On 5/9/19 2:43 PM, Andrew C Aitchison via mailop wrote:
Is this deliberate enemy action or collateral damage ?
I'm finding it difficult to see why a general spam bot
would sign spam traps up to a mailing list,
so guess that I am missing something ?
Some of it may be in response to the growing
Badness adapts.
COI is critical, as is … bounce detection and detecting if a user never opens
their mail.
And don’t send signup confirmations out the same IP as regular list traffic.
If the mail bounces, and the List software of Mail Op doesn’t notice, Bad
Things Will Happen.
If there’s
No, you didn’t. Point taken.
But nowadays, CAPTCHAs are pointless.
Find another way.
If only because something ELSE will force them to write custom code.
Aloha,
Michael.
--
Michael J Wise
Microsoft Corporation| Spam Analysis
"Your Spam Specimen Has Been Processed."
Got the Junk Mail Reporting
On 5/9/2019 5:43 PM, Andrew C Aitchison wrote:
On Thu, 9 May 2019, Rob McEwen via mailop wrote:
The documents that Paul referenced in his last message - probably
mentioned this somewhere - but I'll add that (in addition to the link
above and doing confirmed-opt-in "COI") you should strongly
I never claimed that CAPTCHA is FUSSP - it isn't. ("strawman's arg") And
I realize that CAPTCHA can be defeated. That part wasn't news to me.
HOWEVER:
(1) never let the quest for perfection get in the way of achievable
incremental improvements (which is EXACTLY what Rich and Michael are
In message ,
Thomas Walter wrote:
>I have just manually checked the first 5 or so IP addresses and they are
>all listed on at least 10 blacklists. So most of us should be blocking
>them anyway?
I dunno which lists you are checking. I just checked Spamhaus zen and
they only have 686 out of
My replies keep going to the original author. Grr.
Anyway, yeah, completely agree.
Y’all who trumpet CAPTCHA as the FUSSP need to know who’s on the opposing team:
http://scraping.pro/8-best-captcha-solving-services-and-tools/
You’re going to need to think about an SMS
On 09.05.19 23:42, Ronald F. Guilmette via mailop wrote:
> At the following link, I provide a list of 862 currently live IP addresses,
> all located on AS14061 (Digital Ocean) which I have meticulously verified
> as all being in use by a single large-scale snowshoe spamming operation
> which is
On Thu, May 09, 2019 at 09:26:50AM -0400, Rob McEwen via mailop wrote:
> you should strongly encourage your customers to
> captcha-protect their signup forms to prevent bots from signing up spamtrap
> addresses.
No, you shouldn't. I'm going to quote something that I just sent
elsewhere, so my
On Thu, 9 May 2019, Rob McEwen via mailop wrote:
The documents that Paul referenced in his last message -
probably mentioned this somewhere - but I'll add that (in
addition to the link above and doing confirmed-opt-in "COI")
you should strongly encourage your customers to
captcha-protect
To be honest, I've been subscribed to this list for some time, but haven't
actually been reading the list traffic for quite awhile.
Recently however, it was brought to my attention that there has, of late,
been some discussion about Digital Ocean and its abundant spammer problems.
Given that I
Seems to be our turn to get a class C blocked by ATT for the first time in
years. Haven't made any progress via official channels yet. Anyone else
have a recommendation?
Tim Starr
Senior Director, Deliverability
Maropost Postmaster
___
mailop mailing
Like others I've reached the end of my tether with DO. In my case, I've
seen increasing volumes of malicious / junk traffic via their IPv6
prefixes, with reports to abuse doing virtually nothing, so now I just
define ip/ip6tables drop rules.
30 seconds' browsing will return the ranges you need,
In article <20190509145346.gd8...@gsp.org> you write:
>It would be far easier and much more effective if everyone on this
>mailing list caused every mail server that they run to refuse all
>mail from all Digital Ocean network space without warning, effective
>immediately
Don't waste your time,
I'll have more to say on this (of course I will ;) ) but I'll mention
that I'm attempting to assemble what I'll call, for lack of a better
term, a roadmap of RFCs that mail system operators should be familiar
with. I'm doing this because I'm trying to (a) train some junior
people and (b) fill in
On Mon, Apr 29, 2019 at 03:54:41PM +0200, Benoit Panizzon via mailop wrote:
> I wonder if DigitalOcean is running for some social media related
> wake-up call.
It would be far easier and much more effective if everyone on this
mailing list caused every mail server that they run to refuse all
mail
On 5/9/2019 9:15 AM, Paul Kincaid-Smith via mailop wrote:
If your service will enable customers to collect email addresses via a
web form, you can reduce the risk of list bombing:
https://www.m3aawg.org/rel-WebFormHeader
The documents that Paul referenced in his last message - probably
Hi Stefan,
I am encouraged that you're choosing to be proactive and want to configure
your platform and processes to reduce the risk of email abuse.
M3AAWG, the Messaging, Mobile and Malware Anti-Abuse Working Group has
published numerous best practices documents to help senders and ESPs reduce
On 5/8/19 1:48 PM, Ken O'Driscoll via mailop wrote:
> There is likely more, above is, as I said, off the top of my head. Good
> luck.
>
One to add:
* Sign up for feedback loops with the major providers.
I see a remarkable number of phished-credential bots that are smart
enough to send one
> Hi Ken,
>
>
>
> awesome. Thats a bunch of helpful steps! Thanks a lot!
>
I'm a few years removed from directly administering a 'real' mail server
(directly, at least) but I have some observations about Ken's list:
>
> * Monitor abuse@ and make sure that this address a) exists for your
>
Hi Ken,
awesome. Thats a bunch of helpful steps! Thanks a lot!
Cheers
Stefan
-Ursprüngliche Nachricht-
Von: Ken O'Driscoll via mailop
Gesendet: Mittwoch 8 Mai 2019 20:01
An: mailop@mailop.org
Betreff: Re: [mailop] Howto be a good mailop (best practice / insights wanted)
On
21 matches
Mail list logo