Re: [mailop] Microsoft Outlook "Modern Authentication"?

[Jesse Thompson via mailop]

On 6/17/20 11:15 PM, Dave Warren via mailop wrote:
> A bit late, sorry.
> 
> On Tue, Jun 2, 2020, at 04:55, Ken O'Driscoll via mailop wrote:
>> On Thu, 2020-05-28 at 13:35 -0600, Daniele Nicolodi via mailop wrote:
>>> Does anyone know if there is any alternative to Outlook to access
>>>
>>> Exchange Online mailboxes that require modern authentication?
>>
>> Take a look at Davmail, it's basically a proxy that sits in-between your 
>> existing "legacy" MUA and O365. It handles all of the MFA and talks EWA then 
>> presents standards based IMAP, SMTP, CalDAV and CardDAV protocol interfaces 
>> for your MTA to use.
>>
>> I don't know if it will work for your specific environment but it works for 
>> most people that what to continue to use Thunderbird etc. with Exchange.

Davmail seems to work okay for single user systems, but hosting it as a proxy 
for multiple users seems dicey.  I got it running in a container and started 
down the process of fishing out the OAuth URI from the logs so that I could 
somehow render it back to the user to complete the authorization process...  At 
that point I started to get skeptical that it would scale and have adequate 
session isolation.


> Thunderbird beta (78.0b2) supports M365’s OAuth2 support natively, no 
> external shim required.
> 
> The setup is a little weird, you need to set up the account, go to the 
> advanced settings (so that it creates the account despite not working), 
> switch the authentication to OAuth2 for both IMAP and SMTP, it just works. 

Yes, the TB devs did a great job!  I assume that Microsoft offered some 
assistance behind the scenes, so kudos to them too.  I'm using it now.  I think 
they're making some improvements to the setup UX based on the comments I've 
seen in Bugzilla.  Once it comes out of beta, I can combine it with the TBSync 
extension (which syncs the non-email things from M365) it will be my sole MUA 
again.

Jesse

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] t-online.de refuses to remove an ip from their blacklist

[Steven Champeon via mailop]

on Thu, Jun 18, 2020 at 09:57:58AM -0700, Michael Peddemors via mailop wrote:
> WHO do I contact when I have problems related to a domain..

I've been creating patterns based on PTR records and associating
classifications with them as an anti-spam and anti-abuse mechanism for
almost eighteen years, and now have around 96.7% of IPv4 (and some IPv6
but those are mostly multi-homed mail servers with the same name as the
IPv4) classified. This means that I've done easily three hundred
thousand WHOIS lookups, probably far more, over the years. The GDPR is
my nemesis. One of the data points I collect is the entity responsible
for a given domain. 

I also think it makes sense that if you have $domain you ought to be
able to visit $domain in a browser, but my expectations are pretty much
constantly disappointed. 

What makes matters worse is that many TLDs don't have a functional WHOIS
service, and many others have such useless information that it is often
impossible to find out the name of the entity that owns the domain.
Brazil usually has an "owner" but not a corporate description; Argentina
usually just has a registration number as the owner; many other Latin
American countries' domains just have a network engineer as the sole
contact information in WHOIS.

Much of Eastern Europe is similar, and for some reason Poland often has
records where the name of the org is followed by the name of some other
network engineer (eg, Foo Bar Baz s.p. z o.o Stanislaw Wojciehowicz).
That's if there is any information at all other than a confirmation that
the domain has been registered.

Germany is a nightmare because of the GDPR; probably the only useful
and reliable WHOIS service is Canada's, where they often also tell you
what sort of organization owns the domain, which I find very helpful. 

What's most annoying about the whole situation is that I can often find
out what I need to know about an IP by doing an rwhois lookup, so the
GDPR masking domain WHOIS is essentially useless as a form of information
privacy. Total policy fail. 

Oh, also, there is apparently an ISP or telco for every fourteen people
in Brazil, which just compounds the frustration. So many lookups. 

-- 
hesketh.com/inc. v: +1(919)834-2552 f: +1(919)834-2553 w: http://hesketh.com/
Internet security and antispam hostname intelligence: http://enemieslist.com/

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] t-online.de refuses to remove an ip from their blacklist

[Mark Milhollan via mailop]

On Thu, 18 Jun 2020, Benoît Panizzon wrote:


AFAIK only one PTR per RR is allowed,


Incorrect.  Whether others will process them in a way you want might be 
the larger concern.



/mark

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] t-online.de refuses to remove an ip from their blacklist

[Jaroslaw Rafa via mailop]

Dnia 18.06.2020 o godz. 09:57:58 Michael Peddemors via mailop pisze:
> 
> WHO do I contact when I have problems related to a domain..

"postmaster@domain" is required by the RFC.
-- 
Regards,
   Jaroslaw Rafa
   r...@rafa.eu.org
--
"In a million years, when kids go to school, they're gonna know: once there
was a Hushpuppy, and she lived with her daddy in the Bathtub."

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] t-online.de refuses to remove an ip from their blacklist

[Michael Peddemors via mailop]

On 2020-06-18 9:43 a.m., Jaroslaw Rafa via mailop wrote:

Dnia 18.06.2020 o godz. 08:55:35 Michael Peddemors via mailop pisze:



- the web pages of the domain must have an correct imprint


This is one that people forget about, and I agree with.. And I wish
I could find the old MAAWG recommendations on this to quote, but if
you have a PTR record of server.domain.com, there BETTER be a URL
for domain.com that answers, and has contact information of the
operator.


That's a strange requirement.

Email is email, and web is web. Two completely different services. There may
be a completely legit domain that only sends and receives mail and has no
web pages at all. There's no logical reason to require that you need to have
a website to be able to send and receive mail.

Especially in large organizations I have seen quite often that while their
main website is at eg. company.com, they send and receive mail exclusively
from eg. x...@company-mail.com, and that other domain does not have any web
presence. That's a perfectly correct setup and denying mail acceptance based
on existence (or not) of a website - that is, a completely different service
- is illogical.



It's about transparency, and it takes two seconds to redirect 
'company-mail.com' to the 'company.com' website.


WHO do I contact when I have problems related to a domain..


--
"Catch the Magic of Linux..."

Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
A Wizard IT Company - For More Info http://www.wizard.ca
"LinuxMagic" a Registered TradeMark of Wizard Tower TechnoServices Ltd.

604-682-0300 Beautiful British Columbia, Canada

This email and any electronic data contained are confidential and intended
solely for the use of the individual or entity to which they are addressed.
Please note that any views or opinions presented in this email are solely
those of the author and are not intended to represent those of the company.

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Sendgrid and phishing

[Jay Hennigan via mailop]

On 6/18/20 07:52, Michael Peddemors via mailop wrote:


From: "Netflix" 

How is that not already a check on egress after a couple of months.. Do 
you REALLY think you are going to have a customer who named themselves 
that using your service?


Inquiring minds want to know...


Follow the money.

Sendgrid is in the business of sending email. They are getting paid to 
do this. Despite their appearance here and on other lists, and despite 
their repeated claims that they're trying to put a stop to it, reality 
says otherwise.


Ask yourselves, has any other ESP exhibited this behavior, and if so has 
it ever gone on for this long?




--
Jay Hennigan - j...@west.net
Network Engineering - CCIE #7880
503 897-8550 - WB6RDV

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] t-online.de refuses to remove an ip from their blacklist

[Al Iverson via mailop]

There's been some confusion around this requirement from T-Online for
a while now, and it seems to be unevenly enforced. And perhaps not
even clearly defined.

Couldn't hurt if you want to reach out to t...@rx.t-online.de and ask
for clarification. Like I did about their filtering over all. I don't
want to be the only one who nibbles them to death with questions. They
did respond to me and answer my questions, though it took a bit of
back and forth for them to understand that I was asking about policy
and not specifically asking for help with any particular IP address.

Cheers,
Al

On Thu, Jun 18, 2020 at 11:03 AM Michael Peddemors via mailop
 wrote:
>
> On 2020-06-18 3:57 a.m., Andreas Bueggeln - NOC - Profihost AG via
> mailop wrote:
> > - the ptr to the server ip hast to resolve to the customer domain and
> > vice versa
>
> But they need to do a more sophisticated PTR <<>> A record matching, to
> handle multiple PTR records..
>
> > - the mails are not allowed from a cloud vm host
>
> Tough policy, but given the state of some of them out there,
> understandable when frustration reaches a certain point..
>
> Reputation services help here, so that at least the poor legitimate guy
> in the middle of a bunch of bad actors has some chance, eg they already
> paid a year in advance for their hosting plan ;)
>
> And there ARE some good cloud providers out there.. maybe some people
> might argue few and far between..
>
> But it does hit the bad cloud providers in the pocket, which might help
> to clean up bad practices which allow bad actors to flourish..
>
> > - the web pages of the domain must have an correct imprint
>
> This is one that people forget about, and I agree with.. And I wish I
> could find the old MAAWG recommendations on this to quote, but if you
> have a PTR record of server.domain.com, there BETTER be a URL for
> domain.com that answers, and has contact information of the operator.
>
> And end user doesn't know about 'rwhois' to check ownership and/or
> validity, or to report a complaint regarding and problems related to
> domain.com, they simply visit the site, looking for contact information.
>
> I don't blame anyone says that if you want to send them email, you need
> to provide transparency.
>
>
>
> --
> "Catch the Magic of Linux..."
> 
> Michael Peddemors, President/CEO LinuxMagic Inc.
> Visit us at http://www.linuxmagic.com @linuxmagic
> A Wizard IT Company - For More Info http://www.wizard.ca
> "LinuxMagic" a Registered TradeMark of Wizard Tower TechnoServices Ltd.
> 
> 604-682-0300 Beautiful British Columbia, Canada
>
> This email and any electronic data contained are confidential and intended
> solely for the use of the individual or entity to which they are addressed.
> Please note that any views or opinions presented in this email are solely
> those of the author and are not intended to represent those of the company.
>
> ___
> mailop mailing list
> mailop@mailop.org
> https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop



-- 
Al Iverson // Wombatmail // Chicago
Song a day! https://www.wombatmail.com
Deliverability! https://spamresource.com
And DNS Tools too! https://xnnd.com

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] t-online.de refuses to remove an ip from their blacklist

[Jaroslaw Rafa via mailop]

Dnia 18.06.2020 o godz. 08:55:35 Michael Peddemors via mailop pisze:
> 
> >- the web pages of the domain must have an correct imprint
> 
> This is one that people forget about, and I agree with.. And I wish
> I could find the old MAAWG recommendations on this to quote, but if
> you have a PTR record of server.domain.com, there BETTER be a URL
> for domain.com that answers, and has contact information of the
> operator.

That's a strange requirement.

Email is email, and web is web. Two completely different services. There may
be a completely legit domain that only sends and receives mail and has no
web pages at all. There's no logical reason to require that you need to have
a website to be able to send and receive mail.

Especially in large organizations I have seen quite often that while their
main website is at eg. company.com, they send and receive mail exclusively
from eg. x...@company-mail.com, and that other domain does not have any web
presence. That's a perfectly correct setup and denying mail acceptance based
on existence (or not) of a website - that is, a completely different service
- is illogical.
-- 
Regards,
   Jaroslaw Rafa
   r...@rafa.eu.org
--
"In a million years, when kids go to school, they're gonna know: once there
was a Hushpuppy, and she lived with her daddy in the Bathtub."

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] t-online.de refuses to remove an ip from their blacklist

[Michael Peddemors via mailop]

On 2020-06-18 3:57 a.m., Andreas Bueggeln - NOC - Profihost AG via 
mailop wrote:

- the ptr to the server ip hast to resolve to the customer domain and
vice versa


But they need to do a more sophisticated PTR <<>> A record matching, to 
handle multiple PTR records..



- the mails are not allowed from a cloud vm host


Tough policy, but given the state of some of them out there, 
understandable when frustration reaches a certain point..


Reputation services help here, so that at least the poor legitimate guy 
in the middle of a bunch of bad actors has some chance, eg they already 
paid a year in advance for their hosting plan ;)


And there ARE some good cloud providers out there.. maybe some people 
might argue few and far between..


But it does hit the bad cloud providers in the pocket, which might help 
to clean up bad practices which allow bad actors to flourish..



- the web pages of the domain must have an correct imprint


This is one that people forget about, and I agree with.. And I wish I 
could find the old MAAWG recommendations on this to quote, but if you 
have a PTR record of server.domain.com, there BETTER be a URL for 
domain.com that answers, and has contact information of the operator.


And end user doesn't know about 'rwhois' to check ownership and/or 
validity, or to report a complaint regarding and problems related to 
domain.com, they simply visit the site, looking for contact information.


I don't blame anyone says that if you want to send them email, you need 
to provide transparency.




--
"Catch the Magic of Linux..."

Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
A Wizard IT Company - For More Info http://www.wizard.ca
"LinuxMagic" a Registered TradeMark of Wizard Tower TechnoServices Ltd.

604-682-0300 Beautiful British Columbia, Canada

This email and any electronic data contained are confidential and intended
solely for the use of the individual or entity to which they are addressed.
Please note that any views or opinions presented in this email are solely
those of the author and are not intended to represent those of the company.

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] t-online.de refuses to remove an ip from their blacklist

[Michael Peddemors via mailop]

On 2020-06-18 4:37 a.m., Benoît Panizzon via mailop wrote:

Allow your customers to set an additional PTR.


AFAIK only one PTR per RR is allowed, even if most DNS allow to set
multiple ones.



And when you say 'only one PTR per RR' is "allowed", could you explain 
that further? "allowed" by whom, or what policy.


Multiple PTR's do have a legitimate reason sometimes, albeit nothing 
worse than the operator who has 40-50 PTR records, this is not 
efficient, for DNS queries..


DNS Round Robin is still a common thing, where systems may share a name 
in the PTR's but also have a unique name..


Other reasons for multiple PTR's still do exist, eg transitioning from 
one naming convention to another, so systems should be designed to 
'walk' the PTR records, and 'A' records, when doing 'match' validation.



--
"Catch the Magic of Linux..."

Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
A Wizard IT Company - For More Info http://www.wizard.ca
"LinuxMagic" a Registered TradeMark of Wizard Tower TechnoServices Ltd.

604-682-0300 Beautiful British Columbia, Canada

This email and any electronic data contained are confidential and intended
solely for the use of the individual or entity to which they are addressed.
Please note that any views or opinions presented in this email are solely
those of the author and are not intended to represent those of the company.

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Sendgrid and phishing

[Michael Peddemors via mailop]

On 2020-06-17 11:31 p.m., Benoît Panizzon via mailop wrote:

Hi


Anybody else seeing increase phishing through sendgrid?  They look
fairly convincing.



I suspect the IP Ranges of Sendgrid are bound for a global blacklisting
if they keep ignoring abusive behaviour of their customers.



We have an automated system that catches these now of course, but yeah.. 
The "Netflix" one is getting pretty old..


Len, maybe you can help us understand the inner workings over there.. No 
one likes to play 'whack-a-mole', but how is it that the friendly name 
in the From as, eg..


From: "Netflix" 

How is that not already a check on egress after a couple of months.. Do 
you REALLY think you are going to have a customer who named themselves 
that using your service?


Inquiring minds want to know...


(Quick spot check on the spam folder umm.. yep.. 8 new phishing 
emails detected from SendGrid)


Return-Path: 

Received: from wrqvbwxx.outbound-mail.sendgrid.net (HELO 
wrqvbwxx.outbound-mail.sendgrid.net) (149.72.185.170)


Subject: Maintaintance Requested
From: BARE_TARGET_DOMAIN 

Obvious Phishing, this time email phishing..

Judging by how many hits that triggered in the automated reports, it ran 
for a while..


Actually, seems like they even changed up midstream, when they didn't 
get blocked, and used a different email template from the same account.


Timestamps show they had been running at LEAST 8 hours, with at least 
THREE different phishing campaigns




--
"Catch the Magic of Linux..."

Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
A Wizard IT Company - For More Info http://www.wizard.ca
"LinuxMagic" a Registered TradeMark of Wizard Tower TechnoServices Ltd.

604-682-0300 Beautiful British Columbia, Canada

This email and any electronic data contained are confidential and intended
solely for the use of the individual or entity to which they are addressed.
Please note that any views or opinions presented in this email are solely
those of the author and are not intended to represent those of the company.

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] [EXTERNAL] Re: Attention Michael Wise - need your assistance

[Kevin A. McGrail via mailop]

On 6/18/2020 7:11 AM, Stefano Bagnara via mailop wrote:
> On Thu, 18 Jun 2020 at 13:00, Abuse via mailop  wrote:
>> It is clear, but what must we do when the front door is closed too?
>> I used the Support Funnel but didn't get any responses, not even the first 
>> response from the robot giving me the SRX#.
> We use an outlook.com/hotmail.com email address to open requests to
> microsoft services as they often had issues delivering email to our
> own business domain.
> So if you didn't try yet, you may want to try this way.
>
> Of course this won't fix the issue with their funnel ignoring you
> after 2-4 templated replies, but maybe will fix your current issue.

+1, Great point, Stefano. I too have used this before and it helped a
lot to make sure comms were open to discuss the issue.

Regards,

KAM

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] t-online.de refuses to remove an ip from their blacklist

[Andrew C Aitchison via mailop]

On Thu, 18 Jun 2020, Andreas Bueggeln - NOC - Profihost AG via mailop wrote:


Hello,

we host hundreds of dedicated servers on VMs and our customers send
thousands of mail to t-online.de mailboxes every day.

a new customer uses an ip, which has been offline for months or even
years wanted to send mails to t-online.de boxes.

the usual blacklisting happened, but now the helpdesk at t-online.de
refuses because of a new policy:

- the ptr to the server ip hast to resolve to the customer domain and
vice versa
- the mails are not allowed from a cloud vm host
- the web pages of the domain must have an correct imprint

the imprint on the domain is mandatory in germany and not the problem,
but our system use a generic server domain for the ptr and the smtp
connect. this cannot be changed and many VMs host several domains.

does anybody know how to solve this?


Would it be useful to give each (virtual ?) sending box a /64
and each domain have a separate IPv6 address within that space ?

Caveat: I believe that some big recipients are stricter
with mail from IPv6 addreses than IPv4 servers,
so if you do this you would need to do it right.

--
Andrew C. Aitchison Kendal, UK
and...@aitchison.me.uk

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] t-online.de refuses to remove an ip from their blacklist

[Raymond Dijkxhoorn via mailop]

Hai!


Allow your customers to set an additional PTR.



AFAIK only one PTR per RR is allowed, even if most DNS allow to set
multiple ones.


Besides that you dont want to create ddos vectors dont you?

I request thousands of pointers back...

Amplification plus plus.

Bye, Raymond.

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] t-online.de refuses to remove an ip from their blacklist

[Benoît Panizzon via mailop]

> Allow your customers to set an additional PTR.

AFAIK only one PTR per RR is allowed, even if most DNS allow to set
multiple ones.

-- 
Mit freundlichen Grüssen

-Benoît Panizzon- @ HomeOffice und normal erreichbar
-- 
I m p r o W a r e   A G-Leiter Commerce Kunden
__

Zurlindenstrasse 29 Tel  +41 61 826 93 00
CH-4133 PrattelnFax  +41 61 826 93 01
Schweiz Web  http://www.imp.ch
__

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] t-online.de refuses to remove an ip from their blacklist

[Tobias Herkula via mailop]

Allow your customers to set an additional PTR.

Kind regards,

/ Tobias Herkula
Manager Detection Anti Spam
Cyren (Berlin)



From: mailop  on behalf of Andreas Bueggeln - NOC - 
Profihost AG via mailop 
Sent: Thursday, June 18, 2020 12:57
To: mailop@mailop.org
Subject: [mailop] t-online.de refuses to remove an ip from their blacklist

Hello,

we host hundreds of dedicated servers on VMs and our customers send
thousands of mail to t-online.de mailboxes every day.

a new customer uses an ip, which has been offline for months or even
years wanted to send mails to t-online.de boxes.

the usual blacklisting happened, but now the helpdesk at t-online.de
refuses because of a new policy:

- the ptr to the server ip hast to resolve to the customer domain and
vice versa
- the mails are not allowed from a cloud vm host
- the web pages of the domain must have an correct imprint

the imprint on the domain is mandatory in germany and not the problem,
but our system use a generic server domain for the ptr and the smtp
connect. this cannot be changed and many VMs host several domains.

does anybody know how to solve this?

--
Mit freundlichen Grüßen
  Andreas Büggeln
Ihr Profihost Team

---
Profihost AG
Expo Plaza 1
30539 Hannover
Deutschland

Tel.: +49 (511) 5151 8181 | Fax.: +49 (511) 5151 8282
URL: http://www.profihost.com | E-Mail: i...@profihost.com

Sitz der Gesellschaft: Hannover, USt-IdNr. DE813460827
Registergericht: Amtsgericht Hannover, Register-Nr.: HRB 202350
Vorstand: Cristoph Bluhm, Sebastian Bluhm, Stefan Priebe
Aufsichtsrat: Prof. Dr. iur. Winfried Huck (Vorsitzender)

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] [EXTERNAL] Re: Attention Michael Wise - need your assistance

[Stefano Bagnara via mailop]

On Thu, 18 Jun 2020 at 13:00, Abuse via mailop  wrote:
> It is clear, but what must we do when the front door is closed too?
> I used the Support Funnel but didn't get any responses, not even the first 
> response from the robot giving me the SRX#.

We use an outlook.com/hotmail.com email address to open requests to
microsoft services as they often had issues delivering email to our
own business domain.
So if you didn't try yet, you may want to try this way.

Of course this won't fix the issue with their funnel ignoring you
after 2-4 templated replies, but maybe will fix your current issue.

Stefano

> It is not a spam classification issue, I have checked the postfix logs and 
> found no email coming from @css.one.microsoft.com.
> Same problem to add an IP to the SNDS program : the status remains "pending 
> initial verification" (since Friday) because Microsoft doesn't send the 
> validation email.
> Important detail: all these problems occur with IPs beginning with 212.83, 
> which suddenly all got blocked overnight.
>
> Thanks.
> Franck Schwartz
> OXEMIS
>
> De : mailop [mailto:mailop-boun...@mailop.org] De la part de Michael Wise via 
> mailop
> Envoyé : vendredi 5 juin 2020 23:45
> À : mailop@mailop.org
> Objet : Re: [mailop] [EXTERNAL] Re: Attention Michael Wise - need your 
> assistance
>
>
> For OLC, aka "Hotmail" issues...
>
> You know the answer to that, Al: No.
>
> Now if something is broken with the process, like no follow-up with the 
> automatic mitigation, or if it's an issue with Office365, I can see what I 
> can do, but for, "Why can't my IP be unblocked for sending to Hotmail" ... NO.
>
>
>
> I get spanked for it.
>
> So no, for those sorts of issues, no, I am not an escalation point.
>
> There is *NO* escalation point outside of the Support Funnel, which if one 
> has an SRX# already, one is already in.
>
> I can't handle escalations for a service that has half a billion customers, 
> sorry.
>
>
>
> Not happening.
>
> Doesn't scale.
>
> There is no secret back door person who can unblock stuff.
>
> And if one attempts to appeal to Senior Leadership … we may just get a 
> request to block the petitioner at the edge.
>
> There is no, “Appealing Unto Caesar”.
>
>
>
> Aloha,
>
> Michael.
>
> --
>
> Michael J Wise
> Microsoft Corporation| Spam Analysis
>
> "Your Spam Specimen Has Been Processed."
>
> Open a ticket for Hotmail ?
>
>
>
> -Original Message-
> From: mailop  On Behalf Of Al Iverson via mailop
> Sent: Friday, June 5, 2020 2:20 PM
> To: mailop 
> Subject: [EXTERNAL] Re: [mailop] Attention Michael Wise - need your assistance
>
>
>
> Hey Michael,
>
>
>
> Are you an escalation point for Microsoft issues?
>
>
>
> Is Mailop?
>
>
>
> On Fri, Jun 5, 2020 at 3:58 PM Rauf Guliyev via mailop  
> wrote:
>
> >
>
> > Hey Michael,
>
> >
>
> > I haven't gotten any response from you either (did my emails end up in the 
> > Spam folder? ;-) and there is nothing with the cases I have submitted 
> > either (SR1500907063 and SR1501411372). I'd appreciate a response.
>
> >
>
> > Thanks,
>
> > Rauf
>
> >
>
> > On Fri, Jun 5, 2020 at 1:42 PM Marc Goldman via mailop  
> > wrote:
>
> >>
>
> >> Hi Michael,
>
> >>
>
> >> I sent you an email the other day (that may have been overlooked)
>
> >>
>
> >> Have a case (SRX1502275554ID) that I asked you to check on for me that was 
> >> denied mitigation even though we just took over this 1 IP a week ago.
>
> >>
>
> >> You can contact me off list for anything you need.
>
> >>
>
> >> Thanks!
>
> >>
>
> >> Marc Goldman
>
> >>
>
> >> ___
>
> >> mailop mailing list
>
> >> mailop@mailop.org
>
> >> https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fchi
>
> >> lli.nosignal.org%2Fcgi-bin%2Fmailman%2Flistinfo%2Fmailopdata=02%
>
> >> 7C01%7Cmichael.wise%40microsoft.com%7C6e1b6be42d0e4b6d3cd708d80996a9b
>
> >> 4%7C72f988bf86f141af91ab2d7cd011db47%7C0%7C0%7C637269889983169342
>
> >> ;sdata=U2g2RpeOsMYj2HYPbeiBPe6BNt%2BzQIyafUSHNYLaQHo%3Dreserved=
>
> >> 0
>
> >
>
> > ___
>
> > mailop mailing list
>
> > mailop@mailop.org
>
> > https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fchil
>
> > li.nosignal.org%2Fcgi-bin%2Fmailman%2Flistinfo%2Fmailopdata=02%7C
>
> > 01%7Cmichael.wise%40microsoft.com%7C6e1b6be42d0e4b6d3cd708d80996a9b4%7
>
> > C72f988bf86f141af91ab2d7cd011db47%7C0%7C0%7C637269889983169342sda
>
> > ta=U2g2RpeOsMYj2HYPbeiBPe6BNt%2BzQIyafUSHNYLaQHo%3Dreserved=0
>
>
>
>
>
>
>
> --
>
> Al Iverson // Wombatmail // Chicago
>
> Song a day! 
> https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.wombatmail.com%2Fdata=02%7C01%7Cmichael.wise%40microsoft.com%7C6e1b6be42d0e4b6d3cd708d80996a9b4%7C72f988bf86f141af91ab2d7cd011db47%7C0%7C0%7C637269889983169342sdata=2G0X5pEAhqgQwHFRlFIwbK0utpnIE89Lt2AV4I0%2Bdzs%3Dreserved=0
>
> Deliverability! 
> 

Re: [mailop] SPF strict / DMARC interaction / "big" provider behavior...

[Alessandro Vesely via mailop]

On Wed 17/Jun/2020 21:15:57 +0200 vom513 via mailop wrote:


I run my own personal mail server, Linux, usual open source bits…  One of my
many layers/checks for inbound is SPF.  Insofar as I reject at the “front
door” (SMTP connection) if SPF fails (example is a domain using “-all”).  I
would imagine this is pretty vanilla so far compared to other folks.


I do more or less the same, publish spf-all and honor it at the front door, and 
have no hitches.  Possibly, what I do is to follow SPF spec, including checking 
DNSWL, both in the policy published and in the front door.



Best
Ale
--



























___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

[mailop] t-online.de refuses to remove an ip from their blacklist

[Andreas Bueggeln - NOC - Profihost AG via mailop]

Hello,

we host hundreds of dedicated servers on VMs and our customers send
thousands of mail to t-online.de mailboxes every day.

a new customer uses an ip, which has been offline for months or even
years wanted to send mails to t-online.de boxes.

the usual blacklisting happened, but now the helpdesk at t-online.de
refuses because of a new policy:

- the ptr to the server ip hast to resolve to the customer domain and
vice versa
- the mails are not allowed from a cloud vm host
- the web pages of the domain must have an correct imprint

the imprint on the domain is mandatory in germany and not the problem,
but our system use a generic server domain for the ptr and the smtp
connect. this cannot be changed and many VMs host several domains.

does anybody know how to solve this?

-- 
Mit freundlichen Grüßen
  Andreas Büggeln
Ihr Profihost Team

---
Profihost AG
Expo Plaza 1
30539 Hannover
Deutschland

Tel.: +49 (511) 5151 8181 | Fax.: +49 (511) 5151 8282
URL: http://www.profihost.com | E-Mail: i...@profihost.com

Sitz der Gesellschaft: Hannover, USt-IdNr. DE813460827
Registergericht: Amtsgericht Hannover, Register-Nr.: HRB 202350
Vorstand: Cristoph Bluhm, Sebastian Bluhm, Stefan Priebe
Aufsichtsrat: Prof. Dr. iur. Winfried Huck (Vorsitzender)

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] [EXTERNAL] Re: Attention Michael Wise - need your assistance

[Abuse via mailop]

Hi Michael,

It is clear, but what must we do when the front door is closed too?
I used the Support Funnel but didn't get any responses, not even the first 
response from the robot giving me the SRX#.
It is not a spam classification issue, I have checked the postfix logs and 
found no email coming from @css.one.microsoft.com.
Same problem to add an IP to the SNDS program : the status remains "pending 
initial verification" (since Friday) because Microsoft doesn't send the 
validation email.
Important detail: all these problems occur with IPs beginning with 212.83, 
which suddenly all got blocked overnight.

Thanks.
Franck Schwartz
OXEMIS

De : mailop [mailto:mailop-boun...@mailop.org] De la part de Michael Wise via 
mailop
Envoyé : vendredi 5 juin 2020 23:45
À : mailop@mailop.org
Objet : Re: [mailop] [EXTERNAL] Re: Attention Michael Wise - need your 
assistance




For OLC, aka "Hotmail" issues...

You know the answer to that, Al: No.

Now if something is broken with the process, like no follow-up with the 
automatic mitigation, or if it's an issue with Office365, I can see what I can 
do, but for, "Why can't my IP be unblocked for sending to Hotmail" ... NO.



I get spanked for it.

So no, for those sorts of issues, no, I am not an escalation point.

There is *NO* escalation point outside of the Support Funnel, which if one has 
an SRX# already, one is already in.

I can't handle escalations for a service that has half a billion customers, 
sorry.



Not happening.

Doesn't scale.

There is no secret back door person who can unblock stuff.

And if one attempts to appeal to Senior Leadership … we may just get a request 
to block the petitioner at the edge.

There is no, “Appealing Unto Caesar”.

Aloha,
Michael.
--
Michael J Wise
Microsoft Corporation| Spam Analysis
"Your Spam Specimen Has Been Processed."
Open a ticket for Hotmail ?



-Original Message-
From: mailop  On Behalf Of Al Iverson via mailop
Sent: Friday, June 5, 2020 2:20 PM
To: mailop 
Subject: [EXTERNAL] Re: [mailop] Attention Michael Wise - need your assistance



Hey Michael,



Are you an escalation point for Microsoft issues?



Is Mailop?



On Fri, Jun 5, 2020 at 3:58 PM Rauf Guliyev via mailop 
mailto:mailop@mailop.org>> wrote:

>

> Hey Michael,

>

> I haven't gotten any response from you either (did my emails end up in the 
> Spam folder? ;-) and there is nothing with the cases I have submitted either 
> (SR1500907063 and SR1501411372). I'd appreciate a response.

>

> Thanks,

> Rauf

>

> On Fri, Jun 5, 2020 at 1:42 PM Marc Goldman via mailop 
> mailto:mailop@mailop.org>> wrote:

>>

>> Hi Michael,

>>

>> I sent you an email the other day (that may have been overlooked)

>>

>> Have a case (SRX1502275554ID) that I asked you to check on for me that was 
>> denied mitigation even though we just took over this 1 IP a week ago.

>>

>> You can contact me off list for anything you need.

>>

>> Thanks!

>>

>> Marc Goldman

>>

>> ___

>> mailop mailing list

>> mailop@mailop.org

>> https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fchi

>> lli.nosignal.org%2Fcgi-bin%2Fmailman%2Flistinfo%2Fmailopdata=02%

>> 7C01%7Cmichael.wise%40microsoft.com%7C6e1b6be42d0e4b6d3cd708d80996a9b

>> 4%7C72f988bf86f141af91ab2d7cd011db47%7C0%7C0%7C637269889983169342

>> ;sdata=U2g2RpeOsMYj2HYPbeiBPe6BNt%2BzQIyafUSHNYLaQHo%3Dreserved=

>> 0

>

> ___

> mailop mailing list

> mailop@mailop.org

> https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fchil

> li.nosignal.org%2Fcgi-bin%2Fmailman%2Flistinfo%2Fmailopdata=02%7C

> 01%7Cmichael.wise%40microsoft.com%7C6e1b6be42d0e4b6d3cd708d80996a9b4%7

> C72f988bf86f141af91ab2d7cd011db47%7C0%7C0%7C637269889983169342sda

> ta=U2g2RpeOsMYj2HYPbeiBPe6BNt%2BzQIyafUSHNYLaQHo%3Dreserved=0







--

Al Iverson // Wombatmail // Chicago

Song a day! 
https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.wombatmail.com%2Fdata=02%7C01%7Cmichael.wise%40microsoft.com%7C6e1b6be42d0e4b6d3cd708d80996a9b4%7C72f988bf86f141af91ab2d7cd011db47%7C0%7C0%7C637269889983169342sdata=2G0X5pEAhqgQwHFRlFIwbK0utpnIE89Lt2AV4I0%2Bdzs%3Dreserved=0

Deliverability! 
https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fspamresource.com%2Fdata=02%7C01%7Cmichael.wise%40microsoft.com%7C6e1b6be42d0e4b6d3cd708d80996a9b4%7C72f988bf86f141af91ab2d7cd011db47%7C0%7C0%7C637269889983169342sdata=Iu%2Fpy3uZzW%2F2xTBOsvbCjQtM7QI41Hk7cqLXbYJQ%2Bog%3Dreserved=0

And DNS Tools too! 
https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fxnnd.com%2Fdata=02%7C01%7Cmichael.wise%40microsoft.com%7C6e1b6be42d0e4b6d3cd708d80996a9b4%7C72f988bf86f141af91ab2d7cd011db47%7C0%7C0%7C637269889983169342sdata=QamPS5ZXRqFrfzXbwKdYwEhVNZtZ2Y%2FC%2BjzDxG1PNIc%3Dreserved=0



___

Re: [mailop] SPF strict / DMARC interaction / "big" provider behavior...

[Jaroslaw Rafa via mailop]

Dnia 17.06.2020 o godz. 15:31:40 John Levine via mailop pisze:
> 
> For most of us, the only time we take "-all" seriously is if it's the
> only thing in the SPF record, to state that a domain sends no mail at
> all.  Other than that, treat it the same as ~all or ?all because as
> you have found a lot of people publish -all because it's "more secure"
> but have no clue what they're doing.

Couldn't agree more. That's pretty much the only approach to "-all" in SPF
record that makes sense.
-- 
Regards,
   Jaroslaw Rafa
   r...@rafa.eu.org
--
"In a million years, when kids go to school, they're gonna know: once there
was a Hushpuppy, and she lived with her daddy in the Bathtub."

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop