On 10/23/23 9:43 PM, Matt Palmer via mailop wrote:
On Mon, Oct 23, 2023 at 10:04:25PM -0400, Ian Kelling via mailop wrote:
Philip Paeps via mailop writes:
On 2023-10-22 14:34:39 (+0530), Slavko via mailop wrote:
Indeed: not directly related to mailops. But a very instructive example
of why
On 10/23/23 7:11 PM, Richard Clayton via mailop wrote:
In message , Matt
Corallo via mailop writes
On 10/23/23 3:26 AM, Jaroslaw Rafa via mailop wrote:
However, all this discussion is hardly related to email, as - as many have
noted - there's hardly any certificate checking at all betwee
On Tue, Oct 24, 2023 at 03:11:06AM +0100, Richard Clayton via mailop wrote:
> In message <07d58480-7dde-4d15-a5ca-5bb6c8e10...@mtasv.net>, Matt Palmer
> via mailop writes
>
> >The relative "noisiness" of the attack, in fact, is a fairly strong signal
> >that it *isn't* lawful intercept; western l
On Mon, Oct 23, 2023 at 10:04:25PM -0400, Ian Kelling via mailop wrote:
> Philip Paeps via mailop writes:
> > On 2023-10-22 14:34:39 (+0530), Slavko via mailop wrote:
> > Indeed: not directly related to mailops. But a very instructive example
> > of why monitoring C-T logs is a good idea.
>
> An
My apologies as the email had a typo of the domain in the subject and body.
I did send my email to abuse_...@abuse-att.net (as noted in the bounce).
Justin
On Tue, Oct 24, 2023 at 12:20 AM Justin Frechette <
jus...@justinfrechette.com> wrote:
> AT&T,
>
> I am unable to send email to abuse_...@ab
On 2023-10-24 10:04:25 (+0800), Ian Kelling via mailop wrote:
> Philip Paeps via mailop writes:
>> On 2023-10-22 14:34:39 (+0530), Slavko via mailop wrote:
>> Indeed: not directly related to mailops. But a very instructive example
>> of why monitoring C-T logs is a good idea.
>
> Anyone know how
AT&T,
I am unable to send email to abuse_...@att.net for blocklist mitigation. It
worked Friday but attempts today are failing. If possible, could you please
review the following IPs for blocklist removal for breach notifications?
74.202.227.59
74.202.227.60
74.202.227.61
Thank you,
Justin Frech
Philip Paeps via mailop writes:
> On 2023-10-22 14:34:39 (+0530), Slavko via mailop wrote:
> Indeed: not directly related to mailops. But a very instructive example
> of why monitoring C-T logs is a good idea.
Anyone know how to monitor C-T logs? I looked around a bit and didn't
see how to act
In message , Matt
Corallo via mailop writes
>
>
>On 10/23/23 3:26 AM, Jaroslaw Rafa via mailop wrote:
>> However, all this discussion is hardly related to email, as - as many have
>> noted - there's hardly any certificate checking at all between MTAs.
>
>Indeed, MTAs mostly use DNSSEC/DANE which
In message <07d58480-7dde-4d15-a5ca-5bb6c8e10...@mtasv.net>, Matt Palmer
via mailop writes
>The relative "noisiness" of the attack, in fact, is a fairly strong signal
>that it *isn't* lawful intercept; western law enforcement agencies are
>typically very hesitant to do anything that could "tip of
On 10/22/23 1:56 PM, Taavi Eomäe via mailop wrote:
On 22/10/2023 16:08, Slavko via mailop wrote:
Hmm, and what about MUAs?
Without MUA-STS, it's up to the MUAs and only MUAs to enforce connection security. The next step
after that would be some kind of pinning.
Some have suggested DANE+DN
On 10/23/23 3:26 AM, Jaroslaw Rafa via mailop wrote:
Dnia 22.10.2023 o godz. 12:59:18 Matt Corallo via mailop pisze:
SSL certificates do not, and have never, "protected against MiTM".
The certificate authority trust model can best be summarized as
"someone else's DNS resolver and connection",
Dnia 23.10.2023 o godz. 11:27:09 Slavko via mailop pisze:
> Dňa 23. októbra 2023 10:26:57 UTC používateľ Jaroslaw Rafa via mailop
> napísal:
>
> >However, all this discussion is hardly related to email, as - as many have
> >noted - there's hardly any certificate checking at all between MTAs.
>
Dňa 23. októbra 2023 10:26:57 UTC používateľ Jaroslaw Rafa via mailop
napísal:
>However, all this discussion is hardly related to email, as - as many have
>noted - there's hardly any certificate checking at all between MTAs.
Do you want to tell, that MUAs communications are not part of email?
Dnia 22.10.2023 o godz. 12:59:18 Matt Corallo via mailop pisze:
> SSL certificates do not, and have never, "protected against MiTM".
> The certificate authority trust model can best be summarized as
> "someone else's DNS resolver and connection", it is not a statement
> of who actually owns the dom
On Fri, Oct 20, 2023 at 09:18:31AM +, Rodolfo Saccani via mailop wrote:
>
> I wander what the review process looks like.
They'll recommend that you use their URL checking service instead.
B.
___
mailop mailing list
mailop@mailop.org
https://list.mai
simply put, who has the power to force both Hetzner and Linode to setup a proxy
redirection attack on their networks? This kind of attack requires high level
privileges on those two networks and I'm guessing only a government can enforce
this.
Unless both Hetzner and Linode are run by hackers?
17 matches
Mail list logo
