Re: [mailop] [EXT] - Dear sympatico.ca

[Salvatore Jr Walter P via mailop]

You could always do what we do with AT&T. We have been blocked for months with 
no response and no reason given from AT&T. We are a government agency, so we 
simply told our vendors and other entity's we deal with that if they use AT&T 
or any ISP associated with them we will not be able to communicate with them or 
use their services. After no response from AT&T, we took the response it is no 
longer our issue and let their customers complain that their incoming email is 
being blocked and effecting their bottom line.


From: mailop  on behalf of Lyndon Nerenberg 
(VE7TFX/VE6BBM) via mailop 
Sent: Friday, March 24, 2023 7:37:37 PM
To: mailop@mailop.org
Subject: [EXT] - [mailop] Dear sympatico.ca

If you are going to block my MTA from sending email to your customers,
do us all the favour of preventing your users from sending email
to my MTAs in the first place.

When they send me mail, but you refuse to let me reply, it makes
me look like I'm ignoring them, or blowing them off.  Imputing that
I'm insulting them in that manner is just rude.

Yes, I realize you can implement whatever assinine filtering you
want.  But when you do, please make it reciprocal, so I don't have
to take the heat for your absurd policy decisions.

--lyndon

P.S.  I would have sent this request directly, but 554.
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] mailgun anybody? (variable sender address) time

[Bill Cole via mailop]

On 2023-03-24 at 18:01:50 UTC-0400 (Fri, 24 Mar 2023 23:01:50 +0100)
Heiko Schlittermann via mailop 
is rumored to have said:


What does this change? From senders PoV it is a temporary error. The
sender will retry.


The point of greylisting and "NoListing" is to eliminate the spammers 
who do not retry. They are harmless (aside from delay) for mail being 
haqndlked by a proper MTA that implements a MX fallback and retry 
strategy.


--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Dear sympatico.ca

[fh--- via mailop]

On 2023-03-25 07:37, Lyndon Nerenberg (VE7TFX/VE6BBM) via mailop wrote:

If you are going to block my MTA from sending email to your customers,
do us all the favour of preventing your users from sending email
to my MTAs in the first place.



you can try to contact Bell Canada for support.

dns-ad...@bellglobal.com

Thanks
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

[mailop] Dear sympatico.ca

[Lyndon Nerenberg (VE7TFX/VE6BBM) via mailop]

If you are going to block my MTA from sending email to your customers,
do us all the favour of preventing your users from sending email
to my MTAs in the first place.

When they send me mail, but you refuse to let me reply, it makes
me look like I'm ignoring them, or blowing them off.  Imputing that
I'm insulting them in that manner is just rude.

Yes, I realize you can implement whatever assinine filtering you
want.  But when you do, please make it reciprocal, so I don't have
to take the heat for your absurd policy decisions.

--lyndon

P.S.  I would have sent this request directly, but 554.
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] mailgun anybody? (variable sender address) time

[Grant Taylor via mailop]

On 3/24/23 4:01 PM, Heiko Schlittermann via mailop wrote:

Hm. Maybe I'm stupid.


Nope.  I'm sure that's not the case.  We all learn things when exposed 
to new things.  ;-)



What does this change? From senders PoV it is a temporary error. The
sender will retry.


NoListing works by causing the sending server to cascade through 
multiple MXs.


First MX either doesn't respond /or/ sends a TCP reset.  Thereby causing 
the sending MTA to try the next MX.


The next MX responds like normal.

The cascading from one MX to the other MX achieves a very similar result 
as grey listing.  But it does so in a way that is indifferent to the 
actual addresses used.


There is also no state to be maintained by the receiving system.


And on my side I still do not recognise their 2nd attempt, if they use a
variable MAIL-FROM.


With no state to maintain it doesn't matter what the envelope from is, 
variable or static.




--
Grant. . . .
unix || die



smime.p7s
Description: S/MIME Cryptographic Signature
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] mailgun anybody? (variable sender address) time

[Heiko Schlittermann via mailop]

Grant Taylor via mailop  (Fr 24 Mär 2023 16:42:07 CET):
> On 3/24/23 1:24 AM, Renaud Allard via mailop wrote:
> > I would say, that's called greylisting. But with a changing envelope,
> > the message has no chances to pass any greylisting process. The
> > behaviour from mailgun would make them unable to pass any kind of
> > greylisting anywhere.
> 
> That's one of the advantages of NoListing (TCP reset or timeout on high
> priority / low numbered MX) in that it would be compatible with this.

Hm. Maybe I'm stupid.

What does this change? From senders PoV it is a temporary error. The
sender will retry.

And on my side I still do not recognise their 2nd attempt, if they use a
variable MAIL-FROM.

Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
 SCHLITTERMANN.de  internet & unix support -
 Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
 gnupg encrypted messages are welcome --- key ID: F69376CE -


signature.asc
Description: PGP signature
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] [E] Anyone from Yahoo/ATT ?

[Marcel Becker via mailop]

On Fri, Mar 24, 2023 at 2:08 AM Graeme Slogrove via mailop <
mailop@mailop.org> wrote:


> We are having emails from our cloud service going directly to the SPAM
> folder in Yahoo/ATT.
>

Lili already helped, but in general we encourage folks to go to
https://senders.yahooinc.com for help and contact options.

Thanks,
Marcel
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] mailgun anybody? (variable sender address) time

[Grant Taylor via mailop]

On 3/24/23 1:24 AM, Renaud Allard via mailop wrote:
I would say, that's called greylisting. But with a changing envelope, 
the message has no chances to pass any greylisting process. The 
behaviour from mailgun would make them unable to pass any kind of 
greylisting anywhere.


That's one of the advantages of NoListing (TCP reset or timeout on high 
priority / low numbered MX) in that it would be compatible with this.




--
Grant. . . .
unix || die



smime.p7s
Description: S/MIME Cryptographic Signature
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Hotmail will start rejecting messages that fail DMARC

[Slavko via mailop]

Dňa 24. marca 2023 13:23:04 UTC používateľ Bill Cole via mailop 
 napísal:

>I would not interpret a rejection as being due to DMARC unless the error 
>message specifically cited it

This will not always to happen...

Eg. with exim+rspamd, where DMARC rejection is done (suggested)
by rspamd, it is hard to return appropriate reject message. While it
is possible (i do that), by default it is not supported and requires
some "tricks" on both sides...

When i ask about getting message from rspamd on exim's IRC, i got
response: "do you want to contribute to SPAM improvements?" (by
detailed error message). I do not remember if that response was
from exim's devs or from someone other, but that was all...

regards


-- 
Slavko
https://www.slavino.sk/
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] sender domain reputation

[Dan Malm via mailop]

On 3/22/23 23:32, Bill Cole via mailop wrote:
It may be worth noting that pw has a particularly notable position, as 
it was one of the earliest demonstrators of how a registry can sabotage 
a TLD. They decided to market their "Pro Web" domains by making them 
free and returnable for a while when first introduced. This was jumped 
on by a few spamming operations who basically drenched the TLD in a vat 
of reputational sewage that will likely NEVER wash off, all in about a 
week almost exactly 10 years ago. Even worse, the event apparently gave 
other TLD hucksters the idea of launching in the same way, dooming a 
handful of other gTLDs (and pimped-out ccTLDs like pw) to a lifetime of 
crap deliverability.


And then we have freenom, still giving away .tk, .ml, .ga, .cf and .gq 
domains for free... I don't block those TLDs, but they spew out enough 
spam that they go directly to the spam folder.


--
BR/Mvh. Dan Malm, Systems Engineer, one.com

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Hotmail will start rejecting messages that fail DMARC

[Bill Cole via mailop]

On 2023-03-23 at 16:18:24 UTC-0400 (Thu, 23 Mar 2023 15:18:24 -0500)
Jarland Donnell via mailop 
is rumored to have said:

I'd like to add a +1 to this for clarification, but in my case I'm 
focused solely on SRS. Will Hotmail reject DMARC failures based on 
From headers or envelope senders?


DMARC does not refer to envelope senders. SPF operates on the envelope 
sender, but unless the From header address is aligned with the envelope 
sender domain, SPF is not relevant to DMARC. DKIM also must align with 
the From header, for it to be relevant to DMARC.



I mean, Gmail already rejects a lot of DMARC failures based on From 
headers (I assume, since rewriting envelope sender doesn't seem to 
consistently change the result), so there's plenty of precedent for it 
and most people aren't really going to blame anyone for doing what 
Gmail does. But it sure is nice if our users can see the same behavior 
when forwarding as they have until now.


I would not interpret a rejection as being due to DMARC unless the error 
message specifically cited it and the From header address has a p=reject 
DMARC record. However, if the From header address domain does have 
p=reject and you're forwarding the message, nothing you do to the 
envelope sender can (or should) save it.



--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] mailgun anybody? (variable sender address) time

[Julian Bradfield via mailop]

On 2023-03-24, Heiko Schlittermann via mailop  wrote:
> fh--- via mailop  (Fr 24 Mär 2023 03:56:53 CET):
>> > does anybody from mailgun read here?
>> > Your messages are tmprejected at our systems, w/o any chance to pass
>> > ever.
>> b/c they were sending spams?
>
> I can't tell, because we rejected them with 4xx and they do not pass the
> greylisting with a changing sender address.

I use the following snippets in my greylisting code, which pretty much
deals with the changing sender address problem, and also, partially,
the mail farm problem.

---
# to do greylisting sensibly on mail farms, we want to use 
# the /24 of an IPv4 address, or the /48 of an IPv6 address 
# try with ipv first 
SENDER_HOST_PREFIX = ${if match{$sender_host_address}{:}{${mask:$sender_host_ad\
dress/48}}{${mask:$sender_host_address/24}}} 
 
# also, because of all those sites that put a key into the sender address, 
# if the localpart is longer than, say, 30 charactersm, we'll just replace 
# it with a fixed string 
SENDER_ADDRESS_COMPACTED = ${if >{${strlen:$sender_address_local_part}}{30} {ke\
yedsender@$sender_address_domain}{$sender_address}} 
---
# and this is the normal greylist check 
condition  = ${readsocket{/var/run/greylistd/socket}\ 
 {--grey \ 
  SENDER_HOST_PREFIX \ 
  SENDER_ADDRESS_COMPACTED \ 
  $local_part@$domain}\ 
 {5s}{}{false}} 
---
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] [E] Anyone from Yahoo/ATT ?

[Lili Crowley via mailop]

Please contact me off list. I can help with both


Thanks!

On Fri, Mar 24, 2023 at 5:08 AM Graeme Slogrove via mailop <
mailop@mailop.org> wrote:

> Hi,
>
> We are having emails from our cloud service going directly to the SPAM
> folder in Yahoo/ATT.
>
> SPF/DKIM/DMARC show pass in the message
>
> Is there someone we can connect with to understand why and correct?
>
> Thanks!
>
>  Graeme
> Email secured by Trustwave advanced threat protection. Learn more at
> https://urldefense.com/v3/__https://trus.tw/mailmarshal__;!!Op6eflyXZCqGR5I!DC-sZJ1p-nBa6yp9MON9Rd_nwSFa_ZtM0SfVsHth55dtmUsEFPbFZu7tVkuEYBZOB4-gsa4oKNXlDKjkDck$
> This transmission may contain information that is privileged,
> confidential, and/or exempt from disclosure under applicable law. If you
> are not the intended recipient, you are hereby notified that any
> disclosure, copying, distribution, or use of the information contained
> herein (including any reliance thereon) is STRICTLY PROHIBITED. If you
> received this transmission in error, please immediately contact the sender
> and destroy the material in its entirety, whether in electronic or hard
> copy format.
> ___
> mailop mailing list
> mailop@mailop.org
>
> https://urldefense.com/v3/__https://list.mailop.org/listinfo/mailop__;!!Op6eflyXZCqGR5I!DC-sZJ1p-nBa6yp9MON9Rd_nwSFa_ZtM0SfVsHth55dtmUsEFPbFZu7tVkuEYBZOB4-gsa4oKNXll_fPZkQ$
>
-- 

*Lili Crowley*

she/her

Postmaster



___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] mailgun anybody? (variable sender address) time

[Heiko Schlittermann via mailop]

fh--- via mailop  (Fr 24 Mär 2023 03:56:53 CET):
> > does anybody from mailgun read here?
> > Your messages are tmprejected at our systems, w/o any chance to pass
> > ever.
> b/c they were sending spams?

I can't tell, because we rejected them with 4xx and they do not pass the
greylisting with a changing sender address.

But I *think*, it is more ham than spam.

Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
 SCHLITTERMANN.de  internet & unix support -
 Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
 gnupg encrypted messages are welcome --- key ID: F69376CE -


signature.asc
Description: PGP signature
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] mailgun anybody? (variable sender address) time

[Heiko Schlittermann via mailop]

Renaud Allard via mailop  (Fr 24 Mär 2023 08:24:20 CET):
> > > does anybody from mailgun read here?
> > > Your messages are tmprejected at our systems, w/o any chance to pass
> > > ever.
> > 
> > Why are you using tmp rejections for something permanent?

Yes, it *is* greylisting.

https://gitea.schlittermann.de/IUS/libexim-grey-perl

> I would say, that's called greylisting. But with a changing envelope, the
> message has no chances to pass any greylisting process. The behaviour from
> mailgun would make them unable to pass any kind of greylisting anywhere.

Most greylist implementations (IMHO) do the greylisting based on the
sending IP, which would work here, as the delivery attemps are
originiated from the same IP.

Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
 SCHLITTERMANN.de  internet & unix support -
 Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
 gnupg encrypted messages are welcome --- key ID: F69376CE -


signature.asc
Description: PGP signature
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] mailgun anybody? (variable sender address) time

[Jaroslaw Rafa via mailop]

Dnia 24.03.2023 o godz. 08:24:20 Renaud Allard via mailop pisze:
> 
> I would say, that's called greylisting. But with a changing
> envelope, the message has no chances to pass any greylisting
> process. The behaviour from mailgun would make them unable to pass
> any kind of greylisting anywhere.

There are quite a few senders that do this. Some greylisting software (like
postgrey, which is probably the reference implementation for greylisting) by
default exempt from greylisting a bunch of senders that do this. Among them
are amazon.com, google.com, microsoft.com and orange.fr for example. I have
myself added facebook.com and amazonses.com to my exempt list as I noticed
the same behavior with them. Probably you need to do the same for mailgun.
-- 
Regards,
   Jaroslaw Rafa
   r...@rafa.eu.org
--
"In a million years, when kids go to school, they're gonna know: once there
was a Hushpuppy, and she lived with her daddy in the Bathtub."
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

[mailop] Anyone from Yahoo/ATT ?

[Graeme Slogrove via mailop]

Hi,

We are having emails from our cloud service going directly to the SPAM folder 
in Yahoo/ATT.

SPF/DKIM/DMARC show pass in the message

Is there someone we can connect with to understand why and correct?

Thanks!

 Graeme
Email secured by Trustwave advanced threat protection. Learn more at 
https://trus.tw/mailmarshal
This transmission may contain information that is privileged, confidential, 
and/or exempt from disclosure under applicable law. If you are not the intended 
recipient, you are hereby notified that any disclosure, copying, distribution, 
or use of the information contained herein (including any reliance thereon) is 
STRICTLY PROHIBITED. If you received this transmission in error, please 
immediately contact the sender and destroy the material in its entirety, 
whether in electronic or hard copy format.
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] mailgun anybody? (variable sender address) time

[Renaud Allard via mailop]

On 3/23/23 16:31, Laura Atkins via mailop wrote:



On 23 Mar 2023, at 14:47, Heiko Schlittermann via mailop 
 wrote:


Hi,

does anybody from mailgun read here?
Your messages are tmprejected at our systems, w/o any chance to pass
ever.


Why are you using tmp rejections for something permanent?



I would say, that's called greylisting. But with a changing envelope, 
the message has no chances to pass any greylisting process. The 
behaviour from mailgun would make them unable to pass any kind of 
greylisting anywhere.


smime.p7s
Description: S/MIME Cryptographic Signature
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop