We're definitely seeing dkim replay attacks and of course doing our best to
catch them.
I'm sure they have some knock on affects to the service being abused, and
of course we'll watch for it and adjust as we need to.
Most likely, the most negative consequences will be on forwarding email yet
> On Aug 13, 2016, at 8:47 PM, Neil Jenkins wrote:
>
> On Sun, 14 Aug 2016, at 11:55 AM, Security Desk wrote:
>> I think I'd start by not letting random people sign up as
>> secure_m...@internet-mail.org
>
> That has zero relevance to the topic in hand, which is DKIM
I probably wouldn't let random signups use this address, either.
--
Security Department
p0stmas...@fastmail.com
PS: SMS to the same throwaway Google Voice number, by the way
___
mailop mailing list
mailop@mailop.org
On Sun, 14 Aug 2016, at 01:14 AM, John R Levine wrote:
> Maybe it's just me, but if I were running a free mail service, I would
> make it harder for random strangers to sign up and send mail
> like this.
Interesting, do tell us what you would do. Because this is what
happened:
1. You signed up
Bill,
Thanks for bringing up all those points. While perhaps the practical
implications of the TLS1.0's brokenness may not be as applicable to email, it
doesn't mean ESPs should automatically be satisfied with the status quo. If
most vendors have found a way to implement TLS 1.1 and 1.2 then
I'd think you could follow the links without rewriting them.
--
Security Desk
secure_m...@internet-mail.org
On Sat, Aug 13, 2016, at 10:52 AM, Brandon Long via mailop wrote:
> Doesn't it also make it harder to do spam detected unless you follow
> the links?
> Brandon
>
> On Aug 13, 2016
Doesn't it also make it harder to do spam detected unless you follow the
links?
Brandon
On Aug 13, 2016 9:18 AM, "Bill Cole"
wrote:
> On 12 Aug 2016, at 19:12, Tim Starr wrote:
>
> The only benefit I can see from sending the exact same message from
>>
Hi, security desk here.
We note that the Let's Encrypt cert for https://chilli.nosignal.org
expired in February. That usually means that the cron job that's supposed
to renew it doesn't work.
If you are unable to solve this problem on your own, we can of course
offer some highly secure and