Two inline thoughts.
> On Apr 30, 2022, at 4:48 PM, Ángel via mailop wrote:
>
> On 2022-04-29 at 10:28 -0700, Brandon Long wrote:
>> There have been other reports on this list of Gmail requiring
>> authenticated email.
>>
>> We don't require authenticated email... but we vastly prefer it, and
>
On 6 May 2022, at 3:48, Dan Mahoney via mailop wrote:
> If you’re already doing DKIM and SPF anyway, arc is another milter in the
> chain that gives you that benefit. (You want it after your DKIM and DMARC
> validators). You can leverage your same DKIM keys to use arc (or a different
> one), bu
On 5/6/22 9:14 AM, Luis E. Muñoz via mailop wrote:
I think the response to those issues are in part the cause for the
loop you cleverly explained before.
Indeed.
These are the very issues that caused me to be disinclined to stand my
ARC milter back up when it fell over after an update.
ARC
Good Morning,
Asking if anyone has had experience with internet-research-project.net please?
They have no apparent web presence, so no straightforward way to contact them.
Linode hosts this allegedly legitimate security researcher, and my mail systems
logs are full of connections from a large
Isn't that a bit of an overreaction? If you didn't want any undesirable
traffic you'd whitelist IPs in your firewall or run it on LAN. It's a
very standard expectation that other servers will hit yours without your
consent on the public internet.
On 2022-05-06 11:16, L. Mark Stone via mailop w
On 5/6/22 12:33, Jarland Donnell via mailop wrote:
Isn't that a bit of an overreaction? If you didn't want any undesirable
traffic you'd whitelist IPs in your firewall or run it on LAN. It's a
very standard expectation that other servers will hit yours without your
consent on the public interne
On 5/6/22 10:33 AM, Jarland Donnell via mailop wrote:
Isn't that a bit of an overreaction? If you didn't want any undesirable
traffic you'd whitelist IPs in your firewall or run it on LAN. It's a
very standard expectation that other servers will hit yours without your
consent on the public inte
> On May 6, 2022, at 8:14 AM, Luis E. Muñoz via mailop
> wrote:
>
> On 6 May 2022, at 3:48, Dan Mahoney via mailop wrote:
>
>> If you’re already doing DKIM and SPF anyway, arc is another milter in the
>> chain that gives you that benefit. (You want it after your DKIM and DMARC
>> validators
On 5/6/22 11:03 AM, Michael Butler via mailop wrote:
If you see an unknown person walk up to your car and try all the doors,
the hood and the trunk, even if it's parked on a public street, you'd
likely call the police.
Agreed.
I believe that contacting Linode's abuse desk is akin to calling t
Hi Grant,
Thanks for your reply. Sure, I expect all sorts of folks (including spammers)
to try to send email to my customers, as well as bad actors who will try to
brute-force accounts. We all have lots of protections in place for those
circumstances.
But IMHO, just opening up a connection on
Of course, most Internet probing systems SHOULD have full transparency,
and of course not probe any IPs at abnormal or high rates without
considering the destination.
My opinion, if they aren't transparent with their dealings, including
PTR's, URLs', User Agents, HELO, and of course 'rwhois',
On Fri, 6 May 2022, Grant Taylor via mailop wrote:
On 5/6/22 9:14 AM, Luis E. Muñoz via mailop wrote:
I think the response to those issues are in part the cause for the loop you
cleverly explained before.
Indeed.
These are the very issues that caused me to be disinclined to stand my ARC
mil
Thanks Jarland for your reply. We run a commercial multi-tenant email hosting
service so tightening the screws down as much as you suggest is not possible.
To my original question though... Do you have any experience with
internet-research-project.net?
All the best,
Mark
On 2022-05-06 at 13:13:54 UTC-0400 (Fri, 6 May 2022 11:13:54 -0600)
Grant Taylor via mailop
is rumored to have said:
On 5/6/22 10:33 AM, Jarland Donnell via mailop wrote:
Isn't that a bit of an overreaction? If you didn't want any
undesirable traffic you'd whitelist IPs in your firewall or run
It appears that Andrew C Aitchison via mailop said:
>On Fri, 6 May 2022, Grant Taylor via mailop wrote:
>> On 5/6/22 9:14 AM, Luis E. Mu�oz via mailop wrote:
>>> I think the response to those issues are in part the cause for the loop you
>>> cleverly explained before.
>>
>> Indeed.
>>
>> These ar
It appears that L. Mark Stone via mailop
said:
>Thanks Jarland for your reply. We run a commercial multi-tenant email hosting
>service so tightening the screws down as much as you suggest is not possible.
>
>To my original question though... Do you have any experience with
>internet-research-p
On 5/6/22 11:41 AM, L. Mark Stone via mailop wrote:
Hi Grant,
Hi Mark,
Thanks for your reply.
You're welcome.
But IMHO, just opening up a connection on TCP port 25 repeatedly
without actually trying to send an email inbound, or opening up a
connection on TCP port 587 without trying to au
On Fri, May 6, 2022 at 8:52 PM John Levine via mailop
wrote:
> It appears that Andrew C Aitchison via mailop
> said:
> >On Fri, 6 May 2022, Grant Taylor via mailop wrote:
> >> On 5/6/22 9:14 AM, Luis E. Muñoz via mailop wrote:
> >>> I think the response to those issues are in part the cause for
On 5/6/22 12:20 PM, Bill Cole via mailop wrote:
If someone were to try opening my front door in the name of "research"
there is a non-zero chance that they would have a very unpleasant
experience involving a machete and were that to happen, the police would
not arrest me. (See "castle doctrine"
On 6 May 2022 14:53:35 -0400, John Levine via mailop
wrote:
>They appear to fail on all three criteria.
As do a couple of parties operating out of several /24 or smaller blocks, none
of which are now allowed to connect here.
I cheerfully participate in research, both to my personal benefit and
On Fri, May 6, 2022 at 8:52 PM John Levine via mailop
wrote:
Until then, I tell people who ask me to forward mail to Gmail that if
they actually want to get the mail, I'll put it in a local mailbox and
they can tell Gmail to poll it with POP. That works quite well.
Yes, if you are happy to
On 5/6/22 1:24 PM, Francesco Gennai via mailop wrote:
But the true problem is that they think that the email is an instant
messaging system :-(
I have a knee jerk reaction of telling people that email is not instant
messaging when they talk about it taking less than 5 minutes for a
message to
On 2022-05-06 09:16, L. Mark Stone via mailop wrote:
Good Morning,
Asking if anyone has had experience with internet-research-project.net
please? They have no apparent web presence, so no straightforward way
to contact them.
They can be reached via email using concerns@
Linode hosts this al
On Fri, May 6, 2022 at 2:50 PM Grant Taylor via mailop
wrote:
> On 5/6/22 1:24 PM, Francesco Gennai via mailop wrote:
> > But the true problem is that they think that the email is an instant
> > messaging system :-(
>
> I have a knee jerk reaction of telling people that email is not instant
> mes
On Fri, May 6, 2022 at 10:58 AM Andrew C Aitchison via mailop <
mailop@mailop.org> wrote:
>
> On Fri, 6 May 2022, Grant Taylor via mailop wrote:
> > On 5/6/22 9:14 AM, Luis E. Muñoz via mailop wrote:
> >> I think the response to those issues are in part the cause for the loop
> you
> >> cleverly e
On Fri, May 6, 2022 at 12:48 AM Dan Mahoney wrote:
> Two inline thoughts.
>
> On Apr 30, 2022, at 4:48 PM, Ángel via mailop wrote:
>
> On 2022-04-29 at 10:28 -0700, Brandon Long wrote:
>
> There have been other reports on this list of Gmail requiring
> authenticated email.
>
> We don't require a
On Fri, May 6, 2022 at 2:31 PM Andrew C Aitchison via mailop <
mailop@mailop.org> wrote:
>
> > On Fri, May 6, 2022 at 8:52 PM John Levine via mailop >
> > wrote:
> >> Until then, I tell people who ask me to forward mail to Gmail that if
> >> they actually want to get the mail, I'll put it in a lo
On 2022-05-05 at 13:09 -0700, Michael Peddemors wrote:
> Now, curious as to people's perspective on the requirement to use that
> header.. some email clients will render it even though that header is
> missing, and other ones absolutely will not render it, or see it as a
> valid attachment.
>
>
On Fri, 06 May 2022 15:31:12 -0700, Mike D via mailop
wrote:
>I highly recommend using greynoise.io to help filter your logs. They do
>a pretty good job of determining what connections are benign scanners
>and which lead to subsequent attacks.
Benign scanners are the ones who transparently annou
29 matches
Mail list logo