Re: [mailop] protection.outlook.com refusing to accept mail with misleading temp error message

2021-06-02 Thread Laura Atkins via mailop
I know! I saw a bounce message JUST THIS MORNING from a client that blocked 
AS(201806271). How granular is that?

> Diagnostic-Code: smtp;550 5.4.1 All recipient addresses rejected : Access 
> denied. AS(201806271) [BN8NAM12FT022.eop-nam12.prod.protection.outlook.com 
> ]

laura (FYI: the AS in the blocking message stands for Anti-Spam and the number 
is an internal MS diagnostic code. It is not referencing an Autonomous System 
number) 

> On 1 Jun 2021, at 11:54, J. Hellenthal via mailop  wrote:
> 
> Oh man! They got the whole ASN !
> 
> Not just the A but the S and the N too!
> 
> Thorough 🤪
> 
> -- 
> J. Hellenthal
> 
> The fact that there's a highway to Hell but only a stairway to Heaven says a 
> lot about anticipated traffic volume.
> 
>> On Jun 1, 2021, at 05:38, André Peters via mailop  wrote:
>> 
>> Von: "Hans-Martin Mosner via mailop" 
>> An: mailop@mailop.org
>> Gesendet: 01.06.2021 12:04:54
>> Betreff: Re: [mailop] protection.outlook.com refusing to accept mail with 
>> misleading temp error message
>> 
 Am 28.05.21 um 15:22 schrieb Hans-Martin Mosner via mailop:
 Am 28.05.21 um 13:47 schrieb Hans-Martin Mosner via mailop:
> Anyone from Microsoft/Outlook available to look into the matter?
 Seems everything is ok now - either someone looked into the matter 
 (thanks!) or some timeout ran out :-)
>>> 
>>> Same problem again, for no discernible reason. No contact from MS, no 
>>> explanation, no abuse complaint.
>>> 
>>> Given the ongoing flood of spam from bot-created hotmail accounts this is a 
>>> bit odd...
>>> 
>>> Cheers,
>>> Hans-Martin
>> This is a never ending story. :-D
>> 
>> Pretty annoying. One of our ASNs was blocked for a day recently, there was 
>> no difference in mail volume or content, it is a low-traffic ASN for little 
>> communication. The whole ASN. Once in a while these things happen with MS. 
>> It's normal.
>> 
>> Yes, given the amount of outbound spam I don't understand how their filter 
>> or intelligence works at all. I guess nobody knows anymore at this point.
>> 
>> ___
>> mailop mailing list
>> mailop@mailop.org
>> https://list.mailop.org/listinfo/mailop
> ___
> mailop mailing list
> mailop@mailop.org
> https://list.mailop.org/listinfo/mailop

-- 
Having an Email Crisis?  We can help! 800 823-9674 

Laura Atkins
Word to the Wise
la...@wordtothewise.com
(650) 437-0741  

Email Delivery Blog: https://wordtothewise.com/blog 







___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop


Re: [mailop] protection.outlook.com refusing to accept mail with misleading temp error message

2021-06-02 Thread Florian Effenberger via mailop

Hello,

I'm rather new to this list, so I hope it's okay to jump in directly in 
this discussion and share some thoughts. :-)


I just recently faced a very similar problem with one of the new IPs I 
got assigned. Likely, the IP was in use by someone else previously or 
there are spammy neighbours (not surprising when it's a big provider 
with some customer turnaround). I got all deblocking done in the various 
blocklists, the status was clean everywhere, including SNDS, but still, 
Microsoft 365 mailboxes (*.protection.outlook.com) blocked it.


It seems there are various independent blocklists - one set is covering 
consumer Outlook/Live/Hotmail, the other set is covering Microsoft 365. 
SNDS seems to only query the former one, and the Outlook.com web form 
only unblocks on these domains, so neither of that helps for Microsoft 
365 mailboxes.


For Microsoft 365, there seem to be various levels of blocking. 
Sometimes, you can unblock yourself at sender.office.com, but I hit the 
infamous "Write to delist@" message. I managed to create a ticket there, 
they asked for some details, but then radio silence, all follow-up mails 
ignored, for over a month now. Various ways of contacting them went 
without any outcome, and I sense that on their end there is also some 
confusion as to the existing blocklists - I got repeatedly told the IP 
is not listed (which is what sender.office.com told me too), or to use 
the Outlook.com form, that obviously didn't help for my problem at hand.


In the end, via way one of the communication channels I tried, I somehow 
managed to get a supporter who was really engaged and managed to helped 
me out, but I must admit that the whole process was not straightforward 
and took me a month in the end. At least when people provide full 
contact data/imprint and proof that the IP was freshly assigned, some 
feedback would be good to not be left in the dark.


Problematic is also that there is no actual way to test if your new IP 
is blocked before using it, apart from sending to an actual e-mail 
address hosted there.


Hope to help,
Florian
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop


Re: [mailop] protection.outlook.com refusing to accept mail with misleading temp error message

2021-06-02 Thread André Peters via mailop

-- Originalnachricht --
Von: "Laura Atkins via mailop" 
An: "mailop" 
Gesendet: 02.06.2021 10:55:31
Betreff: Re: [mailop] protection.outlook.com refusing to accept mail 
with misleading temp error message


I know! I saw a bounce message JUST THIS MORNING from a client that 
blocked AS(201806271). How granular is that?


Diagnostic-Code: smtp;550 5.4.1 All recipient addresses rejected : 
Access denied. AS(201806271) 
[BN8NAM12FT022.eop-nam12.prod.protection.outlook.com 
]


laura (FYI: the AS in the blocking message stands for Anti-Spam and the 
number is an internal MS diagnostic code. It is not referencing an 
Autonomous System number)


On 1 Jun 2021, at 11:54, J. Hellenthal via mailop  
wrote:


Oh man! They got the whole ASN !

Not just the A but the S and the N too!

Thorough 🤪

--
J. Hellenthal

The fact that there's a highway to Hell but only a stairway to Heaven 
says a lot about anticipated traffic volume.


On Jun 1, 2021, at 05:38, André Peters via mailop  
wrote:


Von: "Hans-Martin Mosner via mailop" 
An: mailop@mailop.org
Gesendet: 01.06.2021 12:04:54
Betreff: Re: [mailop] protection.outlook.com refusing to accept mail 
with misleading temp error message



Am 28.05.21 um 15:22 schrieb Hans-Martin Mosner via mailop:
Am 28.05.21 um 13:47 schrieb Hans-Martin Mosner via mailop:

Anyone from Microsoft/Outlook available to look into the matter?
Seems everything is ok now - either someone looked into the matter 
(thanks!) or some timeout ran out :-)


Same problem again, for no discernible reason. No contact from MS, 
no explanation, no abuse complaint.


Given the ongoing flood of spam from bot-created hotmail accounts 
this is a bit odd...


Cheers,
Hans-Martin

This is a never ending story. :-D

Pretty annoying. One of our ASNs was blocked for a day recently, 
there was no difference in mail volume or content, it is a 
low-traffic ASN for little communication. The whole ASN. Once in a 
while these things happen with MS. It's normal.


Yes, given the amount of outbound spam I don't understand how their 
filter or intelligence works at all. I guess nobody knows anymore at 
this point.


___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop


--
Having an Email Crisis?  We can help! 800 823-9674

Laura Atkins
Word to the Wise
la...@wordtothewise.com
(650) 437-0741

Email Delivery Blog: https://wordtothewise.com/blog








They _DO_ block whole networks (not just subnets within an AS).
It might not be the case in the example above, but it does happen.

Or silently discarding mail... come on, that's just the worst practice 
ever.___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop


Re: [mailop] protection.outlook.com refusing to accept mail with misleading temp error message

2021-06-02 Thread Laura Atkins via mailop


> On 2 Jun 2021, at 10:17, André Peters via mailop  wrote:

[snip]

> They _DO_ block whole networks (not just subnets within an AS).
> It might not be the case in the example above, but it does happen.

I am reasonably familiar with Microsoft’s anti-spam systems and how they work. 
They do block ranges, and subnets, but anyone claiming that AS(whatever) means 
that MS is blocking autonomous system number(whatever) is flat out wrong. That 
is not what that diagnostic code means. 

> Or silently discarding mail... come on, that's just the worst practice ever.

I silently discard mail all the time. No one, absolutely NO ONE, is entitled to 
my time or attention or mailbox space. That goes double when the mail is 
actively harmful. If MJW says that shouldn’t be happening in the freemail 
domains any longer, I believe him. On the O365 side, individual administrators 
have the ability to discard mail on their own systems for their own domains. 
Neither you nor I have any right to tell those administrators they cannot do 
that. Not our systems, not our rules. 

Look, Microsoft has tons of flaws. They have an aggressive blocking system that 
upsets a lot of senders. They have stupid rules and implementations that I 
don’t think do what they think they do or even what they’re intended to do. I 
think the system has accreted and evolved to a point where not even the folks 
inside Microsoft can tell you why a mail was delivered where it was. I mean, 
that’s been true for more than a decade now. It’s not, somehow, that the folks 
answering sender support mail won’t tell you, it’s that they can’t tell you. I 
suspect that even the system developers couldn’t tell you exactly why a mail 
went to bulk or was discarded or was rejected. 

Machine Learning filters (and it’s all ML filters these days) simply don’t work 
that way. 

With that being said, they try to help senders, much more than a lot of other 
mailbox providers. They were the first company to offer data directly to 
Senders (SNDS). They were one of the first groups to offer FBLs. They are the 
ONLY group I am aware of that actually asks their users directly whether or not 
their spam filters are doing things right in that user’s mailbox. Not some 
random ‘do you like our filters’ but a specific pop up window that says to a 
user: "We put this email in your spam folder (or inbox). Did we get this right?"

It is phenomenally hard for a new sender to break into the MS inbox. For client 
reasons I ended up doing a bunch of tests yesterday and the first mail from my 
IP went to bulk. I hit ’this is not spam’ and the second mail from that same IP 
and sender combination went to the inbox. The third email from a different 
sender but the same IP went to spam. That’s basically what I needed to know so 
I stopped testing at that point. Yeah, Microsoft hates low level senders. 
Microsoft hates new IPs. Complaining on mailop isn’t actually going to change 
anything about that. Complaining to the developers over beer in the pub isn’t 
going to change that. Complaining to the product managers isn’t going to change 
that. O365 is widely used and we’re stuck with it. The free domains are less 
widely used than Gmail but they’re still in the top 5 per volume for most 
mailing lists. 

A few additional facts:

SmartScreen is partially based on the above mentioned ‘did we filter this mail 
correctly’ questions. It’s also based on user complaints. It’s based on the 
content of the mail, it is unrelated to IP or even domain reputation. Call it 
stupid all you want but the reality is: Smart Screen is a measure of how much 
recipients want a particular email stream. If they’re saying they don’t want 
it, then Microsoft is going to listen to what their users tell them. Some of 
the measurements are based on explicit user questions, others are based on user 
interactions with mail. 

Filters are not static, they are adjusting all the time. Sometimes ‘just keep 
trying’ is the right thing to do. Sometimes ‘give it a rest for a week (or 2 or 
3) and let your reputation reset’ is the right thing to do. Sometimes it feels 
like there is nothing the sender can do to change delivery. 

MS users and MS policy makers are about the only folks who are going to be able 
to change what MS is doing. It sucks for those of us who are looking at the 
mail in our outbound queues and going ‘yknow, this person paid for this email 
and MS isn’t letting me deliver it” or “this person probably really wants their 
appointment reminder, but MS isn’t letting me deliver it” or “Auntie susie 
really wants to hear from cousin joan, sucks microsoft doesn’t like this” but 
complaining on mailop isn’t going to change any of that. 

If complaining on mailop fixed MS filters, then they would have been fixed a 
decade ago. We’ve been having this same discussion for that long. 
 
laura

-- 
Having an Email Crisis?  We can help! 800 823-9674 

Laura Atkins
Word to the Wise
la...@wordtothewise.com
(650) 437-0741 

[mailop] Feedback Loop in Gmail Postmaster tools does not show anything

2021-06-02 Thread Tim Düsterhus , WoltLab GmbH via mailop

Dear fellow Mail Operators,

we run a SaaS solution hosting web forums for our customers. We send 
transactional email and opt-in notifications about new activities within 
a community which by their nature contain some user-generated content.


During a regular check in Google's Postmaster Tools we noticed that 
Gmail reports a Spam Rate of 27.3% for a single day in May which is 
concerning. Our Postfix logs report nothing out of the usual, apart from 
a single email being rejected as 'UnsolicitedRateLimitError', but being 
delivered 5 seconds later into another of Gmail's MXs the *day before* 
this spike in spam reports.


We also checked the Feedback Loop dashboard, in an attempt to at least 
identify the customer in question, but that dashboard shows nothing and 
it never did when we checked it in the past. It's showing blue dots at 
the very bottom for the days where we reach enough volume for other 
dashboards to show data, including the day in question. But clicking 
that dot shows "Keine gekennzeichneten Bezeichner" ("no marked 
identifiers").


This makes me wonder if we missed anything while setting up the support 
for Gmail's Feedback Loop or if this is usual behavior due to our lowish 
volume (less than 100 emails in Gmails direction on the day in question).


Mail is being sent with a 'MAIL FROM:' 
with the 'From:' containing an email address of the customer's custom 
domain.


We're DKIM signing the emails using a key in the 'bounce.woltlab.cloud' 
domain and add a 'Feedback-ID: customer_id:WCloud' header to all emails, 
in an attempt to uniquely identify the customer in cases of spam reports.


We set up SPF records for the bounce.woltlab.cloud domain and also set 
SPF records for the customer's domain, because the customer sets up the 
domain using a CNAME record.


We set up both the bounce.woltlab.cloud and woltlab.cloud domains at 
postmaster.google.com.


Checking https://support.google.com/mail/answer/6254652?hl=en-GB we 
appear to tick all boxes:


- Our emails contain exactly one Feedback-ID header with a customer 
identifier and a stable SenderID of 'WCloud':


> Feedback-ID: c_1234578:WCloud

The documentation is not clear regarding the use of optional fields, 
though. Would we need


> Feedback-ID: ::c_1234578:WCloud

instead?

- The Feedback-ID header is DKIM signed by the domain registered in the 
dashboard:



DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
 d=bounce.woltlab.cloud; i=@bounce.woltlab.cloud; q=dns/txt; s=wcloud;
 t=1622622079; h=from : reply-to : to : subject : date : message-id :
 list-id : list-unsubscribe : list-unsubscribe-post : mime-version :
 content-type : feedback-id : from : to : subject : date : message-id :
 feedback-id; bh=YOZK9mUAdTkOR1zUM4JWklWhBmsqy1Wau9HMb4sOvXI=;
 b=dtvd3fXJnEUEGrSUu4z8sY2kx5nkw5tiS8zKS/Se6YZUgtAyVcWb4Dg+Ze/AqFeWr5rvD
 q2W9+u9iSonz5yoV1e/X25cwyPhr29063KzZPJTQOtLD5Kcosz/U4Ur3YTA/YWIeXg0Afo3
 GhsqucX/g3qpq2Hs28lR2zzqg3Ek+FntafocHjOeKBQDazs4nG4cMX6j3R9TPTFniG5jEdo
 oMW+ErlNTzvEL0Z0mVjPI4rfTprdkjyLXZPVv9h+tlHCYir5meVQ1RTpImZKWtaXqP8UjVv
 z4TDqqI8FoFS9HPGhNfPGbwfrktsO/7kj5FBSDSQdbrWLPKA4HhUJ3qbzUAA==


- The signing domain has SPF records set up.
- Our outgoing mailserver has a forward confirmed reverse DNS within the 
signing domain.


The only thing we might be lacking is:


For a given day’s traffic, FBL reports are generated only if a given identifier 
is present in a certain volume of mails as well as in distinct user spam 
reports.


As the other dashboards, specifically the Spam Report dashboard, show 
data we would suspect that we reached this minimum volume, but of course 
we can't be sure there.


Does anyone of you have practical experience with Google's feedback loop 
mechanism and might be able to identify if we are doing anything wrong 
or if it's just the low volume?


Best regards
Tim Düsterhus
Postmaster WoltLab GmbH

--

WoltLab GmbH
Nedlitzer Str. 27B
14469 Potsdam

Tel.: +49 331 96784338

duester...@woltlab.com
www.woltlab.com

Managing director:
Marcel Werk

AG Potsdam HRB 26795 P
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop


[mailop] DKIM validation behaviour when multiple _domainkey TXT records are present

2021-06-02 Thread Simon Arlott via mailop
RFC 6376 does not define what happens when there are multiple TXT 
records for _domainkey selectors.


Some implementations allow this but Yahoo doesn't. It's considered a 
permanent failure.


In my case I accidentally added a second _domainkey TXT RR with an empty 
"" value and only noticed this when email was rejected by DMARC because 
the SPF domain was different and DKIM was failing.



I've yet to find a comprehensive DMARC tester that will handle all of 
the nuances like RFC5322.From and RFC5321.MailFrom needing to be aligned 
before SPF can be considered...


--
Simon Arlott
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop


Re: [mailop] Feedback Loop in Gmail Postmaster tools does not show anything

2021-06-02 Thread Bastian Blank via mailop
On Wed, Jun 02, 2021 at 01:22:31PM +0200, Tim Düsterhus, WoltLab GmbH via 
mailop wrote:
> Mail is being sent with a 'MAIL FROM:'
> with the 'From:' containing an email address of the customer's custom
> domain.
> We're DKIM signing the emails using a key in the 'bounce.woltlab.cloud'
> domain and add a 'Feedback-ID: customer_id:WCloud' header to all emails, in
> an attempt to uniquely identify the customer in cases of spam reports.

So you produce third party signatures.  You need to sign also with the
customer's domain if you want to have that in the From header.

Bastian

-- 
... The prejudices people feel about each other disappear when they get
to know each other.
-- Kirk, "Elaan of Troyius", stardate 4372.5
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop


Re: [mailop] Feedback Loop in Gmail Postmaster tools does not show anything

2021-06-02 Thread Tim Düsterhus , WoltLab GmbH via mailop

Hello Bastian,

On 6/2/21 2:17 PM, Bastian Blank via mailop wrote:

On Wed, Jun 02, 2021 at 01:22:31PM +0200, Tim Düsterhus, WoltLab GmbH via 
mailop wrote:

Mail is being sent with a 'MAIL FROM:'
with the 'From:' containing an email address of the customer's custom
domain.
We're DKIM signing the emails using a key in the 'bounce.woltlab.cloud'
domain and add a 'Feedback-ID: customer_id:WCloud' header to all emails, in
an attempt to uniquely identify the customer in cases of spam reports.


So you produce third party signatures.  You need to sign also with the
customer's domain if you want to have that in the From header.


I understand that this is important for DMARC alignment and in fact we 
already support double-signing any outgoing emails for larger customers 
that tend to generate more (email) traffic. However it comes with more 
manual set-up on the customer's end, because we can't simply handle it 
for them using the existing CNAME. This probably results in customers 
not caring enough, because it's not visibly important to them. In any 
case we are already planning to push this more.


However Google's documentation does not appear to clearly indicate that 
this type of alignment is relevant for the Feedback Loop mechanism. It says:



In order to prevent spoofing of the Feedback-ID, the traffic being sent to 
Gmail needs to be DKIM signed by a domain owned (or controlled) by the sender, 
after the addition of this header. This domain should be added and verified to 
the Gmail Postmaster Tools, so that the sender can access the FBL data.


And indeed the signature matches our domain we set up in Postmaster 
Tools. We are seeing practically all information regarding that domain 
(e.g. Spam Rate, IP and Domain Reputation, Encryption / Authentication 
Status). The only thing that's empty is the Feedback Loop.


However it does not appear to be terribly useful if we had to set up all 
the *customer* domains in *our* account in Postmaster Tools to be able 
to access Feedback Loop identifiers that *we* set to protect the 
reputation of *our* mail servers, especially since the MAIL FROM is a 
domain of ours.


Can you clarify whether your reply was a general remark regarding our 
setup or whether you know this is indeed a requirement to consume the 
Feedback-ID with Google Postmaster Tools?


Best regards
Tim Düsterhus
Postmaster WoltLab GmbH

--

WoltLab GmbH
Nedlitzer Str. 27B
14469 Potsdam

Tel.: +49 331 96784338

duester...@woltlab.com
www.woltlab.com

Managing director:
Marcel Werk

AG Potsdam HRB 26795 P
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop


Re: [mailop] protection.outlook.com refusing to accept mail with misleading temp error message

2021-06-02 Thread Michael Rathbun via mailop
On Wed, 2 Jun 2021 10:50:05 +0100, Laura Atkins via mailop 
wrote:

>I think the system has accreted and evolved to a point where not even the 
>folks inside Microsoft can tell you why a mail was delivered where it was. I 
>mean, that’s been true for more than a decade now. It’s not, somehow, that the 
>folks answering sender support mail won’t tell you, it’s that they can’t tell 
>you. I suspect that even the system developers couldn’t tell you exactly why a 
>mail went to bulk or was discarded or was rejected. 

Toward the end of my careen at MS, my analysis of the architecture that the
system was evolving toward (on the O365 side) told me that it should be
possible for a message to completely disappear without the possibility that
any plausible investigation process would reveal why (or even if) a particular
message met a particular fate.

This architecture has been carried over into the "unified" system, with
considerable elaboration.  I often use the term "apparently occasionally
non-deterministic" for the platform.

Having watched the system behaviour from the outside for the past eight years,
I have found no reason to alter this impression.  I doubt strongly that there
is any individual with a full synoptic grasp of the System itself.

>With that being said, they try to help senders, much more than a lot of other 
>mailbox providers. 

Certainly most of the individuals I worked with had a keen understanding of
the issues facing all the parties.  The problem is that those who make budget
decisions or control the deployment of resources in the Corporation will often
have disjoint understandings and a different set of primary objectives.

(Then there was our Search for that individual or group who were actually
required and empowered to read and answer abuse@ and postmaster@...)

>Filters are not static, they are adjusting all the time. Sometimes ‘just keep 
>trying’ is the right thing to do. Sometimes ‘give it a rest for a week (or 2 
>or 3) and let your reputation reset’ is the right thing to do. Sometimes it 
>feels like there is nothing the sender can do to change delivery. 

The advice that MJW gave a while back (If you see significant deferrals, STOP
ALL SENDING for at least an hour.  If the problem persists, stop for 24
hours.) has proved to be worthwhile.  Fortunately, on the platform my clients
are using, implementing that for any recipient system is trivial.

>MS users and MS policy makers are about the only folks who are going to be 
>able to change what MS is doing. It sucks for those of us who are looking at 
>the mail in our outbound queues and going ‘yknow, this person paid for this 
>email and MS isn’t letting me deliver it” or “this person probably really 
>wants their appointment reminder, but MS isn’t letting me deliver it” or 
>“Auntie susie really wants to hear from cousin joan, sucks microsoft doesn’t 
>like this” but complaining on mailop isn’t going to change any of that. 

"Microsoft" and "Systems Microsoft is presently running" are distinct
entities, often with no discernible connection other than the accidental.
When it was possible to do so, I spent a considerable amount of my work day
investigating reported false positives, and fixed a lot of unneeded damage.  

Eventually I was reassigned.

In the end, however, "How to prevent CEOs of large client corporations from
calling Rajesh Jha in the middle of the night because of massive spam
problems" will become "How to prevent Rajesh Jha from calling ME in the middle
of the night due to client spam problems", which will then tend to drift to
the top of one's priorities.  (Rajesh Jha was $BIGNUM pay grades above us all,
at the time.)

I will point out to the assembled multitude that the world of email
experienced by a spam analyst at Microsoft or Y!/AOL or gmail is remarkably
different from the world of email experienced by someone trying to operate an
ethical and effective email sending operation, or to advise those that do.  

Then add, on top of that, designers and developers who personally are
relatively unconnected to actual email operations as a whole...

Your world (and mine, now) could actually be considerably worse.

mdr
-- 
 "There are no laws here, only agreements."  
-- Masahiko

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop


Re: [mailop] [EXTERNAL] Re: protection.outlook.com refusing to accept mail with misleading temp error message

2021-06-02 Thread Michael Rathbun via mailop
On Wed, 2 Jun 2021 04:15:30 +, Michael Wise via mailop 
wrote:

>That would shut down email as a viable communications mechanism almost 
>immediately.

In the past six days of logs on the tiny server I run (friends, family,
personal business) 97.3% of all connection attempts were hostile in some form
(spam, dictionary attacks, malefactions NOI).  88% of all SMTP sessions were
spam delivery attempts.  I do have about a 2% false positive rate, still, even
though the filtering system has been personally crafted over the past 20
years.


mdr

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop


Re: [mailop] DKIM validation behaviour when multiple _domainkey TXT records are present

2021-06-02 Thread John Levine via mailop
It appears that Simon Arlott via mailop  said:
>RFC 6376 does not define what happens when there are multiple TXT 
>records for _domainkey selectors.
>
>Some implementations allow this but Yahoo doesn't. It's considered a 
>permanent failure.

RFCs tell you how to interoperate.  If they had to describe every possible way
that people might screw things up, each one would be infinitely long.  If
you do things outside what the spec says, you can expect random results.

>I've yet to find a comprehensive DMARC tester that will handle all of 
>the nuances like RFC5322.From and RFC5321.MailFrom needing to be aligned 
>before SPF can be considered...

Any of the DMARC libraries should do that.

R's,
John
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop


[mailop] Dear Sendinblue (IBM)... please stop.

2021-06-02 Thread Mary via mailop

Dear Sendinblue (IBM)

I've repeatedly reported your spam to spamcop and other relevant block lists, 
but for some reason you keep spamming my clients and myself, consistently and 
without limit.

Your spam has nice UTF-8 emoticons with some happy French:


🎁🎄🎅 Pour Noël, offrez une plante de pépiniéristes français !
🍋 🌴🌱🌺 Offrez une plante de pépiniéristes français !
🌱🌿 💚🌳 Commandez la box “CBD” d'Hortus Focus - 100 % Légale
🍋 🌴🌱🌺 Offrez une plante de pépiniéristes français !
Boostez et fertilisez vos plantes chéries 🌺🌷🌱🌴


I understand that your spammer client is paying you money for the delivery of 
spam, but we are tired of blocking the same spam over and over.

Maybe you should subscribe our email addresses to a different spam list next 
time? How about something in German?

Thank you Sendinblue (IBM).


___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop


Re: [mailop] [EXTERNAL] Re: protection.outlook.com refusing to accept mail with misleading temp error message

2021-06-02 Thread Michael Wise via mailop


Sending from that IP is ... how one usually tests that it's working.

Aloha,
Michael.
--
Michael J Wise
Microsoft Corporation| Spam Analysis
"Your Spam Specimen Has Been Processed."
Open a ticket for Hotmail ?



-Original Message-
From: mailop  On Behalf Of Florian Effenberger via 
mailop
Sent: Wednesday, June 2, 2021 2:05 AM
To: mailop@mailop.org
Subject: [EXTERNAL] Re: [mailop] protection.outlook.com refusing to accept mail 
with misleading temp error message



Hello,



I'm rather new to this list, so I hope it's okay to jump in directly in

this discussion and share some thoughts. :-)



I just recently faced a very similar problem with one of the new IPs I

got assigned. Likely, the IP was in use by someone else previously or

there are spammy neighbours (not surprising when it's a big provider

with some customer turnaround). I got all deblocking done in the various

blocklists, the status was clean everywhere, including SNDS, but still,

Microsoft 365 mailboxes (*.protection.outlook.com) blocked it.



It seems there are various independent blocklists - one set is covering

consumer Outlook/Live/Hotmail, the other set is covering Microsoft 365.

SNDS seems to only query the former one, and the Outlook.com web form

only unblocks on these domains, so neither of that helps for Microsoft

365 mailboxes.



For Microsoft 365, there seem to be various levels of blocking.

Sometimes, you can unblock yourself at sender.office.com, but I hit the

infamous "Write to delist@" message. I managed to create a ticket there,

they asked for some details, but then radio silence, all follow-up mails

ignored, for over a month now. Various ways of contacting them went

without any outcome, and I sense that on their end there is also some

confusion as to the existing blocklists - I got repeatedly told the IP

is not listed (which is what sender.office.com told me too), or to use

the Outlook.com form, that obviously didn't help for my problem at hand.



In the end, via way one of the communication channels I tried, I somehow

managed to get a supporter who was really engaged and managed to helped

me out, but I must admit that the whole process was not straightforward

and took me a month in the end. At least when people provide full

contact data/imprint and proof that the IP was freshly assigned, some

feedback would be good to not be left in the dark.



Problematic is also that there is no actual way to test if your new IP

is blocked before using it, apart from sending to an actual e-mail

address hosted there.



Hope to help,

Florian

___

mailop mailing list

mailop@mailop.org

https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Flist.mailop.org%2Flistinfo%2Fmailop&data=04%7C01%7Cmichael.wise%40microsoft.com%7Caaa84036aa5246e9315d08d925a6c75f%7C72f988bf86f141af91ab2d7cd011db47%7C0%7C0%7C637582220516827563%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=AR%2Fv6AaDxruCfBaBRJ4zhXtyxxeFEZ4oOP5eAVyaU7E%3D&reserved=0
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop


Re: [mailop] [EXTERNAL] Re: protection.outlook.com refusing to accept mail with misleading temp error message

2021-06-02 Thread Florian Effenberger via mailop

Hi Michael,

Am 2021-06-02 21:09, schrieb Michael Wise via mailop:

Sending from that IP is ... how one usually tests that it's working.


what IMHO would be much better to check newly assigned IPs is, if 
there's a way to query via DNS, or a web form. That way the issue can be 
solved and clarified in advance, and not only when problems occur. Not 
everyone has an account at hand to test it upfront.


Florian
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop


Re: [mailop] Dear Sendinblue (IBM)... please stop.

2021-06-02 Thread Simon Bressier via mailop
Hi Mary

Indeed nice emoticons :'(

I'm really sorry to hear that you are receiving such crap from our
platform, could you please provide me more details offlist regarding such
sending ?

Ideally by providing the Feedback-ID and/or X-Mailin-Client values, so I
can identify the sending account and take actions on it.

Thank you very much in advance,

Simon

On Wed, Jun 2, 2021 at 6:21 PM Mary via mailop  wrote:

>
> Dear Sendinblue (IBM)
>
> I've repeatedly reported your spam to spamcop and other relevant block
> lists, but for some reason you keep spamming my clients and myself,
> consistently and without limit.
>
> Your spam has nice UTF-8 emoticons with some happy French:
>
>
> 🎁🎄🎅 Pour Noël, offrez une plante de pépiniéristes français !
> 🍋 🌴🌱🌺 Offrez une plante de pépiniéristes français !
> 🌱🌿 💚🌳 Commandez la box “CBD” d'Hortus Focus - 100 % Légale
> 🍋 🌴🌱🌺 Offrez une plante de pépiniéristes français !
> Boostez et fertilisez vos plantes chéries 🌺🌷🌱🌴
>
>
> I understand that your spammer client is paying you money for the delivery
> of spam, but we are tired of blocking the same spam over and over.
>
> Maybe you should subscribe our email addresses to a different spam list
> next time? How about something in German?
>
> Thank you Sendinblue (IBM).
>
>
> ___
> mailop mailing list
> mailop@mailop.org
> https://list.mailop.org/listinfo/mailop
>
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop


Re: [mailop] [EXTERNAL] Re: protection.outlook.com refusing to accept mail with misleading temp error message

2021-06-02 Thread Michael Rathbun via mailop
On Wed, 02 Jun 2021 22:35:56 +0200, Florian Effenberger via mailop
 wrote:

>what IMHO would be much better to check newly assigned IPs is, if 
>there's a way to query via DNS, or a web form. That way the issue can be 
>solved and clarified in advance, and not only when problems occur. Not 
>everyone has an account at hand to test it upfront.

That's quite appealing to me.  It would be cool to have a complete project
plan for this, with all the budgetary and schedule data, to submit to TPTB to
get the ball rolling.  The ball is extremely unlikely to roll, but nothing
ventured, nothing gained.

Any year now.

mdr
-- 
  Ad finem pugnabo.

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop


Re: [mailop] [EXTERNAL] Re: protection.outlook.com refusing to accept mail with misleading temp error message

2021-06-02 Thread Jay Hennigan via mailop

On 6/2/21 13:35, Florian Effenberger via mailop wrote:

Hi Michael,

Am 2021-06-02 21:09, schrieb Michael Wise via mailop:

Sending from that IP is ... how one usually tests that it's working.


what IMHO would be much better to check newly assigned IPs is, if 
there's a way to query via DNS, or a web form. That way the issue can be 
solved and clarified in advance, and not only when problems occur. Not 
everyone has an account at hand to test it upfront.


Allowing such queries would be giving quite a bit of information to 
potential bad guys.


If your goal is to test email delivery from a given origin IP address, 
it seems to me that the most logical test would indeed be to send email 
from that IP.


--
Jay Hennigan - j...@west.net
Network Engineering - CCIE #7880
503 897-8550 - WB6RDV
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop


Re: [mailop] [EXTERNAL] Re: protection.outlook.com refusing to accept mail with misleading temp error message

2021-06-02 Thread Michael Wise via mailop


Office365 Trial Accounts are easily created.

But I was primarily suggesting a test against the infra to see if the mail was 
bounced or accepted.

If accepted, it WOULD be delivered either to the INBOX or Junk.

And if bounced, that should also highlight why.



Our internal DNSBLs are not queriable via DNS.

Aloha,
Michael.
--
Michael J Wise
Microsoft Corporation| Spam Analysis
"Your Spam Specimen Has Been Processed."
Open a ticket for Hotmail ?



-Original Message-
From: mailop  On Behalf Of Florian Effenberger via 
mailop
Sent: Wednesday, June 2, 2021 1:36 PM
To: mailop@mailop.org
Subject: Re: [mailop] [EXTERNAL] Re: protection.outlook.com refusing to accept 
mail with misleading temp error message



Hi Michael,



Am 2021-06-02 21:09, schrieb Michael Wise via mailop:

> Sending from that IP is ... how one usually tests that it's working.



what IMHO would be much better to check newly assigned IPs is, if

there's a way to query via DNS, or a web form. That way the issue can be

solved and clarified in advance, and not only when problems occur. Not

everyone has an account at hand to test it upfront.



Florian

___

mailop mailing list

mailop@mailop.org

https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Flist.mailop.org%2Flistinfo%2Fmailop&data=04%7C01%7Cmichael.wise%40microsoft.com%7Cd2b743d92a604b83c58b08d926066b02%7C72f988bf86f141af91ab2d7cd011db47%7C0%7C0%7C637582631281183084%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=0sNDtESk94BWWxZArXhdbpVcO3cQY6sDPmf5JLe%2BfbM%3D&reserved=0
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop


Re: [mailop] protection.outlook.com refusing to accept mail with misleading temp error message

2021-06-02 Thread Carl Byington via mailop
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

On Tue, 2021-06-01 at 21:46 -0400, yuv via mailop wrote:
> but I do like the fact that if someone puts
> a letter with my address in a post office box anywhere in the world,
> it
> makes its way to my snail box within a reliable service standard.

Your mileage may vary. Around here several clients and vendors moved to
Zelle or other electronic payment mechanisms due to persistent problems
with snail mailed checks never arriving. Some parts of the US Post
Office seems to be dropping some of the mail on the floor.


-BEGIN PGP SIGNATURE-

iHMEAREKADMWIQSuFMepaSkjWnTxQ5QvqPuaKVMWwQUCYLgRvxUcY2FybEBmaXZl
LXRlbi1zZy5jb20ACgkQL6j7milTFsGG8QCfWWyb9634kcm9PGPyYNVvr1vuTnMA
niUL8k1NYIHLgv5wNaDOgGUSweY6
=7kDq
-END PGP SIGNATURE-


___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop


Re: [mailop] protection.outlook.com refusing to accept mail with misleading temp error message

2021-06-02 Thread Stefano Bagnara via mailop
On Tue, 1 Jun 2021 at 21:39, John Levine via mailop  wrote:
> No, it's to deliver the mail that the users want. One point that bulk
> mailers often miss is that, while the recipients at large providers do
> not object to getting the bulk mail, they also do not really want it.

I received Microsoft Office 365 invoices in the Junk folder of my
untrained/verbatim Office 365 inbox, because of SmartScreen.
No one likes invoices, i guess...

-- 
Stefano Bagnara
Apache James/jDKIM/jSPF
VOXmail/Mosaico.io/VoidLabs
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop


Re: [mailop] [EXTERNAL] Re: protection.outlook.com refusing to accept mail with misleading temp error message

2021-06-02 Thread Michael Wise via mailop


Depends on the invoice.

I've seen examples that strain credibility past the breaking point.



You're always encouraged to submit legit traffic as an FP.

Aloha,
Michael.
--
Michael J Wise
Microsoft Corporation| Spam Analysis
"Your Spam Specimen Has Been Processed."
Open a ticket for Hotmail ?



-Original Message-
From: mailop  On Behalf Of Stefano Bagnara via mailop
Sent: Tuesday, June 1, 2021 2:13 PM
To: mailop 
Subject: [EXTERNAL] Re: [mailop] protection.outlook.com refusing to accept mail 
with misleading temp error message



On Tue, 1 Jun 2021 at 21:39, John Levine via mailop 
mailto:mailop@mailop.org>> wrote:

> No, it's to deliver the mail that the users want. One point that bulk

> mailers often miss is that, while the recipients at large providers do

> not object to getting the bulk mail, they also do not really want it.



I received Microsoft Office 365 invoices in the Junk folder of my

untrained/verbatim Office 365 inbox, because of SmartScreen.

No one likes invoices, i guess...



--

Stefano Bagnara

Apache James/jDKIM/jSPF

VOXmail/Mosaico.io/VoidLabs

___

mailop mailing list

mailop@mailop.org

https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Flist.mailop.org%2Flistinfo%2Fmailop&data=04%7C01%7Cmichael.wise%40microsoft.com%7Cd362a774d8f94791db0c08d9262ae92f%7C72f988bf86f141af91ab2d7cd011db47%7C0%7C0%7C637582788020904345%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=X2dGcbIIoaHHlcXRNX0fgCHa58GRcLLcf5j4wzml6pM%3D&reserved=0
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop


Re: [mailop] Dear Sendinblue (IBM)... please stop.

2021-06-02 Thread Al Iverson via mailop
Sending complaints to Spamcop does (almost) nothing, as Spamcop prohibits
spam reports to any ESP which doesn't require COI/DOI, which is just about
all of them. Spamcop has a long history of incorrectly telling users that
the ESP "refuses reports" based on this. See
https://www.spamresource.com/2016/07/spamcop-declines-to-send-reports-to-esps.html
The point here being that the sending platform might not even know about
the complaints.

Convince Spamhaus they should be SBL'd, blog about it, sue them, whatever,
but keep in mind that the tiny number of individual reports to Spamcop
doesn't really do much by itself. Keep sending reports there, as if they
get enough reports, it'll cause listings on the SCBL blocklist, but don't
expect that to be a magic cure to any spam problem by itself.

Regards,
Al Iverson


On Wed, Jun 2, 2021 at 3:45 PM Simon Bressier via mailop 
wrote:

> Hi Mary
>
> Indeed nice emoticons :'(
>
> I'm really sorry to hear that you are receiving such crap from our
> platform, could you please provide me more details offlist regarding such
> sending ?
>
> Ideally by providing the Feedback-ID and/or X-Mailin-Client values, so I
> can identify the sending account and take actions on it.
>
> Thank you very much in advance,
>
> Simon
>
> On Wed, Jun 2, 2021 at 6:21 PM Mary via mailop  wrote:
>
>>
>> Dear Sendinblue (IBM)
>>
>> I've repeatedly reported your spam to spamcop and other relevant block
>> lists, but for some reason you keep spamming my clients and myself,
>> consistently and without limit.
>>
>> Your spam has nice UTF-8 emoticons with some happy French:
>>
>>
>> 🎁🎄🎅 Pour Noël, offrez une plante de pépiniéristes français !
>> 🍋 🌴🌱🌺 Offrez une plante de pépiniéristes français !
>> 🌱🌿 💚🌳 Commandez la box “CBD” d'Hortus Focus - 100 % Légale
>> 🍋 🌴🌱🌺 Offrez une plante de pépiniéristes français !
>> Boostez et fertilisez vos plantes chéries 🌺🌷🌱🌴
>>
>>
>> I understand that your spammer client is paying you money for the
>> delivery of spam, but we are tired of blocking the same spam over and over.
>>
>> Maybe you should subscribe our email addresses to a different spam list
>> next time? How about something in German?
>>
>> Thank you Sendinblue (IBM).
>>
>>
>> ___
>> mailop mailing list
>> mailop@mailop.org
>> https://list.mailop.org/listinfo/mailop
>>
> ___
> mailop mailing list
> mailop@mailop.org
> https://list.mailop.org/listinfo/mailop
>


-- 
Al Iverson // Wombatmail // Chicago
Deliverability: https://spamresource.com
DNS Tools: https://xnnd.com
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop