> PS I’m definitely on the hate side today, having discovered that to actually
> _use_ MS’s implementation of DKIM, I may well have to shell out a 6 figure
> GBP sum. If anyone can demonstrate to me that outbound DKIM signing in
> Exchange Online Protection is possible, and working, without any
> Other than that, I'm with you, it is a fraction of a percent of signed
> mail, not common at all.
I'm with Dr Levine; I just looked at all the stuff our spamtrap system
has received in May so far (n~=8M). The exact number I came up with is
0.6%. Also, the percentage of signed mail out of all
> To give you a bit of context, we operate as an ESP, facilitating our
> customers in sending out newsletters.
If you want anybody to have an opinion on this stuff why don't you
identify yourself, the domain names and the IPs involved.
--
Atro Tossavainen, Founder, Partner
Koli-Lõks OÜ (reg.
> The SPF of molgen.mpg.de has `~all` (soft fail):
>
> $ dig txt molgen.mpg.de +short
> "v=spf1 ip4:141.14.0.0/16 ~all"
But this is irrelevant. The envelope-from of a forwarded message is
the original one - if you do not deliberately rewrite it - and in such
a case, the SPF that is
> What I found out is that the email content is searched for email
> addresses and if some hash of that email address matches, the email is
> rejected. It's the full email address. Only the domain part does not
> trigger the issue.
Yeah. To my knowledge, the idea of hash blocklists was first
On Fri, Mar 15, 2024 at 08:11:42AM +, Alexandre Dangreau via mailop wrote:
> Hello,
>
> In fact, if you need a /64 IPv6 range you probably use the wrong service. For
> VPS and Public Cloud instances (PCI) the IPv6 range is shared with all the
> VM, so each VM (VPS or PCI) have one single
> If the message is "your book is due in five days", it doesn't seem
> reasonable that legitimate addresses are going to belong to
> discontinued domains repurposed as spamtraps within that time
> period. Certainly not a lot of them.
We religiously observe the M3AAWG BCP for maintaining spamtraps
> ... but that does mean trusting 8.8.8.8 with your private secret.
From Spamhaus documentation:
"access to public mirrors requires the use of a non-public, non-shared DNS
resolver (therefore excluding services like Google Public DNS), while DQS can
use any DNS channel"
> Otherwise you need to stop using Spamhaus -- even if you sign-up,
> perhaps because of the query volume, you still must query them
> directly not via a public resolver.
This is not true.
One of the main points of DQS is that the DNS service you use no
longer matters. They don't need to block
> Hmm. How do I check that?
> Running nslookup defaults to my local resolver instance.
If it happens silently at the ISP's end, you can't check it - except
indirectly. What are the return codes that you get from your Spamhaus
Zen queries?
--
Atro Tossavainen, Chairman of the Board
Infinite Mho
On Wed, Jan 31, 2024 at 02:03:33PM +, Tarun Singh via mailop wrote:
> Hello Folks,
>
> Is there anyone from Protonmail on this distro? Can you please reach out to
> me offline?
Abuse and postmaster appear to work.
--
Atro Tossavainen, Founder, Partner
Koli-Lõks OÜ (reg. no. 12815457, VAT
On Fri, Jan 19, 2024 at 03:31:19PM +0100, hg user wrote:
> Ok sorry not "most" but "some may"...
>
> My checkpoint rep said that they get their reputation lists from other
> companies... is it wrong ?
It's possible that Check Point are just an aggregator and don't actually
have first-hand data.
> Since most RBLs exchange data,
Source?
--
Atro Tossavainen, Chairman of the Board
Infinite Mho Oy, Helsinki, Finland
tel. +358-44-5000 600, http://www.infinitemho.fi/
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
> > https://www.talosintelligence.com/reputation_center/lookup?search=66.175.222.108
> >
> Thanks for this; I wasn't familiar with Talos Intelligence. Do they publish
> a blocklist?
Paying users only. Paying users include the Finnish government's
internal outsourcing center (Valtori) and Telia
> We're an email groups service, like Google Groups. Based on evidence
> provided by Spamhaus, it appears that some groups that migrated from Yahoo
> Groups when Y! Groups shut down contained some Spamhaus spamtrap addresses.
That might be the explanation for why some of your customers' lists
On Wed, Dec 13, 2023 at 05:53:13PM -0500, John R Levine via mailop wrote:
> Phishing their own customers. I suppose in a karmic sense they
> deserve it.
>
> (No, CAUCE is not a customer.)
Neither are the resources where Koli-Lõks OÜ spamtraps received the same. :-)
--
Atro Tossavainen,
On Tue, Dec 12, 2023 at 06:22:10PM -0600, Jarland Donnell via mailop wrote:
> Hey friends,
>
> Do me a favor and search your logs for this domain:
> SIBBERTLLC.onmicrosoft.com
Three hits yesterday.
> One customer received 1,347 attempted deliveries from it so far.
> Another, 823. Still
> The residential address of the operator is a risk, because spamming is
> a criminal activity in most countries and spammers are sometimes
> organized like the mafia. They hate those lists and try to bring them
> down by all kinds of attacks. Not providing them more attack surface
> than
> Well, yeah, not really _impossible_, but I was referring to doing
> monitoring based on DNS lookups, as is normal for DNS BL.
Of course.
> Also, Domeneshop confirmed they operate spam.fail as internal list
OK. I tried tagging them on LinkedIn; it's an automatically generated
corporate page
> Inability to do external DNS lookups makes it impossible to monitor
> for presence on their list.
https://spam.fail/search?ip=127.0.0.2
--
Atro Tossavainen, Chairman of the Board
Infinite Mho Oy, Helsinki, Finland
tel. +358-44-5000 600, http://www.infinitemho.fi/
On Thu, Dec 07, 2023 at 12:44:58PM -0800, Randolf Richardson, Postmaster via
mailop wrote:
> I'm not familiar with Hertzner, but APNIC's WHOIS indicates a
> country code of ZZ for the sending IP address's netblock, which the
> ISO lists as "Unknown or unspecified country."
The descr:
On Thu, Dec 07, 2023 at 12:29:37AM +, Suresh Ramasubramanian via mailop
wrote:
> Free trial account on Microsoft 365 being relayed through Microsoft 365
> outbounds by a Hetzner IP
As Suresh says.
I've got a copy too. Nothing unusual in it, it definitely came through
M365 infrastructure.
On Wed, Nov 22, 2023 at 04:25:36PM +0200, Otto J. Makela via mailop wrote:
> Can someone shed light on a Microsoft/Outlook block list? Our hobby server
> (on upcloud.com) seem to have been blocked for quite some time now.
I have no idea why, but given that upcloud.com spammed my company to
try to
If you want any real action from Cloudflare, you have to jump through the
hoop of filling in the web based abuse form. It sucks but only you can
decide whether it's worth your time and effort.
--
Atro Tossavainen, Founder, Partner
Koli-Lõks OÜ (reg. no. 12815457, VAT ID EE101811635)
Tallinn,
> 2a01:111:f403:2e1b::800 sent about 50 Spam Mails in October! Either to
> Spam-Taps or being reported by our customers.
50 in a month and you're worried? :-)
We get between 5000 to 9000 a day
yes, a day
from Microsoft outbounds to our spamtrap collection. About one thousand
of those are fake
> They're a legit Google customer. What's there to marvel at?
https://developers.google.com/gmail/api/guides <- have a look.
--
Atro Tossavainen, Founder, Partner
Koli-Lõks OÜ (reg. no. 12815457, VAT ID EE101811635)
Tallinn, Estonia
tel. +372-5883-4269, https://www.koliloks.eu/
On Thu, Oct 26, 2023 at 10:07:30AM -0700, Michael Peddemors via mailop wrote:
> Not to be 'snide' Atro, but that part is pretty obvious..
You would have thought so - I would have thought so too. Which is
why I reacted that way to your asking about it.
> It was the technical details I was
> Maybe Brandon can weigh in on or off list, but is there a a way for
> spammers to simply relay out Gmail servers if they are Google Cloud?
$ host -t txt sredplus.com
sredplus.com descriptive text
"google-site-verification=gyoD4DWS9XSrAmz9s5Pc9OBLvvowksBJtB0Oi-DAlsQ"
sredplus.com descriptive
> Does anyone know, why Amazon is not using their customer's domain as
> envelope sender?
It appears that customers can decide to do it.
> The Username part looks like a completely new random string on every
> email sent. Or is there a way to match one specific Amazon SES customer?
Parts of it
> Might be convinced with this if it weren't for gmail being the source of
> ~40% of the spam we receive.
And that's after all of the botnets and so on have been blocked
through the use of DNSBLs, I suppose?
Mail subject lines seen in our test/dev spamtraps from Google outbounds
over the past
> I'm sure I've had a long explanation on here in the past year, but the
> short answer is if the message is not DKIM valid and you're forwarding, you
> should rewrite
> the MAIL FROM to a domain you own that will SPF authn the message... and
> try not to forward spam.
That's not how forwarding
On Fri, May 12, 2023 at 08:29:07PM +, Mike Hillyer via mailop wrote:
> Anyone have a contact? I have someone with an accountant.com address trying
> to run a check scam on me.
>
> Mike Hillyer
They're represented on this list and have picked up not too long ago.
--
Atro Tossavainen,
> I think we have to disagree here. The PTR naming is set via
> SendGrid. It doesn't NEED to be the same as the A record. This is
> for those MTA's that do forward/reverse matching, which isn't always
> successful.
>
> Yes, doing that for a IPv6 email address to satisfy Google, go ahead.
>
>
> Understood. We plan to change the setup over the summer but until then we
> have to work with what we have. When we change we will probably set up our
> own postfix server for mail handling.
As far as I can tell it's about a two hour job to do the latter.
> I should have added that our
> We are mailing from our own CRM system but using Ionos (1and1.com) as our
> mail service.
You're setting yourselves up to fail by mailing out of a server shared
by thousands of other customers. The error messages you quote testify
to that. Don't do it.
--
Atro Tossavainen, Chairman of the
On Tue, May 02, 2023 at 10:11:46PM -0400, John Levine via mailop wrote:
> It appears that Michael Peddemors via mailop said:
> >Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.120.41.1.2\))
>
> I sent a message to myself from
>
> Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.500.231\))
>
>
On Mon, Apr 24, 2023 at 10:44:47AM +0200, Jasper Spaans via mailop wrote:
> Hello,
>
> We're seeing quite some postfix PREGREET errors in incoming smtp
> traffic from hosts claiming to be emailage.com (by lexisnexis). Does
> anyone know whether this is just a dressed up list washing service,
> or
> One of our brand's domain has been listed on the Invaluement ivmURI RBL.
The operator is present here on Mailop. They should be waking up
soonish - I can't remember where they are but there's a chance they're
on the west coast and that would mean it's soon 5 am there.
--
Atro Tossavainen,
> I believe it, but the more relevant question is what fraction that is of the
> total
> mail they send. I see way more real mail than spam from them.
I can only speak to the mail we see. I am sure all of the entities
that are sending to our spamtraps mostly send good email. I simply
could not
> You have to validate each domain you use for sending, which is a
> modest pain, but that's one of the reasons their mail stream is
> pretty clean.
Do you mean AWS SES specifically? They're consistently #4 by volume
in our dataset (occasionally even #3, rarely #5), next only to
SendGrid,
> > harder to give due suspision on sendgrid because they give full
It's actually kind of easy.
Is the IP announced by AS11377?
Yes? -> SendGrid.
--
Atro Tossavainen, Founder, Partner
Koli-Lõks OÜ (reg. no. 12815457, VAT ID EE101811635)
Tallinn, Estonia
tel. +372-5883-4269,
> Interesting to me Atro said this is sendgrid. I saw sendgrid format
> sender address but headers do no show any sendgrid. So now its
> harder to give due suspision on sendgrid because they give full
> infrastructure to rent for other domain like intuit?
Yes.
Full headers (munged of course) and
On Mon, Feb 27, 2023 at 08:05:31PM +0100, Faisal Misle via mailop wrote:
> I wonder if its the similar MO as PayPal, where they use Quickbooks accounts
> to send fake invoices... so it uses the legitimate QB stream
Right on the money, that is exactly what it is.
--
Atro Tossavainen, Founder,
> what is your data that shows hetzner being worse than others in this field?
What is the point you are trying to make by trying to turn this into
a race where it wasn't one previously? We are discussing Hetzner
specifically, prompted by the original post from Lena, last I checked.
> hetzner has
ut by third party demand,
> on demand.
Not expecting shooting on sight, as already said. Some safety measures
would be nice though, such as not outsourcing the ToSsing of spammers
to the spammers themselves.
>
> On 2023-02-07 07:15, Atro Tossavainen via mailop wrote:
> >>Neithe
> If we were passing them on verbatim we wouldn’t have to manually
> process them.
Suppose it is so, then.
> As for the spammers comment, you know that the vast majority of spam
> leaving our network is from compromised servers.
You would know that beyond any doubt. I don't have comprehensive
> Neither do I. The response simply describes what is happening. When a
> third party X complains that Hetzner customer Y is a spammer, I consider
> it only appropriate that Hetzner passes the complaint along and asks Y
> for a statement, and does not simply impose restrictions on Y based on
> X's
Thanks Bastiaan for picking up the red courtesy phone so fast.
> I’m not seeing anything offensive or insulting in our response.
I am referring to the fact that the wording of the autoreply suggests
that Hetzner is simply passing complaints verbatim to the spammers
themselves and not dealing
> Thank you for this. I usually avoid role-based addresses when trying to reach
> out to someone about email if only because I rarely if every receive any
> response, but I wrote to that one today hoping for a response.
This is actually an interesting viewpoint.
Should others also do the same
Hello world,
It was reported in Finnish news today https://yle.fi/a/74-20014495 that
the city of Kuopio (#8 largest in the country) is unable to send email
to addresses served by Google and that this would be expected to last
for about two weeks.
According to the comments in the article, the
Here's my €.02. The context for this is
http://mainsleaze.spambouncer.org/may-2021-in-spamtraps-esps/
(and similar posts on same site before, as well as my LinkedIn posts on
the same topic later)
Here's a data point to the current conversation.
[atossava@x ~]$ for i in
On Wed, Nov 23, 2022 at 04:01:30PM -0600, Jarland Donnell via mailop wrote:
> Assuming that doesn't pan out, can you file an abuse complaint with
> their DNS provider? Sure can't hurt anything.
Oddly enough Microsoft's DNS provider is... Microsoft.
Microsoft has an employee participating on this
On Fri, Nov 18, 2022 at 10:56:26AM -0700, Anne Mitchell via mailop wrote:
> It's about time, and to the extent that you were involved (if at all),
> Brandon, *thank you*!
>
> "Users of mass email services such as Gmass, Woodpecker, Lemlist and others
> that have been using Gmail’s API to send
> I do see a not
> insignificant amount of mail to invalid recipients so you might want to
> check that you're understanding/processing bounces/deferrals properly.
Koli-Lõks OÜ spamtraps concur, seeing mail from USAA both to typotraps
as well as recycled domains. These are of course no longer
> >PS, don't know what o365 is doing, but a marked reduction in uncaught spam
> >leaking from their networks..
> >
> Really? I'm seeing a constant stream of fake dating spam from apparently
> compromised O365 accounts, with no end in sight.
I'm with Hans-Martin on this one.
> Many of them use
> You can use https://senders.yahooinc.com/contact
Email responses to email abuse. thank you, very much
Best regards, RFC 2142
--
Atro Tossavainen, Founder, Partner
Koli-Lõks OÜ (reg. no. 12815457, VAT ID EE101811635)
Tallinn, Estonia
tel. +372-5883-4269, http://www.koliloks.eu/
> Fine. You're responsible for delivering mail submitted to you, and
> it is entirely reasonable to confirm that the entity you are
> accepting it from has provided a usable address. What Postfix then
> does to verify it is exactly what would be done if a message was
> simply accepted without
> Atro appears to object to this use. I disagree.
It's abusable. Your users might not be who you think they will be.
> Arguably this is less expensive than "double opt in", which is doing
> a similar thing.
Yes. It also returns a different category of result.
> One way around that might be for
> Regarding the above, I have the following question:
>
> What do you (and maybe other people on the list) think about such email
> verification method ("abusing RCPT TO") used as part of:
>
> a) mail receiving process - I'm thinking here for example about the Postfix
> feature
Czesc, Radek,
> We assume that:
> - our customer (data controller) who requested us to verify the email address
> got it in a legal way
> - our customer is obeying anti-spam policies.
So do all the ESPs. But their customers send mail, and the recipients
are able to act upon it, informing the
On Tue, Aug 30, 2022 at 05:36:16PM -0500, Jarland Donnell via mailop wrote:
> That subdomain style, I've been eyeballing that trend for a while.
> This guy got super mad at me for identifying that trend on a network
> that hadn't yet started sending spam:
>
On Tue, Aug 30, 2022 at 01:11:20PM -0700, Michael Peddemors via mailop wrote:
> Hehehe...
>
> No, I meant who are behind these..
https://emailable.com/abuse/
> Is AWS alright with this..
I suppose the answer is yes. Getting any kind of answer to any question
out of them is beyond difficult, so
> In other news.. Any comments about these guys on AWS?
>
> 3.217.146.99 1 mx25.herpderpderpderp.com
> 3.223.197.220 1 mx2.emailablev.com
> 3.226.89.155(RS) 2 va1.mx-check.com
Sure.
[root@mail ~]# egrep
On Wed, Aug 17, 2022 at 11:44:18AM -0700, Luke via mailop wrote:
> That account was terminated on the 14th. For what it is worth (and I know
> this is worth very little here), our system did prevent more than ~90% of
> their *attempted* mail from ever leaving our pipes. So I like to tell
> myself
On Sat, Aug 13, 2022 at 06:46:02PM -0400, John Levine via mailop wrote:
> This showed up today, send to the email of my father who died in 2019.
>
> Full copy available on request to anyone who has a plausible use for it.
Got a few hundred.
SendGrid user ID 28413401. Sending IP 167.89.38.98 is
> Ideally, a SMTP return code should differentiate the reason for rejection.
> There should be a different code for non-existing user, technical problems
> (like mailbox full) or policy-based reject.
You know, they actually did think of that.
> Talking about anti-fraud, anti-spam at self-service ESP level, that's
What an excellent writeup. Thank you Simon for this!
--
Atro Tossavainen, Founder, Partner
Koli-Lõks OÜ (reg. no. 12815457, VAT ID EE101811635)
Tallinn, Estonia
tel. +372-5883-4269, http://www.koliloks.eu/
> I would love a way to give those addresses (in a hashed form) to ESPs saying
> "Look, if somsone is sending to those, it's a bogus list and does not pass
> muster, and you should reject the customer".
>
> I'd love a way to put those addresses in the DNS as a similar flag. "Do not
> allow
> If we agree that IP addresses, email addresses and real names are all PII as
> per GDPR, your example is comparable to Cloudflare.
The idea that IP addresses could be personal data has always blown my
mind, but the GDPR does classify it as such.
> The end-user browsing a website is sending
Hans-Martin Mosner wrote:
> Especially in the area of freemailer spam (and somewhat ESP spam, of course),
> hashes of spammy mail senders could be used to share reputation among mailops
> without handling actual e-mail addresses.
Er, I think you mean
https://msbl.org/ebl.html
which was
> I got none of it, and nobody could figure out why for a while. It
> finally turned out that the ESP had added our entire domain name to
> some sort of global blocklist they have, solely based on my
> complaints that the ESP was letting their customers repeatedly send
> spam to our role addresses
Lem said:
> I question your assertion that "bounces for X sender doesn’t mean that it
> shouldn’t be mailed for Y sender".
Indeed if, say, an address doesn't exist, it doesn't exist whether the
sender is X or Y.
Also, if the mail platform rejects mail from the sender's IPs or domains,
it will
> Many of the ESPs that we certify will require senders with certain types of
> lists (size, industry, etc.) to reconfirm a percentage of their list upon
> upload. And make no mistake, good ESPs scan uploaded lists for the same
> things as do list-washi...er..."list hygiene" services.
> Sadly, there is at least one legitimate reasons to allow this:
> how else could a customer change ESP ?
There is that. But since the new ESP has no immediate way of knowing
anything about the legitimacy of the uploaded list, the problem remains.
--
Atro Tossavainen, Chairman of the Board
On Wed, Jul 20, 2022 at 12:41:53PM -0600, Brie via mailop wrote:
> So, hey, yeah, Sendgrid and Zoom...
>
> It's still going on even though it was 'being looked into'.
It is. But I looked at the amount of .zoom.us stuff in all the SendGrid
output in our traps from January to June and the trend is
On Tue, Jul 12, 2022 at 11:59:22AM +, Frietschy, Carlo via mailop wrote:
> Since Friday around 12 o'clock we receive 5xx error messages from most major
> French mail providers like Orange, SFR, Free, Laposte, Wanadoo, etc. with
> messages like:
>
> - Mail rejete. Mail rejected. OFR_506
Hey Sidsel, Bastiaan,
On Tue, Jun 28, 2022 at 01:09:45PM +0200, Hetzner Blacklist via mailop wrote:
> That error message means your IP has a poor email reputation on Cisco Talos:
> https://talosintelligence.com/reputation_center/
Cisco Talos has to be the most opaque reputation service I have
Cher M CARON
> Sorry but I represent OVH email team (not abuse), I have no power and
> visibility on stuff out our email offer perimeter.
This is understood.
> As I say in private, the abuse form https://www.ovh.com/abuse/#!/ permit to
> report spam problems. It ensure to abuse team enough
On Mon, Jun 13, 2022 at 08:10:23AM -0700, Michael Peddemors via mailop wrote:
> Real strange, fake abuse addresses..
Plenty of the same in the spamtraps.
--
Atro Tossavainen, Founder, Partner
Koli-Lõks OÜ (reg. no. 12815457, VAT ID EE101811635)
Tallinn, Estonia
tel. +372-5883-4269,
On Wed, May 25, 2022 at 03:00:19PM -0400, Omid Majdi via mailop wrote:
> Hey all,
>
> I'm looking to see if anyone has compiled any lists of invalid email domains?
> Examples of such would be typo domains and/or domains that accept all
> local-part addresses such as gmai.com, gmail.co,
> Don't just remove the addresses from customers' lists, but remove
> the customers, as they are obviously using addresses without
> consent,
You will probably find that just about every ESP operates a single
opt-in regime.
> which would be against your AUP (you do have an AUP that
> requires
On Wed, Apr 27, 2022 at 11:00:46AM -0500, Al Iverson via mailop wrote:
> Try https://www.shouldiuseapurchasedemaillist.com
Excellent job Al. Thanks on behalf of everyone.
>
> (I tried to keep it brand free, not trying to sell anything there,
> other than best practices.)
>
> Cheers,
> Al
>
>
On Wed, Apr 27, 2022 at 04:15:20PM +0200, Simon Luger via mailop wrote:
> Hi
>
> i need this page from time to time.
>
> caniuseapurchasedemaillist.com
I love it too. Looks like MailChimp may have forgotten to pay the rent
on the Digital Ocean droplet.
In the meantime, for the Finnish reader,
On Mon, Apr 25, 2022 at 03:18:30PM -0500, Jarland Donnell via mailop wrote:
> I'd like to encourage other mail providers to begin holding Mailjet
> accountable for the spam they send. Today, in reaction to receiving
> 1 abuse complaint per spam email sent from their platform, they
> finally had
On Sun, Apr 24, 2022 at 11:02:42PM -0400, John R Levine via mailop wrote:
> I've gotten several copies of this phish sent to an address stolen
> from a closed Robinhood brokerage account. It's sent from Sendgrid,
> with a link to a web host at AWS that does a couple of web redirects
> to a web
> You think we would be done with SendGrid conversations two years ago..
No such thing.
> And two hours later, a phishing attempt from a SendGrid IP hit the
> spam folder...
>
> Return-Path:
> Received: from wrqvndzq.outbound-mail.sendgrid.net (HELO
> wrqvndzq.outbound-mail.sendgrid.net)
On Wed, Apr 13, 2022 at 10:21:18AM -0700, Michael Peddemors via mailop wrote:
> Return-Path:
>
>
> Click on the unsubscribe link, and it goes to an insecure pardot page.
Envelope-senders are not links, though.
--
Atro Tossavainen, Chairman of the Board
Infinite Mho Oy, Helsinki, Finland
tel.
On Mon, Mar 21, 2022 at 07:35:59AM +0100, Hans-Martin Mosner via mailop wrote:
> Hi folks,
>
> in a trustworthy Received: line of a spam I found the source IP
> 81.70.92.213. Strangely, this IP is pingable, and traceroute finds a
> way, but neither the IP whois nor the BGP looking glass show to
On Sun, Mar 20, 2022 at 06:49:33PM +, Graeme Slogrove via mailop wrote:
> Hi,
>
> If anyone from emailsrvr.com is on this list, please contact me. A new IP
> range is being limited.
That is Rackspace isn't it?
--
Atro Tossavainen, Chairman of the Board
Infinite Mho Oy, Helsinki, Finland
> RIPE says it's IPXO Limited, at a mail drop in suburban London, a phone
> number in Lithuania, and a tech contact at an address in Paris with
> no hint that he works there. Sounds totally legit to me.
IPXO Ltd (London) is Heficed (Lithuania). According to their home page,
they are a "Fully
> Email - as we know it - should have been dead years ago. But instead we
> keep adding band-aid after band-aid after band-aid to the system.
It's not that people haven't tried. And not all of them have been
wholly unequipped to do so, either. You are of course aware of Professor
Dan J.
> I’ve gotten the header from the successful test that our customer sent to his
> Yahoo account, but the IP Addresses gathered there didn’t appear in any of
> our servers logs either.
Are they not either of the two you mentioned?
--
Atro Tossavainen, Chairman of the Board
Infinite Mho Oy,
> Yep, I know you, Sendgrid, told me that you'd be working on it with
> Zoom. And, as expected, nothing ever happened and they still keep
> coming.
About 0.3% of the spams that Koli-Lõks spamtraps got from SendGrid
in December 2021 matched .zoom.us.
It's large enough to be noticeable, but
On Wed, Dec 22, 2021 at 09:57:54AM -0700, Anne P. Mitchell, Esq. via mailop
wrote:
> P.S. These two notes from Jonathan Mayer are appended to the
> https://privacystudy.cs.princeton.edu/ site; the newest is from yesterday.
>
> Note from Jonathan Mayer, the Principal Investigator (Saturday,
> Would it be possible for the two sides (blocklists and a cloud/hosting
> providers) to come together and have some kind of automated notification?
Objection, requires an interest in collaboration from hosting providers.
--
Atro Tossavainen, Chairman of the Board
Infinite Mho Oy, Helsinki,
> Sure. Linode could decide to stop operating a public nuisance and
> police their sewer more effectively. Historically, Spamhaus has a
> long record of delisting network operators who reform their
> abuse-handling.
This isn't even about that. This is only about Linode cramming more
than one
On Thu, Nov 25, 2021 at 04:22:05PM +0200, Mary via mailop wrote:
>
> But that is not a real solution is it?
It is because it's the right thing to do in the first place.
> Maybe linode and spamhaus can come up with a better solution between them?
I would not expect any changes on the policy of
ng emails that are using IPv6
> > > addresses, are being rejected by anyone using zen.spamhaus.org
> > >
> > > I then tried a bunch of my addresses and they all tested as listed in
> > > https://check.spamhaus.org/
> > >
> > > Please see attached
On Thu, Nov 25, 2021 at 12:33:54PM +0200, Mary via mailop wrote:
> Hello everyone,
>
> I noticed today that spamhaus.org is blocking large net blocks of IPv6
> (2a01:7e01) owned by Linode. Pretty much all my clients hosted at Linode are
> being blocked en mass (for IPv6 only).
On Sun, Oct 17, 2021 at 01:04:53PM -0700, Dan Mahoney (Gushi) via mailop wrote:
> All,
>
> For years now I've been the target of a number of resumes from
> UAE-based google-groups.
Have a look at these two things.
https://www.spamhaus.org/rokso/spammer/SPM1559/syedsmarketing
1 - 100 of 154 matches
Mail list logo