Re: [mailop] Update: it's not. Re: T-Online is now really blocking messages from non-commercial and simliar senders

2022-10-21 Thread Zack Aab via mailop 
Just to throw my experience in the ring in case it's helpful to anyone: I
had a sender deliver just fine to T-Online until a couple of weeks ago when
they were blocked for (what I determined after conversation with tosa@) not
having a website with contact info available at the outbound mta's parent
domain name (ehlo outbound.*mtaparentname*.com).  Once a website redirect
was put up they unblocked.  I'm guessing it's some combination of automated
crawling for contact info and manually unblocking the false negatives as
they come up (as people who monitor their bounces reach out).
Just my $0.02.
*Zack Aab* (He/him)
Consultant, Packaged Technology Operations, Shift Paradigm
*O* +1 (512) 717-4097 <+15127174097> | *C* +1 (404) 317-6729 <+14043176729>
| *W* shiftparadigm.com 


On Fri, Oct 21, 2022 at 12:52 PM Grant Taylor via mailop 
wrote:

> On 10/21/22 10:30 AM, Laura Atkins via mailop wrote:
> > I know a number of mailservers that are able to successfully send mail
> > to t-online.de and have never contacted the tosa@ address.
>
> I wonder if that hints at a thus-far un-discussed aspect of T-Online's
> policy.
>
> There is every chance that T-Online did some sort of analysis of email
> traffic to identify likely legitimate senders and primed their white
> list with those domains / IPs.  E.g. ratio of outgoing messages to
> domains / IPs verses spam complaints therefrom.
>
> Similarly, I suspect that T-Online also primed their white list with the
> email oligarchies.  --  If I can borrow / re-use what I consider to be
> an apt description.
>
> After all, every single list has to start from something.  Good lists
> organically grow (and shrink) over time as needed.
>
>
>
> --
> Grant. . . .
> unix || die
>
> ___
> mailop mailing list
> mailop@mailop.org
> https://list.mailop.org/listinfo/mailop
>
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] DMARC: Anyone using pct=n with n !=0 and n !=100?

2021-08-20 Thread Zack Aab via mailop 
>Do you know anyone who actually does that?
Our clients do when we set them up with DMARC.
*Zack Aab* (He/Him)
Deliverability, Tech Lead, Trendline Interactive
*O* +1 (512) 717-4097 <+15127174097> | *C* +1 (404) 317-6729 <+14043176729>
| *W* trendlinei.com <https://www.trendlineinteractive.com/>


On Thu, Aug 19, 2021 at 10:48 PM John Levine  wrote:

> It appears that Zack Aab via mailop  said:
> >
> >It's mostly to assuage the fears of large senders that all their mail will
> >be trashed if they've set up something wrong, ime.  They can set it to 20%
> >and observe the consequences "just to be sure" before going to 100%.
>
> That was the plan.  Do you know anyone who actually does that?
>
> R's,
> John
>
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] DMARC: Anyone using pct=n with n !=0 and n !=100?

2021-08-19 Thread Zack Aab via mailop 
It's mostly to assuage the fears of large senders that all their mail will
be trashed if they've set up something wrong, ime.  They can set it to 20%
and observe the consequences "just to be sure" before going to 100%.
*Zack Aab* (He/Him)
Deliverability, Tech Lead, Trendline Interactive
*O* +1 (512) 717-4097 <+15127174097> | *C* +1 (404) 317-6729 <+14043176729>
| *W* trendlinei.com 


On Thu, Aug 19, 2021 at 11:50 AM Alessandro Vesely via mailop <
mailop@mailop.org> wrote:

> Hi all,
>
> I've seen a few DMARC records having pct=20 or similar.  At a later
> time some of those domains evolved to pct=100, other removed the DMARC
> record completely.  I'm not clear what is the intended use of such values.
>
> What do domain owners expect from an intermediate value of pct=?
>
> Anyone?
>
> Best
> Ale
> --
>
>
>
>
>
>
>
>
> ___
> mailop mailing list
> mailop@mailop.org
> https://list.mailop.org/listinfo/mailop
>
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] [E] Re: Some Days I think that Gmail isn't even trying to stop outbound spam..

2021-02-05 Thread Zack Aab via mailop 
Although I'm not terribly qualified to comment on Gmail's policies or
design decisions, I thought I'd throw in an anecdote about the "Report
Spam" user experience:
A random guy I talked to in a bar (it was a work trip, he asked why I was
in town, etc) told me that he used the "Report Phishing" function in Gmail
as a (his words) "Super Spam Report" for when he was particularly annoyed
at a marketing email or sender.
I think he is an example that even with clear and simple labels like
"Report Phishing" vs "Report Spam," if the user can't _see_ what happens
when they click a button, they're going to decide for themselves what that
button does...or something like that... :-)

Zack Aab

On Fri, Feb 5, 2021 at 5:24 PM Marcel Becker via mailop 
wrote:

> On Fri, Feb 5, 2021 at 12:58 Jay Hennigan via mailop 
> wrote:
>
>> Simply changing "Junk" to "Report as
>> spam" would help a lot.
>
>
> Unfortunately no, it would not.
>
> - Marcel
>
> ___
> mailop mailing list
> mailop@mailop.org
> https://list.mailop.org/listinfo/mailop
>
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] BIMI pilot @ Google

2020-07-22 Thread Zack Aab via mailop 
>I don't think this is anything about DMARC...
BIMI requires an enforced DMARC policy, so the idea is that it will
increase adoption because marketing teams will be motivated to put pressure
on their security/IT teams to implement DMARC in the hopes of improving
brand recognition, reducing phishing, etc.

*Zack Aab*, Senior Deliverability Strategist, Inbox Pros, a Trendline
Company
*O* +1 (470) 875-1823 <+14708751823>


On Wed, Jul 22, 2020 at 2:31 PM Jim Popovitch via mailop 
wrote:

> On Wed, 2020-07-22 at 14:49 +0200, Sidsel Jensen via mailop wrote:
> > but if the effect is that it will drive up the adoption rate for DMARC
> then I am clapping my hands.
>
> "Once verified, the BIMI file tells the email service where to find the
> sender’s logo and the email service pulls that logo into the inbox."
>
>
> I don't think this is anything about DMARC, this is about inbox
> tracking.
>
> -Jim P.
>
>
>
> ___
> mailop mailing list
> mailop@mailop.org
> https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
>
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] BIMI

2019-12-06 Thread Zack Aab via mailop 
Agreed, agreed.

My $0.02 on the security value of BIMI (and pitch for implementing it) is
this:
Of the following two domains, one is owned by a major bank and locked down
securely with DMARC and the other one currently costs $12 on GoDaddy (it's
even discounted!), can you tell which is which?
supp...@jpmorganchasebank.com
supp...@jpmorganandchasebank.com
(No particular reason I picked Chase bank, I just crawled around the whois
looking for a good bank company example a while back and bumped into this
one first.)

A lot of Chase bank customers probably wouldn't notice the difference in
the From address, and if a spammer bought that domain right now they could
certainly enforce DMARC on it.  BIMI lets the ISP call out the one they are
confident is legit (based on history, volume, etc) using the branding mark
even if the other one manages to get through their filters.

Presumably the ISP's own history/volume/etc requirements and the
third-party certificate step (I'm not sure of the status of that) will make
a spammer using a visually similar mark as Chase bank's unlikely, but I
guess that's the bit that remains to be seen irl.

If a company doesn't have BIMI, it's probably not a high priority for
them...although I have seen marketers salivate at the thought of brand
impressions before the email is even opened...but if they have DMARC
already enforced, it's a relatively trivial upgrade to make things that
much more secure (and pretty).

*Zack Aab*, Senior Deliverability Strategist, Inbox Pros, a Trendline
Company
*O* +1 (470) 369-6712 <+14703696712>


On Fri, Dec 6, 2019 at 6:25 AM Laura Atkins via mailop 
wrote:

>
> On 6 Dec 2019, at 10:42, Vytis Marciulionis via mailop 
> wrote:
>
> Hi,
> I am not a part of the BIMI working group but, I think it is cool in it's
> own way. So I will try to add my 2 cents.
>
>
>> - It is said to increase security for mailbox owners because seeing the
>>   companies logo they now they can see the message really is from "
>> brand.com".
>>   I still doubt this will work, because I could easily create a logo that
>>   looks similar to brand.com, but use "brånd.com
>> " including valid
>>   SPF/DKIM/DMARC which AFAIK are conditions that have to be meet in order
>> to
>>   display a BIMI logo.
>>
>
> For the time being the requirement is to have p=quarantine or p=reject on
> DMARC and a pass, also significant volume, engagement and reputation is
> necessary for BIMI to appear.
> Whereas it is indeed easy to authenticate your domains, spammers still
> don't do that due to them constantly switching domains and it being
> time-consuming.
>
>
> You have the amount of effort involved in correctly authenticating with
> DMARC backwards for spammers and real companies.
>
> It’s utterly trivial for a spammer to deploy DMARC authenticated email.
> They’ve been using disposable domains on disposable IPs for a long time.
> The process is automated to a very high degree and every spam message they
> send is fully DMARC aligned. The only change they need to make is to change
> their deployment scripts to publish one more DNS record. It’s trivial for a
> spammer to change domains and have those domains fully DMARC p=reject
> compliant.
>
> For real companies, they need to actually discover where all their mail is
> coming from and go through a process of making sure each of those message
> streams is authenticated. It can take months for even small senders with
> only a few mail pathways to implement DMARC.
>
> Needless to say, building a reputation with certain providers is also not
> something that spammers think of doing or, in most cases, are able to do.
>
>
> You’ve not actually ever talked to companies many here would call
> spammers, have you? Spammers think about reputation all the time and work
> very hard to try and build a good reputation. There have even been lawsuits
> detailing the behavior they go through to try and manipulate their
> reputation.
>
> Now, will spammers be able to take advantage of BIMI? That is currently
> unclear to me, but I’m sure they’re following the protocol development very
> closely and looking at how they can also have their mail display logos.
>
> laura
>
> --
> Having an Email Crisis?  We can help! 800 823-9674
>
> Laura Atkins
> Word to the Wise
> la...@wordtothewise.com
> (650) 437-0741
>
> Email Delivery Blog: https://wordtothewise.com/blog
>
>
>
>
>
>
>
> ___
> mailop mailing list
> mailop@mailop.org
> https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
>
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop