Re: [mailop] conventional wisdom, was Google rejects a TLS connection

On Fri, Mar 17, 2017 at 4:21 PM, Bill Campbell wrote: > I've had PCI testers complain when they tried port scans on > systems we monitor, and their IPs were blocked almost > immediately. They couldn't understand active measures that > detect attacks and take actions to prevent damage. They actu

Re: [mailop] conventional wisdom, was Google rejects a TLS connection

On Fri, Mar 17, 2017, Laura Atkins wrote: > > On Mar 17, 2017, at 7:47 AM, John R Levine <[1]jo...@taugh.com> wrote: > > On Fri, 17 Mar 2017, Eric Henson wrote: > > As a PCI compliant company, we have to go to great lengths to secure > any system that stores, processes, or transacts cre

Re: [mailop] AMAZON SES anyone?

Jakub: I’ll follow up with you off-list. Thanks! --- Nicolas Webb Email Postmaster Amazon Simple Email Service (SES) On 3/17/17, 2:15 AM, "mailop on behalf of Jakub Olexa" wrote: Hi, we've come accross some odd messages hitting spam traps coming from amazonses but pretendi

Re: [mailop] conventional wisdom, was Google rejects a TLS connection

On 2017-03-17 03:10 PM, Doug McIntyre wrote: The funniest PCI audit request I've come across is a customer had their PCI onsite auditor require the combination of their colo rack to be reset to 000 at the end of every visit. Not doing so would be a violation of their PCI security. I suspect tha

Re: [mailop] conventional wisdom, was Google rejects a TLS connection

On Fri, Mar 17, 2017 at 9:42 AM, wrote: > On 17 Mar 2017 15:47:50 +0100, "John R Levine" said: > >> I used to have my own credit card account and my card processor demanded >> PCI compliance. About 1/4 of it was reasonable, 3/4 was cargo cult stuff >> that mostly involved stuff like setting pack

Re: [mailop] conventional wisdom, was Google rejects a TLS connection

On Fri, Mar 17, 2017 at 01:42:16PM -0400, valdis.kletni...@vt.edu wrote: > I gave up on thinking that PCI was something other than an extortion racket a > number of years ago, when somebody reported on the major breaches of the year > and noted that 100% of them were in full PCI compliance at the t

Re: [mailop] conventional wisdom, was Google rejects a TLS connection

On Thu, Mar 16, 2017, at 17:38, John Levine wrote: > In article > <1489684655.3176120.913642288.0d732...@webmail.messagingengine.com> you > write: > >You can make a rule against sending credit cards by email, but if > >customer service reps know it works they might still encourage a > >customer to

[mailop] brightcloud

  Hi, Anyone on list from Brightcloud?  Please reach out to me if possible.  Thanks, Brian Kowalewicz Hostopia.com, Inc.   ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] conventional wisdom, was Google rejects a TLS connection

On 17 Mar 2017 15:47:50 +0100, "John R Levine" said: > I used to have my own credit card account and my card processor demanded > PCI compliance. About 1/4 of it was reasonable, 3/4 was cargo cult stuff > that mostly involved stuff like setting packet filters so they couldn't > probe ports that w

Re: [mailop] conventional wisdom, was Google rejects a TLS connection

> On Mar 17, 2017, at 7:47 AM, John R Levine wrote: > > On Fri, 17 Mar 2017, Eric Henson wrote: > >> As a PCI compliant company, we have to go to great lengths to secure any >> system that stores, processes, or transacts credit card data. If that >> included our email servers, that would put

Re: [mailop] conventional wisdom, was Google rejects a TLS connection

On Fri, 17 Mar 2017, Eric Henson wrote: As a PCI compliant company, we have to go to great lengths to secure any system that stores, processes, or transacts credit card data. If that included our email servers, that would put every single mail server, every single mail client, including smart

Re: [mailop] conventional wisdom, was Google rejects a TLS connection

On 17/03/2017 14:18, Eric Henson wrote: As a PCI compliant company, we have to go to great lengths to secure any system that stores, processes, or transacts credit card data. If that included our email servers, that would put every single mail server, every single mail client, including smart

Re: [mailop] conventional wisdom, was Google rejects a TLS connection

On Thu, Mar 16, 2017 at 8:38 PM, John Levine wrote: > So just out of nosiness, when's the last time Something Bad Happened > in real life due to sending credit card info by e-mail? > One of my buddies does design and consulting of networks for industries regulated by federal statutes. By refusin

Re: [mailop] conventional wisdom, was Google rejects a TLS connection

As a PCI compliant company, we have to go to great lengths to secure any system that stores, processes, or transacts credit card data. If that included our email servers, that would put every single mail server, every single mail client, including smart phones, in scope for our PCI audit. That w

Re: [mailop] conventional wisdom, was Google rejects a TLS connection

In article <1489684655.3176120.913642288.0d732...@webmail.messagingengine.com> you write: >You can make a rule against sending credit cards by email, but if >customer service reps know it works they might still encourage a >customer to do it as it's faster and easier than other options (fax, >mail

Re: [mailop] o365 de

Responded offlist. Aloha, Michael. -- Michael J Wise Microsoft Corporation| Spam Analysis "Your Spam Specimen Has Been Processed." Got the Junk Mail Reporting Tool ? From: mailop [mailto:mailop-boun...@mailop.org] On Behalf Of Nisha

[mailop] AMAZON SES anyone?

Hi, we've come accross some odd messages hitting spam traps coming from amazonses but pretending to be amazon.com messages. There is a possible security flaw in the SPF for amazon.com permitting amazonses.com to send email on behalf of amazon.com and making it vulnerable to phishing. Here is

[mailop] o365 de

Hi We experienced an issue sending to Microsoft o365 for a couple of our IPs and was hoping there a contact for their NOC. Please can someone DM me Thanks Nishaan Saccaram Senior Messaging Security Analyst m: +44 7595 201711 p: +44 207 847 8700 w: www.mimecast.com Address click here: www.mimec