Re: [mailop] h-email.net

It appears that Jan Schaumann via mailop said: >$ host -t txt h-email.net >h-email.net descriptive text "v=spf1 ip6:fd96:1c8a:43ad::/48 -all" That's the most interestingly broken SPF record I have ever seen. All valid IPv6 global addresses start with 2 or 3. That fd96 address is a Unique Local

Re: [mailop] Mail Sending Self-Test Platform

On 2023-03-04 at 01:37 +0100, Tobias Fiebig via mailop wrote: Heho, > > On Fri, 2023-03-03 at 17:02 +0100, Ángel via mailop wrote: > > Note you could use a > for > > a refresh-every-10-seconds functionality. (meta refresh could be > > blocked as well, though) > Briefly considered that; However,

[mailop] Microsoft?

Hi All, I'm trying to warm up some new email server IP addresses, and I'm getting the following error sending to Microsoft addresses: [redacted].mail.protection.outlook.com 550 5.7.511 Access denied, banned sender[45.79.227.220]. To request removal from this list please forward this message to

Re: [mailop] h-email.net

My guess is these are spam support services, not spam sending services. They might be drop boxes or service signup boxes. I've checked the /24 and /22 around these IPs and natch, nadda in SpamCop for them Richard On 2023-03-03 6:16 p.m., Jan Schaumann via mailop wrote: Jarland Donnell via

Re: [mailop] Mail Sending Self-Test Platform

Heho, On Fri, 2023-03-03 at 17:02 +0100, Ángel via mailop wrote: > Note you could use a a refresh-every-10-seconds functionality. (meta refresh could be > blocked as well, though) Briefly considered that; However, contrary to JS (which is often ignored by screenreaders) the HTML manual put a

Re: [mailop] h-email.net

Hello Jaroslaw, $ host mail.h-email.net mail.h-email.net has address 178.62.199.248 Yes. the nature of those 'temp email services' it exactly that. I always thought temp email services are meant for receiving mail only and don't ever send anything? Serveral variations of the same. Some

Re: [mailop] h-email.net

Dnia 4.03.2023 o godz. 01:05:04 Raymond Dijkxhoorn via mailop pisze: > > >won't correlate to any particular front-end mail service. I mean > >just 100% correlation with spam in my logs, and not a small amount > >of logs either. > > >>$ host mail.h-email.net > >>mail.h-email.net has address

Re: [mailop] h-email.net

Jarland Donnell via mailop wrote: > A quick parse of my logs suggests that it's a spam-only operation, so likely > won't correlate to any particular front-end mail service. I mean just 100% > correlation with spam in my logs, and not a small amount of logs either. Interesting that e.g., Spamhaus

Re: [mailop] h-email.net

Hi! won't correlate to any particular front-end mail service. I mean just 100% correlation with spam in my logs, and not a small amount of logs either. $ host mail.h-email.net mail.h-email.net has address 178.62.199.248 Yes. the nature of those 'temp email services' it exactly that. Bye,

Re: [mailop] h-email.net

A quick parse of my logs suggests that it's a spam-only operation, so likely won't correlate to any particular front-end mail service. I mean just 100% correlation with spam in my logs, and not a small amount of logs either. On 2023-03-03 17:12, Jan Schaumann via mailop wrote: Hey, Does

Re: [mailop] h-email.net

Hello Jan, The other curious thing is that mail.h-email.net has only IPv4 addresses (in Digital Ocean and Hetzner), but h-email.net has an SPF policy that only allows IPv6 connections: $ host mail.h-email.net mail.h-email.net has address 178.62.199.248 mail.h-email.net has address

[mailop] h-email.net

Hey, Does anybody here know who h-email.net is? I see mail.h-email.net listed as the MX for a large number of domains, but can't identify the organization behind it. (Registered through Amazon, but whois privacy...) There are some indicators on the web that this might be used for disposable

Re: [mailop] Does gmail accept unicode character in From domain? I don't think so

It's the from address they're talking about, it means they can't use an EAI from address for these cases, they would need to either not send or have a fallback non-EAI address for the messages. Brandon On Fri, Mar 3, 2023 at 12:37 PM Ángel via mailop wrote: > On 2023-03-03 at 09:37 -0700, Alex

Re: [mailop] New member, trying to bring our mail server inline.

Laura Atkins via mailop skrev den 2023-03-03 18:55: The message he sent to mailop had the selector I used and is also failing DKIM. mailop.org domain does not provide any dkim signed msgs, thats on propose from them imho, but spamassassin still see my signing an claims take over from header

Re: [mailop] [EXT] - Re: New member, trying to bring our mail server inline.

Thanks Mark. I sent an email as suggested and it came back as a fail for DKIM. “I see you've included a DKIM signature. I've retrieved the public key from 1._domainkey.warwickri.gov The signature failed validation. The Auth Result is fail.” Now I am really confused. I checked what the link you

Re: [mailop] Does gmail accept unicode character in From domain? I don't think so

On 2023-03-03 at 09:37 -0700, Alex Burch via mailop wrote: > We are an ESP and we have a lot of customers who send with characters > like ü or á, usually in the local part but occasionally in the > domain. I think if we converted all from addresses to pure ascii > punycode, we'd solve our problems

Re: [mailop] New member, trying to bring our mail server inline.

On 2023-03-03 at 17:55 +, Laura Atkins via mailop wrote: > The message he sent to mailop had the selector I used and is also > failing DKIM. > > laura No, sorry. I am afraid you seem to have mistyped it. DKIM-Signature: v=1; a=rsa-sha256; d=warwickri.gov; s=1; c=relaxed/relaxed;

Re: [mailop] Mailing Lists and domains with DMARC reject

On Fri, Mar 3, 2023 at 9:21 AM Jesse Hathaway via mailop wrote: > > 1. Rewrite the RFC5322.From address to be an address from the mailing > list domain, place the original RFC5322.From address in the Reply-To > header. Sign the message with the mailing list's DKIM key. > > This is what we do.

Re: [mailop] New member, trying to bring our mail server inline.

The message he sent to mailop had the selector I used and is also failing DKIM. laura > On 3 Mar 2023, at 16:58, Mark Alley via mailop wrote: > > The selector seems to just be "1", of which the published record appears to > be valid in DNS. > >

Re: [mailop] Mailing Lists and domains with DMARC reject

Dňa 3. marca 2023 17:03:35 UTC používateľ Jesse Hathaway via mailop napísal: >2. Preserve the original DKIM signing of the message by only adding >additional headers, i.e. do not modify the subject or add a trailer >message. This one will work only if sender doesn't oversigns List-* (or any

Re: [mailop] Mail Sending Self-Test Platform

This kind of comment isn’t particularly useful as it appears to be a statement of an opinion with no explanation/justification. DNSSEC is a different PKI. Like everything, it has pros and cons. Whether it is better or worse depends on what you’re looking at. If you believe MTA-STS is superior,

Re: [mailop] Does gmail accept unicode character in From domain? I don't think so

It occurs to me that if you only have a handful of addresses with accented Latin characters, they are probably typos, not real addresses. Unless you're sending mail to south or southeast Asia, just get rid of them. On Fri, 3 Mar 2023, Alex Burch wrote: Thanks everyone. Is there any reason

[mailop] Mailing Lists and domains with DMARC reject

My understanding is that there are a couple popular approaches which Mailing Lists can take to support domains with a DMARC reject policy: 1. Rewrite the RFC5322.From address to be an address from the mailing list domain, place the original RFC5322.From address in the Reply-To header. Sign the

Re: [mailop] New member, trying to bring our mail server inline.

The selector seems to just be "1", of which the published record appears to be valid in DNS. https://tools.wordtothewise.com/dkim/check/warwickri.gov/1 DNS propagation shows the DKIM record is resolvable across the internet, so

Re: [mailop] Does gmail accept unicode character in From domain? I don't think so

We are an ESP and we have a lot of customers who send with characters like ü or á, usually in the local part but occasionally in the domain. I think if we converted all from addresses to pure ascii punycode, we'd solve our problems rather than trying to keep them unicode and rely on SMTPUTF8

Re: [mailop] Does gmail accept unicode character in From domain? I don't think so

Alex Burch via mailop skrev den 2023-03-03 17:22: If John Jetmore is here, please merge that sucker! as in posting to public maillist with big html signature ? ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop

Re: [mailop] Does gmail accept unicode character in From domain? I don't think so

We are an ESP and we have a lot of customers who send with characters like ü or á, usually in the local part but occasionally in the domain. I think if we converted all from addresses to pure ascii punycode, we'd solve our problems rather than trying to keep them unicode and rely on SMTPUTF8

Re: [mailop] Does gmail accept unicode character in From domain? I don't think so

Thanks everyone. Is there any reason not to just always use punycode for the domain and keep it pure ascii? Seems safer that way. Are there any known risks to doing that? "Always" in what context? The whole point of IDNs and EAI is so that people who don't speak English can use mail addresses

Re: [mailop] New member, trying to bring our mail server inline.

Based on the headers of the message you sent here (to mailop), you have yet to actually publish a public key in DNS. https://tools.wordtothewise.com/dkim/check/warwickri/1677852725 laura > On 3 Mar 2023, at 14:12, Salvatore Jr Walter P via mailop > wrote: > > We are in the final stages of

Re: [mailop] Does gmail accept unicode character in From domain? I don't think so

Thanks everyone. Is there any reason not to just always use punycode for the domain and keep it pure ascii? Seems safer that way. Are there any known risks to doing that? About swaks, there is an open MR to add SMTPUTF8 support: https://github.com/jetmore If John Jetmore is here, please merge

Re: [mailop] Mail Sending Self-Test Platform

On 2023-02-27 at 12:59 +0100, Tobias Fiebig via mailop wrote: > Please note that setting up the tests (as we have to configure vhosts > for some MTA-STS cases etc.) takes some time on our site. The test- > site should periodically reload and provide the status. As we use JS > for that part, please

Re: [mailop] New member, trying to bring our mail server inline.

On 2023-03-03 at 14:12 +, Salvatore Jr Walter P via mailop wrote: > We are in the final stages of migrating our exchange server from 2013 > to 2019. > I found out we had no SPF, DMARC, DKIM etc setup on our domains. > > Trying to get us setup properly and have SPF and DMARC working, DKIM >

Re: [mailop] [EXTERNAL] Re: MTA-STS and DANE, Mail Sending Self-Test Platform

Microsoft is implementing DANE five years after we completed MTA-STS, and they're still not done. That's a fair bit of time. IIRC, they implemented MTA-STS before we were done with the draft. I applaud them for deploying DANE, but for the meantime, it seems beneficial to support both (which

[mailop] New member, trying to bring our mail server inline.

We are in the final stages of migrating our exchange server from 2013 to 2019. I found out we had no SPF, DMARC, DKIM etc setup on our domains. Trying to get us setup properly and have SPF and DMARC working, DKIM is another story. Setup on the server, sent the key to our ISP for the DNS to be

Re: [mailop] Mail Sending Self-Test Platform

On 2023-03-03 at 02:58:18 UTC-0500 (Fri, 3 Mar 2023 08:58:18 +0100) Alessandro Vesely via mailop is rumored to have said: On Thu 02/Mar/2023 20:52:40 +0100 Bill Cole via mailop wrote: On 2023-03-02 at 12:53:34 UTC-0500 (Thu, 2 Mar 2023 17:53:34 + (UTC)) L. Mark Stone via mailop is

[mailop] Please support

https://www.timetotalkuk.org.uk/the-great-big-ttt-eurovision-sweepstake/ As we know at work peer2peer mental health support is important, please support if you can :) Yours BT friends Apologies in advance to list but mental health important :) Sent from my

Re: [mailop] Mail Sending Self-Test Platform

Heho, no, i at least make the assumption that the people who get themselves to implement MTA-STS (in either direction) will also have PKIX valid certs. And that group of orgs is relatively small. In contrast, you can, e.g., just enable dane for you N-thousand customers by adding records to

Re: [mailop] Mail Sending Self-Test Platform

You make the strong assumption that DNSSEC is a better PKI than WebPKI. It is not, it's significantly worse. MTA-STS *would* be inferior if DNSSEC was good, it is not good. On 02/03/2023 22:23, Tom Ivar Helbekkmo via mailop wrote: Tobias Fiebig writes: I share your sentiment. I am not a

Re: [mailop] MTA-STS and DANE, Mail Sending Self-Test Platform

Dňa 3. 3. o 10:42 Tom Ivar Helbekkmo via mailop napísal(a): John Levine via mailop writes: Google people did the largest amount of work, and they told me that they didn't (and still don't) do DNSSEC because too much stuff other places would break. Their DNS infrastructure is quite able to

Re: [mailop] MTA-STS and DANE, Mail Sending Self-Test Platform

John Levine via mailop writes: > I realize conspiracy theories are fun, but I actually talked to the > people who designed MTA-STS at the time they were developing it. I guess I was a bit harsh, and also could have made it more clear that I'm guessing at what could be the reason for such a

Re: [mailop] Mail Sending Self-Test Platform

Chris Adams via mailop writes: > Since POSIX has nothing to do with network communication protocols for > email, that's a funny hill to die on. The RFC defines the response > format, which doesn't have to be a text file on a POSIX system at all > (could be generated on the fly, could be on a

Re: [mailop] Mail Sending Self-Test Platform

On Thu 02/Mar/2023 20:52:40 +0100 Bill Cole via mailop wrote: On 2023-03-02 at 12:53:34 UTC-0500 (Thu, 2 Mar 2023 17:53:34 + (UTC)) L. Mark Stone via mailop is rumored to have said: We got a ding on our DNSSEC score, because the PTR record isn't signed. Is this really as big an issue as