nobody has ever heard of
because nobody sees spam from them.  They have a fairly hard-nosed outgoing
mail policy, it all goes through "transparent" filters unless you can give
them a sensible reason to turn the filters off.



I am not really an "organization", just a long time IT person who has 
hosted my own

server for many years.

It is true I do not manage my user's behavior: my only user is my wife, 
and it would

not lead to a happy marriage if I tried to manage her behavior.

But the server only hosts the two of us, no mailing lists or other 
users. It is incredibly

small volume, and we don't bulk email anyone for any reason.

Thank you VERY much for the Tektonic recommendation.

John
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

[mailop] Microsoft/Lindo - junked,not blocked

[John Gateley via mailop]

Hello,

Thanks to a helpful message from Hetzner, I signed up for Microsoft SNDS.

According to SNDS my IP address is not blocked, but is "Junked due to 
user complaints or other evidence of spamming"


I still get

550 5.7.511
Access denied, banned sender[50.116.29.164]

every time I send to a Microsoft Outlook address.
I forward the bounce, as instructed, get the "we will respond in 24 
hours" response, but then nothing.


My server is very small, just my wife and I, and we do not spam ever. 
The "junked" is due to someone else in a close by IP address.


I don't have enough information to open a ticket, I think. Any 
suggestions for a next step?


Thanks!

John___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] What am I supposed to do with abuse complaints on legit mail?

[Michael Peddemors via mailop]

On 2022-01-17 8:40 a.m., Scott Mutter via mailop wrote:
At the same time, I understand why Mailops preaches that they send abuse 
reports to the owner of the IP address - which, again, may be several 
company levels up from the individual that actually has root to the 
server and can take more immediate action against the abuse.  I'm not 
really going to cry foul that Microsoft, Gmail, Yahoo, all the other big 
name mail services aren't actually sending the abuse reports to the 
administrators of the servers that matter.  Ideally, sure, the reports 
would go to the IP owner and that would filter down to the root 
administrator of the server.  That doesn't happen very often - if ever. 
Perhaps this is something these IP owners (i.e. vultr.com 
, Linode, etc) need to address.  Perhaps these IP 
owners need to require it so that when a customer signs up for their 
services, they have to provide an email address to forward feedback loop 
messages to for their assigned IP?


There is already a mechanism for this called 'rwhois'.  Operating an 
'rwhois' server is simple and easy, and when customers sign-up, they 
should understand that the presentation of this information is required 
for service, and that they consent.. (to satisfy GDPR ;) ...


It can easily be automated, and then contact information for the actual 
operator can be found.   This helps the hosting provider, their 
customer, and the general public.


Let's not make it complicated, or try to re-invent the wheel.  Accurate 
IP whois is part of the foundation of the internet.  And connectivity 
between networks is a privilege not a right.


So, instead of blocking Linode/Microsoft/GCloud or whomever seems to 
have a lot of bad guys on it at a particular moment, we can block or 
report to the individual operator.


Of course, there are those hosting companies (Multicom) that haven't had 
a working rwhois server for years, and dispite ARIN and other 
complainers haven't fixed it..


And if a hoster allows 'fake' information in their 'rwhois' records, or 
has a pattern of not addressing bad actors, or keeps renting out IP 
space to new bad guys, THEN you can can start tagging/flagging/reporting 
the hosting company as a whole.





--
"Catch the Magic of Linux..."

Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
A Wizard IT Company - For More Info http://www.wizard.ca
"LinuxMagic" a Registered TradeMark of Wizard Tower TechnoServices Ltd.

604-682-0300 Beautiful British Columbia, Canada

This email and any electronic data contained are confidential and intended
solely for the use of the individual or entity to which they are addressed.
Please note that any views or opinions presented in this email are solely
those of the author and are not intended to represent those of the company.
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] What am I supposed to do with abuse complaints on legit mail?

[Scott Mutter via mailop]

On Mon, Jan 17, 2022 at 5:32 AM Alessandro Vesely via mailop <
mailop@mailop.org> wrote:

> I'm not clear what you mean by "secure your own IP block".
>
> Besides, for the mxroute address you wrote from, 149.28.56.236, I find an
> abuse address of ab...@vultr.com, which looks like your ISP's.
>

This again points to some of the assumptions that people on Mailops seem to
have.  Often times, the owner of the IP (i.e. vultr.com) isn't necessarily
the administrator of the mail server sending out mail from the IP (i.e. who
has root to the server).  For us, we rent servers from various companies.
Those companies own the IP addresses (or sometimes they're renting rack
space and IP addressing in a datacenter and the ownership of the IP address
goes up another level), but they don't have root access to the server
(technically since they have actual hands in the datacenter, they could get
root to the server if they booted into single user mode).

At the same time, I understand why Mailops preaches that they send abuse
reports to the owner of the IP address - which, again, may be several
company levels up from the individual that actually has root to the server
and can take more immediate action against the abuse.  I'm not really going
to cry foul that Microsoft, Gmail, Yahoo, all the other big name mail
services aren't actually sending the abuse reports to the administrators of
the servers that matter.  Ideally, sure, the reports would go to the IP
owner and that would filter down to the root administrator of the server.
That doesn't happen very often - if ever.  Perhaps this is something these
IP owners (i.e. vultr.com, Linode, etc) need to address.  Perhaps these IP
owners need to require it so that when a customer signs up for their
services, they have to provide an email address to forward feedback loop
messages to for their assigned IP?

Whether or not if these big name mail services realize how razor thin the
connection is between IP owner and root server administrator is not
something I know, although I suspect that it's more likely they are
oblivious to this.

I might question whether those reports are actually being sent to the IP
owner in the first place, it provides plausible deniability in the event
that they unilaterally decide to block or blacklist an IP address.  Because
as I said, those notices from the IP owner rarely get filtered down to the
root server administrator.  It then becomes a closing ticket matter when
it's revealed that the person inquiring about the block (the root server
administrator) isn't the IP owner.

I still go back to the way the AOL Feedback Loop system worked in the
2000s.  I was able to stop A LOT of spam abuse on our servers when these
were reporting and being sent to AOL addresses - which often times included
many, many other email services (gmail, hotmail, yahoo, etc).  The signup
process made a ton of sense, you registered an IP address, AOL did a
reverse lookup on the IP, you had to acknowledge that you could receive
email at postmas...@reverselookupt.ld or ab...@reverselookupt.ld, and then
you were able to receive redacted messages that AOL users flagged as spam
(or maybe the system flagged as spam?) that came from that IP address.
There was no involvement in the "owner" of the IP address.

I just wish people could be a bit more open-minded when it comes to
reporting spam and abuse from mail servers.  It's like nobody wants to hear
or consider viewpoints on how email and email servers are being
administered and learn from those.  The second they see that someone isn't
managing their mail server the way THEY manage a mail server then
immediately that someone is wrong.  Why is it so hard to take feedback,
ponder on it, and maybe admit "hey! that's not a bad idea!"
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] blocked by microsoft -- support procedure?

[Hetzner Blacklist via mailop]

Am 11.01.2022 um 20:04 schrieb Mark G Thomas via mailop:

I'm not generally involved in our support issues, but a coworker at
my work (Linode) reached out to me about what looks to be a new problem
involving hosting customers being blocked by by Microsoft.
It's nice to see another representative of a webhoster brave enough to 
post on here, welcome :)


I've been dealing with blacklist issues at Hetzner for the past 6 years, 
and I've posted on here multiple times with my experiences. My first 
post was actually about Microsoft. If you check the archives you'll find 
some posts over the past few months with general information on 
Microsoft and blacklists, but I can repeat some of that here that nobody 
has mentioned yet.


Since your issue is with Microsoft, it would be good to figure out which 
of their blacklists your IPs are on. The error you posted is for the 
Office365 blacklist, while the error one of your clients posted is for 
the Outlook blacklist. Those are two separate blacklists with separate 
processes for getting IPs delisted.


If you're mostly dealing with Office365 then I can only wish you all the 
best. We've had very few issues with this blacklist, which I'm thankful 
for since there doesn't appear to be much that can be done, other than 
emailing delist@.


As for Outlook, delisting IPs is done through a form, and it works most 
of the time, though often you will need to escalate the ticket. If you 
haven't already done so, make sure you sign up your network in the 
Microsoft SNDS. That will show you all of the IPs currently on the 
Outlook blacklist. It also shows you (daily) all the IPs that sent over 
100 emails to Microsoft accounts, including how many emails, the 
complaint rate, and trap hits. Incredibly useful (and free!) information.


Some additional information on the Microsoft blacklists and services 
they provide can be found in our docs:

https://docs.hetzner.com/robot/dedicated-server/troubleshooting/microsoft-blacklist/

As for the general issue with blacklistings, depending on how 
constrained you are by management (trust me, I get it), there are a 
number of things you can look into.


For example, Spamhaus has a list of IPs on their public SBL, some of 
which go back a year:

https://www.spamhaus.org/sbl/listings/linode.com

If you haven't already done so, you can sign up for their PBL account, 
and that way you can see all of the IPs in your network that are listed 
on their various lists. Like the SNDS, this is provided for free and is 
incredibly useful.


Also, while it looks like you paid UCEPROTECT to delist all of your IPs 
last week, your entire network is back on the level 3 list, and the 
trend doesn't look positive. Thankfully though, they show you exactly 
which IPs are causing this (scroll down to the bottom and click the 
relevant link):

https://www.uceprotect.net/en/rblcheck.php?asn=63949

Finally, make sure you're signed up for as many blacklist reports 
(mainly SpamCop and SORBS) and FBLs (mainly through Validity) as 
possible. There's an interesting dicussion on here right now regarding 
how to handle FBL complaints, so it would make sense to look into that 
as well. The more information you have, the better.


I'm assuming you've already done some if not most of what I wrote, but I 
wanted to at least cover the basics.


I hope that made sense and I hope you are able to resolve the issues you 
are facing.


Regards
Bastiaan
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] What am I supposed to do with abuse complaints on legit mail?

[Grant Taylor via mailop]

On 1/17/22 4:32 AM, Alessandro Vesely via mailop wrote:
Anyway, sending mail to one party doesn't prevent sending to the other 
as well.  When I find multiple abuse addresses in RDAP, I report to all 
of them.  I think everybody else does so.


I found that the minimal MTA expansion / distribution list support 
/usually/ sufficed when the abuse@ / postmaster@ / hostmaster@ addresses 
needed to go to multiple recipients.


I was okay with clients hosting the email as long as they did forward (a 
copy of) messages to those addresses to me.  --  This is where the 
periodic testing to confirm that they were still doing this came into play.




--
Grant. . . .
unix || die



smime.p7s
Description: S/MIME Cryptographic Signature
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Best hosting platform was Re: [EXTERNAL] Microsoft IP Filtering - sort of full details

[John Gateley via mailop]

[Trimming most of the message]

On 1/16/22 9:27 PM, Aaron C. de Bruyn via mailop wrote:

The important part in that statement is "via mailop".
The mailing list accepted and re-distributed the message.
If you tried to email Noel directly, it probably wouldn't go through.
Noel isn't the only one who blocks linode.

-A

As I said in my original message, everyone talks about how Linode (or 
any platform)

is terrible, but nobody makes positive suggestions.

How about helping out, instead of just criticizing?

John
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Best hosting platform was Re: [EXTERNAL] Microsoft IP Filtering - sort of full details

[John Gateley via mailop]

Hi Noel,

Excerpting from my original message in this thread:

"I have seen on this list ... Linode is terrible...
I have never seen 'Platform X is great..'"

You have now said the first, how about contributing to the latter?

John

On 1/16/22 8:52 PM, Noel Butler via mailop wrote:


You dont send to us then :)

There are a few ranges of linode's blocked here


On 17/01/2022 12:43, Mary via mailop wrote:



I'm hosted at linode and I manage 100+ mail servers there. To be 
honest, I would highly suggest linode for mail server hosting, since 
over the past 6 years, this is the first time I encountered a problem.


No blocks, emails to gmail/hotmail/yahoo go to inbox, never being 
blocked by spamhaus and the servers are super fast. Their API is 
their selling point, since I can manage my own servers with my own 
tools (ansible in this case).


This recent incident with Microsoft is a sore spot and so far a 
unique occurrence.




On Sun, 16 Jan 2022 20:23:46 -0600 John Gateley via mailop 
 wrote:



I did misunderstand Michael's reply, but not in the manner you suggest.
He contacted kindly off list
and mentioned a huge backlog of items to be processed.

Since you bring it up, I have seen on this list several times Linode is
terrible for hosting mailservers
I have also seen that for other hosting platforms (AWS for instance).

I have never seen someone say "platform X is fantastic at hosting
mailservers".
Is there a platform that doesn't instantly provoke the response:
"Well, of course they are blocking you, you are on platform X"?

Thanks

John
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop



--

Regards,
Noel Butler

This Email, including attachments, may contain legally privileged 
information, therefore at all times remains confidential and subject 
to copyright protected under international law. You may not 
disseminate this message without the authors express written authority 
to do so.   If you are not the intended recipient, please notify the 
sender then delete all copies of this message including attachments 
immediately. Confidentiality, copyright, and legal privilege are not 
waived or lost by reason of the mistaken delivery of this message.




___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] What am I supposed to do with abuse complaints on legit mail?

[Alessandro Vesely via mailop]

On Sun 16/Jan/2022 17:29:21 +0100 Jarland Donnell via mailop wrote:
They do want to reserve it for themselves and it's not unreasonable. If you own 
IP space it is your job to ensure that it isn't abused. If you give up the 
receiving of abuse complaints and give it to your customer instead, and you 
don't receive the complaints as a result, then you won't be aware if your 
customer is violating important policies. That's a big trust relationship, and 
it's reasonable to not trust the reputation of your business to people you 
don't employ.



That contrasts with some statements upthread, such as:

On Fri 14/Jan/2022 02:11:01 +0100 Grant Taylor via mailop wrote:
I made sure that I received a copy of anything and everything that was sent to 
abuse@, postmaster@, and hostmaster@ for any of the domains that ran through my 
servers.  I *REQUIRED* it as a condition of using my servers.


On Fri 14/Jan/2022 05:24:41 +0100 Scott Mutter via mailop wrote:
You can't expect me to know that you're receiving unwanted emails from my 
server's IP if you do not tell me.



Anyway, sending mail to one party doesn't prevent sending to the other as well. 
 When I find multiple abuse addresses in RDAP, I report to all of them.  I 
think everybody else does so.


If you really want to take ownership of IP space, you will want to secure your 
own IP block. For example, in the US that is done through ARIN. ARIN was kind 
enough to give us the space that we needed to run our business, it has made 
things quite a bit simpler to manage.



I'm not clear what you mean by "secure your own IP block".

Besides, for the mxroute address you wrote from, 149.28.56.236, I find an abuse 
address of ab...@vultr.com, which looks like your ISP's.

Best
Ale
--


On 2022-01-16 05:55, Alessandro Vesely via mailop wrote:

On Fri 14/Jan/2022 06:23:56 +0100 Jay Hennigan via mailop wrote:

On 1/13/22 20:24, Scott Mutter via mailop wrote:
The issue is that big name mail service providers, like Gmail, Microsoft, 
Yahoo - do not offer a way to get effective feedback loops.


Have you done the following? This is a very basic first step.

1. Go to https://www.whois.com
2. Enter the IP address of your mail server.
3. Verify at OrgAbuseName, OrgAbusePhone, and OrgAbuseEmail point to you. If 
not, fix it so that they do. You may need to contact your ISP to have them 
SWIP your subnet to you.



I've tried it for years, there seems to be no way to get that.  Now
that I'm changing IPs (not ISP), I'm gonna try again, but I doubt I'll
get it.

And I see that several replies to abuse reports contain the phrase "We
forwarded to our customer...".  It seems like ISPs want to reserve to
themselves the burden of receiving complaints.

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Best hosting platform was Re: [EXTERNAL] Microsoft IP Filtering - sort of full details

[Jaroslaw Rafa via mailop]

Dnia 16.01.2022 o godz. 19:27:28 Aaron C. de Bruyn via mailop pisze:
> Noel isn't the only one who blocks linode.

It has been mentioned multiple times on this list that there are mail
recipients who block entire particular providers' IP space from sending mail
to them (for example Linode, AWS or OVH).

So I would like to ask: is there anybody who blocks Google?

As Gmail *is* indeed a huge source of spam and - as it has been also
mentioned multiple times on this list - they seem to don't react on spam
originating from their servers. So if you are blocking another provider who
- according to you - are a huge source of spam and don't react to spammers
on their network, then Google should be treated the same way...

So if you don't block Google, why the double standards?
-- 
Regards,
   Jaroslaw Rafa
   r...@rafa.eu.org
--
"In a million years, when kids go to school, they're gonna know: once there
was a Hushpuppy, and she lived with her daddy in the Bathtub."
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop