> Dnia 9.02.2024 o godz. 13:03:28 Philip Paeps via mailop pisze:
> >
> > Most people don't actually use email anymore. Email is for
> > marketing and receipts.
>
> Yeah, that's probably the main reason why they can live with such
> problematic service like Gmail.
I've encountered more
> On 08/02/2024 04:51, Jarland Donnell via mailop wrote:
> > Is it time to throw in the towel on email forwarding?
>
> We're successfully forwarding tens of thousands of emails to Gmail,
> Yahoo and others.
>
> We try not to break DKIM and we also use ARC, that seems to satisfy most
> for now.
> Am 08.02.2024 schrieb Cyril - ImprovMX via mailop :
>
> > But forwarding an email from a domain that have DMARC enabled (with a
> > policy different than "none") could still work if the sender signed
> > their email with DKIM. Isn't it correct?
>
> That is true. But not all domains have DKIM.
> On 08.02.24 05:48, John Covici via mailop wrote:
> >I have sendmail set up for dkim, I don't see anywhere where you need
> >anything for dmarc. Right now the opendmarc.conf is just what comes
> >when you install.
>
> DMARC on domain means setting DNS record in it.
Fortunately, that's
> On Wed, Feb 7, 2024, 4:55AM Andreas S. Kerber via mailop
> wrote:
>
> > Am Wed, Feb 07, 2024 at 02:20:25PM +0100 schrieb Jaroslaw Rafa via mailop:
> > > For outgoing, Google requires that you have DMARC record set up. So if
> > you
> > > are sending anything to Google, you need that.
> >
> > Th
have the milter configuration aspect covered in sendmail?
> Thanks a lot, I am using sendmail as my mta.
>
> On Wed, 07 Feb 2024 00:39:41 -0500,
> Randolf Richardson, Postmaster via mailop wrote:
> >
> > Which mail server software and OS are you using? Are you recei
Which mail server software and OS are you using? Are you receiving
some error messages (e.g., in syslog)?
I'm using Postfix on Debian, and I'd be happy to try to help you get
things working no matter which software you're using.
The OpenDMARC package supports running as
[Sarcasm]
Oh, but their customers would never send spam -- they pay for mail
services, and their credit cards aren't even lost, forged, or stolen!
[/Sarcasm]
They really do need to work on customer intake, but the inflow of
billions of dollars is likely pushing a lot of heavy roc
> It appears that Andreas Schamanek via mailop said:
> >
> >Hi mailops,
> >
> >Thought some might be interested, though those affected sure already
> >know:
> >
> >On January 25 I was alerted to false positives due to Spamhaus SBL
> >listing IP addresses of fonts.googleapis.com.
The IP
> From: Scott Undercofler via mailop Sent: February 1, 2024 17:04
> >
> > The issue you´re seeing is directly related to SMTP smuggling which
> > was discussed on list ad nauseam about a month ago.
>
> I did see those but they did not appear to relate to anything we are
> doing so I did not read
Take a look at this RBL tester -- at present it tests 239 lists and
provides more detailed reporting:
The complete IP check for sending Mailservers
https://multirbl.valli.org/lookup/45.79.209.44.html
A few of the lesser-known lists show that your I
> Good Morning,
>
> Overnight in our logs, we are starting to see Microsoft spam like this:
>
> Feb 5 12:19:28 my postfix/smtpd[1015436]: NOQUEUE: filter: RCPT from
> mail-mw2nam10acsn2106.outbound.protection.outlook.com[104.47.55.106]:
> : Sender address triggers FILTER
> smtp-amavis:[127.0.
> On 1/29/2024 3:20 AM, Laura Atkins via mailop wrote:
>
> > A very experienced spam filter person, who worked at a not-for-profit
> > spam filtering company and two of the major mailbox providers once
> > told me that the biggest challenge with their job was that there were
> > messages that s
> Hello mailop
>
> Anybody on the feed that has contact info for Italian MBP tim.it , alice.it
> ?
> We have serious blocking issues on our transactional emails to this provider
> but we don't seem to be finding any luck in contacting them.
Try these Abuse Department addresses...
> > On 28 Jan 2024, at 20:23, Thomas Walter via mailop
> > wrote:
> >
> >
> >
> > On 28.01.24 20:02, Jaroslaw Rafa via mailop wrote:
> >> There are "edge cases" when the mail couldn't be reliably classified as
> >> spam
> >> or non-spam. Even with best tuned spam filtering systems false posit
> Randolf Richardson, Postmaster via mailop schrieb:
> > Marco Moock via mailop wrote:
> >
> > > Is there any way to contact them so they can figure out
> > > the source of those mails?
> >
> > Have you inspected the SMTP headers and grepped mail
&g
Have you inspected the SMTP headers and grepped mail server logs?
> Hello!
>
> Does anybody of ebay reads here?
>
> At work we receive mails from ebay (SPF valid) to an address that isn't
> assigned to an account and can't be registered by the ebay user because
> he can't access the inbo
> According to Randolf Richardson, Postmaster via mailop
> :
> > I'm just chiming in here with some support for you because I know a
> >few people who use OVH as well.
> >
> > Blocking on a case-by-case basis is the better approach so that
> &
Feel free to contact me off-list if you'd like to send some test
messages -- I can send back the results of the DKIM and DMARC checks.
My eMail address is: postmas...@inter-corporate.com
> Hello!
>
> At work we are currently deploying DKIM.
>
> Do people here have experience w
[sNip]
I apologize. I sent this to the wrong address. Please disregard.
--
Postmaster - postmas...@inter-corporate.com
Randolf Richardson, CNA - rand...@inter-corporate.com
Inter-Corporate Computer & Network Services, Inc.
Vancouver, British Columbia, Canada
https://www.inter-corporate
> Dnia 25.01.2024 o godz. 07:10:13 Hans-Martin Mosner via mailop pisze:
> > It's probably pointless to call for a general OVH boycott, as much as I
> > would like to do that :-)
>
> I would be the first to object to that, because my server is hosted at OVH :)
I'm just chiming in here with
I'd like to register so that I can contribute too, but I'm seeing
the same message that registrations are disabled:
Phishtank :: Register
https://www.phishtank.com/register.php
"X New user registration temporarily disabled."
Than
> On 2024-01-23 12:35, Randolf Richardson, Postmaster via mailop wrote:
> >>> Hi folks,
> >>>
> >>> I suspect this exists, but can't come up with the right search.
> >>>
> >>> I have domains that should never receive mail. I'
> > Hi folks,
> >
> > I suspect this exists, but can't come up with the right search.
> >
> > I have domains that should never receive mail. I'd like a milter that
> > looks for mail to those domains and feeds the IP of the sender to an
> > outside program.
> >
> > Surely someone wrote this spamtra
[sNip]
> Given my experience with spamhaus this week, I´m convinced that they
> are out to put the small email provider out of business.
What was your experience with them?
(I ask, because based on what I've seen, Spamhaus been consistent
and impartial with their listing criteri
> On 2024-01-19 at 15:42:49 UTC-0500 (Fri, 19 Jan 2024 12:42:49 -0800)
> Randolf Richardson, Postmaster via mailop
>
> is rumored to have said:
>
> > Spamhaus makes the DROP data available (which I believe is also
> > included in their SBL), which is useful
> On 2024-01-19 12:42, Randolf Richardson, Postmaster via mailop wrote:
> >> On 2024-01-19 06:47, Atro Tossavainen via mailop wrote:
> >>> On Fri, Jan 19, 2024 at 03:31:19PM +0100, hg user wrote:
> >>>> Ok sorry not "most" but "some may".
> On 2024-01-19 06:47, Atro Tossavainen via mailop wrote:
> > On Fri, Jan 19, 2024 at 03:31:19PM +0100, hg user wrote:
> >> Ok sorry not "most" but "some may"...
> >>
> >> My checkpoint rep said that they get their reputation lists from other
> >> companies... is it wrong ?
> >
> > It's possible t
> On Wed, 17 Jan 2024 15:35:42 +0100, Hans-Martin Mosner via mailop
> wrote:
>
> >Am 17.01.24 um 15:20 schrieb Paul Menzel via mailop:
> >> With this in mind, did somebody compile a block list yet? Or should I just
> >> create a whitelist?
> >
> >A block list does not make sense, as new domains
> On 19/01/2024 00:33, Randolf Richardson, Postmaster via mailop wrote:
> > The blacklists seem to be blocking mostly the ones that send
> > directly from @.onmicrosoft.com addresses, which
> > should make filtering easy if we can confirm for certain that no
> >
I'm seeing in today's logs plenty of blocking of hosts ending with
".onmicrosoft.com" but also plenty of SMTP connections not being
blocked.
Those MS-Miscreants seem to have moved on from mixing names of farm
animals and car brands to names that seem like they could be for
prof
> On Mon, Jan 15, 2024 at 4:19PM Randolf Richardson, Postmaster via mailop <
> mailop@mailop.org> wrote:
>
> > You'll likely be interested in the reputation score, which is
> > presently showing as "Poor" for that IP address (66.175.222.108):
> On Mon, Jan 15, 2024 at 11:00AM Udeme wrote:
>
> > Mark: looks like as of seconds ago the SBL´s been resolved & removed from
> > the SBL?
>
> Yes! That's great, but unfortunately and confusingly, it's switched to a
> different listing instead: https://www.spamhaus.org/query/ip/66.175.222.108
> >> I was thinking about not advertising SIZE myself, because our limits are
> >> already very high so people can send large attachments internally.
>
> I would still suggest setting a sensible limit, like 100 MB or similar, to
> avoid the problem that certain MUAs tend to timeout, crash or st
> FWIW, after a log file review we are contemplating blocking
> "azurewebsites.net" as well as "@onmicrosoft.com".
Our logs are showing small quantities of SMTP traffic from
"azurewebsites.net" that are usually being blocked due to SPF
failures, and usually sending to weird, nonsencial
> >> That header is supposed to be attached by the originating MUA,
> >> and I don't *think* transit MTAs are permitted to rewrite it...
>
> Problem is, that when MUA or first MTA has a incorrect date
> set, the email comes like last in inbox... have seen emails
> set with 1970-01-01 00:00:00 Or,
idual" designation.
> -----Ursprungligt meddelande-
> Från: Randolf Richardson, Postmaster via mailop
> Skickat: den 15 januari 2024 02:46
> Till: Mailop
> Ämne: Re: [mailop] Displaying logos
>
> Let's Encrypt style automation will be necessary with a la
Let's Encrypt style automation will be necessary with a large
userbase, and even with a small userbase it will be very helpful.
How do you envision the DNS records being set up? Should there be
one DNS record for each user, or a shared DNS record with some sort
of a cryptograph
According to Microsoft, they use the "onmicrosoft.com" domain name
for providing IMAP4 access, and as an SMTP fallback domain for
clients who don't have their own domain name:
Source:
https://learn.microsoft.com/en-us/microsoft-365/admin/setup/add-or-replace-your-onmicrosoftcom
> On Saturday 13/01/2024 at 3:59 pm, John Levine via mailop wrote:
> > It appears that Randolf Richardson, Postmaster via mailop
> > said:
> >>
> >>>
> >>> It might work to put a gold border around checked logos and a
> >>
> Robert L Mathews said:
> > I hope nobody creates MUA features that show non-BIMI logos in the same
> > space
> > as BIMI logos (or that make it difficult for users to notice the difference,
> > such as a tiny padlock superimposed on it sometimes).
>
> Superimposing something to indicate validi
> [sNip]
> > Of course, I feel compelled to point out that I'm doing the same
> > > thing right now as the BIMI Group is doing (no PEM defined in the
> > > "a=" parameter), and I think this is fine and that it's perfectly
> > > okay for the BIMI Group to do it this way too.
> >
> > A self-
> On 10.01.2024 at 21:59 Randolf Richardson, Postmaster via mailop
> wrote:
>
> > What's missing from BIMI in its current form? The option
> > for mail server oparators to use the same TLS certificates that
> > we're already using for our mail servers (and
[sNip]
> Of course, I feel compelled to point out that I'm doing the same
> > thing right now as the BIMI Group is doing (no PEM defined in the
> > "a=" parameter), and I think this is fine and that it's perfectly
> > okay for the BIMI Group to do it this way too.
>
> A self-asserted logo
[sNip]
> I didn't know about the X-Face header! Is that something still in use?
[sNip]
By the way, in my previous reply to you, I meant to include this
link to a page on one of NASA's web sites that describes the PBM
image file format; here it is:
pbm - portable bitmap f
rry to disappoint with the whole being an unreleased
> proprietary email client part.
Excellent, and no worries about the proprietary part -- I asked
because I didn't know what the intended outcome is.
> Groetjes,
> Louis
>
>
> Op donderdag 11 januari 2024 om 10:10, s
> > It can be useful to show X-Face or Gravatar from certain mails, such as
> > those coming from a (trusted) forum (hint to Louis: it may be useful to
> > be able to configure the images to show for specific senders)
>
> Will be implementing something like this later on, probably for workplace
>
As an aside, I find it interesting that the BIMI Group doesn't have
a Verified Mark (no PEM specified in the "a=" parameter):
https://bimigroup.org/bimi-generator/
Just type "bimigroup.org" in that form and see the results, which
show their logo followed by this
r on that because I forgot about that
point. Thanks, Tim, for reminding me of this.
> -Tim
>
> On Thu, Jan 11, 2024 at 1:11PM Marcel Becker via mailop
> wrote:
>
> > On Thu, Jan 11, 2024 at 10:58AM Randolf Richardson, Postmaster via mailop
> > wrote:
> >
> >>
> On Thu, Jan 11, 2024 at 10:58AM Randolf Richardson, Postmaster via mailop <
> mailop@mailop.org> wrote:
>
> >
> > They could
> > easily afford set up a company, get a Trademark, and then use a
> > different logo image when sending their junk eMails.
>
> I might have missed something, but wouldn't that be a phisher's wet dream?
Indeed, and because the BIMI record references a URI to load the
logo from, so the scammers (spammers, phishers, malware/virus
distributors, etc.) could simply specify a different logo file with a
recognized br
ew, or a few dozen, as you
need, and from a few different domains so you can see what different
logos look like in an Inbox folder.
> Groetjes,
> Louis
>
>
> Op woensdag 10 januari 2024 om 21:58, schreef Randolf Richardson, Postmaster
> via
> mailop :
>
> > We lo
> > Simply, nobody needs this.
>
> I've been building an email client and actually do fetch avatars and logos to
> be
> displayed next to emails. I find it helps me visually identify emails easier,
> it's a lot less taxing on the brain than reading sender names or addresses. Of
> course in my cas
We looked into it and publish our own default BIMI record even
though we didn't pay the enormous amount money required to one of two
Certificate Authorities.
If anyone is curious to see what the record looks, use this command:
dig txt default._bimi.inter-corporat
> > On 28.12.2023 at 20:29 Marco Moock via mailop wrote:
> >
> > Am 28.12.2023 um 18:15:39 Uhr schrieb Tom Perrine via mailop:
> >
> >> Has anyone detected or seen any evidence of SMTP smuggling in the
> >> wild?
> >>
> >> I´m trying to get an independent read on how quickly the bad actors
> >> hav
> Am 01.01.2024 um 01:46:44 Uhr schrieb Randolf Richardson, Postmaster
> via mailop:
>
> > Is anyone seeing large numbers of dictionary attacks from
> > 20.42.100.251 (which is owned by Microsoft)? I'm curious if they're
> > engaging in large-scale targ
Is anyone seeing large numbers of dictionary attacks from
20.42.100.251 (which is owned by Microsoft)? I'm curious if they're
engaging in large-scale targeting.
I'm seeing more than 2,000 attempts daily from 20.42.100.251 against
mail account local-parts like "test" and "teste"
If that's what the problem is, then that can easily be set with the
following Postfix setting without the need for customization scripts:
default_destination_recipient_limit = 1
Documentation for this setting is available at:
https://www.postfix.org/postconf.5.h
> > > recently i see messages from this ML rejected by my MTA, due
> > > malformed To: header (from postmas...@inter-corporate.com):
> > >
> > >To: mailop@mailop.org
>
> Unrelated to the question of whether or not @ merits escaping or quoting...
>
> I personally wouldn't put an email address
Indeed, you are correct -- according to section 3.2.3 in RFC 5322,
the at ("@") symbol counts as a "special" character that's
categorized seprarately from "atext," and an example in Appendix A
demonstrates quoting when a special character is present:
RFC 5322 :: Internet
If you're using Postfix on Debian Linux, this will likely be of
interest to you...
The updated Postfix v3.7.9 that can prevent the SMTP Smuggling
problem by introducing the "smtpd_forbid_bare_newline" configuration
setting is now available on Debian (Linux) v12.4. I just upgrad
It's definitely worth it to run your own eMail system (in my
opinion). I think people should be able to do this if they want to,
although one of the challenges that sometimes arises is which IP
netblocks their eMail servers are in.
If your server is operated at home, you may be
We're seeing hundreds of entries like these in our logs for their
internet domain name:
2023-12-29T07:42:08.028521-08:00 mail01
postfix/policy-spf[118254]: Policy action=PREPEND Received-SPF: none
(csw31.besmartforgoodlife.com: No applicable sender policy available)
rec
If you're not using the newest (patched) version of Postfix smtpd, a
short-term workaround for the SMTP Smuggling problem was announced
today (2023-Dec-26) that "will stop many forms of the published
attack" from succeeding:
Postfix :: SMTP Smuggling :: Short-term workar
> In message <6585e535.11582.3a72...@postmaster.inter-corporate.com>,
> Randolf Richardson, Postmaster via mailop writes
>
> >> The most commonly seen method of tracking is probably inclusion of
> >> specifically crafted links in the message, that refer to
> Dnia 22.12.2023 o godz. 10:54:54 Randolf Richardson, Postmaster via mailop
> pisze:
> > > Tracking/spying elements in email messsages are usually intended to spy on
> > > the *recipient* - did the recipient read the email at all, did he clicked
> >
> Dnia 22.12.2023 o godz. 16:22:45 Slavko via mailop pisze:
> > But my point was (mostly) not about courties cases, i mean usual users
> > tracking/spying (contacts, shoppings, opinions, etc), where signature is
> > checked once (at receive time), but used/stored forever. And that cannot
> > be sol
I wouldn't want to see their breakfast! ;)
> Maybe they have just started eating their own dog food V2.0 at MS? ;->
>
> SCNR.
>
> Best,
>
> -C.
>
> > Am 15.12.2023 um 11:37 schrieb Laurent S. via mailop :
> >
> > It seems Microsoft made very recently a change. Since then, we get a
>
We're not seeing that error in our mail server logs here in Canada.
The trend seems to be that mail servers worldwide have gradually
been adding DKIM signing to all outbound mail, and some are starting
to require it of all inbound mail (we're also considering making DKIM
signing
They sent messages to a number of our spamtraps. I wonder if
they'll eventually hit all of them. :D
> Phishing their own customers. I suppose in a karmic sense they deserve
> it.
>
> (No, CAUCE is not a customer.)
>
> Regards,
> John Levine, jo...@taugh.com, Taughannock Networks, Tr
I'm not familiar with Hertzner, but APNIC's WHOIS indicates a
country code of ZZ for the sending IP address's netblock, which the
ISO lists as "Unknown or unspecified country."
I guess the whole /23 is in the process of being moved? The most
recent modification seems to be ~7 m
> On Sun, Dec 03, 2023 at 07:26:14AM +0100, Arne Jensen via mailop wrote:
> > Den 30-11-2023 kl. 09:36 skrev Giovanni Bechis via mailop:
> > > I maintain an ESP rbl
> >
> > Thank you for maintaining and providing that!
> >
> > I looked around and didn't find much information about the operation o
I'm greeted by the message "No data to display at this time. Please
come back later" for all reports, even when setting the duration to
the maximum of 120 days.
Hopefully it's only a temporary poroblem.
> Is anyone else seeing data missing from Google Postmaster Tools?
> For all
Interestingly, 1.1.1.1, which is Cloudflare's famous public DNS
resolver, is not included in that list of IPv4 addresses:
IP Ranges | Cloudflare
https://www.cloudflare.com/ips/
Their main reference page (above) doesn't seem to mention it, but I
wo
86d1-708d255c996d
>
> https://answers.microsoft.com/en-us/outlook_com/forum/all/email-accepted-by-hotmail-but-not-delivered/83621726-60f8-46ce-9416-daf2385acca3
>
> I for one would love to see this topic validated, but all I find across
> the internet seems to be gaslighting like "Is
Some of my users have been reporting that eMail messages are getting
lost intermittently when they're sent to users at any internet domain
name that relies on OUTLOOK.COM for its MX.
Our mail server logs confirm that all outbound messages were
accepted to those MX's (except for
> Hello,
>
> On Tue, Nov 28, 2023 at 12:54:13PM +0200, Mary via mailop wrote:
> > X-mail_abuse_inquiries: http://www.salesforce.com/company/abuse.jsp
>
> I reported a similar phishing spam to Salesforce a few days ago. I
> can't believe in this day and age that the above URL in its first
> paragr
on messages. Even after THAT, I find
> that maybe 25-50% of the folks who ask to subscribe never respond to the
> confirmation email.
>
> A list of 100 validated and interested folks is worth far more than a list
> of 1000 "average users".
>
>
>
> On Mon
> Am 27.11.2023 um 10:42:58 Uhr schrieb Randolf Richardson, Postmaster
> via mailop:
>
> > Many marketing people seem to be terrified of the idea of
> > users having to confirm their consent when subscribing to a mailing
> > list (e.g., by following a unique
What have you found to be some of the best approaches to convince
clients that the confirmed opt-in process is necessary for operating
eMail lists? (The ethical aspects are pretty straight-forward.)
Many marketing people seem to be terrified of the idea of users
having to confi
80 matches
Mail list logo