Re: [mailop] Amazon SES using SAME sender Domain for multiple customer?
I have been using this Spamassassin rule header LOCAL_AZNSES ALL =~ /amazonses\.com/i score LOCAL_AZNSES 6 describeLOCAL_AZNSES Amazon mailer for over a year now, and have only needed to make one exception. My experience may be atypical, and your mileage may vary, of course. Ken -Original Message- From: mailop [mailto:mailop-boun...@mailop.org] On Behalf Of mailop@mailop.org Sent: Monday, September 25, 2023 9:10 AM To: Benoit Panizzon Cc: mailop@mailop.org Subject: Re: [mailop] Amazon SES using SAME sender Domain for multiple customer? > There is a company which is sending a lot of misdirected/unwanted email > via Amazon SES and has failed to react to my attempts to contact them > by email and phone in the last 14 days or so to try to solve the issue. Benoit, if you are saying this is spam, please connect with me off-list, and we'll make sure this gets to the right folks at SES. Anne -- Anne P. Mitchell, Esq. Email Law & Policy Attorney CEO Institute for Social Internet Public Policy (ISIPP) Author: Section 6 of the CAN-SPAM Act of 2003 (the Federal email marketing law) Creator of the term 'deliverability' and founder of the deliverability industry Author: The Email Deliverability Handbook Board of Directors, Denver Internet Exchange Dean Emeritus, Cyberlaw & Cybersecurity, Lincoln Law School Prof. Emeritus, Lincoln Law School Chair Emeritus, Asilomar Microcomputer Workshop Counsel Emeritus, eMail Abuse Prevention System (MAPS) ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] Amazon SES using SAME sender Domain for multiple customer?
> There is a company which is sending a lot of misdirected/unwanted email > via Amazon SES and has failed to react to my attempts to contact them > by email and phone in the last 14 days or so to try to solve the issue. Benoit, if you are saying this is spam, please connect with me off-list, and we'll make sure this gets to the right folks at SES. Anne -- Anne P. Mitchell, Esq. Email Law & Policy Attorney CEO Institute for Social Internet Public Policy (ISIPP) Author: Section 6 of the CAN-SPAM Act of 2003 (the Federal email marketing law) Creator of the term 'deliverability' and founder of the deliverability industry Author: The Email Deliverability Handbook Board of Directors, Denver Internet Exchange Dean Emeritus, Cyberlaw & Cybersecurity, Lincoln Law School Prof. Emeritus, Lincoln Law School Chair Emeritus, Asilomar Microcomputer Workshop Counsel Emeritus, eMail Abuse Prevention System (MAPS) ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] Amazon SES using SAME sender Domain for multiple customer?
> Does anyone know, why Amazon is not using their customer's domain as > envelope sender? It appears that customers can decide to do it. > The Username part looks like a completely new random string on every > email sent. Or is there a way to match one specific Amazon SES customer? Parts of it may be same. Our "n" is on the order of 100,000 for August 2023. In roughly 16,000 of these, the envelope-sender matched the ERE ([0-9a-f]+-){6}000...@eu-west-1.amazonses.com 70% were somehow involved with amazonses.com (that Envelope-From or another one at that domain). 30% had an envelope-from that did NOT involve amazonses.com or amazon.com. -- Atro Tossavainen, Founder, Partner Koli-Lõks OÜ (reg. no. 12815457, VAT ID EE101811635) Tallinn, Estonia tel. +372-5883-4269, https://www.koliloks.eu/ ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] Amazon SES using SAME sender Domain for multiple customer?
On 2023-09-25 at 08:49:51 UTC-0400 (Mon, 25 Sep 2023 12:49:51 +) Mike Hillyer via mailop is rumored to have said: They do encourage users to send from their own domain, but they do not require it before using Amazon SES. It might be tactically useful for people who can take the FP hit to create external pressure for Amazon & their customers to tighten up their practices... (I've been doing my part in that effort for a couple years, but I've been rejecting nearly nothing from SES in recent months.) -- Bill Cole b...@scconsult.com or billc...@apache.org (AKA @grumpybozo and many *@billmail.scconsult.com addresses) Not Currently Available For Hire ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] Amazon SES using SAME sender Domain for multiple customer?
Until their user sets up a custom domain with its own SPF record Amazon SES will send using a default subdomain of amazonses.com. They do encourage users to send from their own domain, but they do not require it before using Amazon SES. Mike Hillyer From: mailop on behalf of Benoit Panizzon via mailop Sent: Monday, September 25, 2023 8:24 AM To: mailop@mailop.org Subject: [mailop] Amazon SES using SAME sender Domain for multiple customer? Hi List... There is a company which is sending a lot of misdirected/unwanted email via Amazon SES and has failed to react to my attempts to contact them by email and phone in the last 14 days or so to try to solve the issue. Usually I then go ahead and block the envelope-sender domain. In this case: @eu-west-1.amazonses.com But as this domain does not contain any similarity to the Header From Username I had a quick look at our logs and realized, this would most probably cause a lot of collateral damage. Does anyone know, why Amazon is not using their customer's domain as envelope sender? The Username part looks like a completely new random string on every email sent. Or is there a way to match one specific Amazon SES customer? Mit freundlichen Grüssen -Benoît Panizzon- -- I m p r o W a r e A G-Leiter Commerce Kunden __ Zurlindenstrasse 29 Tel +41 61 826 93 00 CH-4133 PrattelnFax +41 61 826 93 01 Schweiz Web http://www.imp.ch __ ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
[mailop] Amazon SES using SAME sender Domain for multiple customer?
Hi List... There is a company which is sending a lot of misdirected/unwanted email via Amazon SES and has failed to react to my attempts to contact them by email and phone in the last 14 days or so to try to solve the issue. Usually I then go ahead and block the envelope-sender domain. In this case: @eu-west-1.amazonses.com But as this domain does not contain any similarity to the Header From Username I had a quick look at our logs and realized, this would most probably cause a lot of collateral damage. Does anyone know, why Amazon is not using their customer's domain as envelope sender? The Username part looks like a completely new random string on every email sent. Or is there a way to match one specific Amazon SES customer? Mit freundlichen Grüssen -Benoît Panizzon- -- I m p r o W a r e A G-Leiter Commerce Kunden __ Zurlindenstrasse 29 Tel +41 61 826 93 00 CH-4133 PrattelnFax +41 61 826 93 01 Schweiz Web http://www.imp.ch __ ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop