Re: [mailop] [E] Re: AOL/Yahoo requiring SOA record for MAIL FROM domain name?
On Fri, Jul 14, 2023 at 8:54 AM Larry Smith via mailop wrote: > Hmmm, so are these simply connections this filter is blocking > or verifiable (high probability of spam source) spam connections? > Spam. Of course. > From the conversation it seems mom and pop's are the ones losing > "seems" is the keyword here. People's opinions and anecdotes do not really reflect actual data at scale. Mom and pops tend to have correct DNS setups. And as I said before (multiple times now) we help the (very few) edge cases. ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] [E] Re: AOL/Yahoo requiring SOA record for MAIL FROM domain name?
On Fri July 14 2023 09:26, Marcel Becker via mailop wrote: > On Fri, Jul 14, 2023 at 12:46 AM Thomas Mechtersheimer via mailop < > > mailop@mailop.org> wrote: > > Do you have any numbers that suggest that this specific method does > > filter a significant amount of spam which other filters would not > > recognise? > > Yes, of course. We wouldn't do it otherwise. It's billions. And it kept > getting worse. > You can thank the scum of the internet. Once more. Hmmm, so are these simply connections this filter is blocking or verifiable (high probability of spam source) spam connections? From the conversation it seems mom and pop's are the ones losing and the spammers just move on to another technic. -- Larry Smith lesm...@ecsis.net ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] [E] Re: AOL/Yahoo requiring SOA record for MAIL FROM domain name?
On 7/14/23 9:26 AM, Marcel Becker via mailop wrote: Yes, of course. We wouldn't do it otherwise. It's billions. And it kept getting worse. Can ~> will you share any rough (as in order of magnitude / log10) numbers? -- If so, please do. One of the things that I find so confusing about this thread is how the SOA test that Yahoo is doing provides any different results than requiring an MX / A / record for a (purported) sending domain. You can thank the scum of the internet. Once more. I assumed that denizens of the Internet's Mos Eisley cantina were the impetus behind such a test / filter. Grant. . . . ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] [E] Re: AOL/Yahoo requiring SOA record for MAIL FROM domain name?
On Fri, Jul 14, 2023 at 12:46 AM Thomas Mechtersheimer via mailop < mailop@mailop.org> wrote: > > Do you have any numbers that suggest that this specific method does filter > a significant amount of spam which other filters would not recognise? > Yes, of course. We wouldn't do it otherwise. It's billions. And it kept getting worse. You can thank the scum of the internet. Once more. ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] [E] Re: AOL/Yahoo requiring SOA record for MAIL FROM domain name?
In message <56b83491-6441-4d1e-a3ef-008da3311...@slavino.sk>, Slavko via mailop writes >When spammers are able to create proper DNS records directly used >in email authentification, what problem will be the SOA record for them? In order to have a domain with an SOA record they have to purchase a domain (and provide a DNS service for it) ... and when that domain falls in reputation they have to buy another one ... (and yes there are free domains out there but they start off with a poor reputation!) If an SOA is not required (and other mailbox providers have other ways of testing that domains actually exist) then n-character-random- string.respectable-tld can be used as a domain and every spam email will have a domain with a neutral reputation -- richard Richard Clayton Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety. Benjamin Franklin 11 Nov 1755 signature.asc Description: PGP signature ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] [E] Re: AOL/Yahoo requiring SOA record for MAIL FROM domain name?
Dňa 14. júla 2023 7:16:43 UTC používateľ Thomas Mechtersheimer via mailop napísal: >I guess he means filtering based solely on the existance of a SOA record. Of course, that is what this thread about... Thanks to clarify behind me ;-) >Do you have any numbers that suggest that this specific method does filter >a significant amount of spam which other filters would not recognise? I know that you don't ask me, but consider that spammers adapted SPF, DMARC and DKIM. That doesn't means, that these methods dosn't do what they have to do. But they are not reliable SPAM mark anymore. Some months ago a collect stats about DKIM on my server: + all failed DKIMs was in legal mails, mostly from maillists + all rejected SPAMs (with DKIM signature) had DKIM pass When spammers are able to create proper DNS records directly used in email authentification, what problem will be the SOA record for them? Thus more than spammers (perhaps except some script kids), IMO that will mostly catch misconfigurations of regular people. If mission is to improve DNS, then OK. But spammers? I don't believe... regards -- Slavko https://www.slavino.sk/ ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] [E] Re: AOL/Yahoo requiring SOA record for MAIL FROM domain name?
On Thu, Jul 13, 2023 at 11:31:48AM -0700, Marcel Becker via mailop wrote: > On Thu, Jul 13, 2023 at 11:19 AM Slavko via mailop > wrote: > > Would not be more effective to not use technique prone to false > > positives? For both sides... > > So you mean not trying to filter spam or fight spammers at all? I have not > seen a solution which doesn't produce false positives. I guess he means filtering based solely on the existance of a SOA record. Do you have any numbers that suggest that this specific method does filter a significant amount of spam which other filters would not recognise? -- Thomas Mechtersheimer - Necklenbroicher Str. 45a - D-40667 Meerbusch - Germany EMail: thom...@wupper.com IRC-Nick: Mechti Of course I'm crazy, but that doesn't mean I'm wrong. I'm mad but not ill. ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] [E] Re: AOL/Yahoo requiring SOA record for MAIL FROM domain name?
On Thu, Jul 13, 2023 at 11:19 AM Slavko via mailop wrote: > > Would not be more effective to not use technique prone to false > positives? For both sides... > So you mean not trying to filter spam or fight spammers at all? I have not seen a solution which doesn't produce false positives. ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] [E] Re: AOL/Yahoo requiring SOA record for MAIL FROM domain name?
Dňa 13. júla 2023 17:41:51 UTC používateľ Marcel Becker via mailop napísal: >On Thu, Jul 13, 2023 at 10:35 AM Robert L Mathews via mailop < >mailop@mailop.org> wrote: > > >> I still think this is a check that's prone to false positives >> > >Or other issues. Yes. That's why we are also helping where we can when >folks reach out to us. Would not be more effective to not use technique prone to false positives? For both sides... regards -- Slavko https://www.slavino.sk/ ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] [E] Re: AOL/Yahoo requiring SOA record for MAIL FROM domain name?
On Thu, Jul 13, 2023 at 10:35 AM Robert L Mathews via mailop < mailop@mailop.org> wrote: > I still think this is a check that's prone to false positives > Or other issues. Yes. That's why we are also helping where we can when folks reach out to us. -- Marcel ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] [E] Re: AOL/Yahoo requiring SOA record for MAIL FROM domain name?
On Thu, Jul 13, 2023 at 9:00 AM Bill Cole via mailop wrote: > > It is worth noting that this is in no way a "standard" or even a > widely-known "best practice" > Nobody has claimed that. ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] [E] Re: AOL/Yahoo requiring SOA record for MAIL FROM domain name?
On 2023-07-13 at 10:15:27 UTC-0400 (Thu, 13 Jul 2023 07:15:27 -0700) Marcel Becker via mailop is rumored to have said: No. I might as well reveal the actual domain names involved, since it's not particularly secret: it's "westfir.or.us" and "ci.westfir.or.us". It's actually not that complicated. We want to see an SOA record for either the domain OR the organizational domain. We use the PSL to determine the organizational domain. It is worth noting that this is in no way a "standard" or even a widely-known "best practice" and that it was entirely the invention of the Big Brains at Yahoo, the place that helped give us the ridiculous fragility of DKIM... -- Bill Cole b...@scconsult.com or billc...@apache.org (AKA @grumpybozo and many *@billmail.scconsult.com addresses) Not Currently Available For Hire ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] [E] Re: AOL/Yahoo requiring SOA record for MAIL FROM domain name?
> > > No. I might as well reveal the actual domain names involved, since it's > not particularly secret: it's "westfir.or.us" and "ci.westfir.or.us". > > It's actually not that complicated. We want to see an SOA record for either the domain OR the organizational domain. We use the PSL to determine the organizational domain. or.us is in the PSL. So the organizational domain seems to be westfir.or.us . Contrary to your original mail that does not have a SOA. ci.westfir.or.us seems to have one though. So that should not have issues. So if you make sure your organizational domains have an SOA (as you originally stated you do), you should be fine. -- Marcel ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop