Re: [mailop] [External] sendgrid.net
on Fri, Sep 25, 2020 at 12:22:43PM -0700, Michael Peddemors via mailop wrote: > But does anyone know these guys? Looks like they have bought or used > a bad mailing list, or they have a sign process being abused > heavily.. I don't know anyone there that I know of, but whoever they are they are capable of advertising on many of the TV channels we watch fairly regularly. So, maybe bad signup process, hard to say without knowing more. When you visit their Web site to check it out you're forced to sign up or login, so that's probably the human factors issue that's driving that. -- hesketh.com/inc. v: +1(919)834-2552 f: +1(919)834-2553 w: http://hesketh.com/ Internet security and antispam hostname intelligence: http://enemieslist.com/ ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
Re: [mailop] [External] sendgrid.net
Speaking of SendGrid.. (Again) BTW, our guys policy, on detection of 'phishing' the IP is posted to RBL's.. otherwise it is probably just scored a little higher.. But does anyone know these guys? Looks like they have bought or used a bad mailing list, or they have a sign process being abused heavily.. 149.72.129.15 (S,M)31 o1.sg.e.zulily.com 149.72.129.150 (M) 42 o2.sg.e.zulily.com 149.72.129.152 (M) 37 o3.sg.e.zulily.com 149.72.164.60 (M) 45 o4.sg.e.zulily.com 149.72.177.54 (M) 38 o5.sg.e.zulily.com 149.72.177.55(M) 42 o6.sg.e.zulily.com 149.72.202.44 (M) 37 o7.sg.e.zulily.com 149.72.208.230 (M) 40 o8.sg.e.zulily.com On 2020-09-25 12:00 p.m., Jay Hennigan via mailop wrote: On 9/25/20 11:50, Anne P. Mitchell, Esq. via mailop wrote: I've been very saddened. Sendgrid was a reputable ESP that has fallen from grace. About 6-7 months ago, we started seeing pretty large amounts of spam from them. Exactly - this tracks with the timeline when a) they ceased being certified by us, b) certain key people who *had* been involved with making sure that SendGrid did the right thing left, and then c) they were acquired by Twilio. Acquisitions of reputable players in the email space generally lead to a decline in how white hat they are, because of course the acquirers are almost always only (or at least primarily) interested in a return on their $ investment (witness Habeas). If, after months of abuse, receivers continue to take the attitude that the relatively small amount of wanted mail coming from Sendgrid is an obstacle to a complete block, we are simply acting as enablers and there is no incentive for them to get a handle on the problem. IMHO, Sendgrid doesn't consider it to be a problem, they consider it to be a feature. As long as the spammers' and phishers' checks don't bounce they're happy to accommodate them. As long as the rest of the Internet continues to take their abuse, they will continue to dish it out. -- "Catch the Magic of Linux..." Michael Peddemors, President/CEO LinuxMagic Inc. Visit us at http://www.linuxmagic.com @linuxmagic A Wizard IT Company - For More Info http://www.wizard.ca "LinuxMagic" a Registered TradeMark of Wizard Tower TechnoServices Ltd. 604-682-0300 Beautiful British Columbia, Canada This email and any electronic data contained are confidential and intended solely for the use of the individual or entity to which they are addressed. Please note that any views or opinions presented in this email are solely those of the author and are not intended to represent those of the company. ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
Re: [mailop] [External] sendgrid.net
On 9/25/20 11:50, Anne P. Mitchell, Esq. via mailop wrote: I've been very saddened. Sendgrid was a reputable ESP that has fallen from grace. About 6-7 months ago, we started seeing pretty large amounts of spam from them. Exactly - this tracks with the timeline when a) they ceased being certified by us, b) certain key people who *had* been involved with making sure that SendGrid did the right thing left, and then c) they were acquired by Twilio. Acquisitions of reputable players in the email space generally lead to a decline in how white hat they are, because of course the acquirers are almost always only (or at least primarily) interested in a return on their $ investment (witness Habeas). If, after months of abuse, receivers continue to take the attitude that the relatively small amount of wanted mail coming from Sendgrid is an obstacle to a complete block, we are simply acting as enablers and there is no incentive for them to get a handle on the problem. IMHO, Sendgrid doesn't consider it to be a problem, they consider it to be a feature. As long as the spammers' and phishers' checks don't bounce they're happy to accommodate them. As long as the rest of the Internet continues to take their abuse, they will continue to dish it out. -- Jay Hennigan - j...@west.net Network Engineering - CCIE #7880 503 897-8550 - WB6RDV ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
Re: [mailop] [External] sendgrid.net
> I've been very saddened. Sendgrid was a reputable ESP that has fallen > from grace. About 6-7 months ago, we started seeing pretty large > amounts of spam from them. Exactly - this tracks with the timeline when a) they ceased being certified by us, b) certain key people who *had* been involved with making sure that SendGrid did the right thing left, and then c) they were acquired by Twilio. Acquisitions of reputable players in the email space generally lead to a decline in how white hat they are, because of course the acquirers are almost always only (or at least primarily) interested in a return on their $ investment (witness Habeas). > I've personally tried reaching out to Twilio / Sendgrid leadership to alert > them to the issue. I did as well, and was assured that they have a unit whose task it is to ensure all Sendgrid/Twilio communications are "wanted, secure and legal." Sigh. Anne -- Anne P. Mitchell, Attorney at Law CEO, SuretyMail Email Reputation Certification Dean of Cyberlaw & Cybersecurity, Lincoln Law School Advisor, Governor's Innovation Response Team Task Force Author: Section 6 of the CAN-SPAM Act of 2003 (the Federal anti-spam law) Board of Directors, Denver Internet Exchange Chair Emeritus, Asilomar Microcomputer Workshop Former Counsel: Mail Abuse Prevention System (MAPS) ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
Re: [mailop] [External] sendgrid.net
On 9/25/2020 9:36 AM, Michael via mailop wrote: > What's the consensus on sendgrid.net? I don't know anything about > them, but I had the impression that they were a reputable company. > Lately, I've noticed a lot of phishing emails coming from them. Does > anyone just block them completely? > I've been very saddened. Sendgrid was a reputable ESP that has fallen from grace. About 6-7 months ago, we started seeing pretty large amounts of spam from them. I've personally tried reaching out to Twilio / Sendgrid leadership to alert them to the issue. The KAM.cf ruleset has rules that mark sendgrid higher due to the proclivity for phishes. Krebs as done an article on it: https://krebsonsecurity.com/2020/08/sendgrid-under-siege-from-hacked-accounts/ mailop, the SA mailing list and others have all discussed the issue for months. Invaluement released a plugin / list for this issue as well - See https://www.invaluement.com/serviceproviderdnsbl/ Until Sendgrid acknowledges and works to resolve the issue, I must recommend that they are avoided. Regards, KAM ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
