[mailop] It's nice when the spammers pre-identify themselves before spamming
Got this gem to our abuse@ mail address. This test email message was sent from the Office 365 organization 'rblab.se' to check that email can be delivered from their organization to yours. No need to reply. -- Tom Perrine Senior Manager, Systems Engineering tom.perr...@servicenow.com ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] IP to country?
Dňa 24. apríla 2023 19:40:06 UTC používateľ Rich Kulawiec via mailop napísal: >Yes. Here's a (Python) script you can download and run for yourself, if you >wish: > > Generating country IP ranges lists > http://blog.erben.sk/2014/01/28/generating-country-ip-ranges-lists/ Please, which countries are these from RIPE? ASN's (registered) or IP's (real) country? Yes, in many cases they are the same, but not in all (eg. big clouds)... regards -- Slavko https://www.slavino.sk/ ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] IP to country?
On Mon, Apr 24, 2023 at 06:44:45PM +0300, Mary via mailop wrote: > Is there a place that provides IP to country location information for free? Yes. Here's a (Python) script you can download and run for yourself, if you wish: Generating country IP ranges lists http://blog.erben.sk/2014/01/28/generating-country-ip-ranges-lists/ Scroll down a bit to "UPDATE" and "UPDATE2" to find the freely downloadable output from the Python script (see link below) as well as a PHP script that uses Maxmind to generate the lists in anothe way. Or if you want to skip right to the goodies: Country IP ranges http://www.iwik.org/ipcountry/ ---rsk ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] IP to country?
Ymmv but geoip.com is still free though it maps to ASN and not CIDR. maxmind.com I believe also has a free level or a small number of free queries available depending on your usage. Bob -Original Message- From: mailop On Behalf Of Peter N. M. Hansteen via mailop Sent: Monday, April 24, 2023 11:11 AM To: mailm...@ionos.gr Cc: mailop@mailop.org Subject: Re: [mailop] IP to country? This email has reached Mapp via an external source On Mon, Apr 24, 2023 at 06:44:45PM +0300, Mary via mailop wrote: > Is there a place that provides IP to country location information for free? > > Preferably in CIDR format. I am not interested to query a service, I am > interested to block whole countries at the firewall level. Maybe, refresh the > data once or twice a year, not more. A few years back I was faced with a similar need. I created a *very* basic script which can be extracted from https://nxdomain.no/~peter/ripe2cidr_country.sh.txt and should be runnable on any unixlike with what is likely to be in the base system install. - Peter -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team https://bsdly.blogspot.com/ https://www.bsdly.net/ https://www.nuug.no/ "Remember to set the evil bit on all malicious network traffic" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds. ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop This e-mail is from Mapp Digital Group and its international legal entities and may contain information that is confidential. If you are not the intended recipient, do not read, copy or distribute the e-mail or any attachments. Instead, please notify the sender and delete the e-mail and any attachments. ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] IP to country?
On Mon, Apr 24, 2023 at 06:44:45PM +0300, Mary via mailop wrote: > Is there a place that provides IP to country location information for free? > > Preferably in CIDR format. I am not interested to query a service, I am > interested to block whole countries at the firewall level. Maybe, refresh the > data once or twice a year, not more. A few years back I was faced with a similar need. I created a *very* basic script which can be extracted from https://nxdomain.no/~peter/ripe2cidr_country.sh.txt and should be runnable on any unixlike with what is likely to be in the base system install. - Peter -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team https://bsdly.blogspot.com/ https://www.bsdly.net/ https://www.nuug.no/ "Remember to set the evil bit on all malicious network traffic" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds. ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] IP to country?
I am not going to protect something sensitive, so a few errors are acceptable. thank you, I'll take a look. On Mon, 24 Apr 2023 12:05:10 -0400 Jan Schaumann via mailop wrote: > Mary via mailop wrote: > > > Is there a place that provides IP to country location information for free? > > > > Take a look at this repository: > https://github.com/herrbischoff/country-ip-blocks > > I don't know how reliable or accurate they are. But > even with known accurate data, refreshing only once a > year would seem to invite a lot of errors in your > decision making; I'd pull more frequently. (The > deltas are small.) > > -Jan > ___ > mailop mailing list > mailop@mailop.org > https://list.mailop.org/listinfo/mailop ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] IP to country?
Try https://dev.maxmind.com/geoip/geolite2-free-geolocation-data On 24 April 2023 16:54:33 Mary via mailop wrote: Hello, Is there a place that provides IP to country location information for free? Preferably in CIDR format. I am not interested to query a service, I am interested to block whole countries at the firewall level. Maybe, refresh the data once or twice a year, not more. Thank you. ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] IP to country?
Mary via mailop wrote: > Is there a place that provides IP to country location information for free? Take a look at this repository: https://github.com/herrbischoff/country-ip-blocks I don't know how reliable or accurate they are. But even with known accurate data, refreshing only once a year would seem to invite a lot of errors in your decision making; I'd pull more frequently. (The deltas are small.) -Jan ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
[mailop] IP to country?
Hello, Is there a place that provides IP to country location information for free? Preferably in CIDR format. I am not interested to query a service, I am interested to block whole countries at the firewall level. Maybe, refresh the data once or twice a year, not more. Thank you. ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] emailage.com ?
There are getting to be a 'lot' of list washing services out there, but you are right.. SMTP callbacks on contact forms are getting silly too. Could not access several websites now, because their SMTP callback service was blocked for one reason or another. Hackers also can use those forms for list washing ;) The more people that simply block those list washers, especially the non-transparent ones, the quicker people realize there are other ways to do validation other than SMTP callbacks. On 2023-04-24 07:25, Rich Kulawiec via mailop wrote: On Mon, Apr 24, 2023 at 10:44:47AM +0200, Jasper Spaans via mailop wrote: We're seeing quite some postfix PREGREET errors in incoming smtp traffic from hosts claiming to be emailage.com (by lexisnexis). Does anyone know whether this is just a dressed up list washing service, or would it be worthwhile for our customers if we start whitelisting them? I'm still investigating, but my PRELIMINARY understanding is that this is a poorly-thought-out "service" run by Lexis-Nexis. If that understanding is wrong, and five minutes from now it may turn out to be, then I apologize. But: I believe it's trying to use SMTP callbacks to verify email addresses, and that's abusive -- as well as pointless. We went through this 20+ years ago when Verizon foolishly deployed them as a putative anti-spam measure even though they have no anti-spam value whatsoever. Nor do they have any anti-phish, anti-fraud, or anti-anything-else value. Those of us [1] who analyzed them at the time pointed out the inherently abusive nature of this as well as how it could readily be used to conduct third-party attacks. I haven't re-read those message threads in a long time -- because I thought that we'd put enough stakes through the heart of this terrible idea that it would never rise again -- but perhaps that was wishful thinking. ---rsk [1] Myself, the late Bruce Gingery, and if memory serves, Steven Champeon, among others. ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop -- "Catch the Magic of Linux..." Michael Peddemors, President/CEO LinuxMagic Inc. Visit us at http://www.linuxmagic.com @linuxmagic A Wizard IT Company - For More Info http://www.wizard.ca "LinuxMagic" a Registered TradeMark of Wizard Tower TechnoServices Ltd. 604-682-0300 Beautiful British Columbia, Canada This email and any electronic data contained are confidential and intended solely for the use of the individual or entity to which they are addressed. Please note that any views or opinions presented in this email are solely those of the author and are not intended to represent those of the company. ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] emailage.com ?
On Mon, Apr 24, 2023 at 10:44:47AM +0200, Jasper Spaans via mailop wrote: > We're seeing quite some postfix PREGREET errors in incoming smtp traffic > from hosts claiming to be emailage.com (by lexisnexis). Does anyone know > whether this is just a dressed up list washing service, or would it be > worthwhile for our customers if we start whitelisting them? I'm still investigating, but my PRELIMINARY understanding is that this is a poorly-thought-out "service" run by Lexis-Nexis. If that understanding is wrong, and five minutes from now it may turn out to be, then I apologize. But: I believe it's trying to use SMTP callbacks to verify email addresses, and that's abusive -- as well as pointless. We went through this 20+ years ago when Verizon foolishly deployed them as a putative anti-spam measure even though they have no anti-spam value whatsoever. Nor do they have any anti-phish, anti-fraud, or anti-anything-else value. Those of us [1] who analyzed them at the time pointed out the inherently abusive nature of this as well as how it could readily be used to conduct third-party attacks. I haven't re-read those message threads in a long time -- because I thought that we'd put enough stakes through the heart of this terrible idea that it would never rise again -- but perhaps that was wishful thinking. ---rsk [1] Myself, the late Bruce Gingery, and if memory serves, Steven Champeon, among others. ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] emailage.com ?
On Mon, Apr 24, 2023 at 10:44:47AM +0200, Jasper Spaans via mailop wrote: > Hello, > > We're seeing quite some postfix PREGREET errors in incoming smtp > traffic from hosts claiming to be emailage.com (by lexisnexis). Does > anyone know whether this is just a dressed up list washing service, > or would it be worthwhile for our customers if we start whitelisting > them? My $.02: [root@mail ~]# grep emailage /etc/postfix/* /etc/postfix/helo_access:emailage.com REJECT Spam list cleaners are welcome to take a hike -- Atro Tossavainen, Chairman of the Board Infinite Mho Oy, Helsinki, Finland tel. +358-44-5000 600, http://www.infinitemho.fi/ ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] emailage.com ?
Jasper Spaans via mailop skrev den 2023-04-24 10:44: Hello, We're seeing quite some postfix PREGREET errors in incoming smtp traffic from hosts claiming to be emailage.com (by lexisnexis). Does anyone know whether this is just a dressed up list washing service, or would it be worthwhile for our customers if we start whitelisting them? postscreen is done before smtp, so there is no email to whitelist just ignore it, bots is bots ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] A guy from GMX at the list?
Hi Florian, For which DKIM signing Domains you see issues? And what are your IP-Ranges? Feel free to answer off list, if you don't want to disclose this information. -Original Message- From: mailop On Behalf Of Postmaster florian-pankerl.tk via mailop Sent: Friday, April 21, 2023 2:12 PM To: mailop@mailop.org Cc: florian.pank...@004gmbh.de Subject: [mailop] A guy from GMX at the list? Hi! Is there a guy from GMX.de at the list? We sent business-related mails (order-confirmation, invoice etc.) for onlineshops of our customers. For one of the shops GMX seems to be a black hole - the GMX-Servers accepts the mails without any error and then the mails disappears. I wrote via the form at https://postmaster.gmx.net two days ago - but no reaction. Regards, Florian Pankerl ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
[mailop] emailage.com ?
Hello, We're seeing quite some postfix PREGREET errors in incoming smtp traffic from hosts claiming to be emailage.com (by lexisnexis). Does anyone know whether this is just a dressed up list washing service, or would it be worthwhile for our customers if we start whitelisting them? Cheers, Jasper ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop