Re: [mailop] Sendgrid again...
I’m not assuming anything. I know their mail is read and responded to. Laura Sent from my iPhone > On Jan 24, 2021, at 6:24 PM, Jay Hennigan via mailop > wrote: > > On 1/22/21 06:38, Hans-Martin Mosner via mailop wrote: > >> But forwarding an abuse address that is somewhat expected to receive >> problematic content to a service that tries to keep >> such content out of their users' mailboxes doesn't really look very >> professional, and even if it isn't technically >> Sendgrid who perform the filtering this approach has the effect of putting a >> content filter on the abuse mailbox. > > You're assuming that Sendgrid actually cares about or reads abuse complaints > in the first place. The spam is a steady flow, nothing new. In Sendgrid's > case, filtering abuse complaints through Google may well be by design. They > just as well could have used Mailinator considering the amount of attention > they give complaints of abuse. > > -- > Jay Hennigan - j...@west.net > Network Engineering - CCIE #7880 > 503 897-8550 - WB6RDV > ___ > mailop mailing list > mailop@mailop.org > https://list.mailop.org/listinfo/mailop ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] Sendgrid again...
On 1/22/21 06:38, Hans-Martin Mosner via mailop wrote: But forwarding an abuse address that is somewhat expected to receive problematic content to a service that tries to keep such content out of their users' mailboxes doesn't really look very professional, and even if it isn't technically Sendgrid who perform the filtering this approach has the effect of putting a content filter on the abuse mailbox. You're assuming that Sendgrid actually cares about or reads abuse complaints in the first place. The spam is a steady flow, nothing new. In Sendgrid's case, filtering abuse complaints through Google may well be by design. They just as well could have used Mailinator considering the amount of attention they give complaints of abuse. -- Jay Hennigan - j...@west.net Network Engineering - CCIE #7880 503 897-8550 - WB6RDV ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] Sendgrid again...
One year anniversary of phishing from SendGrid/Twilio... And the problem is SO easy to fix On 2021-01-22 6:08 a.m., Hans-Martin Mosner via mailop wrote: Well I'm not complaining about the spam from them - it's a steady flow, nothing new. But it looks like they have filters on their abuse box now to reduce the amount of abuse reports: The original message was received at Fri, 22 Jan 2021 05:45:50 -0800 from m0099904.ppops.net [127.0.0.1] - The following addresses had permanent fatal errors - (reason: 552-5.7.0 This message was blocked because its content presents a potential) - Transcript of session follows - ... while talking to aspmx.l.google.com.: DATA <<< 552-5.7.0 This message was blocked because its content presents a potential <<< 552-5.7.0 security issue. Please visit <<< 552-5.7.0 https://support.google.com/mail/?p=BlockedMessage to review our <<< 552 5.7.0 message content and attachment content guidelines. s129si9974341ybc.279 - gsmtp 554 5.0.0 Service unavailable Well of course the the contents presented a potential security issue, that's why I reported it! It was an Amazon account phishing attempt, the kind that sendgrid is spewing all the time. They could have implemented some simple filter on "Amazon" in the From: headers of mails that they send on behalf of non-Amazon customers and catch that crap before it lands in recipient's mailboxes, but apparently that's above their technology competence level. Cheers, Hans-Martin ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop -- "Catch the Magic of Linux..." Michael Peddemors, President/CEO LinuxMagic Inc. Visit us at http://www.linuxmagic.com @linuxmagic A Wizard IT Company - For More Info http://www.wizard.ca "LinuxMagic" a Registered TradeMark of Wizard Tower TechnoServices Ltd. 604-682-0300 Beautiful British Columbia, Canada This email and any electronic data contained are confidential and intended solely for the use of the individual or entity to which they are addressed. Please note that any views or opinions presented in this email are solely those of the author and are not intended to represent those of the company. ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] Sendgrid again...
Dnia 22.01.2021 o godz. 14:48:03 Gregory Heytings via mailop pisze:
>
> Actually Sendgrid uses a double filtering: the first line of the
> error report you got ("The original message was received at Fri, 22
> Jan 2021 05:45:50 -0800 from m0099904.ppops.net [127.0.0.1]") means
> that the mail has been received and processed by Proofpoint, that
> forwards it to Gmail.
That's quite common with companies that use GSuite. I know quite a few that
do that.
--
Regards,
Jaroslaw Rafa
r...@rafa.eu.org
--
"In a million years, when kids go to school, they're gonna know: once there
was a Hushpuppy, and she lived with her daddy in the Bathtub."
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
Re: [mailop] Sendgrid again...
Dnia 22.01.2021 o godz. 15:08:13 Hans-Martin Mosner via mailop pisze: >- Transcript of session follows - > ... while talking to aspmx.l.google.com.: > >>> DATA > <<< 552-5.7.0 This message was blocked because its content presents a > potential > <<< 552-5.7.0 security issue. Please visit > <<< 552-5.7.0 https://support.google.com/mail/?p=BlockedMessage to review our > <<< 552 5.7.0 message content and attachment content guidelines. > s129si9974341ybc.279 - gsmtp > 554 5.0.0 Service unavailable Well, looks like they are using Google MX-es, so they have their mail hosted on Google probably. And it looks like Google is blocking - like it usually does - potential phishing content. Strange that Sendgrid, being an email company, does not even self-host it's company email, but resorts to Google for this. Doesn't look very professional... -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there was a Hushpuppy, and she lived with her daddy in the Bathtub." ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] Sendgrid again...
> On 22 Jan 2021, at 14:38, Hans-Martin Mosner via mailop > wrote: > > Am 22.01.21 um 15:22 schrieb Andrew C Aitchison via mailop: >> >> Are you sure that it was Sendgrid that blocked the message ? >> Looks to me as if ab...@sendgrid.com is hosted at gmail and >> it was *gmail* that objected to the content ... >> >> Or am I misunderstanding something ? > > No, of course you're right. > > But forwarding an abuse address that is somewhat expected to receive > problematic content to a service that tries to keep > such content out of their users' mailboxes doesn't really look very > professional, and even if it isn't technically > Sendgrid who perform the filtering this approach has the effect of putting a > content filter on the abuse mailbox. With that being said, I’ve seen people here and elsewhere in the anti-spam space complain that they are asked to send complaints to a different subdomain. But when you’re hosting your primary domain mail on a service (which, in many cases you should for a host of reasons) then that service gets to block mail. There’s a broader discussion to be had about hosting abuse mailboxes. laura -- Having an Email Crisis? We can help! 800 823-9674 Laura Atkins Word to the Wise la...@wordtothewise.com (650) 437-0741 Email Delivery Blog: https://wordtothewise.com/blog ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] Sendgrid again...
Are you sure that it was Sendgrid that blocked the message ? Looks to
me as if ab...@sendgrid.com is hosted at gmail and it was *gmail* that
objected to the content ...
Or am I misunderstanding something ?
No, of course you're right.
But forwarding an abuse address that is somewhat expected to receive
problematic content to a service that tries to keep such content out of
their users' mailboxes doesn't really look very professional, and even
if it isn't technically Sendgrid who perform the filtering this approach
has the effect of putting a content filter on the abuse mailbox.
Actually Sendgrid uses a double filtering: the first line of the error
report you got ("The original message was received at Fri, 22 Jan 2021
05:45:50 -0800 from m0099904.ppops.net [127.0.0.1]") means that the mail
has been received and processed by Proofpoint, that forwards it to Gmail.
See also their MX records:
$ dig +short -t mx sendgrid.com
10 mxa-0023de01.gslb.pphosted.com.
10 mxb-0023de01.gslb.pphosted.com.
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
Re: [mailop] Sendgrid again...
> On 22 Jan 2021, at 14:08, Hans-Martin Mosner via mailop > wrote: > > Well I'm not complaining about the spam from them - it's a steady flow, > nothing new. > > But it looks like they have filters on their abuse box now to reduce the > amount of abuse reports: > > The original message was received at Fri, 22 Jan 2021 05:45:50 -0800 > from m0099904.ppops.net [127.0.0.1] > > - The following addresses had permanent fatal errors - > >(reason: 552-5.7.0 This message was blocked because its content presents a > potential) > > - Transcript of session follows - > ... while talking to aspmx.l.google.com.: DATA > <<< 552-5.7.0 This message was blocked because its content presents a > potential > <<< 552-5.7.0 security issue. Please visit > <<< 552-5.7.0 https://support.google.com/mail/?p=BlockedMessage to review our > <<< 552 5.7.0 message content and attachment content guidelines. > s129si9974341ybc.279 - gsmtp > 554 5.0.0 Service unavailable I honestly don’t think it was a sendgrid block, I think it was legitimately a google filter going ‘uh, no’ > Well of course the the contents presented a potential security issue, that's > why I reported it! It was an Amazon account > phishing attempt, the kind that sendgrid is spewing all the time. This is a huge problem not enough abuse desks and companies have thought about. If you run abuse@ off your primary MX and you host somewhere where you don’t have complete control of the filters then legitimate complaint mail is going to be blocked. > They could have implemented some simple filter on "Amazon" in the From: > headers of mails that they send on behalf of > non-Amazon customers and catch that crap before it lands in recipient's > mailboxes, but apparently that's above their > technology competence level. This isn’t a competency issue. This is their hosting platform refusing to deliver unsafe mail. The clue is actually the link is to a google website, not to a sendgrid one. laura -- Having an Email Crisis? We can help! 800 823-9674 Laura Atkins Word to the Wise la...@wordtothewise.com (650) 437-0741 Email Delivery Blog: https://wordtothewise.com/blog ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] Sendgrid again...
Am 22.01.21 um 15:22 schrieb Andrew C Aitchison via mailop: > > Are you sure that it was Sendgrid that blocked the message ? > Looks to me as if ab...@sendgrid.com is hosted at gmail and > it was *gmail* that objected to the content ... > > Or am I misunderstanding something ? No, of course you're right. But forwarding an abuse address that is somewhat expected to receive problematic content to a service that tries to keep such content out of their users' mailboxes doesn't really look very professional, and even if it isn't technically Sendgrid who perform the filtering this approach has the effect of putting a content filter on the abuse mailbox. Cheers, Hans-Martin ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] Sendgrid again...
Are you sure that it was Sendgrid that blocked the message ? Looks to me as if ab...@sendgrid.com is hosted at gmail and it was *gmail* that objected to the content ... Or am I misunderstanding something ? On Fri, 22 Jan 2021, Hans-Martin Mosner via mailop wrote: Well I'm not complaining about the spam from them - it's a steady flow, nothing new. But it looks like they have filters on their abuse box now to reduce the amount of abuse reports: The original message was received at Fri, 22 Jan 2021 05:45:50 -0800 from m0099904.ppops.net [127.0.0.1] - The following addresses had permanent fatal errors - (reason: 552-5.7.0 This message was blocked because its content presents a potential) - Transcript of session follows - ... while talking to aspmx.l.google.com.: DATA <<< 552-5.7.0 This message was blocked because its content presents a potential <<< 552-5.7.0 security issue. Please visit <<< 552-5.7.0 https://support.google.com/mail/?p=BlockedMessage to review our <<< 552 5.7.0 message content and attachment content guidelines. s129si9974341ybc.279 - gsmtp 554 5.0.0 Service unavailable Well of course the the contents presented a potential security issue, that's why I reported it! It was an Amazon account phishing attempt, the kind that sendgrid is spewing all the time. They could have implemented some simple filter on "Amazon" in the From: headers of mails that they send on behalf of non-Amazon customers and catch that crap before it lands in recipient's mailboxes, but apparently that's above their technology competence level. Cheers, Hans-Martin -- Andrew C. Aitchison Kendal, UK and...@aitchison.me.uk ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
