Re: [mailop] Massive bounce report campaign
On 2022-11-23 10:39, Cyril - ImprovMX via mailop wrote: Blocking the recipient had the effect that we don't accept emails for them anymore, so anyone sending an email via ImprovMX to one of their domain will have a 5xx response on the RCPT command. That was our initial strategy, the default when we block an account: we let the sender know the email wasn't accepted. But in this case, I realized one thing: It's possible that the sender could retry, increasing the number of connections at every new bounce. So I've updated the policy on this specific account to accept but silently drop any emails for them. Silently dropping the mails seems like a bad strategy to me. That would mean you accept DATA and waste your bandwidth and processing power on those. If there was no reaction on you returning a 5XX then my strategy would be to return a 4XX. If the 70K connections per minute actually translates to 70K unique emails per minute then a defer queue rising by 70K per minute should be at a scale that I expect gets noticed even by Microsoft. -- BR/Mvh. Dan Malm, Systems Engineer, One.com OpenPGP_0x328258BA5141B0F4.asc Description: OpenPGP public key OpenPGP_signature Description: OpenPGP digital signature ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] Giant Yahoo thread headers
It appears that WIlliam Fisher via mailop said: >What are other folks doing with the massive thread headers >from yahoo? Assuming you mean the giant junk headers they add, the answer is nothing, of course. They've been there for ages, you just ignore them. R's, John ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] Giant Yahoo thread headers
WIlliam Fisher via mailop skrev den 2022-11-29 23:11: What are other folks doing with the massive thread headers from yahoo? masive in what way ? long lines ? or many long lines ? fixing it would break threads imho ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
[mailop] Giant Yahoo thread headers
What are other folks doing with the massive thread headers from yahoo? ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] How to delegate DMARC reporting to third-party providers for inbound mails
On Tue, 2022-11-29 at 09:15 -0500, Muyeed Ali via mailop wrote: > -- Got it. Wanted to avoid a self-managed service. But if any > third-party solution does not work, will try to integrate rspamd > with Postfix and keep in mind the loop-y behavior. opendmarc is an easy integration and just needs a MySQL database and a cron job to send reports off its own logs. ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] Gmail and emojis
Hey Brandon, I don't think it pissed anyone off, at least not to the point that the message should have been blocked and bounced entirely. They re-sent the same message and subject without the emoji and it delivered without a problem with expected engagement metrics. Seemed like a pretty harsh spam filter overreaction to an emoji Allen On Monday, November 28, 2022 at 05:56:34 PM EST, Brandon Long via mailop wrote: Huh, wonder if that got caught in an existing spam rule, an ML inferred rule, or just that quickly pissed off users to mark it as spam? Brandon On Mon, Nov 28, 2022 at 8:27 AM Allen Kevorkov via mailop wrote: Happy Cyber Monday, ya'll. Not sure who needs to hear this, but sender with high domain / IP rep added a checkmark emoji ✅ to their From name and Gmail blocked it entirely as unsolicited mail... on Black Friday. Gmail is 70% of their customer list... I mean, I get it, probably not the wisest move, but... Hope this helps someone someday. ~ Allen K___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] How to delegate DMARC reporting to third-party providers for inbound mails
Hi Alessandro, What software do you run on port 25? -- I currently use postfix as my MTA. I don't know on any third party doing that job. Indeed, for them to send DMARC reports, you'd need to provide them with your authentication results per sending IP number, which is the data contained in DMARC reports. You probably have to delegate email authentication to a third party as well. -- I understand that. Since turning on DMARC reporting, I have received some reports for emails sent to a few servers supporting DMARC reporting but the reports came from Google, Microsoft, Fastmail, etc. I was actually looking to replicate this scenario but have no idea how to. Hi Tobias, What works well for me is rspamd [1], but there is also a tool for postfix (iirc; maybe somebody else can weigh in there). Similarly, there should be something for TLS-RPT. -- Got it. Wanted to avoid a self-managed service. But if any third-party solution does not work, will try to integrate rspamd with Postfix and keep in mind the loop-y behavior. Thanks. On Tue, Nov 29, 2022 at 8:36 AM Tobias Fiebig via mailop wrote: > Heho, > As said by Alessandro; You will have to make the tool you are currently > using for validating DKIM/SPF -> DMARC generate and send the reports. > > What works well for me is rspamd [1], but there is also a tool for postfix > (iirc; maybe somebody else can weigh in there). Similarly, there should be > something for TLS-RPT. > > What you should keep in mind when setting this up, though, is that you can > actually run into rather loop-y behavior if you originate your dmarc > reports from a domain that requests reports itself (best practice would be > originating from a subdomain not requesting reports; you could also exclude > originating reports for that domain, at least with rspamd): > - You get a mail > - You sent a report > - Other party gets a mail (the report) > - Other party sends out report (because they got a mail from you) > - You get a mail... > > For my setup, that is something I still plan to fix. :-| > > With best regards, > Tobias > > [1] https://rspamd.com/doc/modules/dmarc.html > > ___ > mailop mailing list > mailop@mailop.org > https://list.mailop.org/listinfo/mailop > ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] How to delegate DMARC reporting to third-party providers for inbound mails
Heho, As said by Alessandro; You will have to make the tool you are currently using for validating DKIM/SPF -> DMARC generate and send the reports. What works well for me is rspamd [1], but there is also a tool for postfix (iirc; maybe somebody else can weigh in there). Similarly, there should be something for TLS-RPT. What you should keep in mind when setting this up, though, is that you can actually run into rather loop-y behavior if you originate your dmarc reports from a domain that requests reports itself (best practice would be originating from a subdomain not requesting reports; you could also exclude originating reports for that domain, at least with rspamd): - You get a mail - You sent a report - Other party gets a mail (the report) - Other party sends out report (because they got a mail from you) - You get a mail... For my setup, that is something I still plan to fix. :-| With best regards, Tobias [1] https://rspamd.com/doc/modules/dmarc.html ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] How to delegate DMARC reporting to third-party providers for inbound mails
Hi Muyeed, On Tue 29/Nov/2022 04:30:28 +0100 Muyeed Ali via mailop wrote: I have a self-managed SMTP server and want to make my domain DMARC compliant. I have added a DMARC record to my domain and also want to be able to send DMARC reports if a sending entity asks for one. What software do you run on port 25? In particular, DMARC reporting hinges on the results of email authentication, that is DKIM and SPF evaluation on received messages. That is usually performed by a mail filter combined with the MTA software. Which third-party services may I refer to that can handle the DMARC reporting task for me? I know Google, Microsoft, and some other providers do this but could not find any appropriate link on how to use these providers to send reports on my behalf. I don't know on any third party doing that job. Indeed, for them to send DMARC reports, you'd need to provide them with your authentication results per sending IP number, which is the data contained in DMARC reports. Note that I want to enable DMARC reporting for inbound emails (want to send DMARC reports to those who want them) via a third-party provider. For outbound emails, I have added a subdomain that can receive reports, so, no worries there. I also don't want to set up my own reporting software, that just adds up to the hassle. You probably have to delegate email authentication to a third party as well. The party that filters your incoming messages —verifying DKIM signatures and SPF values before forwarding to your server— is the one that can do DMARC reporting for you. Best Ale -- ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop