[mailop] Uptick in Microsoft marking Wikimedia Foundation email as spam

We are seeing an uptick in our email from the Wikimedia Foundation being marked as spam by Microsoft. If someone from Microsoft would be able to provide me some insight as to why, that would be much appreciated. Alternatively, if someone has a Microsoft contact they could share that would also be h

Re: [mailop] "unmaintained" milter

On Sun, Jul 14, 2024 at 7:55 AM Anthony Howe via mailop wrote: > Umm. Which unmaintained milters? > > If you have a problem with one of my milters or BarricadeMX let me know and > I'll > address it. Most of my work is now available on GitHub (12 milters and > BarricadeMX aka smtpf). I was look

Re: [mailop] Help with handling backscatter

On Sun, Jul 14, 2024 at 12:49 PM Alessandro Vesely via mailop wrote: > Did ARC seals verify? We are not verifying arc seals at present, but rspamd seems to have support, which is a milter we are currently using, so that is worth investigating, thanks. _

Re: [mailop] Help with handling backscatter

On Fri, Jul 12, 2024 at 7:59 PM Grant Taylor via mailop wrote: > It's not BATV but it does help filter bogus use of the Null Reverse > Path. Maybe this will help some. > > Link - SirWumpus/milter-null: Filter legitimate DSN and MDN messages > from those generated as a result of spam backscatter.

Re: [mailop] Help with handling backscatter

On Fri, Jul 12, 2024 at 4:14 PM Slavko via mailop wrote: > I didn't notice which MTA you are using. Exim has tools for BATV > signing and verification, i don't know how others. Coincidentally, we just migrated from Exim to Postfix, so I think a separate milter is my only option at present. __

Re: [mailop] Help with handling backscatter

On Thu, Jul 11, 2024 at 4:33 PM Slavko via mailop wrote: > Do you see in bounces from what IP was original send? No, not that I can find > The BATV was inventend to solve that problem, you sign own Return-Path > and then check this signature in bounces and reject when bounce (NDR) > is send to

Re: [mailop] Help with handling backscatter

On Thu, Jul 11, 2024 at 4:17 PM Michael Peddemors via mailop wrote: > Can you add a little more details to be sure? Are you using Google > services at all? Employees of the Wikimedia Foundation have Google Workspace accounts, our MX servers for wikimedia.org relay employee mail to Google's server

Re: [mailop] Help with handling backscatter

On Thu, Jul 11, 2024 at 3:45 PM Mark Alley via mailop wrote: > Is BATV an option for you? I had not yet considered it. It looks like there is a milter available, , but it is unmaintained. I would be a little wary of setting it up, given the lack of

[mailop] Help with handling backscatter

We received a thousand or so of the attached backscatter emails this morning, each one to a different recipient, but with the same return-path, . I don't have much experience dealing with backscatter, so I was hoping for some guidance from this list. Questions: 1. Why are the non-delivery notifi

Re: [mailop] Verifying receipients?

On Fri, Feb 16, 2024 at 3:56 PM Bill Cole via mailop wrote: > > What is this current attitude on using something like > > Postfix's `reject_unverified_recipient`? > > ONLY use this when you are relaying for specific domains that you > service where you do not have any way to obtain a definitive us

[mailop] Verifying receipients?

What is this current attitude on using something like Postfix's `reject_unverified_recipient`? Does probing for recipients work these days, is it considered abusive? Yours kindly, Jesse Hathaway ___ mailop mailing list mailop@mailop.org https://list.mail

[mailop] Mailing Lists and domains with DMARC reject

My understanding is that there are a couple popular approaches which Mailing Lists can take to support domains with a DMARC reject policy: 1. Rewrite the RFC5322.From address to be an address from the mailing list domain, place the original RFC5322.From address in the Reply-To header. Sign the mes

Re: [mailop] Gmail spam scoring via IPv6 different than IPv4?

Thanks everyone for the advice. For the immediate future I am going to continue to send to Gmail only over IPv4. After I have some confidence that I have checked all the boxes for our IPv6 IPs I will do some experimental sending to Gmail from those IPs. If I can achieve reliable delivery I will con

[mailop] Gmail spam scoring via IPv6 different than IPv4?

Back in 2013[1] we changed our mail config to force MX lookups for gmail to only use IPv4 addresses. We made these change after hearing reports of higher spam scoring when sending mail via IPv6. Would anyone from Google be able to comment as to whether forcing IPv4 is still needed? Yours kindly, J

Re: [mailop] Email System Testing Methodologies?

On Wed, Jun 15, 2022 at 7:13 PM Ángel via mailop wrote: > On this line, there is the MECSA tool > https://mecsa.jrc.ec.europa.eu/ Thanks, added it to my list ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop

Re: [mailop] Email System Testing Methodologies?

Thanks everyone for the suggestions, here is my summary of responses: Configuration Checkers: Web Based 1. mxtoolbox.com 2. gmail -> view source CLI 1. mailsec-check, https://github.com/foxcpp/mailsec-check Email Echo Testers: 1. check-a...@verifier.port25.com 2. https://www.

[mailop] Email System Testing Methodologies?

I am working on some architectural changes to our email systems at the Wikimedia Foundation[1] and I am a bit befuddled as to the best way to test changes to the current system. As you all are all aware email is a distrubted system which encompases a wide variety of protocols. Ideally I would like

Re: [mailop] Troubleshooting MTA-STS reports

On Tue, Apr 26, 2022 at 6:18 PM John Levine wrote: > They're not that rare. Microsoft and Comcast also send them, along with a > few smaller places. Thanks John, I'll try sending some email from those domains to see If I can trigger a report. ___ mail

Re: [mailop] Troubleshooting MTA-STS reports

On Tue, Apr 26, 2022 at 4:08 PM Eric Tykwinski wrote: > Everything looks fine to me, have you tried sending an email to a another > google account. > They are the one company I know sends MTA-STS reports, others sadly don’t. Thanks for checking, I didn't realize they were so rare. > My guess is

Re: [mailop] Troubleshooting MTA-STS reports

On Tue, Apr 26, 2022 at 3:48 PM Eric Tykwinski wrote: > You need a place to send the emails to: > _smtp._tls.virtcolo.com. TXT Default v=TLSRPTv1; > rua=mailto:postmas...@virtcolo.com Thanks Eric, I forgot to include the TLSRPT piece, this is what I currently have: $ dig +short txt _smtp._tls.

[mailop] Troubleshooting MTA-STS reports

Hello mailopers, I am trying to setup MTA-STS for my domain, I thought I had everything configured correctly, in testing mode, but I never receive any reports via TLSRPT. If anyone has any advice on how to troubleshoot, that would be greatly appreciated. Yours kindly, Jesse Hathaway My current co