Re: [mailop] ECDSA DKIM validation?

[Marc Bradshaw via mailop]

It's getting better, but RSA will be with us for some years yet.

On Tue, 19 Dec 2023, at 7:03 AM, Michael W. Lucas via mailop wrote:
> Hi,
> 
> Last I checked a few years ago, validation of ECDSA DKIM keys was
> still iffy on deployed servers. Has the situation improved? Can we
> recommend ECDSA DKIM yet without ruining people's day?
> 
> Thanks,
> ==ml
> 
> -- 
> Michael W. Lucas https://mwl.io/
> author of: Absolute OpenBSD, SSH Mastery, git commit murder,
> Absolute FreeBSD, Butterfly Stomp Waltz, Forever Falls, etc...
> ### New books: DNSSEC Mastery, Letters to ed(1), $ git sync murder ###
> ___
> mailop mailing list
> mailop@mailop.org
> https://list.mailop.org/listinfo/mailop
> 

--

  Marc Bradshaw
  marcbradshaw.net

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Our experience on Gmail blacklisting our IPs range

[Marc Bradshaw via mailop]

Hi Todd,

We are seeing the same thing at Fastmail. We are putting various mitigations in 
place and some of our domains reputation has revovered but are still having 
issues with the domain reputation of a number of our domains.
Does the group have any experience/advice in how to expediate the recovery of 
domain reputations.

On Wed, 6 Apr 2022, at 6:04 AM, Todd Herr via mailop wrote:
> 
> On Tue, Apr 5, 2022 at 6:35 AM Cyril - ImprovMX via mailop 
>  wrote:
>> 
>> After a discussion with OVH about this potential issue, I discovered that 
>> the problem was worst than that. By comparing all the emails from 
>> Spamcop.net reports, I discovered that they were from a few emails, but 
>> then, they had new headers added on top. This included a new "To", "Subject" 
>> and "Date" header. An email sent 4 days ago was sent again, with an updated 
>> date. The initial "Subject" was basic things like "hello" and the new 
>> Subject added at the top was more spammy (the typical horny stuff).
>> 
>> Clearly, someone used the reputation of ImprovMX.com to deliver emails by 
>> forging them before delivery.
>> 
> 
> What you're describing sounds exactly like a DKIM replay attack.
> 
> Socketlabs, among others, have some ideas on how to mitigate such things. 
> Perhaps you might find those ideas useful - 
> https://www.socketlabs.com/blog/dkim-replay-attacks-preventive-measures-to-protect-email-deliverability/
> 
> -- 
> 
> 
> *Todd Herr *** | Technical Director, Standards and Ecosystem
> *e:* todd.h...@valimail.com
> *m:* 703.220.4153
> 
> This email and all data transmitted with it contains confidential and/or 
> proprietary information intended solely for the use of individual(s) 
> authorized to receive it. If you are not an intended and authorized recipient 
> you are hereby notified of any use, disclosure, copying or distribution of 
> the information included in this transmission is prohibited and may be 
> unlawful. Please immediately notify the sender by replying to this email and 
> then delete it from your system.
> 
> ___
> mailop mailing list
> mailop@mailop.org
> https://list.mailop.org/listinfo/mailop
> 

--

  Marc Bradshaw - Deliverability/Abuse at Fastmail
  m...@fastmailteam.com | @marcbradshaw 

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] DKIM signing with ed25519 keys - leap of faith

[Marc Bradshaw via mailop]

Good to know. It's also pretty far down my list,  but knowing adoption is 
starting may move it ever so slightly higher.

On Wed, 13 Oct 2021, at 12:22 PM, John Levine via mailop wrote:
> It appears that Slavko via mailop  said:
> >Dňa 12 Oct 2021 12:12:27 -0400 John Levine via mailop
> > napísal:
> >
> >> The perl and python DKIM modules still don't support ed25519 keys.
> >> They're on my list of things to do, but pretty far down the list.
> >
> >python's dkimpy (and its CLI tool) is able to check ed25519, but by
> >default it checks only first signature.
> >
> >I do not know in which version it was added.
> 
> I looked, you're right.  Maybe I can adapt the calculation bits into perl.
> 
> -- 
> Regards,
> John Levine, jo...@taugh.com, Primary Perpetrator of "The Internet for 
> Dummies",
> Please consider the environment before reading this e-mail. https://jl.ly
> ___
> mailop mailing list
> mailop@mailop.org
> https://list.mailop.org/listinfo/mailop
> 

--

  Marc Bradshaw - Deliverability/Abuse at FastMail
  m...@fastmailteam.com | @marcbradshaw 

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

[mailop] Spamcop

[Marc Bradshaw via mailop]

Is there anyone from Spamcop on the list?

We are seeing some strange results right how, which suggest a domain renewal 
may have gone awry for the RBL domain.

--

  Marc Bradshaw - Deliverability/Abuse at FastMail
  m...@fastmailteam.com | @marcbradshaw 

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Looking for a Charter e-mail admin

[Marc Bradshaw via mailop]

Would also like to add my name to the list looking for Charter contacts. Thus 
far the usual channels have been ineffective in dealing with deliverability 
problems to charter.

On Tue, 3 Dec 2019, at 9:58 AM, Mark Dale via mailop wrote:
> 
> We're also seeing a sudden spate of bounces with mail to stny.rr.com
> 
> A contact address Charter would be greatly appreciated.
> 
> Thanks,
> Mark Dale
> MailmanLists
> 
> 
> On 3/12/19 2:35 am, Paul Gover via mailop wrote:
> > I'm in search of someone from Charter who can help get a small ISP's
> > email servers off the blacklist for stny.rr.com. If you could reach out
> > off list, it would be much appreciated. (Email to
> > priorityescalationt...@charter.com was rejected as undeliverable.)
> > 
> > Kind regards,
> > Paul Gover, Adams Cable Service
> > 
> > 
> > ___
> > mailop mailing list
> > mailop@mailop.org
> > https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
> 
> ___
> mailop mailing list
> mailop@mailop.org
> https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
> 

--

 Marc Bradshaw - Deliverability/Abuse at FastMail
m...@fastmailteam.com | @marcbradshaw 

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Gmail marking email from me as spam

[Marc Bradshaw via mailop]

On Tue, 15 Oct 2019, at 2:35 AM, Vsevolod Stakhov via mailop wrote:
> 
> Well, the sane way to do it is to use the Public Siffix List [1].
> 

I don't often see the PSL described as a sane way to do anything, but in the 
absence of a better way it's what we have.

--

 Marc Bradshaw
marcbradshaw.net | @marcbradshaw 

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Anyone else seeing strange FastMail/Return Path FBL reports this monring?

[Marc Bradshaw via mailop]

I'm surprised at month old reports going out, there is likely little value in 
sending those. It's a public holiday here tomorrow but I'll take a look when I 
get back to the office.

On Wed, 25 Sep 2019, at 4:06 AM, Michael Peddemors via mailop wrote:
> They responded off list and addressing, looks like a back log of older 
> reports dating back more than a month, and a customer's customer who had 
> email forwarding on after all.. so our IP(s) were actually in the 
> chain.. (but back then we can't tell if they had spam protection) which 
> lead to confusing FBL reports which led it to appear as if we were 
> getting someone else's FBL Reports..
> 
> Thanks for the fast response..
> 
> -- Michael --
> 
> On 2019-09-24 9:46 a.m., Adrian Nabarro wrote:
> > Hi Michael,
> > 
> > I work at Return Path, thanks for bringing this to our attention. Hopefully 
> > we can get to the bottom of this.
> > 
> > One of my colleagues will reach out to you off list.
> > 
> > Regards,
> > Adrian
> > 
> > 
> > 
> >> On 24 Sep 2019, at 15:12, Michael Peddemors via mailop  
> >> wrote:
> >>
> >> Seeing reports dated as of Aug 31, purportedly from our IP(s), however the 
> >> attachments show obviously that the source was not from our IP(s).
> >>
> >> Headers look totally messed up, but for instance getting reports to us, 
> >> that originated from A2 Hosting through MailChannels.. back on Aug 31..
> >>
> >> Yet the report has one of our email platforms IP(s)...
> >>
> >>
> >> Reported-Domain: a2hosting.com
> >> Source: Fastmail
> >> Abuse-Type: complaint
> >> Subscription-Link: https://fbl.returnpath.net/manage/subscriptions/498763
> >> Feedback-Type: abuse
> >> User-Agent: ReturnPathFBL/2.0
> >> Original-Rcpt-To: bf94542d0fd0a131c595b4ab201f0...@bnpparibas.co.uk
> >> Source-Ip: 104.128.152.19
> >> Version: 1
> >> Arrival-Date: Sat, 31 Aug 2019 20:50:17 +
> >> Original-Mail-From: supp...@a2hosting.com
> >>
> >> headers show no transversal through our servers though..
> >>
> >>
> >>
> >>
> >> -- 
> >> "Catch the Magic of Linux..."
> >> 
> >> Michael Peddemors, President/CEO LinuxMagic Inc.
> >> Visit us at http://www.linuxmagic.com @linuxmagic
> >> A Wizard IT Company - For More Info http://www.wizard.ca
> >> "LinuxMagic" a Registered TradeMark of Wizard Tower TechnoServices Ltd.
> >> 
> >> 604-682-0300 Beautiful British Columbia, Canada
> >>
> >> This email and any electronic data contained are confidential and intended
> >> solely for the use of the individual or entity to which they are addressed.
> >> Please note that any views or opinions presented in this email are solely
> >> those of the author and are not intended to represent those of the company.
> >>
> >> ___
> >> mailop mailing list
> >> mailop@mailop.org
> >> https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
> > 
> > 
> 
> 
> 
> -- 
> "Catch the Magic of Linux..."
> 
> Michael Peddemors, President/CEO LinuxMagic Inc.
> Visit us at http://www.linuxmagic.com @linuxmagic
> A Wizard IT Company - For More Info http://www.wizard.ca
> "LinuxMagic" a Registered TradeMark of Wizard Tower TechnoServices Ltd.
> 
> 604-682-0300 Beautiful British Columbia, Canada
> 
> This email and any electronic data contained are confidential and intended
> solely for the use of the individual or entity to which they are addressed.
> Please note that any views or opinions presented in this email are solely
> those of the author and are not intended to represent those of the company.
> 
> ___
> mailop mailing list
> mailop@mailop.org
> https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
> 

--

 Marc Bradshaw - Deliverability/Abuse at FastMail
m...@fastmailteam.com | @marcbradshaw 

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

[mailop] Strange access alert for an outlook.com account

[Marc Bradshaw via mailop]

This morning I received a text and email from outlook.com regarding a test 
account I have there, this is an account we push a low volume of mail through 
to test some authentication and deliverability stats.

> We think that someone else might have accessed the Microsoft account 
> ***@outlook.com. When this happens, we require you to verify your 
> identity with a security challenge and then change your password the next 
> time you sign in.
> 

I logged in, reset the password etc. and then checked the activity log, 
everything was as expected apart from this entry.

What's odd here is that 2603:1036:301:2171::5 is allocated to Microsoft itself.

Could someone from Microsoft provide insight into what's going on here?

--

 Marc Bradshaw - Deliverability/Abuse at FastMail
m...@fastmailteam.com | @marcbradshaw 

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

[mailop] charter.net contact

[Marc Bradshaw via mailop]

Hi,

I'm looking for a contact at charter.net to talk about a deliverability issue 
we are having with forwarded mail.
If you are such a person (or know of one) could you please contact me off list 
via the fastmailteam.com address in my signature.
Thanks.

--

 Marc Bradshaw - Deliverability/Abuse at FastMail
m...@fastmailteam.com | @marcbradshaw 

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] TLS Statistics

[Marc Bradshaw via mailop]

We see similar numbers for ingress transports, around 95% tls 1.2 with 
everything else being about equal, including plain test.


- Original message -
From: Frands Bjerring Hansen 
To: "mailop@mailop.org" 
Subject: [mailop] TLS Statistics
Date: Tuesday, 18 December 2018 6:03 PM

Hi everyone 

TL;DR: GDPR requires TLS 1.2. Do you have stats of TLS delivery?

Out of curiosity I would like to know if anyone else gathers statistics on 
e-mail delivery transport encryption. So, the reason for asking this is GDPR. 
It is a requirement to use at least transport encryption when sending e-mail 
that contains personal information. Both German and Danish authorities have 
said that at least TLS 1.2 is required.

Obviously many customers have discussed this with us, as we do hosting and they 
have online shops that sell stuff from which the order confirmation could 
contain personal information (e.g. book stores selling bibles, medicinal 
companies selling medicine - etc. etc.).

Hint: Many of them wish that ESP's would allow to force TLS 1.2, and call a 
webhook if 1.2 delivery was not possible. However, it seems that most are 
either opportunistic or allow for enforced transport encryption - but does not 
allow forcing a specific version like TLS 1.2, so TLS 1 and 1.1 is also 
allowed. Which is not good enough for compliance.

Long story short, although too late, I started gathering information from our 
outbound relays and was actually surprised (and happy) to see that out of 1.5 
million e-mails: 

95.76 % delivered using TLS 1.2
2.94 % delivered using plain text
0.003 % delivered using TLS 1.1
1.27 % delivered using TLS 1.0 


I am curious if these numbers are representative of what everyone else sees as 
well? 



Med venlig hilsen/Best regards

Frands Bjerring Hansen
Linux lead, Systems Architect

Zitcom A/S

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop


--

 Marc Bradshaw
 marcbradshaw.net | @marcbradshaw 

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

[mailop] Any protonmail ops on the list?

[Marc Bradshaw via mailop]

Hi,

I'm looking for a contact at Protonmail to discuss a strange SPF result we are 
seeing, specifically in relation to a null MAIL FROM address.

Thanks.

--

 Marc Bradshaw - Deliverability/Abuse at FastMail
 m...@fastmailteam.com | @marcbradshaw 

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Admin: The list certificate

[Marc Bradshaw via mailop]

Have contacted Andy with a nudge.

- Original message -
From: Simon Lyall 
To: mailop@mailop.org
Subject: [mailop] Admin: The list certificate
Date: Sun, 28 Oct 2018 09:01:32 +1300 (NZDT)


Q: The list certificate has expired!
A: Yes I know. It expired in July, it was expired for various times before 
then. Somebody emails the admins about twice a month
Q: Why havn't you fixed it?
A: I (Simon) don't have access to the server it runs on. I just admin mailman
Q: Why hasn't Andy Fixed it?
A: I don't know. A while back a year ago or so he said that the VM it ran on 
ran out of capacity when the update script ran. I have not heard anything new.
Q: That was a year ago
A: Yep. I'll make an effort to get hold of Andy. If somebody knows him more 
directly can they please give him a nudge.
--
Simon Lyall  |  Very Busy  |  Web: http://www.simonlyall.com/
"To stay awake all night adds a day to your life" - Stilgar


_
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

--
 
  Marc Bradshaw - Deliverability/Abuse at FastMail
  m...@fastmailteam.com | @marcbradshaw[1]



Links:

  1. https://twitter.com/marcbradshaw
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

[mailop] SpamCannibal RBL

[Marc Bradshaw via mailop]

We received a bunch of noise from rbl checks against the
spamcannibal.org blacklist, the domain was briefly redirecting to
an expired domain page, and now redirects to some rather less
reputable websites.
Does anyone have a contact, or know the status of this blacklist?

--
 
  Marc Bradshaw - Deliverability/Abuse at FastMail
  m...@fastmailteam.com | @marcbradshaw[1]



Links:

  1. https://twitter.com/marcbradshaw
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

[mailop] Contact at TD Bank

[Marc Bradshaw via mailop]

Does anyone have a contact at TD Bank (td.com)? We are having some
issues with a particular address, but not others.
The usual postmaster@ channels have failed.


--
 
  Marc Bradshaw - Deliverability/Abuse at FastMail
  m...@fastmailteam.com | @marcbradshaw[1]



Links:

  1. https://twitter.com/marcbradshaw
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

[mailop] Looking for a UCEProtect contact

[Marc Bradshaw via mailop]

Hi,

Is there anybody from UCEProtect on the list, or does someone have a
contact there they could share with me off list please?
We are seeing an issue where our Ingress MX servers are appearing on the
level 1 (individual ip) list, these servers are ingress only, and do not
send mail outbound (I have triple checked that this morning).
As these have been confirmed to not be sending email I would like
to talk to someone at UCEProtect to help get an understanding of
the problem.
Thanks.

--
 
  Marc Bradshaw - Deliverability/Abuse at FastMail
  m...@fastmailteam.com | @marcbradshaw[1]



Links:

  1. https://twitter.com/marcbradshaw
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Yahoo DKIM Signing, not folding the header..

[Marc Bradshaw via mailop]

My testing shows signatures from both aol and yahoo not being folded,
but I don't really see that as a problem. Yahoo signatures used to be
folded, I guess there was an OATH related infrastructure change
recently, with as you say a change from mx.aol.com to aol.com. They have
been consistently not folded since the start of this month.
- Original message -
From: Carl Byington 
To: mailop@mailop.org
Subject: Re: [mailop] Yahoo DKIM Signing, not folding the header..
Date: Thu, 24 May 2018 15:49:00 -0700

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

On Thu, 2018-05-24 at 18:02 -0400, John Levine wrote:
> By the way, I sent myself a message from my AOL account, and it
> showed up with a DKIM signature all tidily folded.

Signatures with d=mx.aol.com seem to be wrapped.

Signatures with d=aol.com seem to be one long line.


-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.14 (GNU/Linux)

iEYEAREKAAYFAlsHQUcACgkQL6j7milTFsGKrQCgiFhruEyHK3Ye1dIjmcs8VdYh
L2EAn0g0uMzi7j8O+mkSmvHgB1uZSxxB
=NXwg
-END PGP SIGNATURE-



_
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

--
 
  Marc Bradshaw - Deliverability/Abuse at FastMail
  m...@fastmailteam.com | @marcbradshaw[1]



Links:

  1. https://twitter.com/marcbradshaw
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] [EXTERNAL] Re: Disabling TLS1.0 for SMTP

[Marc Bradshaw via mailop]

Worth collecting some data on, we collect metrics on ingress for
ciphers used and key sizes but not on tls verion, I'll add that to what
we collect.

- Original message -
From: Vittorio Bertola 
To: "Brotman, Alexander" , Rohan Sheth 
, mailop@mailop.orgSubject: Re: [mailop] [EXTERNAL] Re: 
Disabling TLS1.0 for SMTP
Date: Thu, 24 May 2018 11:17:28 +0200 (CEST)

> Il 22 maggio 2018 alle 17.41 "Brotman, Alexander"
>  ha scritto:> 
> 
> If someone is interested, we could potentially ask Binu if he has
> newer data available.  He had done a presentation on the same data at
> M3AAWG a few years ago.
It would be great to get new data from big players, and to share
information in general. For the TES project ( https://tesmail.org/ ) one
year ago we ran a scan of the top 1000 domains by web traffic, to see
which degree of transport security they offered. Among those who
actually had working email servers, we found 58% TLS 1.2, 14% TLS 1.1,
7% TLS 1.0, and 21% no TLS.
Regards,
--

Vittorio Bertola | Head of Policy & Innovation, Open-Xchange
vittorio.bert...@open-xchange.com
Office @ Via Treviso 12, 10144 Torino, Italy

_
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

--
 
  Marc Bradshaw - Deliverability/Abuse at FastMail
  m...@fastmailteam.com | @marcbradshaw[1]



Links:

  1. https://twitter.com/marcbradshaw
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] SNDS report issues?

[Marc Bradshaw via mailop]

Hi,

We have been seeing the same thing, nothing since the 16th.


- Original message -
From: Stefano Bagnara 
To: mailop 
Subject: [mailop] SNDS report issues?
Date: Sat, 19 May 2018 15:00:08 +0200

In my SNDS reports I see May 17th not clickable and May 18 works but it
isempty (No data for specified IPs on this date).
Data until May 16 is OK.

Anyone else confirm this issue?

Stefano

--
Stefano Bagnara
Apache James/jDKIM/jSPF
VOXmail/Mosaico.io/VoidLabs

_
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

--
 
  Marc Bradshaw - Deliverability/Abuse at FastMail
  m...@fastmailteam.com | @marcbradshaw[1]



Links:

  1. https://twitter.com/marcbradshaw
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Timeouts to iinet servers

[Marc Bradshaw via mailop]

Thanks for the pointer Corrado. Delivery had cleared up now but if it
happens again I'll head over to AusNOG.
On Thu, 8 Mar 2018, at 11:37 PM, Corrado Fiore wrote:
> Hi Marc,
> 
> in case you do not get any responses from the list, you might try to
> post the same question to the AusNOG list, which I am pretty sure is
> read by some iiNet folks.> 
> Best,
> Corrado Fiore
> 
> 
>> On 8 Mar 2018, at 5:50 PM, Marc Bradshaw via mailop
>> <mailop@mailop.org> wrote:>> 
>> Hi All,
>> 
>> We have been seeing timeouts and failed connects to iinet.net.au
>> (and associated sub ISPs such as adam.com.au) over the past couple
>> of hours.>> Tests have shown this isn't just from our networks, as similar
>> results have been observed from linode and digital ocean VMs.>> 
>> Is anyone else seeing similar?  Is there a representative of iinet on
>> list? or does anybody have a good contact there?>> 
>> --
>> 
>> Marc Bradshaw - Deliverability/Abuse at FastMail
>> m...@fastmailteam.com | @marcbradshaw
>> 
>> 
>> _
>> mailop mailing list
>> mailop@mailop.org
>> https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

--
 
  Marc Bradshaw - Deliverability/Abuse at FastMail
  m...@fastmailteam.com | @marcbradshaw[1]


Links:

  1. https://twitter.com/marcbradshaw
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

[mailop] Timeouts to iinet servers

[Marc Bradshaw via mailop]

Hi All,

We have been seeing timeouts and failed connects to iinet.net.au (and
associated sub ISPs such as adam.com.au) over the past couple of hours.Tests 
have shown this isn't just from our networks, as similar results
have been observed from linode and digital ocean VMs.
Is anyone else seeing similar?  Is there a representative of iinet on
list? or does anybody have a good contact there?
--
 
  Marc Bradshaw - Deliverability/Abuse at FastMail
  m...@fastmailteam.com | @marcbradshaw[1]



Links:

  1. https://twitter.com/marcbradshaw
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

[mailop] Domain classification at Barracuda

[Marc Bradshaw via mailop]

Hi All,

I'm looking for a contact at barracuda to discuss domain classification.
While not listed in the RBL, one of our domains has been classified as
'political-content' which is causing some degree of blocking at certain
institutions.
Contact via the methods listed on site have not been successful.

Is anyone from Barracuda on list, or does anyone have experience with
barracuda domain classification, or have a contact who could help.
Thanks,

--
 
  Marc Bradshaw - Deliverability/Abuse at FastMail
  m...@fastmailteam.com | @marcbradshaw[1]



Links:

  1. https://twitter.com/marcbradshaw
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] dkim bleeding-edge

[Marc Bradshaw via mailop]

Hi Jeremy,

I'm a maintainer for Mail::DKIM, so can answer that part of your
question.
As already mentioned in the CPAN ticket you opened, we are
following dcrup, and will implement the results of that, but
nothing to show as yet.
SHA-512 is an easy update, there is a branch of Mail::DKIM with that
algorithm enabled on github now which you can test against. (*hacked up
in half an hour, no interpolation testing done, don't use it in
production etc. etc.)https://github.com/marcbradshaw/mail-dkim/tree/sha512




On Sat, 9 Sep 2017, at 09:35 PM, Jeremy Harris wrote:
> Does anyone have an MTA running with DKIM rsa-sha512 support?
> 
> I need a test target for Exim development,
> and Mail::DKIM::Signer isn't there yet.
> --
> Thanks,
>   Jeremy
> 
> _
> mailop mailing list
> mailop@mailop.org
> https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

--
 
  Marc Bradshaw - Deliverability/Abuse at FastMail
  m...@fastmailteam.com | @marcbradshaw[1]



Links:

  1. https://twitter.com/marcbradshaw
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

[mailop] Contact at Naver

[Marc Bradshaw via mailop]

Hi All,

I am looking for a contact at naver.com, attempts to contact via abuse
and postmaster addresses have failed. Does anyone know a suitable person
to contact?
--
 
  Marc Bradshaw - Deliverability/Abuse at FastMail
  m...@fastmailteam.com | @marcbradshaw[1]



Links:

  1. https://twitter.com/marcbradshaw
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

[mailop] Contact at charter.com

[Marc Bradshaw via mailop]

Hi All,

I'm looking for a contact at charter.com, is there anybody on list who
is or knows of such person.Please contact off list.

Thanks.

--
 
  Marc Bradshaw - Deliverability/Abuse at FastMail
  m...@fastmailteam.com | @marcbradshaw[1]



Links:

  1. https://twitter.com/marcbradshaw
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] exacttarget vs amazon.com dmarc/dkim

[Marc Bradshaw via mailop]

I have noticed similar things going on here, spam with clearly bogus
DKIM signatures for our domains using a selector which has never been
published.  I have no clue what they are trying to achieve by this.
--
 
  Marc Bradshaw - Deliverability/Abuse at FastMail
  m...@fastmailteam.com | @marcbradshaw[1]



On Tue, 1 Aug 2017, at 04:57 AM, Laura Atkins wrote:
> The good news is: DMARC has a built in method for alerting Amazon to
> this. And if it’s widespread, then it will definitely come to their
> attention through proper channels.> 
> laura 
> 
> 
>> On Jul 31, 2017, at 9:19 AM, Carl Byington > sg.com> wrote:>> 
>> -BEGIN PGP SIGNED MESSAGE-
>> Hash: SHA512
>> 
>> Amazon.com asks that mail with header from: of amazon.com that fails>> dkim 
>> should be quarantined.
>> 
>> dig _dmarc.amazon.com txt +short
>> "v=DMARC1; p=quarantine; pct=100; rua=mailto:dmarc-
>> repo...@bounces.amazon.com; ruf=mailto:dmarc-
>> repo...@bounces.amazon.com">> 
>> 
>> ExactTarget is sending such mail with a dkim key that is not
>> published>> in DNS.
>> 
>> dig 200608._domainkey.amazon.com txt +short
>> 
>> 
>> -BEGIN PGP SIGNATURE-
>> Version: GnuPG v2.0.14 (GNU/Linux)
>> 
>> iEYEAREKAAYFAll/WH8ACgkQL6j7milTFsGp+ACfSDPqTczAz6cmdlFC+wBxFzol
>> CU0An3DbDS2x761JbF+N2W0qd93Ve+7I
>> =qLF/
>> -END PGP SIGNATURE-
>> 
>> 
>> 
>> ___
>> mailop mailing list
>> mailop@mailop.org
>> https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
> 
> 
> 
> -- 
> Having an Email Crisis?  800 823-9674 
> 
> Laura Atkins
> Word to the Wise
> la...@wordtothewise.com
> (650) 437-0741
> 
> 
> Email Delivery Blog: http://wordtothewise.com/blog
> 
> 
> 
> 
> 
> 
> _
> mailop mailing list
> mailop@mailop.org
> https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop


Links:

  1. https://twitter.com/marcbradshaw
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Anyone else email see email delays to cox.net today?

[Marc Bradshaw via mailop]

Intermittently but yes, seeing the same thing here.

--
 
  Marc Bradshaw - Deliverability/Abuse at FastMail
  m...@fastmailteam.com | @marcbradshaw[1]



On Tue, 25 Jul 2017, at 12:56 PM, frnk...@iname.com wrote:
> We saw email delivery delays to cox.net today, between 12:58 and 7:32 pm> 
> (U.S. Central).  Our email server logged the following for each of them:> 
> Site cox.net (68.6.19.3) said in response to MAIL FROM (452 4.1.0
> ESMTP server temporarily not available - Refer to Error Codes section at> 
> http://postmaster.cox.net/confluence/display/postmaster/Error+Codes for> more
> information.)"
> Site cox.net (68.1.17.3) said in response to MAIL FROM (452 4.1.0
> ESMTP server temporarily not available - Refer to Error Codes section at> 
> http://postmaster.cox.net/confluence/display/postmaster/Error+Codes for> more
> information.)"
> The web page doesn't address this specific issue (ESMTP server
> temporarily
> not available), so I assume what it says at face value.
> 
> No hints of issues on Twitter or DownDetector.
> 
> Frank
> 
> 
> _
> mailop mailing list
> mailop@mailop.org
> https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop


Links:

  1. https://twitter.com/marcbradshaw
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop