Re: [mailop] Gmail rate limit

2016-04-01 Thread Carl Byington
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On Sat, 2016-04-02 at 09:58 +1000, Ted Cooper wrote: > Is this another one of those fun DNSSEC issues? I'm not particularly > good at reading these, but it looks like the PTR lookup is denied > existence at 136.in-addr.arpa. >

Re: [mailop] Gmail rate limit

2016-04-01 Thread Brandon Long via mailop
There are multiple domains involved, they may be forwarding messages, in which case spf won't be enough. And, there are multiple signals involved, so getting authed would get past those rules, but may hit other ones. Note, that if you are forwarding, you can still run a spam filter and then dkim

Re: [mailop] Gmail rate limit

2016-04-01 Thread Brandon Long via mailop
Hmm, I thought the new server went out with the updated error messages. Ah, the change missed the release cut-off, so it'll be fixed next week. That error message is not correct, it means the mail we're seeing isn't authenticated and something else about the connection or message is suspicious.

[mailop] mxtoolbox alerting

2016-04-01 Thread Eric Henson
I'm getting a ton of MXtoolbox.com alerts for my domain; DNS servers offline, SPF record missing, etc. As far as I can tell, everything is fine. Does anyone else use mxtoolbox.com who is also getting false alerts today? Eric Henson IT Operations Solutions Architect PFSweb

Re: [mailop] Gmail rate limit

2016-04-01 Thread Pascal Herbert
Forgot to mention that. The server only uses ipv4. No ipv6. Pascal On Apr 1, 2016 23:42, "Mark Milhollan" wrote: > On Fri, 1 Apr 2016, Pascal Herbert wrote: > > >Google is currently rejecting mails from some of our servers with: > >The IP address sending this message does

Re: [mailop] Gmail rate limit

2016-04-01 Thread Michael Wise
Always best with such questions if you just come right out and say what the IP is and what you think the rDNS is. Because sooner or later, we’re gonna require that in order to help you. So putting it in the original post is … a really good idea, IMHO. Aloha, Michael. -- Michael J Wise |

Re: [mailop] Gmail red open padlock composing message

2016-04-01 Thread Eric Henson
http://blogs.technet.com/b/exchange/archive/2015/07/27/exchange-tls-amp-ssl-best-practices.aspx Exchange 2003 is out of support. Exchange 2007 support ends 4/11/2017. Exchange 2010 and later best practice is to disable RC4 and SSLv3. I’d say it may be best to leave RC4 enabled until 4/11/2017,

Re: [mailop] Gmail red open padlock composing message

2016-04-01 Thread Franck Martin via mailop
RC4 is a conundrum, it is about the only cypher you can negotiate with old MS-Exchange, so if you disable it, then the email will go in clear text. Which one is better? Clear text or RC4? Or too bad for old mail servers? PFS or Elliptic ciphers are asymmetric in implementation, so you need to

Re: [mailop] Use of Message Disposition Notification in the wild

2016-04-01 Thread Franck Martin via mailop
MDN are ugly and look like garbage to the receiver ;) How many times I had to fight back the urge of people to send back a real email instead of a reject code... Also on postfix the RFC5322.From: set in the templates does not contain an email address with a domain name, which you need to fix,

[mailop] Use of Message Disposition Notification in the wild

2016-04-01 Thread Alexey Melnikov
Hi, This might be slightly off-topic for this group, but I hope this post is still relevant here. I am finishing updating a revision to RFC 3798 (Message Disposition Notification), currently specified in draft-ietf-appsawg-mdn-3798bis-06.txt. If you have experience using (generating,

Re: [mailop] Gmail red open padlock composing message

2016-04-01 Thread Kirk MacDonald
Brandon, Thank you for your efforts. Kirk From: Brandon Long [mailto:bl...@google.com] Sent: Thursday, March 31, 2016 9:10 PM To: Franck Martin Cc: Kirk MacDonald ; mailop@mailop.org Subject: Re: [mailop] Gmail red open padlock composing

Re: [mailop] Gmail red open padlock composing message

2016-04-01 Thread Kirk MacDonald
Whoops, I fully intended to audit the available ciphers; clearly I missed doing that. Should be OK now. Tragically, PFS is not (yet) supported on the TLS mechanism I am making use of. I hope to be able to change that in the somewhat near future. -Original Message- From: Tim Bray

Re: [mailop] Gmail red open padlock composing message

2016-04-01 Thread Tim Bray
On 31/03/16 17:38, Kirk MacDonald wrote: > With thanks to Google for pushing the cause, I implemented STARTTLS > functionality on my org’s MX (as well as outbound SMTP with > opportunistic STARTTLS). Firstly - well done for doing it. Everybody should be enabling TLS. Did you test the install?

Re: [mailop] Still seeing Microsoft 5.4.0 issues?

2016-04-01 Thread David Hofstee
Hi Maarten, Thanks. Now I see them too. They used to be direct bounces. These are the reporting mta’s() since 29-3: dsnReportingMTA count(*) dns;BAY004-MC2F3.hotmail.com1 dns;COL004-MC6F33.hotmail.com 215 Met vriendelijke groet, David Hofstee Deliverability