Re: [mailop] Recommendations for mail campaign services
> I'm working with a non-profit company that would like to use an e-mail > campaign system. I spent a while evaluating a few of these for a local non-profit group. I eventually settled on https://emailoctopus.com/ I'm really pleased with it: it works well and has a nice user interface. Having used Mailchimp before, I consider EmailOctopus to have a slicker user interface and I also found it more responsive as a web application. Andy ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] Problems with Proofpoint?
On Wed, 27 Jan 2021 14:24:17 -0700 Jaren Angerbauer wrote: > Got your first email this morning :) > > Will respond to you in a bit. Brilliant, thanks Jaren. Sorry, I didn't want to assume you were on standby for an instant response ;-) Andy ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
[mailop] Problems with Proofpoint?
Hi, Is anyone else seeing any problems delivering to domains hosted at Proofpoint? We're seeing most (but not all) of our emails deferred, with a message to check the sending IP address at ipcheck.proofpoint.com. When we do that, the IP addresses are reported as not blocked. E.g. status=deferred (host mx0a-0016c301.pphosted.com[67.231.148.70] refused to talk to me: 421 Deferred - see https://ipcheck.proofpoint.com/?ip=78.143.254.171) I've contacted postmas...@proofpoint.com and also the recipient customer has contacted them, but just wondering whether this is a general issue or just us. The sending IP addresses in question are 78.143.254.171-174 Thanks, Andy ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
[mailop] Contact at qq.com / Tencent
A bit of a long shot, but does anyone have a contact at qq.com / Tencent Mail? We moved outbound IP address a few months ago, and the only provider that we are still needing to deliver to using the old IP addresses is qq.com, which is rate-limiting the new range with the messages: "550 Ip frequency limited" and "550 Sender frequency limited" Thanks, Andy ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] Looking for possible mailing list hosting
On Wed, 16 Dec 2020 11:04:04 -0500 Dave Shevett wrote: > Does anyone know of a hosting company that uses mailman (or something > roughly equivalent) and doesn't cost an arm and a leg? We're a social > community that uses the mailing list for internal dicusssions - this > isn't customer facing stuff. > > We're looking at groups.io as well - any other suggestions? Shameless plug for Simplelists.com ;-) Message me off-list if you have any specific questions. Andy ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
[mailop] Rackspace point of contact
Dear all, Is there anyone that can help with a Rackspace delivery problem please? We're moving IP addresses and are having trouble with getting anything other than a tiny trickle of email delivered from the new IP space (78.143.254.0/24). I've tried postmas...@emailsrvr.com but have received no response from 2 emails sent last week. Many thanks, Andy ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
Re: [mailop] t-online.de outage?
On Tue, 9 Jun 2020 11:13:34 -0500 Al Iverson via mailop wrote: > Anybody else who is bored, feel free to share your telnet test > results From the very same server, I get different results depending on which local IP address I bind to. If I bind to an IP address which regularly sends email (89.16.184.172) then it connects fine, but if I connect from an IP address that never normally sends email (89.16.162.4), then I get the same error message that others are reporting. Andy ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
Re: [mailop] Which ESP forces double opt in?
On Mon, 08 Jun 2020 09:28:27 + mailop@mailop.org wrote: > Which ESP does 100% (double/confirmed) opt in? We do by default. We then allow a customer to request that the opt-in requirement be relaxed. Of course, we can't guarantee that what a customer tells us is true when we process this request. We do send on different IP addresses though per email address, depending on whether the recipient has opted in via us (and then we mark that as such in the SuretyMail IADB entry). Andy ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
Re: [mailop] Suggestions for VPS providers in Europe?
On 2 Dec 2019 18:59:09 -0500 John Levine wrote: > I warned a guy away from Hetzner and OVH if he wants to send mail so > he reasonably asked what VPS provider in Europe is better for sending > mail. > > Any suggestions? Previously I would have said Bytemark (who we currently still use), but the company has recently been sold and things aren't looking so rosy (not to say that things will get worse for sending email though). I would also recommend Mythic Beasts. We only used them to send a low volume of email, but never had problems and technically they are a capable bunch who I imagine would care about abuse. Andy ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
Re: [mailop] Moving to a new outbound IP range
On Wed, 03 Jul 2019 22:52:21 +0800 Philip Paeps via mailop wrote: > The factory that made IPv4 addresses has been closed for a while. They > don't make new IPv4 addresses any longer. I don't believe "completely > clean" IPv4 address space exists anywhere. Certainly in the RIPE > region, all you're going to get is returned address space. > > I think "the devil you know" might be the better option. RIPE NCC will > assign you whatever allocation is next, which may have once been > hijacked or otherwise unsanitary. You have no way to know. If you're > transferring space from a broker, you can do at least some due > diligence. > > Whichever option you go for ... you'll have to ramp it up slowly. Even > if the block you get allocated has inexplicably never been seen to send > email before, the absence of a reputation is also a reputation in the > benighted times we live in. Thanks for the comprehensive advice Philip - much appreciated. I'll see what's available. Andy ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
Re: [mailop] Moving to a new outbound IP range
On Mon, 1 Jul 2019 18:20:00 +0100 Stuart Henderson wrote: > I don't think it's likely to matter that much really (and either way > you'll still have the challenge of building up positive reputation for > the addresses). You can show the whois entry showing the new assignment > if you need to contact anybody asking them to clear an old RBL entry etc. > > If there are non mail-delivery related reasons factored into the choice > too then I would probably let those guide the decision.. Great, thanks for the reply and advice. Andy ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
Re: [mailop] Moving to a new outbound IP range
Thanks for the replies, On Mon, 1 Jul 2019 17:19:41 +0100 Stuart Henderson wrote: > Though AFAIK it's too late for brand-new space in the RIPE region, > I think they're just reallocating reclaimed address space now. Ah, if that's the case (I'll check) would it be safer to use a known range? Presumably we wouldn't know what new range had been issued until it arrived. Andy ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
Re: [mailop] Moving to a new outbound IP range
On Mon, 1 Jul 2019 14:19:03 +0100 (BST) Andrew C Aitchison wrote: > On Mon, 1 Jul 2019, Simplelists - Andrew Beverley via mailop wrote: > > Dear all, > > > > I'm after some general advice about moving to a new outbound email IP > > address range. > > > > We have a choice of either applying for a brand new range from RIPE > > (which has presumably never been used before to send email), or buying > > an existing block that may have been used. > > > > Would it be better to go for the brand new block? Obviously any > > existing block could be checked in DNSBLs etc, but are there any > > advantages of using an existing block? > > Are they both IPv4 ? Both IPv6 ? Both IPv4. Andy ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
[mailop] Moving to a new outbound IP range
Dear all, I'm after some general advice about moving to a new outbound email IP address range. We have a choice of either applying for a brand new range from RIPE (which has presumably never been used before to send email), or buying an existing block that may have been used. Would it be better to go for the brand new block? Obviously any existing block could be checked in DNSBLs etc, but are there any advantages of using an existing block? Thanks, Andy ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
Re: [mailop] Outlook/Hotmail reporting to us that a mail has been declared as SPAM by a recpient, but... ?
On Fri, 28 Jun 2019 07:52:08 + Sébastien Riccio wrote: > So we forwarded the information to the sender for their information. > Their recipient replied to our customer they did not flagged this > message as SPAM at all and that only one message was in their spambox > and it went there automatically. > > Aren't feedback loops reporting manual « Mark as spam » only ? Just > trying to figure out what is going on here. We've seen this a few times. We've come to the conclusion that it's either anti-spam software on the local computer that is automatically moving the email into the user's spam folder (and thus marking it as spam), or the users are accidentally doing it themselves without realising it. I'm pretty sure it's not happening at the provider's end. Andy ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
Re: [mailop] Contact at cox.net
Replied off-list. Andy On Fri, 7 Jun 2019 13:00:48 +1000 Mark Dale via mailop wrote: > > Hi Andy, > > Do you have a contact at Cox? We haven't had any response from their > postmaster address. > > Regards, > Mark > > Original Message ---- > From: Simplelists - Andrew Beverley [mailto:a...@simplelists.com] > Sent: Thursday, June 6, 2019, 11:28 PM UTC > To: m...@mailmanlists.net > Cc: Mark Dale via mailop > Subject: [mailop] Contact at cox.net > > > Mark, James, > > > > Sorry for not replying before - I had some very-useful off-list > > assistance, and am pleased to report that the issue is now resolved. > > I'll let them make contact as required. > > > > Regards, > > > > Andy > > > > > > On Fri, 7 Jun 2019 08:31:12 +1000 > > Mark Dale via mailop wrote: > > > >> Hi, > >> > >> Was the issue with cox.net resolved? We're seeing the same error applied > >> at seemingly random intervals. It popped up last week then again yesterday. > >> > >> Best, > >> Mark > >> > >> > >> > >> On 6/6/19 10:38 pm, James Hoddinott via mailop wrote: > >>> What IP(s) are you sending from? Not promising anything but I might be > >>> able to dig in to the data and see if anything useful can be found > >>> related to your sends. > >>> > >>> On Fri, 31 May 2019 at 08:25, Simplelists - Andrew Beverley via mailop > >>> mailto:mailop@mailop.org>> wrote: > >>> > >>> Hi, > >>> > >>> Does anyone have any contacts at cox.net <http://cox.net> please? We > >>> are seeing 452 > >>> error code CXMXRT when trying to deliver (meaning "The email sender > >>> has > >>> exceeded the maximum number of sent email allowed"), despite > >>> throttling > >>> delivery down to 1 email every 12 seconds. > >>> > >>> Many thanks, > >>> > >>> Andy > >>> > >>> ___ > >>> mailop mailing list > >>> mailop@mailop.org <mailto:mailop@mailop.org> > >>> https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop > >>> > >>> > >>> ___ > >>> mailop mailing list > >>> mailop@mailop.org > >>> https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop > >>> > >> > >> ___ > >> mailop mailing list > >> mailop@mailop.org > >> https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop > > > > > > ___ > mailop mailing list > mailop@mailop.org > https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop -- Simplelists - Andrew Beverley ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
Re: [mailop] Contact at cox.net
Mark, James, Sorry for not replying before - I had some very-useful off-list assistance, and am pleased to report that the issue is now resolved. I'll let them make contact as required. Regards, Andy On Fri, 7 Jun 2019 08:31:12 +1000 Mark Dale via mailop wrote: > Hi, > > Was the issue with cox.net resolved? We're seeing the same error applied > at seemingly random intervals. It popped up last week then again yesterday. > > Best, > Mark > > > > On 6/6/19 10:38 pm, James Hoddinott via mailop wrote: > > What IP(s) are you sending from? Not promising anything but I might be > > able to dig in to the data and see if anything useful can be found > > related to your sends. > > > > On Fri, 31 May 2019 at 08:25, Simplelists - Andrew Beverley via mailop > > mailto:mailop@mailop.org>> wrote: > > > > Hi, > > > > Does anyone have any contacts at cox.net <http://cox.net> please? We > > are seeing 452 > > error code CXMXRT when trying to deliver (meaning "The email sender has > > exceeded the maximum number of sent email allowed"), despite throttling > > delivery down to 1 email every 12 seconds. > > > > Many thanks, > > > > Andy > > > > ___ > > mailop mailing list > > mailop@mailop.org <mailto:mailop@mailop.org> > > https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop > > > > > > ___ > > mailop mailing list > > mailop@mailop.org > > https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop > > > > ___ > mailop mailing list > mailop@mailop.org > https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop -- Simplelists - Andrew Beverley ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
Re: [mailop] What is the story with QQ.COM?
On Sat, 1 Jun 2019 03:17:32 -0700 Brian Kantor via mailop wrote: > For the past several months, one of the mailboxes on one of my > servers has been getting messages, mostly in Chinese character sets > that I can't decipher, short little messages from various senders > with FROM addresses like 123456...@qq.com. At least a thousand a > day, sometimes as many as 2500 or more in one 24-hour period. We've had this problem too. We've ended up blocking @qq.com email addresses entirely, and haven't had any complaints (and we do have at least one customer in China). Andy ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
[mailop] Contact at cox.net
Hi, Does anyone have any contacts at cox.net please? We are seeing 452 error code CXMXRT when trying to deliver (meaning "The email sender has exceeded the maximum number of sent email allowed"), despite throttling delivery down to 1 email every 12 seconds. Many thanks, Andy ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
[mailop] Contact at tds.net
Hi, Is there anyone here who can help with delivery problems to tds.net? I have tried postmas...@tds.net but I get: postmas...@tds.net (reading confirmation): 554 5.4.6 mail loop detected And their online forms seem to be orientated towards their own users. Thanks, Andy ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
Re: [mailop] Our customers e-mail constantly going to outlook.com junkmail (any Microsoft people around?)
Hi Michael, On Thu, 18 Apr 2019 20:06:41 + Michael Wise wrote: > The one guaranteed way to get traffic delivered to the INBOX is for > the recipient to SafeSender the domains. Just to clarify, does this have to be the domain in the RFC822-From address? Or can it be another header such as return-path or sender? I'm just thinking in the case of a mailing list, whether the recipient could white-list all list emails using the domain in the return-path, or whether they would have to white-list all individual domains that post to the list (assuming it hasn't been rewritten of course). Thanks, Andy ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
Re: [mailop] Unsubscription requests from O365
Sorry... I think it might actually be a problem this end. There are some additional parameters that can be added to the URL which means it doesn't require a POST request. I'm not sure how, but the scanner appears to be adding these. I can't see the parameters in a list email anywhere, so I'm not sure where it's getting them from, but that's our problem not yours. Sorry for the noise. Andy On Wed, 8 Aug 2018 22:57:37 + Michael Wise wrote: > > > "Hmm...[tm]" > > > > Making inquiries. > > Aloha, > Michael. > -- > Michael J Wise > Microsoft Corporation| Spam Analysis > "Your Spam Specimen Has Been Processed." > Got the Junk Mail Reporting > Tool<http://www.microsoft.com/en-us/download/details.aspx?id=18275> ? > > > > -Original Message- > From: Andrew Beverley > Sent: Wednesday, August 8, 2018 3:55 PM > To: Michael Wise > Cc: mailop@mailop.org > Subject: Re: [mailop] Unsubscription requests from O365 > > > > Thanks for the quick reply Michael, > > > > > Does the URL include the user identifier as part of the domain or path? > > > > No, it's in the query string, e.g. > > > > https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.simplelists.com%2Fconfirm.php%3Fu%3DQzwKTj9iXcEWOT1I5MQObv4l7aPma9tN&data=02%7C01%7CMichael.Wise%40microsoft.com%7C7bbb4374adfa43bdee9708d5fd81cf97%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636693656336439282&sdata=%2BlJKT00gN7bqsgTUyhU0QO2CCR2HAXLneSNFNFEz%2FW8%3D&reserved=0 > > > > > This is our SONAR system testing if the URL is malicious. > > > > But surely it shouldn't be doing POST requests to test the URL? It's only the > last 24 hours or so that this has suddenly become a problem - it was okay > before that. > > > > > Or, you could just block the IP ranges that you see this behavior > > > coming from, as I recall they’re all in a /24 or thereabouts. > > > > Thanks, that's a good option - I guess genuine requests will be from a > different IP range. It looks like a bit more than a /24 but not much more > (about 40.107.194.0 - 40.107.248.99 or so). > > > > Thanks, > > > > Andy -- Andrew Beverley ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
Re: [mailop] Unsubscription requests from O365
Thanks for the quick reply Michael, > Does the URL include the user identifier as part of the domain or path? No, it's in the query string, e.g. https://www.simplelists.com/confirm.php?u=QzwKTj9iXcEWOT1I5MQObv4l7aPma9tN > This is our SONAR system testing if the URL is malicious. But surely it shouldn't be doing POST requests to test the URL? It's only the last 24 hours or so that this has suddenly become a problem - it was okay before that. > Or, you could just block the IP ranges that you see this behavior > coming from, as I recall they’re all in a /24 or thereabouts. Thanks, that's a good option - I guess genuine requests will be from a different IP range. It looks like a bit more than a /24 but not much more (about 40.107.194.0 - 40.107.248.99 or so). Thanks, Andy ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
[mailop] Unsubscription requests from O365
We are seeing a large increase in the number of list unsubscriptions from O365-hosted email addresses, using the List-Unsubscribe header. Has anyone else noticed this and/or is anyone aware of any problems? Or has a new "easy" unsubscribe feature been added? Apparently many of the unsubscriptions are unintended by the list member in question. The unsubscriptions seem to happen almost as soon as a list email is distributed, so they look automated rather than the accidental action of members. The list-unsubscribe URL in question requires a POST request to action it (there is also an associated RFC8058 List-Unsubscribe-Post header). Thanks, Andy ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
[mailop] Rackspace point of contact
Is there anyone that can help with a Rackspace delivery problem please? I'm getting very little from their support department (via postmaster@) Thanks, Andy ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
[mailop] Rate-limiting at RoadRunner
Hi, Is there anyone here from RoadRunner who can help with rate limiting? We are seeing a lot of "452 Too many recipients received this hour" when trying to deliver to cdptpa-pub-iedge-vip.email.rr.com. According to http://postmaster.rr.com/spam#ratelimit the recommended way to fix this (amongst other standard best practice) is to set up an FBL and get white-listed with ReturnPath. I've tried the FBL. The previous one we had appears to have been suspended, and there has been no response so far to a request for a new one. ReturnPath is not an option as it's prohibitively expensive. Thanks, Andy -- Andrew Beverley ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
Re: [mailop] UOL Spam Compliant Format
On Tue, 18 Apr 2017 09:59:29 +0200 David Hofstee wrote: > * I have seen people press the spam button mere minutes after filling > in the subscribe form which was as clear as can be. Subscribers > sometimes just can't find the unsubscribe link, forgot they opted in, > sometimes the translation of the button becomes 'unwanted email', > people think the spam button is appropriate for all marketing email > even though they opted in or they just don't care. I have seen people continuously submit a complaint, get removed, and then resubscribe. They then complain that they keep getting removed from the mailing list, and are adamant that they are not making complaints. I'd be interested to hear other people's opinions, but the best theory I have come up with is that anti-spam software on the user's PC is incorrectly identifying the message as spam, moving it to the spam folder of the mailbox, and that is generating the FBL complaint. Andy ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
Re: [mailop] Junking at Office365
Hello Mounir, On Wed, 18 Jan 2017 Mounir el Hahaoui wrote: > We have seen an increasing number of reports about junking at > Office365 from different senders. These customers have an engaged > userbase and rarely experienced deliverability issues before. All > best practices are applied and all technical requirements are set and > validated correctly, like SPF, DKIM and DMARC. > > Despite all off this, for some reason the following error is shown in > the email client: The sender failed our fraud detection checks and > may not be who they appear to be. This excellent blog will explain the reasons why, and gives options to resolve: https://blogs.msdn.microsoft.com/tzink/2016/11/02/troubleshooting-the-red-suspicious-safety-tip-for-fraud-detection-checks/ Andy ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
[mailop] Sporadic delivery to icloud.com
Is there anyone here from icloud.com that can help with some rather sporadic delivery to user's mailboxes? Thanks, Andy ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
Re: [mailop] Outlook.com and fraud detection checks
On Tue, 8 Nov 2016 17:29:48 Andrew Beverley wrote: > I've received a couple of reports recently of outlook.com prepending > the following message to list emails: > > This sender failed our fraud detection checks and may not be who > they appear to be. Learn about spoofing http://aka.ms/LearnAboutSpoofing Thanks for everyone's replies regarding this, especially Terry's blog, which is excellent. Although I was initially told by multiple customers that they were seeing the warning on multiple recipient domains, none have actually provided me with any evidence of this, so I believe it is the "mailing list scenario" as described in the blog. It's less of an issue now that I know it is only the original sender seeing the warning, although it would still be nice to remove it, so I'll be looking through the recommendations. Thanks again, Andy ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
Re: [mailop] Outlook.com and fraud detection checks
Hi Ken, > Any chance you could post an example (with full headers)? I haven't been able to reproduce this myself, so I'll try and get an example from a user and then post it here. Thanks, Andy ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
[mailop] Outlook.com and fraud detection checks
Dear all, I've received a couple of reports recently of outlook.com prepending the following message to list emails: This sender failed our fraud detection checks and may not be who they appear to be. Learn about spoofing http://aka.ms/LearnAboutSpoofing I've checked that link, which suggests it could be because of a misleading link in the email, but there are no links in the emails that I looked at. It looks like the warning message has been around for a while, but it seems like it is now being added to email list messages that are both sent and received from an outlook.com hosted domain. I assumed initially that it was something to do with DMARC, but for both instances the sender did not have a DMARC record. Does anybody know what causes it and whether there is any way to prevent it? The email list messages in question have all the normal headers rewritten, except the "from" header, which only gets rewritten on the presence of a suitable DMARC record. Thanks, Andy ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
Re: [mailop] Yahoo contact for FBL reports
On 30 Oct 2016 17:29:48 - "John Levine" wrote: > >content and then sent from another host. This breaks the DKIM > >signature of course, but the reports are being sent nonetheless. > > > >Is this to be expected and is there anything I can do about it, or > >could I be missing something? > > I've gotten lots of reports with broken signatures, typically real > messages that have gone through mailing lists. I don't think you're > seeing anything unusual from Y! here. > > They certainly know that the signatures are broken, but perhaps > they figure you'd be interested in them anyway. Thanks John, good to hear. Andy ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
Re: [mailop] Yahoo contact for FBL reports
On Fri, 28 Oct 2016 08:56:55 Laura Atkins wrote: > The key here (I *think*) is that the passing DKIM header is signed by > Yahoo. So Yahoo verified the signature. Because it’s a Yahoo > verification, Yahoo trusts it to be right. > > I dunno what’s going on under the covers. But those headers look to > me like someone is playing silly buggers with replay-like attacks. > You’re going to need get one of the folks who really understands DKIM > and Yahoo’s implementation to better understand it. I see, thanks. > Is this hurting your delivery or are you just getting the reports? I don't think it's a problem, I was just slightly concerned to be receiving a load of reports for mail that I couldn't identify. There did seem to be a slight dip in our IP address reputations, but that may have just been a coincidence. > Also, I’d unsubscribe the original recipient. Thanks, I've done that. Andy ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
Re: [mailop] Yahoo contact for FBL reports
On Thu, 27 Oct 2016 15:44:15 Laura Atkins wrote: > I know that Yahoo will send FBLs to forwarded messages to the > originator. Looks like this is one of the “side effects” of that. I see, thanks. So the spammer is trying to make it look like a forwarded message, so that even though it fails DKIM, it still might increase the chance of it passing filters. Correct? Andy ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
Re: [mailop] Yahoo contact for FBL reports
On Thu, 27 Oct 2016 14:44:12 Laura Atkins wrote: > >> As far as I'm aware DKIM and/or DomainKeys needs to pass for Yahoo > >> to allow the complaint to be processed back to the PRA domain's > >> complaint feed. > > > > That's what I assumed, which was why I was worried I might be > > missing something. > > DKIM seems to authenticating, at least in this sample: > > mta1057.sbc.mail.bf1.yahoo.com from=simplelists.com; > domainkeys=neutral (no sig); from=simplelists.com; dkim=pass (ok) Thanks Laura. I *think* that's the original authentication header though, from the genuine email that was originally sent from our service. The original genuine email then appears to have had spam inserted and resent, which then appears to result in the second authentication header that fails. Andy ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
Re: [mailop] Yahoo contact for FBL reports
On Thu, 27 Oct 2016 21:09:57 Andrew Wingle wrote: > If you could provide header samples it would be helpful here. Thanks for the reply Andrew, much appreciated. I've copied below. > As far as I'm aware DKIM and/or DomainKeys needs to pass for Yahoo to > allow the complaint to be processed back to the PRA domain's complaint > feed. That's what I assumed, which was why I was worried I might be missing something. X-Apparently-To: judithmcdann...@sbcglobal.net; Thu, 27 Oct 2016 16:45:32 + Return-Path: Received-SPF: pass (domain of peertechnik.com designates 213.202.233.16 as permitted sender) X-YMailISG: JZIm.zQWLDt0BINBpM6tBNBp2iIQRm8d1EVZy2m5PqQ2b7SW voPNEyDSXpkpmCBfTtdygaJm.MEOkaPJfwJjL.vprEsBl6QeBuETMqsO5FDY UB0kUbC6WpC3d_XuCWMXedriIJ6ZCXSHnnUNkK08CAauwmV.aJkOEDyjXYSW DtXOf5c5dI3yZHWyeZ_sRevo2OP4e9Dz.2wE3jV76ZmM3aEpfrFzEOS9Nr9t hW5QRwq4ZKXGL.aZjrlzJhXt0s4wUc1Rsrl1_I_pWZOW6EfWoBXHeMKA_wkP Kc_ujiqO6Iz7On2jGDo0CoXuJe6RMyCDJlb0knbxEICwqJrsX9y9r0YjGgpp 0hivN2jtORARam5ZeSqkn82s8MopURxdD41VX3VrPNd.dNjEkciSvt6QU1RY s8hSJiZ_ds686i3RtyIZJ7ulVSusi6pYfUTtB9Ye1np_67O03xvTweOys2qC mWYjKEdkCrBCgAA0kidd3956KTvFuVo941AeR5lneqD1E5noAuMQpoWKQ00E BiQqNfUeSVf_IkV.Jv88i6yNGOcKDWdLofZ4EErq5SyrTVoZrA95nNdMIkXA zjjqVD5IJXPuQzZjLcqRxbWdLEXHkSChvdLInhKw05nLgNtwe8t9VU6FOq5. Vc5TTb4fZFku6deTQ2l28xXaVB5jmzPGfT3ROkC0fl0FMmMu3aCRvuMGEdxc DafZk5uc.WmWI6gXpDK1MvX.MxugbGBu.8vY3pNEMiSBQlazvXqCbCyw4.e3 KA2eFGJrm5L.pTgDzlbjPOIQIlYo4dl8FKApxshdcNEmu844JkG6eJV3P2EO 0MtfJ_AlYr4Dyqk1pe98b9chFpsb8nuJMZzD7EGGN.JdAjsup.4nJqX6MkIm pF4uY2hKcrX18qbE5f7voOpNeNFPwlTZHDD0.w65S_mHFus.9WIJbDMMCw6n BcQ0nQBSjU2GH7nuC9KLo3ZAIkFTwkynKOEpEUweKByXIgGA02p9tzt4wGro Jku6f8Sm.Ve1Oxm.i4n6JyEYSgWw.lkF08sgZEyXB7klfBx01eetFJ7lzRX0 2Xn1Pbx.vcE90hC43xOuWlOES_h5w0EbHh64JXhSzO8TZrWNkCjLj9CiDEoF LbF11p4fGqFSnY5zEGXHbELkndppOHqvrSLUv7ZEv.uSqaNx3XPJcW5mecmr 2nSo36z5XI1ToITnnNn8qtCxliNnLRMH6vmneGhiUbaP8Iv83ugHhmHSeVdM URxvl6.60QSEbpPyJNMvUHvznBWlNq5.Hzy928nL69I0gsoFqr8wvzeXtTe_ dcmZLqHeA.Sc66Lvyte3EBmkouNNbeHclYa_3Lgr6C8v9mhqucBraKhfXzkn vpVefK6LoS__Mbjt_O9Sksk8iO7O30tP7QthZvUSCtC3RKXYgR5VqAk_WR.D tjiRfwx3QPC48FBwMJofapZDP_5tBPfTRv256A-- X-Originating-IP: [213.202.233.16] Authentication-Results: mta1015.sbc.mail.ne1.yahoo.com from=simplelists.com; domainkeys=neutral (no sig); from=simplelists.com; dkim=permerror (bad sig) Received: from 213.202.233.16 (EHLO alph138.prodigy.net) (144.160.244.46) by mta1015.sbc.mail.ne1.yahoo.com with SMTP; Thu, 27 Oct 2016 16:45:32 + X-Originating-IP: [213.202.233.16] Received: from peertechnik.com (srv1015.dedicated.server-hosting.expert [213.202.233.16]) by alph138.prodigy.net (8.14.4 IN nd2 TLS/8.14.4) with ESMTP id u9RGjL1v017705 for ; Thu, 27 Oct 2016 12:45:31 -0400 Received: from (127.0.0.1) by peertechnik.com id h28nik16lt05 for ; Thu, 27 Oct 2016 12:45:30 -0400 (envelope-from ) X-Apparently-To: hamza...@att.net; Tue, 25 Oct 2016 22:36:25 + Received-SPF: pass (domain of simplelists.com designates 89.16.184.171 as permitted sender) X-YMailISG: QoKMl.IWLDu8Q19o_VbbsuNWGEOrvssRLQx9hiKC.fNejP1I ENZiA_0tW6erTlXSdo_MEiKhA71e71eWfB.LgVXWSHpK1sOphbxHzZdDYisD CHA1LAEJlMODXU3KGxHFXGlyw5HVjysWOL6uOCMx..toXFbcOvtQhDGDWcpP 5r.cRpl0cA42u_tRDOoEM0m.doPjZkh_b6A.OtmKgCqJ6y9YODlpED0RXmtX D6nq9bQAGRj7RKAdYUCovl4mgOc.SZOPl1AgRjiPpylyjDs0VIHrVUTgmdYa vt6_eUnhuCkrul0hSZADrR2ztJdqtZ6G0xFS.WaQwQoayYogbre9FEayOp.2 aNiebZcH_9.CSqZFD8MJD_UZ6XCRC92Nx0jmzTufJqgYb8N2wwaB9z2a4djC Vpo9jD6N6dVfEH3kZ17s3JDWnX1Gf.nsynkQA4UOmBoNMor311jw7BeKW9Uf h_v4.VcGhR1UNjxwYR6_A5xng.Q_tOZOG8OCEehzajj7oKGg_aQHkGsWb9e2 MthUeCEcBDHW8fI4YDq3d1x4rTSwIfHq.AptSRNc0A650bSLuGJRqppJWOpy GFd1GiIqaUUwk5l9BSWEACG.3iQUIkr8E87looj.pB5v_6hRGNbjaDdbPVeK uMk_8CEti7oZZWMUV9pQC5tfeTz6GAs4RSsJ_HAT_eS.KA9PmNnYq.cNIRFz mR92qiw.alsqVPYock_dRSrH1R9C1fUNe0UiILjBuKVNRtfQSyVVl6Z9N793 qNGXbFBU9shgvHF.kovuYeBxtUS9.6K2.tj0SUFmOhq35yVrwEjmXuFma7bC fSF9ZcAFGeVAd002w0f6c80cJJSUXydLihElTGKbEwHc7D4yYCxV3JqeD9wj 92XAx6pgIoIyi4MGa0M3PmdHaTYdTmR7tgIqTk8p.as9m0wVB1hgC_fJn064 xJ0W8pe3Imw2PfHGDKs4KVR.PcWWlx1NYNSncHQV.TLAReICZj3fVtp6Cim_ w_j79FQcb6cwd.VjK6o0ynFW_V1eUNHYgtyfbVZ9qjAOCAn9z20sx.L7QI46 aaYromJW9sisD2YnNDLBW55xImteDuVbVCWondfRcJnEYYDUZik1JeMsD.Y. TGNMG1kYYDjkTFy6kxAmiYR.9mEUU5Q5b3j.bjdlgnVRIgz3pq77sQcrWkNM kjcHmtnapUfPL.4vqqIvp8y_aaJF.iKmS3NxfDVVFYDDebR_KpzwHl.6XQSM xuT2bPcCFP8_g_iYx4B5Cbis_HbQyr9D4.aNgOKCdyF.5e0OyqepwlwTA6zd Z2_UF_D.f7nIP1uKxTABR43HDy.Ie7Ucnc6UGVaGg8Z_z2Tt3w6gpPiB8h7L plugyJd.aE5.7ClK3fHXLMzLVM7pzwJBgI6O3BvzSGFLt0skBhQEInB1shVJ eW4ybnH6jwy0VH4vBuXCHv28av3WY4CwkkDeCCQPqDl99xQPGFUjO_v7vnRD favxYhdEBDRM60JixNUlHvqzawsna2poWUcTmfjafyCsxPc- X-Originating-IP: [89.16.184.171] Authentication-Results: mta1057.sbc.mail.bf1.yahoo.com from=simplelists.com; domainkeys=neutral (no sig); from=simplelists.com; dkim=pass (ok) Received: from 144.160.152.184 (EHLO flph398.prodigy.net) (144.160.152.184) by mta1057.sbc.mail.bf1.yahoo.com with SMTP; Tue, 25 Oct 2016 22:36:24 + X-Header-Overseas: Mail.from.Overseas.sour
Re: [mailop] Yahoo contact for FBL reports
On Thu, 27 Oct 2016 18:11:40 +0100 Andrew Beverley wrote: > Is there anyone from Yahoo here, who could contact me regarding > unusual FBL reports I'm receiving please? Maybe I should ask my question here: We've been getting a lot of Yahoo FBL reports for what appear to be forged emails. The emails are loosely based on ones that have been sent from our service, but have then been altered to insert a lot of spam content and then sent from another host. This breaks the DKIM signature of course, but the reports are being sent nonetheless. Is this to be expected and is there anything I can do about it, or could I be missing something? Andy ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
[mailop] Yahoo contact for FBL reports
Hi, Is there anyone from Yahoo here, who could contact me regarding unusual FBL reports I'm receiving please? Thanks, Andy ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop