Re: [mailop] Looking for EarthLink Contact
On 2022-03-01 at 11:00:14 UTC-0500 (Tue, 1 Mar 2022 10:00:14 -0600) Chris Adams via mailop is rumored to have said: Is there anybody from EarthLink who can contact me off-list? We are seeing emails sent to EarthLink recipients have the From header domain overwritten with the CNAME the domain points to and would like to discuss. FWIW, that's a normal Sendmail behavior. It is arguably correct, given a pedantically narrow concept of what CNAME records are supposed to be for. Since the CNAME overrides any other record with the same label, it SHOULD be possible to canonicalize domains in all circumstances. (Yes, I am quite aware of the edge cases.) -- Bill Cole b...@scconsult.com or billc...@apache.org (AKA @grumpybozo and many *@billmail.scconsult.com addresses) Not Currently Available For Hire ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] Looking for EarthLink Contact
I'll ping you offline, Chris. Udeme On Tue, Mar 1, 2022 at 11:36 AM Chris Adams via mailop wrote: > Is there anybody from EarthLink who can contact me off-list? > We are seeing emails sent to EarthLink recipients have the From header > domain overwritten with the CNAME the domain points to and would like to > discuss. > > Thanks. > ~ Chris > ___ > mailop mailing list > mailop@mailop.org > https://list.mailop.org/listinfo/mailop > ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] Google Admins?
I found out recently that two of my customers were involved in this kind of activity (before being swiftly terminated). One user had over a million Gmail accounts. The reason I tell the story, Google sent them emails about account suspension. One email per user. Their backup emails were set to one of my servers. Result, of course, being that Google DDOS attacked that server for a few hours. So at least I can say that this opened my eyes to Google potentially stepping up efforts to get the spammers, given how long these customers appear to have flown under the radar on my side. It'll be an uphill battle though. On 2022-03-01 11:58, Rob Heilman via mailop wrote: I am seeing a significant mail flow from Google IPs using random Gmail usernames to “market a product” today. Is anyone from Google on list today that would be willing to accept some bulk logging data to help stop this flow? The volume is too much for the standard reporting tools. I really don’t want to blacklist Google/Gmail IPs as that will just cause more headaches, but this flow needs to be stopped. Thanks, Rob Heilman ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] Microsoft banned sender (Linode hosted IPs)
Hello, On Tue, Mar 01, 2022 at 06:52:20PM +0200, Mary via mailop wrote: > We are still having problems with some IP addresses (Linode) that remain > blocked by Microsoft and can't be unblocked by the > del...@messaging.microsoft.com or the https://sender.office.com/ form. > > These are: 139.162.157.234 & 172.105.75.175 & 172.105.69.70 Here too I'm having problems with 139.162.167.107. Microsoft gives a 550: 550 5.7.511 Access denied, banned sender[139.162.167.107]. To request removal from this list please forward this message to del...@messaging.microsoft.com. For more information please go to http://go.microsoft.com/fwlink/?LinkId=526653. AS(1410) [LO2GBR01FT038.eop-gbr01.prod.protection.outlook.com] Forwarding the mail to del...@messaging.microsoft.com so far hasn't produced a response but it's only been a short while. Following the link leads to a delist form but this comes back as "139.162.167.107 is not listed" and then says to get the Microsoft tenant to open a ticket. I've asked my recipient to do that and they said they would today, but I haven't heard back with a ticket number yet. So again, if anyone is able to push that along I'd be most grateful. Also if it's totally pointless for the intended recipient to do anything I'd appreciate knowing so I can stop pushing them about it. Thanks, Andy ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
[mailop] Google Admins?
I am seeing a significant mail flow from Google IPs using random Gmail usernames to “market a product” today. Is anyone from Google on list today that would be willing to accept some bulk logging data to help stop this flow? The volume is too much for the standard reporting tools. I really don’t want to blacklist Google/Gmail IPs as that will just cause more headaches, but this flow needs to be stopped. Thanks, Rob Heilman ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
[mailop] Microsoft banned sender (Linode hosted IPs)
Hello, We are still having problems with some IP addresses (Linode) that remain blocked by Microsoft and can't be unblocked by the del...@messaging.microsoft.com or the https://sender.office.com/ form. These are: 139.162.157.234 & 172.105.75.175 & 172.105.69.70 Any help would be appreciated. Thank you. ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
[mailop] Looking for EarthLink Contact
Is there anybody from EarthLink who can contact me off-list? We are seeing emails sent to EarthLink recipients have the From header domain overwritten with the CNAME the domain points to and would like to discuss. Thanks. ~ Chris ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
[mailop] Erroneous DANE record _25._tcp.mx.kolabsys.com for mx.kolabsys.com
[Before modifying my postfix setup I do try to reach out for the postmaster of *kolabsys.com* here] Dear Postmaster at *kolabsys.com* if reading here, I cannot mail to lists.roundcube.net, because you do advertise an erroneous DANE record _25._tcp.mx.kolabsys.com (have a look at https://www.huque.com/bin/danecheck): Host: mx.kolabsys.com Port: 25 SNI: mx.kolabsys.com STARTTLS application: smtp DNS TLSA RRset: qname: _25._tcp.mx.kolabsys.com. 3 0 1 69907f765ac23c5d36a3e1ca639077e74806b047ea2fa67e0ad43ce27e821c27 3 0 1 b1a526159ed3e48f4ea0a9c6d348dbda2029e15b975d147b9fef0630da011f3f IP Addresses found: 212.103.80.151 212.103.80.150 212.103.80.152 ## Checking mx.kolabsys.com 212.103.80.151 port 25 DANE TLSA 3 0 1 [69907f76..]: FAIL did not match EE certificate DANE TLSA 3 0 1 [b1a52615..]: FAIL did not match EE certificate That repeats for the other two servers. Thanks in advance for fixing that and with kind regards, Michael Grimm ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] Gmail POP3/SMTP and issue with SPF record
Did this used to work, do you have an older example of when it did work? Folks here are correct that we're parsing the Received headers looking for an IP to use to do SPF authentication here. We really want to know the auth status in order to do better spam detection. Another "solution" would be to DKIM sign the message, but I imagine the local delivery probably avoids that as well. In any case, if there was an actual change in behavior on our part, having the old/new to look at would help for filing a bug. Brandon On Tue, Feb 22, 2022 at 9:11 AM Christos Chatzaras via mailop < mailop@mailop.org> wrote: > To make it more clear: > > 1) Customer logins to Gmail and sends e-mail from to supp...@elmetal.gr > to sa...@elmetal.gr using our SMTP (server13.cretaforce.gr) > > 2) Customer logins to other Gmail account and receives the above e-mail. > > Both supp...@elmetal.gr and sa...@elmetal.gr are on the same server ( > server13.cretaforce.gr) so we have local delivery. > > I will try to remove the authenticated sender line. > ___ > mailop mailing list > mailop@mailop.org > https://list.mailop.org/listinfo/mailop > ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
