Re: [mailop] should google dns solve this?

The edns-client-subnet hack is intended for cases where the server wants to return a different result based on the IP address of the end client, rather than that of an intermediate DNS server, which sounds exactly like something the RBL software would be interested in to me... Once again, we

Re: [mailop] should google dns solve this?

Apologies if I still have misunderstood but wouldn't EDNS client subnet then work to do exactly this. It would expose the address of the requesting user to allow the free usage allowance to be assessed by the operator. No, for two reasons. One is that Google runs a cache, and the client

Re: [mailop] Possible sendmail name resolution issues triggered by hotmail.com zone change

Look closely, they're not the identical ips per MX as of the changes yesterday :) They're not exactly the same, but they're almost all the same. Each actual A record has at least three names. I understand why you'd want to do load levelling, but it's hard to imagine any sensible reason to

Re: [mailop] Possible sendmail name resolution issues triggered by hotmail.com zone change

Is this still occurring? A little birdie told me that it might be... just want to check. A quick check of the MXes show that they each have 14 A records. Not to ask annoying questions or anything, but what's the point of four MX records each pointing to the same set of IPs? It seems like a

Re: [mailop] Gmail's postmaster tools

Google's record doesn't affect SPF. Look at section 4.5 of RFC 7208, and you'll see that SPF takes all of the records returned for the TXT lookup, and only picks the one that starts with v=spf1. Other records are ignored and don't count toward the lookup limit. Except it may not fit in an

Re: [mailop] Gmail throttles anyway

If it's a mailing list, the traffic is not simply passing thru. Since the message is being modified, the signature should at the very least be deactivated. For the third time, why? The RFC says it doesn't matter. I believe it goes into the junk, but I don't believe it has anything to do

Re: [mailop] Gmail throttles anyway

If you're going to do something that will break the DKIM signature as a matter of course, You should remove the DKIM signature, and maybe re-sign it with your own. You shouldn't break the signature and then forward what was once goodmail with a now busted signature. Au contraire. You should

Re: [mailop] New method of blocking spam

What get's spammers caught is that eventually they have to sell you something Gee, did we drop through a wormhole into 1998 or something? He's missing a few somethings. Spammers might not be trying to sell you something. No kidding. The classic example is pump and dump, where they're

Re: [mailop] Gmail SRS Problem: low reputation of sending domain

There is the class of spammers who seem fine with getting as much mail as possible in the spam label, with the assumption that enough folks will check their spam label and click on the links anyways. We'd probably need to have more complicated rules of when to listen to the X-Spam header, of

Re: [mailop] Forwarding issues, was Mails to microsoft

having IMAP IDLE to everywhere... ugh, I guess. What's another million persistent connections. As the saying goes, if all you have is a hammer, everything looks like a thumb. I'd rather make forwarding more reliable. I've wanted to add an inbound gateway setting to consumer accounts,

Re: [mailop] So, about this iOS10 unsubscribe feature...

On Fri, 16 Sep 2016, valdis.kletni...@vt.edu wrote: On 16 Sep 2016 18:22:33 -, "John Levine" said: There are some issues with helpful spam filters that fetch the URLs in list-unsubscribe headers to see if they lead somewhere malicious, but they're not all that hard to deal with. For

Re: [mailop] Storing 821 envelope recipients in an 822.Header?

Legitimate eXtension headers as X- are easily filtered as "this is something you shouldn't pay attention to because it's not part of any standard". Take away the X- and you go back to the 'ok what is legitimate and what is not' situation... Oh, that's easy. They're all legitimate. If

Re: [mailop] LOUDMOUTHS WANTED!! ICANN WHOIS Replacement Work URGENT IMPORTANT ACTION NEEDED

The reality is that the vast majority of domain registrations are made by businesses with no reasonable expectation of privacy. I'm not sure if this is actually true for new registrations. Prior to launch of a web site, many businesses are eager to conceal the identity of the domain holder, to

Re: [mailop] conventional wisdom, was Google rejects a TLS connection

On Fri, 17 Mar 2017, Eric Henson wrote: As a PCI compliant company, we have to go to great lengths to secure any system that stores, processes, or transacts credit card data. If that included our email servers, that would put every single mail server, every single mail client, including smart

Re: [mailop] Many SPF failures lately

On Sat, 20 May 2017, frnk...@iname.com wrote: Are you saying that checking the box on our commercial spam filtering system’s “check SPF” feature, which quarantines messages that have SPF failures (-all), was a poor decision on my part? If it does that on a simple SPF failure with no other

Re: [mailop] Many SPF failures lately

You appear to be making the naive assumption that every SPF record is correct, or worse, that whatever the SPF record must be correct even if it's not what the system manager intended, or it doesn't describe the domain's actual mail. In reality, nearly every SPF record is wrong, because SPF's

Re: [mailop] Many SPF failures lately

On Fri, 19 May 2017, Luis E. Muñoz wrote: Well, it's not unheard of to see TOSes that contain provisions for spam/malware/illegal content filtering. Considering that from the 1st paragraph of RFC-7208 it's clear that the intent is to "authorize", I would think the shoe would fit. If I were

Re: [mailop] New sending range for MailChimp - 148.105.0.0/16

This was my bad when I sent this. I should have been more specific with the exact ranges that we are sending from: 148.105.11.0/25 148.105.12.0/24 148.105.13.0/24 148.105.14.0/25 The ranges listed above have rDNS and and actively sending. Since allocation of IPs for sending is rather

Re: [mailop] Sending mail to t-mobile.com

554 5.7.1 You are not allowed to connect. Which is probably deliberate because I'm connecting from residential cable (and I think it's listed on the DUL). The other source address is not (it's business cable). I get the 554 when connecting from consumer broadband (currently from Bavaria),

Re: [mailop] Is BitBounce for real?

This idea behind Betbounce is neither stupid nor new, and it's actually funny, because current proof of work (PoW) algorithms, including one in bitcoin,  are based on "hashcash" algorithm, and hashcash was initially developed to combat SPAM.  See https://en.wikipedia.org/wiki/Hashcash so the

Re: [mailop] Lost DMARC reports reason (Was: DKIM headers - which do you sign and why?)

2) RFC is unclear about the minimal authorization record being "v=DMARC1" or "v=DMARC1\;" The semicolon is required. I filed an erratum. See https://www.rfc-editor.org/errata/eid5440 Regards, John Levine, jo...@taugh.com, Taughannock Networks, Trumansburg NY Please consider the environment

Re: [mailop] DKIM headers - which do you sign and why?

For example, a TXT resource record at "*._report._dmarc.example.com" containing at least "v=DMARC1" confirms that example.com is willing to receive DMARC reports for any domain. That appears to be a typo in the spec. Every valid DMARC record has a semicolon after v=DMARC1 Regards, John

Re: [mailop] DKIM headers - which do you sign and why?

When you put in the missing semicolon, what happened? On Wed, 25 Jul 2018, Stefano Bagnara wrote: On Wed, 25 Jul 2018 at 21:18, John R Levine wrote: For example, a TXT resource record at "*._report._dmarc.example.com" containing at least "v=DMARC1" confirms that ex

Re: [mailop] DKIM headers - which do you sign and why?

On Tue, 24 Jul 2018, Stefano Bagnara wrote: We wrote that a long time before anyone had imagined the mess that is DMARC. Well, if it is not valid anymore then we need an update... "You" made 3 revisions between 2007 and 2011 and then stopped updating it when it really started being used? ;-)

Re: [mailop] question regarding support for international characters {dkim-fail}

The Gmail and Hotmail support handles other people's UTF-8 addresses in mail but they still don't provide UTF-8 addresses on their own systems. From what I can tell, Gmail and outlook.com's support is basically "just send UTF-8", that is, it will send EAI messages without the server offering

Re: [mailop] question regarding support for international characters {dkim-fail}

On Wed, 11 Apr 2018, Ned Freed wrote: MTAs, maybe. But your typical MTA also acts as an MSA. Mine's atypical, the MSA is a separate program that I haven't tried to fix yet. At this point I'm exchanging EAI mail with other places, using the scanning hack to decide whether to look for

Re: [mailop] question regarding support for international characters {dkim-fail}

Curious, isn't it, that the MSP EAI support we've talked about here is exclusively for other people's addresses, not for their own users? I know a few Indian providers that offer EAI addresses and I think a Chinese one. It's not surprising that the US providers don't do so, since as you note

Re: [mailop] question regarding support for international characters

We announced that it was supported back in 2014: https://googleblog.blogspot.com/2014/08/a-first-step-toward-more-global-email.html Were you referring to something else? No, I just wasn't paying attention. Oops. Regards, John Levine, jo...@taugh.com, Taughannock Networks, Trumansburg NY

Re: [mailop] Received header address information

I was specifically talking about querying a DNSBL with possible-forged IP addresses, not creating new listings or anything else. That wasn't clear. Anyway, you normally only look up the IP of the gateway host that sent the mail from their network to yours. Relays before that are often from

Re: [mailop] List of unused, big email-domains?

Tools can be used for good and bad purposes. At some level, an ESP is trusting mailing lists from their customers, and knows that some of those lists are bad, even if the customer claims the lists are on the up and up. Any "white hat" ESP is going to have various systems in place to try and

Re: [mailop] Anyone on this List with Access to Amazon SES Maillogs?

Hi, this is very odd, could you send a traceroute to those IPv6 destinations? I can confirm the servers do NOT refuse IPv6 connections. I suppose there is a transit problem from certain ISP. No, you're refusing the connections. When I connect via an IPv6 tunnel from HE you refuse the

Re: [mailop] BIMI

On Tue, 10 Dec 2019, Brandon Long wrote: I guess it depends on how small. It's also that it's kind of self limiting, in the sense that if it's expensive enough that only few do it, then it doesn't have the same perceived bad effects like it would if 99% of mail had it. I think it could be a

Re: [mailop] Gmail marking email from me as spam

It's a basic mistake to operate on whole netblocks and not individual senders. i somewhat disagree There are definitely networks that are so dirty that it's not worth accepting their mail. OVH hovers on the bad side of that line. If I were more interested in getting my mail to work than

Re: [mailop] Gmail marking email from me as spam

Just because you should by default accept mail from everyone *unless* the sender proved to be nasty/harmful/mailicious etc.? what if the look quite plausibly harmful? Right. I didn't get the message you were responding to, so I looked in the logs and see the IP is in the middle of a block

Re: [mailop] Gmail marking email from me as spam

Are they still fundamentally constrained by their choice of network provider, despite complying with every possible security and delivery behaviour to warrant and verify the content and sender of every email? Yes. Remember, nobody else cares as much about the mail you send as you do. Has the

Re: [mailop] [FEEDBACK] whose address, was Approach to dealing with List Washing services, industry feedback..

message (this time to the correct address), it will end up in the recipient's spam folder, without them knowing why. Don't do it to them. Just delete those messages, don't put them to spam. I disagree. If the sender wants eyeballs to see their emails, they need some incentive to put in place

Re: [mailop] [EXTERNAL] Strange MIME headers from Microsoft

Yeah, looking for someone to have a peek at that. Rather Strange, to say the least. I looked at the logs, there's quite a few, all seem from outlook hosted accounts. -Original Message- From: mailop On Behalf Of John Levine via mailop Sent: Friday, March 6, 2020 9:35 AM To:

Re: [mailop] [External] Re: Horrible week for email deliverability - Looking for help with RackSpace/Emailsrvr

Messages of all type but not a single feedback loop complaint.  These are definitely FPs as I disagree with your statement that a notice about COVID-19 from someone who signed up to a list would be false positives. ?? These are confirmed, opt-in customer / community lists.  Things like Fire

Re: [mailop] what is spam was Re: [External] Re: Horrible week for email deliverability - Looking for help with RackSpace/Emailsrvr

On Fri, 27 Mar 2020, Kevin A. McGrail wrote: And I take a the approach that there are implicit consent in transactions.  For example, you buy something from XYZ big box store's website.  There is a 100% implicit consent that you can receive emails about that order such as a receipt and shipping

Re: [mailop] Is Gmails DMARC check broken?

In article <947f2235-ae10-47b5-90cd-f096d5648...@wordtothewise.com> you write: Why is Google applying a strict reject when the policy is p=none? It is my understanding that Google requires all IPv6 mail to be SPF or DKIM authenticated with or without DMARC. The "aspf=s" is probably the

Re: [mailop] Rolling DKIM Key Disclosure

"Sorry, I think what you're looking for isnt useful, you're misinformed" isn't exactly a useful response when someone, especially a customer, asks for something, sadly. So what do you say when they demand 100% inbox placement and the ability to remotely delete mail they've already sent?

Re: [mailop] Rolling DKIM Key Disclosure

Hmm? SSS/TLS has never signed the content of a website. It only authenticates temporary symmetric encryption keys which are used to encrypt (not sign) the contents. Aw, come on. Web servers send a certificate at the beginning of the transaction. If I cared, it would take about 10 seconds to

Re: [mailop] Google and Spam detection

Gmail has repeatedly said that they do not accept unauthenticated mail on IPv6. And with very good reason. Consider that you can very easily have a dedicated IP address for every email message you will ever send :-) Of course. Doesn't everyone do that? Regards, John Levine,

Re: [mailop] What's the point of secondary MX servers?

I use minger to validate secondary mx with the primary for account validity, is that not common then? If the primary is up, why would anyone be sending mail to the secondary? R's, John Sent from my iPad On 17 Dec 2020, at 21:28, John Levine via mailop wrote: As we all know, MX records

Re: [mailop] What's the point of secondary MX servers?

Unfortunately, many sending clients (newsletters, announcements, etc.) do not retry if the initial delivery fails. That's impressively broken. Do you have specific examples? Back when I was tuning my greylister I found some rather strange retries, but I don't recall many senders that didn't

Re: [mailop] So how do you actually manage to send mails to outlook/hotmail?

On Mon, 12 Jul 2021, Marcus Hoffmann wrote: (Others at Hetzner seem to do fine. I really do not get the whole rating IP neighborhoods thing, but let's not get into that again. I can't change it anyway.) I can only speak for myself, but I have all of Hetzner's IPs routed into the spam trap,

Re: [mailop] Greylisting never passing on retry

On Wed, 21 Apr 2021, Peter Nicolai Mathias Hansteen wrote: SMTP was defined in the late 1970s and we didn't invent greylisting until about 2003. I don't think you can blame them for not being clairvoyant. No clairvoyance was required for taking account of greylisting in the 2008 update that

Re: [mailop] SPF prevents enabling IPv4+IPv6?

On Tue, 2 Mar 2021, Otto J. Makela wrote: Unfortunately, RFC 7208 section 4.6.4 DNS Lookup limits also states: As described at the end of Section 11.1, there may be cases where it is useful to limit the number of "terms" for which DNS queries return either a positive answer (RCODE 0) with

Re: [mailop] Spamhaus Public Mirror Error Return Code Update

On Tue, 16 Feb 2021, Alessandro Vesely wrote: rcode[*], such as FORMERR/ REFUSED, possibly followed by a more precise extended error code[†]. Except that REFUSED means something else, When Spamhaus sends REFUSED, it means you're trying to query a server than only paying customers can use,

Re: [mailop] DMARC: Anyone using pct=n with n !=0 and n !=100?

On Mon, 23 Aug 2021, A. Schulze wrote: Am 21.08.2021 um 20:30 schrieb John Levine: It appears that A. Schulze via mailop said: We review the reports once per month and inverstigate findings Depending on the current situation we plan to increase pct= If you mean the DMARC aggregate and

[mailop] Gosh I love sendgrid

Today's phish, sent directly from sendgrid to my father who has been dead since 2019. Relevant Received headers in the unlikely event anyone might want to track it down: Received: from o3.ptr4431.ordersnapp.com (o3.ptr4431.ordersnapp.com [167.89.47.140]) by mail1.iecc.com ([64.57.183.56])

Re: [mailop] how SSL works, was IMAP and SMTP in the same or separated IPs?

On Fri, 15 Oct 2021, Michael wrote: I prefer to think that the company I pay $$ to for a cert, makes enough they don't have to sell our data. Remember, each lookup against Let's Encrypt shares information, that can be resold. Sorry, but that is simply wrong. It's not how SSL works. The

Re: [mailop] WhatCounts/Costco silliness

List-Unsubscribe: List-Unsubscribe-Post: List-Unsubscribe=One-Click I don't know which fools to blame; The client Costco, or their ESP WhatCounts. Perhaps both. Definitely both. I don't work for or with WhatCounts, but I know who does, so I nudged

[mailop] Sendgrid spam of the day -- crypto.com phish

For full headers see http://spample.iecc.com/eam/23683557 R's, John -- Forwarded message -- Date: Fri, 31 Dec 2021 20:36:03 From: Crypto.com To: i...@taugh.com Subject: Case ID 23045 -Important Notice: Update Your Account [8fGHc0PkvWohUASUVORK5CYII=] Dear Valued Customer,

Re: [mailop] WhatCounts/Costco silliness

From memory, I believe ... Why are you guessing? The CAN SPAM law and the FTC's CAN SPAM rule are easy to find online. lot of mail programs now recognize List-Unsubscribe and give you an option in the frame of the message which is easier to recognize 1. But others do not Well, if you

[mailop] Privacy research spam apparently from a grad student at Princeton

I got a couple of copies of this message to addresses scraped off my websites. It was sent from AWS cloud using a recently registered domain so it's likely a phish, but "Ross Teixeira" is a real person, a grad student at Princeton. Needless to say, sending blasts of spam to scraped addresses

[mailop] Bonus sendgrid spam of the day

Same outfit, same spamtrap address, this time touting our pals at AARP. So who is https://www.ninesevenpebble.com/ ? Full spam at http://spample.iecc.com/saa/23681599 Regards, John Levine, jo...@taugh.com, Taughannock Networks, Trumansburg NY Please consider the environment before reading this

[mailop] Sendgrid spam of the day

Sent to an address that has never been real but has been getting a lot of spam recently, touting insurance via one of those fake review sites that collects affiliate fees. Full copy here: http://spample.iecc.com/sys/23681598 Regards, John Levine, jo...@taugh.com, Taughannock Networks,

Re: [mailop] Privacy research spam apparently from a grad student at Princeton

Which domain? Feel free to encode it out as need be. It was in my first message: From: Privacy Practices Registered at Namecheap, mail sent from AWS R's, John On Dec 14, 2021, at 6:49 PM, John Levine via mailop wrote: It appears that Simon Arlott via mailop said: On 14/12/2021

Re: [mailop] DMARC Reject

Remember that when you publish p=reject, you're saying your mail is very UNimportant. If there's any doubt that a message is really from you, don't deliver it, throw it away. This makes sense if you are Paypal, you're phished 24/7/365, and your mail only says "something happened, look at

Re: [mailop] m-365 still works like a spammer !

On Sat, 24 Jul 2021, Lukas Tribus wrote: See SPF-aware greylisting: https://poolp.org/posts/2019-12-01/spf-aware-greylisting-and-filter-greylist/ Interesting idea, might try it sometime, but on my small system fuzzing IPs works well enough. I do have a whitelist but I find I only need to

Re: [mailop] not a way to do abuse contacts, What am I supposed to do with abuse complaints on legit mail?

On Mon, 17 Jan 2022, Dan Mahoney wrote: It is quite simple to use RDAP to get the abuse contact email for anyone who has provided the info to their RIR. I do it all the time. The problem is that too many operators don't bother. If they don't tell the RIR, they are not likely to spend effort

Re: [mailop] Fwd: RFC 9228 on Delivered-To Email Header Field

On Thu, 14 Apr 2022, Dave Crocker wrote: Without knowing what mail software your provider is running, there is no way to tell. The benefit of an over-the-wire approach to specification writing is that all that matters is what goes... over the wire. One does not need to know the 'intent' or

Re: [mailop] Gmail says "Message bounced due to organizational settings."

I'm doing some work for arxiv.org, the preprint server at Cornell university. Many gmail users have reported that when they try to send mail to arxiv.org addresses to update their subscriptions, it fails saying Message Blocked, with the explanation "Message bounced due to organizational

Re: [mailop] DKIM by the third party

My main point is this: ESPs and other 3rd party SMTP services - should be aware that using an SPF record that validates against the provider's domain in the SMTP envelope-FROM (and not the actual client's domain) - AND ALSO - having only one DKIM record which uses the provider's domain in the

Re: [mailop] Spamhaus: Get more details about LISTING (Could a DMARC Report Address point to a spamtrap)?

On Tue, 17 May 2022, Tobias Fiebig wrote: However, judging from the state of DMARC reporting by the bounces hitting my report-from (_large_ orgs having non existent mailboxes in there etc.), I'd argue that the only thing that prevents ruf/rua that are stale for a decade is the age of RFC7489.

Re: [mailop] FTC Report on Feasibility of Creating a 'Do Not Email' List

Note that, in spite of DMARC, we still do not have per-user authentication. We have at least two flavors in PGP and S/MIME, When something exists for 30 years and has market penetration that cannot even rise to the level of being called 'meager'. /WE/ -- it, the Internet community -- does

Re: [mailop] FW: Did Google become stricter about RFC 5322?

On Fri, 15 Jul 2022, Michael Ellis wrote: The body text lines are likely more than 998 characters. They have a feature to break long lines but they didn't enable it. The headers lines will all be well below 998 characters. That's probably what's wrong. 5322 says all the lines, not just the

Re: [mailop] SMTP line wrapping breaking DKIM signatures when forwarding

On Thu, 28 Apr 2022, Dave Crocker wrote: Actually, for the current discussion, there is only a single issue: Should an intermediate relay get fussy and modify the substance of a message? That is one way to look at it, but as I said in the message you just replied to, in this case not

Re: [mailop] DMARC Stockholm syndrome, Reject vs spam folders

On Fri, 16 Sep 2022, Brandon Long wrote: For thirty years we all used mailing lists that didn't mess with the author's name or address, so you could easily reply eiher to the authors or the list (and please don't mansplain to me what Reply-To does.) That stopped working when AOL and Yahoo

Re: [mailop] warming up IPs, Microsoft?

Huh. We don't have any issues sending email to them from Linode, including a small number from one of our new IP addresses I've been trying to warm up. Linode has a bunch of different IP address blocks and I would expect recipients to block the ones that send annoying amounts of spam. That's

Re: [mailop] Mailing Lists and domains with DMARC reject

Yeah, RFC4871 was a proposed standard, RFC6376, four years later became an Internet standard. Once there was a level in between... Seems that 4 years was not enough ;-) Or we understand idea behind that RFC wrongly... Keep in mind that DMARC was invented long after SPF and DKIM. Also that

Re: [mailop] Mailing Lists and domains with DMARC reject

Yes, the idea was to prevent malicious unsubs by sending fake spam with someone else's one-click unsub. Would a MUA send a POST to a known domain if it was found on a message coming from an unknown, or anyway different domain? Maybe. It's quite common for a message to come from some company

Re: [mailop] Mailing Lists and domains with DMARC reject

Would a MUA send a POST to a known domain if it was found on a message coming from an unknown, or anyway different domain? Maybe.  It's quite common for a message to come from some company and the links to point back to the ESP. Isn't it difficult to agree on opaque tokens in that case?

Re: [mailop] Does gmail accept unicode character in From domain? I don't think so

It occurs to me that if you only have a handful of addresses with accented Latin characters, they are probably typos, not real addresses. Unless you're sending mail to south or southeast Asia, just get rid of them. On Fri, 3 Mar 2023, Alex Burch wrote: Thanks everyone. Is there any reason

Re: [mailop] Does gmail accept unicode character in From domain? I don't think so

Thanks everyone. Is there any reason not to just always use punycode for the domain and keep it pure ascii? Seems safer that way. Are there any known risks to doing that? "Always" in what context? The whole point of IDNs and EAI is so that people who don't speak English can use mail addresses

Re: [mailop] Does gmail accept unicode character in From domain? I don't think so

ww.activecampaign.com/sig/?u=aburch=1> On Fri, Mar 3, 2023 at 9:32 AM John R Levine wrote: Thanks everyone. Is there any reason not to just always use punycode for the domain and keep it pure ascii? Seems safer that way. Are there any known risks to doing that? "Always" in what context?

Re: [mailop] warming up IPs, Microsoft?

On Sun, 5 Mar 2023, Mark Fletcher wrote: Best I can tell, in our 9+ years, being hosted by Linode has never been an issue wrt deliverability, and as a hosting provider, they've been nothing but responsive and reliable. That said, they were recently bought by Akamai, and have just raised prices.

Re: [mailop] warming up IPs, Microsoft?

John R Levine wrote: I've been happy with a small provider called Tektonic. If you've never heard of them, that's a good sign. Thanks for the recommendation; unfortunately they wouldn't work for us. Their largest VM is less than half the size we would need for our databases, also they don't

Re: [mailop] warming up IPs, Microsoft?

Thanks for the recommendation; unfortunately they wouldn't work for us. Their largest VM is less than half the size we would need for our databases, also they don't appear to have an API to provision new VMs. If you need a big VM there's always AWS. They do a surprisingly good job of

Re: [mailop] Mail Sending Self-Test Platform

Still, i am a bit wondering; Looking at the data flushed in so far (and already multiple bugs filed against implementations)... there are a lot of funny milters and often unmaintained software integrated in funny docker stacks (probably preaching to the choir there, but i have a lot of grievances

Re: [mailop] Mail Sending Self-Test Platform

dmarcv1 is a typo in the description (i correctly check for DMARC1, otherwise this would have shown up earlier); ?? The actual complaint is psd=n; Lemme see if i can make the report more clear re: where it complained. Do you maybe have some context on psd=n? I can't find it in 7489. It's in

Re: [mailop] SPF behavior on email forwarding

In other words, SPF check is not something what helps with SPAM here, seems that spammers adapted to it... As far as I know, SPF was never meant as an anti-spam measure. It was most definitely touted as an anti-spam measure. Some of us were there. Absolutely. Spent time listening to Meng

Re: [mailop] push and pull, Microsoft Office365 not rejecting emails when instructed so by SPF recored?

Not really.  Partly it's that they don't want to send stuff by SMTP where a glitch could bounce the statement into some random admin's mailbox or a spam scanner might do who knows what with it.  But mostly it's that they want to train their users to use a web browser with an SSL connection to

Re: [mailop] SPF: Does include: a host without TXT entry invalidate the whole SPF entry?

If you don't care enough to publish a valid SPF record, why should we think you care whether we deliver your mail? The customer in question used an ESP to send marketing emails. That ESP told him what host to include in his SPF record. Probably some years later, that ESP changed domain and

Re: [mailop] push and pull, Microsoft Office365 not rejecting emails when instructed so by SPF recored?

On Tue, 30 May 2023, post...@sfina.com wrote: https://cr.yp.to/im2000.html You can tell from its name how long ago it was, and from the fact that you never heard of it before how successful it was. If I may respectfully encourage you to look at how you receive your online banking statements,

Re: [mailop] greylisting, SendGrid is deleting your mail

Do you have any idea how many of those would be tripped up by a Postfix-style banner delay? Good question. I've been meaning to add a greet pause but haven't yet gotten around to it. I got around to it and now do a greet pause before I greylist. Most of the hosts on the Spamhaus BLs are

Re: [mailop] address rewriting, Thoughts on envelope address local-part length limits

On Mon, 15 May 2023, Brandon Long wrote: Yes, VERP and SRS are the two most obvious cases where their design inherently doesn't work with the limit (encoding the full email address into the mailbox portion) You'd need to either get fancy with the domain portion, which has its own complications

Re: [mailop] Is forwarding to Gmail basically dead?

Frustratingly, some see DKIM as too complicated and they run their own mail servers and simply won't set it up. I agree that it's annoying to do ... but it's become pretty close to necessary these days. The users with the worst problems were my local town government who were getting mail from

Re: [mailop] dnsbl.spam.fail

I also block most mail from Hetzner's network. It's not a vendetta, it's not extortion, it's purely practical. My time is not unlimited, the vast majority of the mail from that network is spam and if a tiny bit of real mail gets lost, so be it. It is not worth my time to make exceptions in my

Re: [mailop] ECDSA DKIM validation?

On Thu, 21 Dec 2023, Mike Hillyer wrote: John Said: I'm sure that Google has code somewhere that can validate ED25519 signatures. But that does not mean that it would be a good idea for them to use that code in production today and try to update their reputation systems to deal with the dual

Re: [mailop] ECDSA DKIM validation?

On Thu 21/Dec/2023 10:37:52 +0100 John Levine via mailop wrote: Yes, your code should handle them. No, that doesn't mean you should sign with them. Yup. The question was why Gmail doesn't /verify/ ed25519 signatures. Answering that they do so because it's not necessary to use them doesn't

Re: [mailop] ECDSA DKIM validation?

On Thu, 21 Dec 2023, Stuart Henderson wrote: If you've had to talk someone not very technical through adding a DKIM RSA key to a poorly implemented web interface from some cheap DNS provider that doesn't handle long TXT records, you might feel differently. I take your point but I can only have

Re: [mailop] [E] Re: Spamfolder mini rant (Was: Contact Google Postmaster)

That’s not the only option they offer. While they might use POP3 for most accounts in the ancient “import” flow, they do support adding 3rd party accounts properly via IMAP via their Gmailify feature. Oh, OK. That only works for a handful of large providers. For my users it says too bad, POP

Re: [mailop] What is Yahoo TSS09 ?

I am moving my servers to new IP addresses, which is always fun. The new block is 192.55.226/24 which was allocated in 1989 and has never been live until this week. So here's what AOL says to innocuous messagee from my users. 553 5.7.2 [TSS09] All messages from 192.55.226.66 will be permanently

Re: [mailop] Are there other comparable services like spamcop.net / spamhaus.org?

On Wed, 3 Apr 2024, Laura Atkins wrote: They do not accept third party samples and never have. They are now. https://submit.spamhaus.org/ Huh. Nobody tells me nothin'. Regards, John Levine, jo...@taugh.com, Taughannock Networks, Trumansburg NY Please consider the environment before reading

Re: [mailop] One click unsubscribe in mailing list messages

On Sun, 25 Feb 2024, Ken O'Driscoll wrote: Outlook has supported list-unsubscribe for at least a year, if not longer. But, it's an add-on you need to proactively install so... I'm looking at the list of add-ins and I don't see it. Maybe it's Windows only and I'm on a Mac? R's, John It

Re: [mailop] (Mis)use of DKIM's length tag and it's impact on DMARC and BIMI

On Fri, 17 May 2024, Brandon Long wrote: I guess the part that's new to me is the apparent widespread (enough) use of the l= parameter. I don't recall ever noticing its use before, though can't say it was ever top of mind when looking at various headers of messages. I have to admit I'm

Re: [mailop] Line too long

On Fri, 17 May 2024, Brandon Long wrote: I don't know anyone who uses BINARYMIME. Microsoft's MTAs say they do but I've never tried to see if it works. We did some testing with it and got some really inconsistent end to end responses even from services which advertised it. The idea of

Re: [mailop] Debugging fwd issue meta.com to zoho.com (Help from user under meta.com needed)

On Wed, 5 Jun 2024, Tobias Fiebig wrote: If you're not sending SMTPUTF8 mail, the DKIM signature headers should be ASCII with no encoding needed. But if you are ending SMTPUTF8 mail, you can put UTF-8 directly in the header and it doesn't need any futher encoding either. Yeah, even more odd,

  1   2   >