Re: [mailop] DMARC record in p=none not receiving aggregate reports to RUA

2016-04-14 Thread Franck Martin via mailop 
https://dmarcian.com/dmarc-inspector/chinalovecupid.com

says all is fine

Also note you need some traffic, before an aggregate report is sent to you.
Some receivers will not send a daily report if they have not seen X emails
from your domain.

at https://dmarc.org/resources/deployment-tools/

you will find in message validation, a few email address that will send you
reports very quickly, like autore...@dmarctest.org

On Thu, Apr 14, 2016 at 3:51 PM, Renaud Allard via mailop  wrote:

>
>
> On 14/04/16 23:58, Michael Wise wrote:
>
>> Checked the Microsoft.com record, and the \; is there as well, so it may
>> be an artifact of my software.
>>
>>
> Just FI
>
> https://dmarc.org/wiki/FAQ#Why_are_the_semicolons_escaped_in_DMARC_records.3F_Should_I_do_the_same_when_I_publish_a_DMARC_record.3F
>
>
> ___
> mailop mailing list
> mailop@mailop.org
> https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
>
>
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] DMARC record in p=none not receiving aggregate reports to RUA

2016-04-14 Thread Renaud Allard via mailop 



On 14/04/16 23:58, Michael Wise wrote:

Checked the Microsoft.com record, and the \; is there as well, so it may
be an artifact of my software.



Just FI
https://dmarc.org/wiki/FAQ#Why_are_the_semicolons_escaped_in_DMARC_records.3F_Should_I_do_the_same_when_I_publish_a_DMARC_record.3F



smime.p7s
Description: S/MIME Cryptographic Signature
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] DMARC record in p=none not receiving aggregate reports to RUA

2016-04-14 Thread Michael Wise 

Checked the Microsoft.com record, and the \; is there as well, so it may be an 
artifact of my software.
You can specify multiple addresses in the rua… maybe put in a gmail.com or 
similar address to see if anything arrives there?

I presuppose you’ve reviewed the mail server logfiles to see if anyone’s even 
connecting to attempt a delivery, yes?
Otherwise, I gots nothin’. Sorry. ☹

Aloha,
Michael.
--
Michael J Wise | Microsoft | Spam Analysis | "Your Spam Specimen Has Been 
Processed." | Got the Junk Mail Reporting 
Tool ?

From: Dickie LaFlamme [mailto:rlafla...@dyn.com]
Sent: Thursday, April 14, 2016 2:47 PM
To: Michael Wise 
Cc: Franck Martin ; mailop@mailop.org
Subject: Re: [mailop] DMARC record in p=none not receiving aggregate reports to 
RUA

We've put in tag "pct=100", waited a few days. Nothing, then took it out to try 
and again nothing.


Thanks,

[Image removed by sender. Dyn logo, 
Dyn.com]
[Image removed by sender.] 



 [Image removed by sender. Dyn facebook account] 



 [Image removed by sender. Dyn LinkedIn account] 


Dickie LaFlamme / Deliverability Specialist
[Image removed by sender.] +1 603-296-1952

On Thu, Apr 14, 2016 at 5:44 PM, Michael Wise 
> wrote:
What part of it … isn’t?
Oh, waitaminute … the record we’re talking about doesn’t specify pct= … would 
it default to 0?

[cid:image001.png@01D1965D.8B422D70]

Aloha,
Michael.
--
Michael J Wise | Microsoft | Spam Analysis | "Your Spam Specimen Has Been 
Processed." | Got the Junk Mail Reporting 
Tool
 ?

From: Franck Martin [mailto:fmar...@linkedin.com]
Sent: Thursday, April 14, 2016 1:49 PM
To: Michael Wise >
Cc: Dickie LaFlamme >; 
mailop@mailop.org
Subject: Re: [mailop] DMARC record in p=none not receiving aggregate reports to 
RUA

I checked my system, cannot see any report being generated. So may be this 
domain name is not in the RFC5322.From ?

On Thu, Apr 14, 2016 at 8:05 AM, Michael Wise 
> wrote:
DMARC is not something I'm well-versed in, but was trying to do what tests I 
could. Would be interesting to see what would happen if someone deliberately 
tried to send from a non-SPF valid IP.

Normally, it just sorta works, but I've never actually seen the traffic it 
generates, or seen the software that is supposed to send it, so I'm unsure 
exactly how to poke it with a stick... :(

Aloha,
Michael.
--
Sent from my Windows Phone

From: Dickie LaFlamme
Sent: ‎4/‎14/‎2016 5:55 AM
To: Michael Wise

Cc: mailop@mailop.org
Subject: Re: [mailop] DMARC record in p=none not receiving aggregate reports to 
RUA
My bad, I should have included this issue has spanned well over multiple days 
so the 24 hours rule wasn't a cause.

I queued a few different customers I know with

Re: [mailop] DMARC record in p=none not receiving aggregate reports to RUA

2016-04-14 Thread Michael Wise 
What part of it … isn’t?
Oh, waitaminute … the record we’re talking about doesn’t specify pct= … would 
it default to 0?

[cid:image001.png@01D1965C.198D3FE0]

Aloha,
Michael.
--
Michael J Wise | Microsoft | Spam Analysis | "Your Spam Specimen Has Been 
Processed." | Got the Junk Mail Reporting 
Tool ?

From: Franck Martin [mailto:fmar...@linkedin.com]
Sent: Thursday, April 14, 2016 1:49 PM
To: Michael Wise 
Cc: Dickie LaFlamme ; mailop@mailop.org
Subject: Re: [mailop] DMARC record in p=none not receiving aggregate reports to 
RUA

I checked my system, cannot see any report being generated. So may be this 
domain name is not in the RFC5322.From ?

On Thu, Apr 14, 2016 at 8:05 AM, Michael Wise 
> wrote:
DMARC is not something I'm well-versed in, but was trying to do what tests I 
could. Would be interesting to see what would happen if someone deliberately 
tried to send from a non-SPF valid IP.

Normally, it just sorta works, but I've never actually seen the traffic it 
generates, or seen the software that is supposed to send it, so I'm unsure 
exactly how to poke it with a stick... :(

Aloha,
Michael.
--
Sent from my Windows Phone

From: Dickie LaFlamme
Sent: ‎4/‎14/‎2016 5:55 AM
To: Michael Wise

Cc: mailop@mailop.org
Subject: Re: [mailop] DMARC record in p=none not receiving aggregate reports to 
RUA
My bad, I should have included this issue has spanned well over multiple days 
so the 24 hours rule wasn't a cause.

I queued a few different customers I know with valid DMARC records and I'm 
seeing the  “\” in front of the “;”’s.

I will however dig into the greylisting. As always, thank you all for looking 
into this and helping out!


Thanks,

  


Dickie LaFlamme / Deliverability Specialist
 +1 603-296-1952
 

On Wed, Apr 13, 2016 at 9:22 PM, Michael Wise  
wrote:
 

I see it slightly 
differently:
 

$ host -t txt 
_dmarc.chinalovecupid.com
_dmarc.chinalovecupid.com descriptive text "v=DMARC1\; p=none\; 
rua=mailto:dm...@chinalovecupid.com;
 

What’s with the “\” in front of the 
“;”’s?

Re: [mailop] DMARC record in p=none not receiving aggregate reports to RUA

2016-04-14 Thread Dickie LaFlamme 
We've put in tag "pct=100", waited a few days. Nothing, then took it out to
try and again nothing.

Thanks,

[image: Dyn logo, Dyn.com] 
[image: Dyn facebook
account] [image:
Dyn LinkedIn account] 

Dickie LaFlamme / Deliverability Specialist
 +1 603-296-1952

On Thu, Apr 14, 2016 at 5:44 PM, Michael Wise 
wrote:

> What part of it … isn’t?
>
> Oh, waitaminute … the record we’re talking about doesn’t specify pct= …
> would it default to 0?
>
>
>
>
>
> Aloha,
>
> Michael.
>
> --
>
> *Michael J Wise* | Microsoft | Spam Analysis | "Your Spam Specimen Has
> Been Processed." | Got the Junk Mail Reporting Tool
>  ?
>
>
>
> *From:* Franck Martin [mailto:fmar...@linkedin.com]
> *Sent:* Thursday, April 14, 2016 1:49 PM
> *To:* Michael Wise 
> *Cc:* Dickie LaFlamme ; mailop@mailop.org
> *Subject:* Re: [mailop] DMARC record in p=none not receiving aggregate
> reports to RUA
>
>
>
> I checked my system, cannot see any report being generated. So may be this
> domain name is not in the RFC5322.From ?
>
>
>
> On Thu, Apr 14, 2016 at 8:05 AM, Michael Wise 
> wrote:
>
> DMARC is not something I'm well-versed in, but was trying to do what tests
> I could. Would be interesting to see what would happen if someone
> deliberately tried to send from a non-SPF valid IP.
>
> Normally, it just sorta works, but I've never actually seen the traffic it
> generates, or seen the software that is supposed to send it, so I'm unsure
> exactly how to poke it with a stick... :(
>
> Aloha,
> Michael.
> --
> Sent from my Windows Phone
> --
>
> *From: *Dickie LaFlamme 
> *Sent: *‎4/‎14/‎2016 5:55 AM
> *To: *Michael Wise 
>
>
> *Cc: *mailop@mailop.org
> *Subject: *Re: [mailop] DMARC record in p=none not receiving aggregate
> reports to RUA
>
> My bad, I should have included this issue has spanned well over multiple
> days so the 24 hours rule wasn't a cause.
>
> I queued a few different customers I know with valid DMARC records and I'm
> seeing the  “\” in front of the “;”’s.
>
> I will however dig into the greylisting. As always, thank you all for
> looking into this and helping out!
>
>
> Thanks,
>
>
> 
>
> Dickie LaFlamme / Deliverability Specialist
>  *+1 603-296-1952*
>
>
> 
>
> On Wed, Apr 13, 2016 at 9:22 PM, Michael Wise <
> *michael.w...@microsoft.com*> wrote:
> 
>
>
> 
>
> I see it slightly differently:
> 
>
>
> 
>
> $ host -t txt _*dmarc.chinalovecupid.com*
> 
>
> _*dmarc.chinalovecupid.com* descriptive text "v=DMARC1\; p=none\;
> rua=mailto:*dm...@chinalovecupid.com*;
> 
>
>
>

Re: [mailop] Any Proofpoint contacts here?

2016-04-14 Thread Jim Cheetham 
Excerpts from Jim Cheetham's message of 2016-04-15 09:12:37 +1200:
> Yes, we had had a compromised account, and we had addressed it before the
> block became obvious.

May as well let you all know ... a newbie mistake by me. We don't have a
totally automated way to close down all the various systems through which
a user sends email, and while running through the manual steps I neglected
to dequeue the outbound spam submissions.

Proofpoint had already picked up on the initial outbound, and were dsn=421
for the remaining items. I prevented new spam from being submitted, and
when we got dsn=500 from Proofpoint we noticed the issue, and requested
delisting.

This went through, then our queued items got delivered, triggering a
repeat listing, and confusion at my end.

-- 
Jim Cheetham, Information Security, University of Otago, Dunedin, N.Z.
✉ jim.cheet...@otago.ac.nz☏ +64 3 470 4670☏ m +64 21 279 4670
⚷ OpenPGP: B50F BE3B D49B 3A8A 9CC3 8966 9374 82CD C982 0605


signature.asc
Description: PGP signature
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Speaking of Banks, Pet Peeve SPF

2016-04-14 Thread Luis E. Muñoz 



On 14 Apr 2016, at 14:04, Franck Martin via mailop wrote:


I prefer

example.com TXT "v=spf1 ip:0.0.0.0/0 -all"

or more sneaky
example.com TXT "v=spf1 ip:0.0.0.0/1 ip:128.0.0.0/1 -all"



Which large mail provides either ignore or penalize. (Or will at some 
point in the future).


-lem

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Any Proofpoint contacts here?

2016-04-14 Thread Jim Cheetham 
Excerpts from Jaren Angerbauer's message of 2016-04-15 04:33:42 +1200:
> Jim -- I'll reply offline with details (looks like you have a compromised
> user sending phish)

Thanks Jaren, just ack-ing to the list that our problem is sorted.
Thanks everyone for their comments, too.
Yes, we had had a compromised account, and we had addressed it before the
block became obvious.
The feedback loop to the sending IPs is the problem, common to so many
other reputation providers.

-- 
Jim Cheetham, Information Security, University of Otago, Dunedin, N.Z.
✉ jim.cheet...@otago.ac.nz☏ +64 3 470 4670☏ m +64 21 279 4670
⚷ OpenPGP: B50F BE3B D49B 3A8A 9CC3 8966 9374 82CD C982 0605


signature.asc
Description: PGP signature
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Speaking of Banks, Pet Peeve SPF

2016-04-14 Thread Franck Martin via mailop 
I prefer

example.com TXT "v=spf1 ip:0.0.0.0/0 -all"

or more sneaky
example.com TXT "v=spf1 ip:0.0.0.0/1 ip:128.0.0.0/1 -all"


On Thu, Apr 14, 2016 at 1:22 PM, Brandon Long via mailop 
wrote:

> What, you don't want to trust all of Apple's /8?
>
> Anyways, adding spf for an entire cloud provider of generic tools seems
> like a really bad idea.  We have to make sure with ours that we don't let
> people cross domain forge, since they may then spf pass... If you don't
> control the software, it is unlikely you can really control that ... Unless
> you control the relay or DPI or something.
> On Apr 14, 2016 11:16 AM, "Michael Peddemors" 
> wrote:
>
> SPF is a decent tool, however it always surprises me when banks open their
> SPF records to the point where they are at risk.  In just the last couple
> of days, we see a couple of banks adding to their SPF records, 'all IP(s)
> in our cloud providers network /16'.
>
> Now, (in the latest case most of MicroSoft's Azure) maybe that is what
> they are recommended to do, however anyone else using those IP(s) is now in
> a perfect position to take advantage of this..
>
> :(
>
>
>
> --
> "Catch the Magic of Linux..."
> 
> Michael Peddemors, President/CEO LinuxMagic Inc.
> Visit us at http://www.linuxmagic.com @linuxmagic
> 
> A Wizard IT Company - For More Info http://www.wizard.ca
> "LinuxMagic" a Registered TradeMark of Wizard Tower TechnoServices Ltd.
> 
> 604-682-0300 Beautiful British Columbia, Canada
>
> This email and any electronic data contained are confidential and intended
> solely for the use of the individual or entity to which they are addressed.
> Please note that any views or opinions presented in this email are solely
> those of the author and are not intended to represent those of the company.
>
>
> ___
> mailop mailing list
> mailop@mailop.org
> https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
>
>
> ___
> mailop mailing list
> mailop@mailop.org
> https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
>
>
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] TLS verify=FAIL

2016-04-14 Thread Franck Martin via mailop 
Client certificates in emails are not rare, even to the contrary, they are
predominant. The proportion of verifiable client certificates is about the
same proportion of verifiable server certificates.

I think there are a few MTAs that have different config for certificate
presented as a client vs a receiver.

For instance postfix has a different config and says not to use client
certs, I tend to disagree. This advice may have been written in the early
days of STARTTLS. The world has changed, especially after Snowden.

http://www.postfix.org/TLS_README.html#client_cert_key

On Thu, Apr 14, 2016 at 8:23 AM, Al Iverson 
wrote:

> Thanks for that. :)
>
> --
> Al Iverson
> www.aliverson.com
> (312)725-0130
>
>
> On Thu, Apr 14, 2016 at 3:02 AM, Steve Freegard 
> wrote:
> >
> > On 14/04/16 00:58, Al Iverson via mailop.org wrote:
> >>
> >> Boo @ designing something so that "FAIL is really nothing is to be
> >> concerned with."
> >>
> >> It's the kind of thing deliverability people will now be spending the
> >> rest of their lives explaining to clients that this big ole FAIL is to
> >> be ignored.
> >>
> >
> > Agreed - which is why it's been changed now.
> >
> > Cheers,
> > Steve.
> >
> >
> > ___
> > mailop mailing list
> > mailop@mailop.org
> > https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
>
> ___
> mailop mailing list
> mailop@mailop.org
> https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
>
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Gmail Blacklisting

2016-04-14 Thread Franck Martin via mailop 
You can't force your customers, but you have to tell them what will happen
to their emails.

You can point them to this document:
https://www.m3aawg.org/sites/maawg/files/news/M3AAWG_Inbound_IPv6_Policy_Issues-2014-09.pdf

and also
https://engineering.linkedin.com/email/sending-and-receiving-emails-over-ipv6

On Thu, Apr 14, 2016 at 8:26 AM, Thomas Wilhelm 
wrote:

> Hi Brandon,
>
> thank you for your answer.
>
> Our outgoing IPv6-addresses are:
>
> 2a01:5c0:63:10[0-8]::1/56 and
> 2a01:5c0:63:[1-8]::1/56
>
> Our main domains are: inexio.net and myquix.de These domains are under
> our control, so we are going to enable DKIM for both and SPF for
> inexio.net. SPF is already enabled for myquix.de.
>
> In addition to our private customers, we have about 1.000 business
> customers, who also send mails from their domains using our outgoing
> mailserver as a smarthost.
> We can't force them to setup SPF or DKIM for their domains.
>
> I've just enabled maildelivery via IPv6 now for 20% of our mails.
> As soon as I have an example for actual deliviery problems I'm going to
> send you these source domains.
>
> Are there any general improvements we can do ?
>
> best regards,
>
> Thomas
>
> --
> *Von: *"Brandon Long" 
> *An: *"Franck Martin" 
> *CC: *"Tony Finch" , "mailop" , "Thomas
> Wilhelm" 
> *Gesendet: *Mittwoch, 13. April 2016 20:56:31
> *Betreff: *Re: [mailop] Gmail Blacklisting
>
> We don't just run reputation on IP addresses, the spammer killed the
> reputation of any associated domains and such.  Your domain is recovering,
> but it can take up to 30 days to fully recover sometimes longer if
> people don't mark your mail as not spam.
> Though, that's only for the domain you're posting from, without details
> not much more I can go on.
>
> Brandon
>
> On Wed, Apr 13, 2016 at 10:48 AM, Franck Martin via mailop <
> mailop@mailop.org> wrote:
>
>> And it is not only to Google, many other mail receivers requires SPF or
>> DKIM over IPv6.
>> And if you set up a mail receiver with IPv6, do these requirements too,
>> it is an industry best practice (cf M3AAWG.org).
>>
>> On Wed, Apr 13, 2016 at 2:59 AM, Tony Finch  wrote:
>>
>>> Thomas Wilhelm  wrote:
>>> >
>>> > Does anybody have a hint for us, how to fix this problem?
>>>
>>> To send mail to Google over v6 you have to have SPF, DKIM, reverse DNS,
>>> everything set up to the best anti-spam standards.
>>>
>>> Tony.
>>> --
>>> f.anthony.n.finch    http://dotat.at/  -  I xn--zr8h
>>> punycode
>>> Southeast Iceland: Northeasterly 5 or 6 becoming variable 3 or 4, then
>>> cyclonic 5 to 7. Moderate or rough, becoming slight or moderate for a
>>> time.
>>> Showers. Good.
>>>
>>> ___
>>> mailop mailing list
>>> mailop@mailop.org
>>> https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
>>>
>>
>>
>> ___
>> mailop mailing list
>> mailop@mailop.org
>> https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
>>
>>
>
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Should I be disappointed with Reflexion?

2016-04-14 Thread Carl Byington 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

On Tue, 2016-04-12 at 13:48 -0700, Steve Atkins wrote:
> It's also possible that Reflexion is just sending terribly structured
> mail that "looks like" spam - not unusual amongst companies who build
> their own mail software - but I'd need to see the mail they're sending
> before judging that.

I just asked reflexion to send me an encrypted mail to test some of
this.

They indeed send an email with an embedded link asking the user to go to
a web site to retrieve the actual content. But they don't send any
password in the email. I needed to "register" with them by picking my
own password, and could then read the mail. So anyone that can intercept
that first message owns that mail address as far as reflexion is
concerned. Also anyone that can guess what password the user picked.

This particular message expires in two weeks, so presumably anyone that
grabs an entire mailbox won't be able to see very old messages, even if
they know the key.

It was dkim signed, but dkim=fail reason="key not found in DNS". It was
signed with s=default d=securemail.reflexion.net, so that should be

dig default._domainkey.securemail.reflexion.net txt +short

if I have done that correctly.


-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.14 (GNU/Linux)

iEYEAREKAAYFAlcP//AACgkQL6j7milTFsGpPgCfbwHxJReWEFESo4kOMpqZJ7dH
r+QAnjqyW1/ZAUHASRr6vsxqzMYoKlKi
=kWXx
-END PGP SIGNATURE-



___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Speaking of Banks, Pet Peeve SPF

2016-04-14 Thread Brandon Long via mailop 
What, you don't want to trust all of Apple's /8?

Anyways, adding spf for an entire cloud provider of generic tools seems
like a really bad idea.  We have to make sure with ours that we don't let
people cross domain forge, since they may then spf pass... If you don't
control the software, it is unlikely you can really control that ... Unless
you control the relay or DPI or something.
On Apr 14, 2016 11:16 AM, "Michael Peddemors" 
wrote:

SPF is a decent tool, however it always surprises me when banks open their
SPF records to the point where they are at risk.  In just the last couple
of days, we see a couple of banks adding to their SPF records, 'all IP(s)
in our cloud providers network /16'.

Now, (in the latest case most of MicroSoft's Azure) maybe that is what they
are recommended to do, however anyone else using those IP(s) is now in a
perfect position to take advantage of this..

:(



-- 
"Catch the Magic of Linux..."

Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic

A Wizard IT Company - For More Info http://www.wizard.ca
"LinuxMagic" a Registered TradeMark of Wizard Tower TechnoServices Ltd.

604-682-0300 Beautiful British Columbia, Canada

This email and any electronic data contained are confidential and intended
solely for the use of the individual or entity to which they are addressed.
Please note that any views or opinions presented in this email are solely
those of the author and are not intended to represent those of the company.


___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Should I be disappointed with Reflexion?

2016-04-14 Thread Eric Henson 
The bank emails I receive usually include a piece of information they know 
about me (last 4 of account number or similar) to prove it's really from the 
bank.

-Original Message-
From: mailop [mailto:mailop-boun...@mailop.org] On Behalf Of Carl Byington
Sent: Thursday, April 14, 2016 12:06 PM
To: Henry Yen
Cc: mailop
Subject: Re: [mailop] Should I be disappointed with Reflexion?

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

On Thu, 2016-04-14 at 12:56 -0400, Henry Yen wrote:
> >   6. If the information is of particularly high value, look at what
> the more competent end of banks and other financial institutions do to 
> add trust

> Both Chase bank (jpmchase) and Barclays bank send me emails with 
> direct links in them, from a bigfootinteractive mailserver. Does that 
> violate these three suggestions?

Yes. I have never seen a bank that did otherwise, so per Steve Atkins I have 
never seen a competent (wrt email) bank. Every bank for which I have email 
samples does the same - they are training their users to be phished. And that 
training seems to be working.


-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.14 (GNU/Linux)

iEYEAREKAAYFAlcPzg4ACgkQL6j7milTFsHfXwCeK8qm4wLZGozACHbmprsPQRii
tN0An0pTt4rhKQD7inm9BBduNTHBjtUI
=0vHM
-END PGP SIGNATURE-



___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] mailop Digest, Vol 102, Issue 35

2016-04-14 Thread Miahmed1 via mailop 
Anyone from Sympatico/Bell.net/Bell.ca here?  Please contact me offline. 

Thanks,

M 

Sent from BlueMail



On Apr 14, 2016, 4:06 AM, at 4:06 AM, mailop-requ...@mailop.org wrote:
>Send mailop mailing list submissions to
>   mailop@mailop.org
>
>To subscribe or unsubscribe via the World Wide Web, visit
>   https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
>or, via email, send a message with subject or body 'help' to
>   mailop-requ...@mailop.org
>
>You can reach the person managing the list at
>   mailop-ow...@mailop.org
>
>When replying, please edit your Subject line so it is more specific
>than "Re: Contents of mailop digest..."
>
>
>Today's Topics:
>
>   1. Any Proofpoint contacts here? (Jim Cheetham)
>  2. Re: How long does an IP address take to "Warm up"? (Luke Martinez)
>   3. Re: Should I be disappointed with Reflexion? (Jay Hennigan)
>   4. Re: TLS verify=FAIL (Steve Freegard)
>   5. Re: TLS verify=FAIL (Steve Freegard)
>
>
>--
>
>Message: 1
>Date: Thu, 14 Apr 2016 14:07:44 +1200
>From: Jim Cheetham <jim.cheet...@otago.ac.nz>
>To: mailop <mailop@mailop.org>
>Subject: [mailop] Any Proofpoint contacts here?
>Message-ID: <1460599498-sup-2...@holdfast.iso.otago.ac.nz>
>Content-Type: text/plain; charset="utf-8"
>
>I'm suffering from a strange recurrent blocking ...
>
>https://support.proofpoint.com/rbl-lookup.cgi?ip=139.80.64.247
>
>As of right now, it says "Most Recently Seen as Spam   10/04/2014
>23:44:25 GMT " and customers are rejecting our email.
>
>I delisted this yesterday, but it's back, and I can't attempt another
>delist within 24h. Also, there's no information about what might really
>have happened (like all networks we do occasionally emit spam, and we'd
>love to know about it). And that 2014 date worries me.
>
>But as I'm not a Proofpoint customer myself, I can't see any way to
>raise
>this issue. So a contact from Proofpoint would be welcome ... :-)
>
>-- 
>Jim Cheetham, Information Security, University of Otago, Dunedin, N.Z.
>✉ jim.cheet...@otago.ac.nz☏ +64 3 470 4670☏ m +64 21 279 4670
>⚷ OpenPGP: B50F BE3B D49B 3A8A 9CC3 8966 9374 82CD C982 0605
>-- next part --
>A non-text attachment was scrubbed...
>Name: signature.asc
>Type: application/pgp-signature
>Size: 198 bytes
>Desc: not available
>URL:
><https://chilli.nosignal.org/cgi-bin/mailman/private/mailop/attachments/20160414/6aa89445/attachment-0001.sig>
>
>--
>
>Message: 2
>Date: Wed, 13 Apr 2016 20:17:11 -0600
>From: Luke Martinez <luke.marti...@sendgrid.com>
>To: Franck Martin <fmar...@linkedin.com>
>Cc: mailop <mailop@mailop.org>, Robert Guthrie <rguth...@gmail.com>
>Subject: Re: [mailop] How long does an IP address take to "Warm up"?
>Message-ID:
>   <cadknbtkvnphzqodrbj+wsajujdzir0csqpxwg5gyfgzmwp_...@mail.gmail.com>
>Content-Type: text/plain; charset="utf-8"
>
>To piggy back a bit on what has been said already...
>
>When it comes to gmail. every new "sending resource" requires a new
>warm
>up. From what I have gathered, a "sending resource" is
>(non-exhaustively) a
>new IP address, new SPF domain, or new DKIM domain.
>
>We send a lot of mail from a wide variety of different senders. For
>what it
>is worth, we frequently see significant filtering problems at gmail
>when
>senders modify their DKIM domain. Occasionally even when they follow
>the
>recommended warm up strategy.
>
>We have seen senders drop from +90% inboxing down to single digits over
>night after changing nothing but their DKIM domain. Sometimes this
>involves
>simply *adding a subdomain* to their already established DKIM domain.
>
>It is a pretty awkward conversation to have, but we are starting to
>strongly discourage senders from making modifications to their DKIM
>domains
>because we have been unable to help good senders inbox on new domains.
>New
>IPs and new SPF (5321.From) domain are much less problematic.
>
>
>Luke
>
>
>On Wed, Apr 13, 2016 at 3:19 PM, Franck Martin via mailop
><mailop@mailop.org
>> wrote:
>
>> I take the rule of thumb that hotmail/outlook.com does not like more
>than
>> 20% volume changes day over day and week over week. Subscribe to the
>SNDS,
>> and if you see your IPs in the yellow, stop ramping up. All the other
>> mailbox providers follow same rules more or less, but this gives you
>a fair
>> control of your ramping up.
>>
>> On Wed, Apr 13, 2016 at 1:15 PM, Robe

Re: [mailop] Should I be disappointed with Reflexion?

2016-04-14 Thread Matthew Huff 
On the other hand

Trusting a user to go to a website is a risk also. Many users just type 
something like "chase" into their starting webpage (yahoo, bing, google, etc..) 
and go to the first link listed.


Matthew Huff | 1 Manhattanville Rd
Director of Operations   | Purchase, NY 10577
OTA Management LLC   | Phone: 914-460-4039
aim: matthewbhuff    | Fax:   914-694-5669


> -Original Message-
> From: mailop [mailto:mailop-boun...@mailop.org] On Behalf Of Carl
> Byington
> Sent: Thursday, April 14, 2016 1:06 PM
> To: Henry Yen 
> Cc: mailop 
> Subject: Re: [mailop] Should I be disappointed with Reflexion?
> 
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
> 
> On Thu, 2016-04-14 at 12:56 -0400, Henry Yen wrote:
> > >   6. If the information is of particularly high value, look at what
> > the more competent end of banks and other financial institutions do
> to
> > add trust
> 
> > Both Chase bank (jpmchase) and Barclays bank send me emails with
> > direct links in them, from a bigfootinteractive mailserver. Does that
> > violate these three suggestions?
> 
> Yes. I have never seen a bank that did otherwise, so per Steve Atkins I
> have never seen a competent (wrt email) bank. Every bank for which I
> have email samples does the same - they are training their users to be
> phished. And that training seems to be working.
> 
> 
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v2.0.14 (GNU/Linux)
> 
> iEYEAREKAAYFAlcPzg4ACgkQL6j7milTFsHfXwCeK8qm4wLZGozACHbmprsPQRii
> tN0An0pTt4rhKQD7inm9BBduNTHBjtUI
> =0vHM
> -END PGP SIGNATURE-
> 
> 
> 
> ___
> mailop mailing list
> mailop@mailop.org
> https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Should I be disappointed with Reflexion?

2016-04-14 Thread Carl Byington 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

On Thu, 2016-04-14 at 12:56 -0400, Henry Yen wrote:
> >   6. If the information is of particularly high value, look at what
> the more competent end of banks and other financial institutions do to
> add trust

> Both Chase bank (jpmchase) and Barclays bank send me emails with
> direct links in them, from a bigfootinteractive mailserver. Does that
> violate these three suggestions?

Yes. I have never seen a bank that did otherwise, so per Steve Atkins I
have never seen a competent (wrt email) bank. Every bank for which I
have email samples does the same - they are training their users to be
phished. And that training seems to be working.


-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.14 (GNU/Linux)

iEYEAREKAAYFAlcPzg4ACgkQL6j7milTFsHfXwCeK8qm4wLZGozACHbmprsPQRii
tN0An0pTt4rhKQD7inm9BBduNTHBjtUI
=0vHM
-END PGP SIGNATURE-



___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Should I be disappointed with Reflexion?

2016-04-14 Thread Henry Yen 
On Thu, Apr 14, 2016 at 08:33:16AM -0700, Steve Atkins wrote:
> Best practices for that email would be:
>   2. Not including a direct link to the portal, rely on the customers having 
> bookmarked it or being able to find it easily from your main site
>   3. Sending the mail From: your main corporate domain, or *maybe* a 
> subdomain thereof. Definitely not a third-party domain or a "lookalike" 
> domain.
>   6. If the information is of particularly high value, look at what the more 
> competent end of banks and other financial institutions do to add trust

Both Chase bank (jpmchase) and Barclays bank send me emails with direct links
in them, from a bigfootinteractive mailserver. Does that violate these
three suggestions?


___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Should I be disappointed with Reflexion?

2016-04-14 Thread Al Iverson 
If I ran the gateway I'd never allow password-protected ZIP files
through as attachments.

--
Al Iverson
www.aliverson.com
(312)725-0130


On Thu, Apr 14, 2016 at 11:22 AM, Howard F. Cunningham
 wrote:
> HI
>
> This is a great conversation...
>
> In regards to sending password protected zip files, I am aware of several 
> spam filters that inspect the contents of zip files and if the file is 
> password protected it is blocked..
>
> hc
>
>
> Howard Cunningham, MCP
> howa...@macrollc.com - personal
> For technical support, send an email to serv...@macrollc.com or call 
> 703-359-9211 (24/7)
>
> -Original Message-
> From: mailop [mailto:mailop-boun...@mailop.org] On Behalf Of Michael Orlitzky
> Sent: Thursday, April 14, 2016 11:27 AM
> To: mailop@mailop.org
> Subject: Re: [mailop] Should I be disappointed with Reflexion?
>
> On 04/14/2016 10:35 AM, Mark Keymer wrote:
>>
>> I do know that many hospitals, banks etc. Do use this type of
>> encryption to e-mail the client and basically tell them to log into
>> there web portal to view the encrypted e-mail.
>>
>> What other options are our there for sending encrypted e-mails?
>
> Problem: we want to ensure that a third party can't read our emails.
> Solution: give those emails to a third party to put on the web.
>
> The user-unfriendly forms of encryption are unfriendly because they work. If 
> it doesn't have to work, I can make it real friendly =)
>
> A password-protected zip file works just as well as using a third party.
> You still have the (unsolvable) problem of getting the password to the 
> recipient in a secure way, but at least you haven't given away the thing that 
> you're trying to keep secret. (How would you get the webpage password to the 
> recipient? Do that.)
>
> ___
> mailop mailing list
> mailop@mailop.org
> https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
>
> --
> ExchangeDefender Message Security: Click below to verify authenticity
> https://admin.exchangedefender.com/verify.php?id=u3EGMQOu002383=howa...@macrollc.com
>
>
> ___
> mailop mailing list
> mailop@mailop.org
> https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Any Proofpoint contacts here?

2016-04-14 Thread Michelle Sullivan 

Word from the persons who deal with PDR systems is:

The "most recently seen" dates are not accurate.  I really wish they 
didn't include that data as it's next to worthless.


Most likely they get delisted 1x, more 'bad' stuff comes in and the IP 
gets re-shot.


Delisting is not permanent.

So unfortunately when it comes to 'Last Seen' information on the 
Proofpoint Dynamic Reputation lookup page is a case of 'your milage may 
vary'.


Regards,

Michelle

John Possidente wrote:
I've been seeing this, too, for more than one client/mailer over the 
last few weeks. The listing disappears shortly after the active 
mailing is done (so requesting delisting is a matter of timing it just 
right), the data in the lookup record is usually quite old, and the 
listing pops up again next day when another mailing begins. Delisting 
seems to have a 2-3 day effect, then it's back to the  odd behavior.


I imagine the folks at Proofpoint would like to know if their system 
is working not-as-intended.


John


On Wed, Apr 13, 2016 at 10:07 PM, Jim Cheetham 
> wrote:


I'm suffering from a strange recurrent blocking ...

https://support.proofpoint.com/rbl-lookup.cgi?ip=139.80.64.247

As of right now, it says "Most Recently Seen as Spam 10/04/2014
23:44:25 GMT " and customers are rejecting our email.

I delisted this yesterday, but it's back, and I can't attempt another
delist within 24h. Also, there's no information about what might
really
have happened (like all networks we do occasionally emit spam, and
we'd
love to know about it). And that 2014 date worries me.

But as I'm not a Proofpoint customer myself, I can't see any way
to raise
this issue. So a contact from Proofpoint would be welcome ... :-)

--
Jim Cheetham, Information Security, University of Otago, Dunedin, N.Z.
✉ jim.cheet...@otago.ac.nz    ☏
+64 3 470 4670 ☏ m +64 21 279 4670

⚷ OpenPGP: B50F BE3B D49B 3A8A 9CC3 8966 9374 82CD C982 0605

___
mailop mailing list
mailop@mailop.org 
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop




___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop



--
Michelle Sullivan
http://www.mhix.org/


___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Any Proofpoint contacts here?

2016-04-14 Thread Jaren Angerbauer 
On Thu, Apr 14, 2016 at 8:46 AM, Laura Atkins 
wrote:

>
> On Apr 14, 2016, at 5:50 AM, John Possidente 
> wrote:
>
> I've been seeing this, too, for more than one client/mailer over the last
> few weeks. The listing disappears shortly after the active mailing is done
> (so requesting delisting is a matter of timing it just right), the data in
> the lookup record is usually quite old, and the listing pops up again next
> day when another mailing begins. Delisting seems to have a 2-3 day effect,
> then it's back to the  odd behavior.
>
> I imagine the folks at Proofpoint would like to know if their system is
> working not-as-intended.
>
>
> There is a human behind postmaster@ who actively replies to email.
>

Hi,

Jim -- I'll reply offline with details (looks like you have a compromised
user sending phish)

John --  The system is working as intended :)  If you (also) want to hit me
up offline, I'm happy to hopefully provide the needed visibility /
assistance.

Thanks,

--Jaren
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Should I be disappointed with Reflexion?

2016-04-14 Thread Howard F. Cunningham 
HI

This is a great conversation...

In regards to sending password protected zip files, I am aware of several spam 
filters that inspect the contents of zip files and if the file is password 
protected it is blocked..

hc


Howard Cunningham, MCP
howa...@macrollc.com - personal
For technical support, send an email to serv...@macrollc.com or call 
703-359-9211 (24/7)

-Original Message-
From: mailop [mailto:mailop-boun...@mailop.org] On Behalf Of Michael Orlitzky
Sent: Thursday, April 14, 2016 11:27 AM
To: mailop@mailop.org
Subject: Re: [mailop] Should I be disappointed with Reflexion?

On 04/14/2016 10:35 AM, Mark Keymer wrote:
> 
> I do know that many hospitals, banks etc. Do use this type of 
> encryption to e-mail the client and basically tell them to log into 
> there web portal to view the encrypted e-mail.
> 
> What other options are our there for sending encrypted e-mails?

Problem: we want to ensure that a third party can't read our emails.
Solution: give those emails to a third party to put on the web.

The user-unfriendly forms of encryption are unfriendly because they work. If it 
doesn't have to work, I can make it real friendly =)

A password-protected zip file works just as well as using a third party.
You still have the (unsolvable) problem of getting the password to the 
recipient in a secure way, but at least you haven't given away the thing that 
you're trying to keep secret. (How would you get the webpage password to the 
recipient? Do that.)

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

--
ExchangeDefender Message Security: Click below to verify authenticity
https://admin.exchangedefender.com/verify.php?id=u3EGMQOu002383=howa...@macrollc.com


___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] DMARC record in p=none not receiving aggregate reports to RUA

2016-04-14 Thread Michael Wise 
DMARC is not something I'm well-versed in, but was trying to do what tests I 
could. Would be interesting to see what would happen if someone deliberately 
tried to send from a non-SPF valid IP.

Normally, it just sorta works, but I've never actually seen the traffic it 
generates, or seen the software that is supposed to send it, so I'm unsure 
exactly how to poke it with a stick... :(

Aloha,
Michael.
--
Sent from my Windows Phone

From: Dickie LaFlamme
Sent: ‎4/‎14/‎2016 5:55 AM
To: Michael Wise
Cc: mailop@mailop.org
Subject: Re: [mailop] DMARC record in p=none not receiving aggregate reports to 
RUA

My bad, I should have included this issue has spanned well over multiple days 
so the 24 hours rule wasn't a cause.

I queued a few different customers I know with valid DMARC records and I'm 
seeing the  “\” in front of the “;”’s.

I will however dig into the greylisting. As always, thank you all for looking 
into this and helping out!


Thanks,

[Dyn logo, 
Dyn.com]

[http://dyn.com/wp-content/uploads/2013/08/esignature-icon-dyn-twitter.png] 



 [Dyn facebook account] 



 [Dyn LinkedIn account] 


Dickie LaFlamme / Deliverability Specialist
[http://dyn.com/wp-content/uploads/2013/08/esignature-icon-phone.png] +1 
603-296-1952

On Wed, Apr 13, 2016 at 9:22 PM, Michael Wise 
> wrote:

I see it slightly differently:

$ host -t txt 
_dmarc.chinalovecupid.com
_dmarc.chinalovecupid.com
 descriptive text "v=DMARC1\; p=none\; 
rua=mailto:dm...@chinalovecupid.com"

What’s with the “\” in front of the “;”’s?

Aloha,
Michael.
--
Michael J Wise | Microsoft | Spam Analysis | "Your Spam Specimen Has Been 
Processed." | Got the Junk Mail Reporting 
Tool
 ?

From: Dickie LaFlamme [mailto:rlafla...@dyn.com]
Sent: Wednesday, April 13, 2016 6:02 PM
To: Michael Wise >
Cc: mailop@mailop.org
Subject: Re: [mailop] DMARC record in p=none not receiving aggregate reports to 
RUA

ha, no worries. That's fair enough. Here's the customers DMARC record.

The domain
?:?
chinalovecupid.com

v=DMARC1; p=none; 
rua=mailto:dm...@chinalovecupid.com

?Again we know that this

Re: [mailop] DMARC record in p=none not receiving aggregate reports to RUA

2016-04-14 Thread Dickie LaFlamme 
My bad, I should have included this issue has spanned well over multiple
days so the 24 hours rule wasn't a cause.

I queued a few different customers I know with valid DMARC records and I'm
seeing the  “\” in front of the “;”’s.

I will however dig into the greylisting. As always, thank you all for
looking into this and helping out!

Thanks,

[image: Dyn logo, Dyn.com] 
[image: Dyn facebook
account] [image:
Dyn LinkedIn account] 

Dickie LaFlamme / Deliverability Specialist
 +1 603-296-1952

On Wed, Apr 13, 2016 at 9:22 PM, Michael Wise 
wrote:

>
>
> I see it slightly differently:
>
>
>
> $ host -t txt _dmarc.chinalovecupid.com
>
> _dmarc.chinalovecupid.com descriptive text "v=DMARC1\; p=none\;
> rua=mailto:dm...@chinalovecupid.com;
>
>
>
> What’s with the “\” in front of the “;”’s?
>
>
>
> Aloha,
>
> Michael.
>
> --
>
> *Michael J Wise* | Microsoft | Spam Analysis | "Your Spam Specimen Has
> Been Processed." | Got the Junk Mail Reporting Tool
>  ?
>
>
>
> *From:* Dickie LaFlamme [mailto:rlafla...@dyn.com]
> *Sent:* Wednesday, April 13, 2016 6:02 PM
> *To:* Michael Wise 
> *Cc:* mailop@mailop.org
> *Subject:* Re: [mailop] DMARC record in p=none not receiving aggregate
> reports to RUA
>
>
>
> ha, no worries. That's fair enough. Here's the customers DMARC record.
>
> The domain
>
> ​:​
>
> chinalovecupid.com
> 
>
> v=DMARC1; p=none; rua=mailto:dm...@chinalovecupid.com
>
>
>
> ​Again we know that this does not currently have the ​"pct=100" tag, but
> with or without the results have been the same.
>
>
>
>
> Thanks,
>
> [image: Image removed by sender. Dyn logo, Dyn.com]
> 
>   [image: Image removed by sender.]
> 
>
> [image:
> Image removed by sender. Dyn facebook account]
> 
>
> [image:
> Image removed by sender. Dyn LinkedIn account]
> 
>
> Dickie LaFlamme / Deliverability Specialist
> [image: Image removed by sender.] +1 603-296-1952
>
>
>
> On Wed, Apr 13, 2016 at 8:43 PM, Michael Wise 
> wrote:
>
>
>
> … as always, please let us know the customer’s real domain name (or IP
> address, or whatever) when making these requests.
>
>
>
> Not including that is about on par with the legendary complaints of:
>
>
>
> “ It Doesn’t Work.
>
> “ I Can’t Print.
>
> Etc,
>
>
>
> At some point, we’re going to ask you for it anyway, so best to just
> provide it at the start.
>
>
>
> Aloha,
>
> Michael.
>
> --
>
> *Michael J Wise* | Microsoft | Spam Analysis | "Your Spam Specimen Has
> Been Processed." | Got the Junk Mail Reporting Tool
> 
> ?
>
>
>
> *From:* mailop [mailto:mailop-boun...@mailop.org] *On Behalf Of *Dickie
> LaFlamme
> *Sent:* Wednesday, April 13, 2016 5:28 PM
> *To:* mailop@mailop.org
> *Subject:* [mailop] DMARC record in

Re: [mailop] Any Proofpoint contacts here?

2016-04-14 Thread Michelle Sullivan 

Jim Cheetham wrote:

I'm suffering from a strange recurrent blocking ...

https://support.proofpoint.com/rbl-lookup.cgi?ip=139.80.64.247


/me waves hand... however also takes note of the other reply, and this:


Your IP address is not currently being blocked: 139.80.64.247

Regards,

--
Michelle Sullivan
http://www.mhix.org/


___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] TLS verify=FAIL

2016-04-14 Thread Steve Freegard 


On 14/04/16 00:58, Al Iverson via mailop.org wrote:

Boo @ designing something so that "FAIL is really nothing is to be
concerned with."

It's the kind of thing deliverability people will now be spending the
rest of their lives explaining to clients that this big ole FAIL is to
be ignored.



Agreed - which is why it's been changed now.

Cheers,
Steve.

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop