Re: [mailop] Question about SRS and ARC

2025-02-13 Thread Alessandro Vesely via mailop
On Wed 12/Feb/2025 21:44:48 +0100 John Levine via mailop wrote: It appears that Niels Kobschätzki via mailop said: Hello, I have encountered the first time apparently the problem that I have a user who forwards mails to another mail-server and a forwarded mail got rejected because of the dmar

Re: [mailop] Spamhaus "free" DQS

2025-02-13 Thread Alessandro Vesely via mailop
On Wed 12/Feb/2025 21:41:32 +0100 John Levine via mailop wrote: It appears that Grant Taylor via mailop said: On 2/11/25 5:12 AM, Alessandro Vesely via mailop wrote: And what happens if the amount is exceeded? I don't know. They politely write to you and ask you to pay. It'

Re: [mailop] Question about SRS and ARC

2025-02-12 Thread Alessandro Vesely via mailop
On Wed 12/Feb/2025 17:02:09 +0100 Louis wrote: As far as I know, ARC only solves this issue if the recipient trusts your ARC signature. So it really depends on the environment if it actually will be a solution. Correct, up to a workable definition of environment. In most scenarios, the ma

Re: [mailop] Spamhaus "free" DQS

2025-02-12 Thread Alessandro Vesely via mailop
On Wed 12/Feb/2025 13:49:37 +0100 Matthew Stith via mailop wrote: Free Usage Limits Some of the language included in our usage terms is vague (on purpose). Publishing specific limits leads to abuse of systems in Spamhaus' line of work. A company of 10 to 50 would be hard pressed to hit the ave

Re: [mailop] Spamhaus "free" DQS

2025-02-11 Thread Alessandro Vesely via mailop
On Tue 11/Feb/2025 03:37:11 +0100 Grant Taylor wrote: On 2/8/25 13:14, Tapio Peltonen via mailop wrote: I'm not even sure if I qualify, since I represent a (small) commercial entity, athough we do not do any e-mail related business; we only use email as a means of communication and have very lo

Re: [mailop] DMARC reports in ZIP format

2025-02-09 Thread Alessandro Vesely via mailop
On Sun 09/Feb/2025 12:06:36 +0100 Marco Moock wrote: While analyzing rejected DMARC report mails generated by opendmarc-reports v1.4.2, I noticed that they are generated in zip instead of gzip. Some sites reject zip at all. |The aggregate data MUST be an XML file that SHOULD be subjected to |GZ

Re: [mailop] Spamhaus "free" DQS

2025-02-07 Thread Alessandro Vesely via mailop
On Fri 07/Feb/2025 16:31:16 +0100 Slavko via mailop wrote: On 7. februára 2025 14:03:23 UTC, "L. Mark Stone via mailop" wrote: Spamhaus use Github, so if you want to use DQS from within SpamAssassin for example, you would go here: Thanks, but i don't use SA. Anyway, i fail to find BCL menti

Re: [mailop] Spamhaus "free" DQS

2025-02-07 Thread Alessandro Vesely via mailop
On Wed 05/Feb/2025 10:34:19 +0100 Kirill Miazine via mailop wrote: • Tapio Peltonen via mailop [2025-02-05 11:28]: Not really free, looks like, although they do seem to imply that, e.g. here: https://submit.spamhaus.org/resources/query-the-legacy-dnsbls-via-hetzner/ There's 30 day free trial,

Re: [mailop] Fallback to A/AAAA?

2025-02-04 Thread Alessandro Vesely via mailop
On Tue 04/Feb/2025 09:50:48 +0100 Jaroslaw Rafa wrote: Dnia 3.02.2025 o godz. 23:26:05 Graeme Slogrove via mailop pisze: We asked them to add MX records, but most didn't bother ("It works from Microsoft/Gmail/Other, why not you??"), and we turned fallback on again. I already said that - it's

Re: [mailop] How ARC should behaves with 2 Internet Mail Handlers?

2025-01-29 Thread Alessandro Vesely via mailop
On Wed 29/Jan/2025 15:41:06 +0100 ismael tanguy wrote: On incoming layer, saying I create an Authentication-Results header and base a first ARC Set Then, email travels through infra and can be eventually forwarded to outside (redirection, responder, mailinglist). This ARC set is noisy and u

Re: [mailop] Fallback to A/AAAA?

2025-01-28 Thread Alessandro Vesely via mailop
On Tue 28/Jan/2025 18:49:01 +0100 Fehlauer, Norbert wrote: Hi, Thanks. So, if a domain has correct defined mx records only those can be used and if they are not reachable for any reason there should never be an attempt to reach the implicit MX RR of the domain. Correct. The reason I'm as

Re: [mailop] PayPal Phishing from Paypal servers.. Now coming through o365 as well

2024-12-11 Thread Alessandro Vesely via mailop
On Tue 10/Dec/2024 23:23:51 +0100 Andrew C Aitchison wrote: On Tue, 10 Dec 2024, Michael Peddemors via mailop wrote: Ouch.. getting even harder for recipient spam protections to catch this guy, given that o365 is also a 'too big to block'.. Standard Paypal Phone Scam we have seen coming from

Re: [mailop] PayPal Phishing from Paypal servers.. Now coming through o365 as well

2024-12-10 Thread Alessandro Vesely via mailop
On Tue 10/Dec/2024 17:49:38 +0100 Laura Atkins wrote: There is a huge amount of replay going on right now with domains that are p=reject. Venmo is getting hit - and it’s coming through various infrastructures. So the To: "noreplies2@highlandspark. store" line was bogus? Best Ale -- __

Re: [mailop] Google Rejecting Mails as Spam

2024-10-28 Thread Alessandro Vesely via mailop
On Sun 27/Oct/2024 18:35:29 +0100 John Levine via mailop wrote: It appears that Viktor Dukhovni via mailop said: On Sat, Oct 26, 2024 at 02:16:51PM -0400, John Levine via mailop wrote: I wrote the RFC and I still haven't gotten around to it. I hope you saw my note about returning to SPKI en

Re: [mailop] Huge increase in SASL brute force

2024-10-22 Thread Alessandro Vesely via mailop
On Mon 21/Oct/2024 17:46:14 +0200 Geoff Mulligan via mailop wrote: Maybe I'm just now more observant, but I've seen a huge increase in bunches of systems trying to brute force an SASL login. Here is a list of IPs that have tried in just the last hour: [...] 87.120.84.58 [...] I wrote a script t

Re: [mailop] SPF fragility vs. utility

2024-10-21 Thread Alessandro Vesely via mailop
On Mon 21/Oct/2024 16:43:03 +0200 Dave Crocker via mailop wrote: On 10/21/2024 4:39 AM, Alessandro Vesely via mailop wrote: On Mon 21/Oct/2024 05:50:09 +0200 Dave Crocker wrote: In other words, to get around DMARC fragility and false positive damage, an intermediary must  1. Break DMARC, by

Re: [mailop] SPF fragility vs. utility

2024-10-21 Thread Alessandro Vesely via mailop
On Mon 21/Oct/2024 05:50:09 +0200 Dave Crocker wrote: On 10/18/2024 7:38 AM, Bill Cole via mailop wrote: The real original sender is preserved in the Reply-To here (and on most lists using Mailman today.) In other words, to get around DMARC fragility and false positive damage, an intermediary

Re: [mailop] SPF fragility vs. utility

2024-10-20 Thread Alessandro Vesely via mailop
On Sun 20/Oct/2024 04:17:22 +0200 Viktor Dukhovni wrote: On 20 Oct 2024, at 7:09 AM, Gellner, Oliver via mailop wrote: Apple Mail shows Reply-To headers. Not only by default, but always, you cannot hide them. The downside is that it does not show the email addresses but only the display name

Re: [mailop] SPF fragility vs. utility

2024-10-19 Thread Alessandro Vesely via mailop
On Fri 18/Oct/2024 19:33:41 +0200 Jaroslaw Rafa wrote: Dnia 18.10.2024 o godz. 14:24:05 Slavko via mailop pisze: Of course, and spammers would be stupid to not abuse the fact, that email client allow to setup to show display name without email address, with fallback to email, if there is no

Re: [mailop] SPF fragility vs. utility

2024-10-17 Thread Alessandro Vesely via mailop
On Wed 16/Oct/2024 18:00:47 +0200 Dave Crocker via mailop wrote: [...] 7. The myth that SPF is simple to implement is because it is simple for a sender to create a basic SPF record.  It does not mean that it is simple to create a more elaborate record, or to ensure that all authorized sending

Re: [mailop] DKIM: Who's using the x tag?

2024-10-11 Thread Alessandro Vesely via mailop
On Fri 11/Oct/2024 14:03:40 +0200 Gellner, Oliver via mailop wrote: On 11.10.2024 at 00:08 Mark Delany via mailop wrote: Given that you have to allow for a queue time of multiple days, x= seems of marginal value - leastwise as an anti-replay mechanism. If the MTA allows it, it can update the

Re: [mailop] DKIM: Who's using the x tag?

2024-10-10 Thread Alessandro Vesely via mailop
On Thu 10/Oct/2024 14:42:43 +0200 Atro Tossavainen via mailop wrote: If you've got any evidence of x= in the wild that you care to share, thank you kindly in advance! DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=customer.domain; s=k3; t=1728563812; x=1728824312; i=news@custo

Re: [mailop] IDNA domain with ß

2024-10-07 Thread Alessandro Vesely via mailop
On Mon 07/Oct/2024 08:42:28 +0200 Viktor Dukhovni via mailop wrote: One can reasonably take the view that U-labels are largely a matter of the user-interface (presentation) layer, the *real* domain name is the A-label form! But users don't directly work with attrleaf names, these arise only

Re: [mailop] Sudden drop of frenzied login attempts

2024-10-04 Thread Alessandro Vesely via mailop
On Fri 04/Oct/2024 19:05:23 +0200 L. Mark Stone via mailop wrote: FWIW we use Fail2Ban and just block those IPs after X number of failed login attempts. Yup, my firewall works in a similar way. However, such attempts are a symptom that there is a bot at that IP. Reporting them might help c

[mailop] Sudden drop of frenzied login attempts

2024-10-04 Thread Alessandro Vesely via mailop
Hi, this is the second day that illegal login attempts to IMAP/SMTP accounts are down by almost an order of magnitude (thousands to hundreds on my tiny server). Has there been some mayor clearance? Best Ale -- ___ mailop mailing list mailop@mai

Re: [mailop] Invalid format and contents of DMARC reports

2024-07-26 Thread Alessandro Vesely via mailop
On Fri 26/Jul/2024 14:02:43 +0200 Tobias Herkula via mailop wrote: the empty mail-from is on purpose, it's fire and forget, if you don't want the reports remove the RUA entry in the DMARC TXT-RR or remove RUA Address Validation TXT-RRs and we will stop sending them, but we have no interest in a

Re: [mailop] Help with handling backscatter

2024-07-14 Thread Alessandro Vesely via mailop
Il 11/07/24 23:23, Slavko via mailop ha scritto: Dňa 11. júla 2024 20:01:17 UTC používateľ Jesse Hathaway via mailop napísal: 1. Why are the non-delivery notifications sent to rather than to ? NDR have to be send to Return-Path of original message, thus it depends what was in its MAIL

Re: [mailop] Cloud hosts for responsible mail servers?

2024-07-12 Thread Alessandro Vesely via mailop
Il 10/07/24 02:18, Lyndon Nerenberg (VE7TFX/VE6BBM) via mailop ha scritto: I publish SPF records, but refuse to participate in DKIM or DMARC. By avoiding the latter two, I don't have to navigate all their associated stupidity, and my mail goes through just fine. Stupid as it is, DMARC is the b

Re: [mailop] [E] Re: AT&T Block

2024-07-07 Thread Alessandro Vesely via mailop
On Sat 06/Jul/2024 18:22:15 +0200 Scott Mutter via mailop wrote: If we're all tired of seeing "Anyone from BLANK able to help with the IP BLANK being blocked?"  Then perhaps this is a nod to BLANK that they need to do better at handling these inquiries or that their means of blocking IPs is too

Re: [mailop] envelope or header address?

2024-07-06 Thread Alessandro Vesely via mailop
On Fri 05/Jul/2024 23:21:17 +0200 Jeff Pang via mailop wrote: OT question, can return-path be customized by sender MTA/MUA? Or must it be envelope? Return-path, envelop sender, bounce address and MAIL FROM are all synonyms for the same thing. Mailing lists always change it when they forwa

Re: [mailop] envelope or header address?

2024-07-05 Thread Alessandro Vesely via mailop
On Fri 05/Jul/2024 15:00:45 +0200 Jaroslaw Rafa wrote: Dnia 5.07.2024 o godz. 19:45:10 Jeff Pang via mailop pisze: When an user requests to join mailing list, which address should we take? The envelope address, or the header From address? I think you should follow the best practice, ie. how

Re: [mailop] Request: UTF-8 email address?

2024-07-01 Thread Alessandro Vesely via mailop
On Sat 29/Jun/2024 21:04:35 +0200 John Levine via mailop wrote: PS: before you tell me I don't know what I'm talking about, you might take a look at this: https://uasg.tech/download/uasg-030-evaluation-of-eai-support-in-email-software-and-services-report-en/ Contrary to all publishing traditi

Re: [mailop] Why an SPF hard bounce on ~all ?

2024-06-28 Thread Alessandro Vesely via mailop
On Thu 27/Jun/2024 21:41:39 +0200 Adam D. Barratt via mailop wrote: On Thu, 2024-06-27 at 14:50 -0400, Ted Smith via mailop wrote: That conbined with the hard fail indicated could account for the rejection of the message, except that I don't understand why the SPF check would be done for the hel

Re: [mailop] Large Volume of Emails in Violation of Acceptable Use Policies

2024-06-28 Thread Alessandro Vesely via mailop
On Fri 28/Jun/2024 11:34:13 +0200 Richard Clayton via mailop wrote: Finally, you may be seeing X emails per time period from Y people. Messages sent from Y machines are a different matter, methinks. Except for expressly requested monitoring services, automatically generated messages should

Re: [mailop] reverse proxy for smtp client

2024-06-24 Thread Alessandro Vesely via mailop
On Mon 24/Jun/2024 12:16:32 +0200 Marco Moock via mailop wrote: Am 24.06.2024 um 12:03:49 Uhr schrieb Alessandro Vesely via mailop: IME, large sending times are often caused by IMAP. Most clients operate by first sending the message and then saving it in the Sent IMAP folder. Just changing

Re: [mailop] reverse proxy for smtp client

2024-06-24 Thread Alessandro Vesely via mailop
IME, large sending times are often caused by IMAP. Most clients operate by first sending the message and then saving it in the Sent IMAP folder. Just changing that method to Bcc: halves the time required. Best Ale On Sat 22/Jun/2024 09:45:36 +0200 Jeff Pang wrote: Hello that's b/c the at

Re: [mailop] too many bad IP blocked

2024-06-22 Thread Alessandro Vesely via mailop
On Fri 21/Jun/2024 18:12:13 +0200 Ralph Seichter via mailop wrote: * Jeff Pang via mailop: given currently I have 3000+ block IPs, every normal client requests to submission, the ip will be checked through those 3000+ list, which slow down the normal client's connection certainly. I consider

Re: [mailop] too many bad IP blocked

2024-06-21 Thread Alessandro Vesely via mailop
On Fri 21/Jun/2024 14:55:16 +0200 Slavko via mailop wrote: Dňa 21. júna 2024 11:50:23 UTC používateľ Alessandro Vesely via mailop napísal: That db currently holds 2,014,973 records. Rather than ipset or single iptables rules, the IPs are stored on a Berkeley DB. They get blocked by a few

Re: [mailop] too many bad IP blocked

2024-06-21 Thread Alessandro Vesely via mailop
On Fri 21/Jun/2024 10:55:53 +0200 Jeff Pang wrote: Here is the drop list by iptables, https://cloud.hostcache.com/drop.list can you help take a look? Of those 2805 addresses, 2726 are also on my block db, 79 are not. That db currently holds 2,014,973 records. Rather than ipset or single ip

Re: [mailop] Debugging fwd issue meta.com to zoho.com (Help from user under meta.com needed)

2024-06-16 Thread Alessandro Vesely via mailop
On Sun 16/Jun/2024 16:38:48 +0200 Tobias Fiebig via mailop wrote: You'd need several domains, all having a rua= pointing to you.  I'd donate a (sub) domain to that effort.  I'm donating a couple of domains to Project Honey Pot.  Unlike that project, however, in this case donated domains will

Re: [mailop] Debugging fwd issue meta.com to zoho.com (Help from user under meta.com needed)

2024-06-16 Thread Alessandro Vesely via mailop
On Sat 15/Jun/2024 18:27:15 +0200 Tobias Fiebig via mailop wrote: Do reports received at dm...@aperture-labs.org contribute to the output of email-security-scans? No, of course not; esec.o is tests-are-atomic. Technically I _could_ (or rather: should) try to implement something similar to wh

Re: [mailop] Debugging fwd issue meta.com to zoho.com (Help from user under meta.com needed)

2024-06-13 Thread Alessandro Vesely via mailop
On Thu 13/Jun/2024 11:14:04 +0200 Tobias Fiebig via mailop wrote: What if spamd, while authenticating a malformed signature, notifies the error in DMARC report?  Would that "fix" spamd? Would be somewhat pointless, though; From the top of my head I am not sure whether there is a fitting fiel

Re: [mailop] Debugging fwd issue meta.com to zoho.com (Help from user under meta.com needed)

2024-06-12 Thread Alessandro Vesely via mailop
On Sun 09/Jun/2024 02:43:38 +0200 Tobias Fiebig via mailop wrote: On Sat, 2024-06-08 at 12:36 +0200, Alessandro Vesely via mailop wrote: ... (unless bugs in email-security-scans are just decorative.) Which ones exactly? What if spamd, while authenticating a malformed signature, notifies

Re: [mailop] Debugging fwd issue meta.com to zoho.com (Help from user under meta.com needed)

2024-06-08 Thread Alessandro Vesely via mailop
On Sat 08/Jun/2024 13:28:30 +0200 Slavko via mailop wrote: Dňa 8. júna 2024 10:36:44 UTC používateľ Alessandro Vesely via mailop napísal: Yes, as it seems Tobias is going to file a bug against rspamd, I presume you are going to somehow fix it (unless bugs in email-security-scans are just

Re: [mailop] Debugging fwd issue meta.com to zoho.com (Help from user under meta.com needed)

2024-06-08 Thread Alessandro Vesely via mailop
On Fri 07/Jun/2024 17:03:00 +0200 Slavko via mailop wrote: Dňa 7. júna 2024 14:37:24 UTC používateľ Alessandro Vesely via mailop napísal: If I were Slavko I'd fix rspamd by adding bug reporting (if it's not already there) rather than removing 2047-decoding. Are you sure, that yo

Re: [mailop] Debugging fwd issue meta.com to zoho.com (Help from user under meta.com needed)

2024-06-07 Thread Alessandro Vesely via mailop
On Wed 05/Jun/2024 11:58:53 +0200 John Levine via mailop wrote: It appears that Tobias Fiebig via mailop said: Well, that would then be rspamd and the python email parser; Question is whether that would qualify as a bug, i.e., 'should not validate'; My understanding would be more in a 'be libe

Re: [mailop] [STATE OF THE UNION] Tales from the Trenches..

2024-05-31 Thread Alessandro Vesely via mailop
On Fri 31/May/2024 14:59:24 +0200 Slavko via mailop wrote: Dňa 31. 5. o 11:51 Alessandro Vesely via mailop napísal(a): What RBLs do you configure? Beside my own RBLs i use DROP & AuthBL from SpamHaus, BIP from virusfree.cz, and multiple codes from dronebl.org. They are queried in par

Re: [mailop] [STATE OF THE UNION] Tales from the Trenches..

2024-05-31 Thread Alessandro Vesely via mailop
On Thu 30/May/2024 23:12:17 +0200 Slavko via mailop wrote: Dňa 30. mája 2024 19:56:01 UTC používateľ Michael Peddemors via mailop napísal: However, it isn't as simple as blocking every IP that bangs on your door. If you block large CGNAT IP's for instance, one compromised IoT device behind

Re: [mailop] (Mis)use of DKIM's length tag and it's impact on DMARC and BIMI

2024-05-19 Thread Alessandro Vesely via mailop
On Sat 18/May/2024 19:37:44 +0200 Dave Crocker via mailop wrote: On 5/17/2024 7:12 AM, Taavi Eomäe via mailop wrote: We hope that with some cooperation from mail operators improved defense measures can be implemented to strengthen DKIM for everyone. As I recall, the original intent was to pe

Re: [mailop] Doesn't ARC substitute DKIM at Gmail inbound?

2024-05-07 Thread Alessandro Vesely via mailop
On Mon 06/May/2024 19:00:24 +0200 Brandon Long wrote: On Mon, May 6, 2024 at 12:41 AM Alessandro Vesely via mailop wrote: The question is, since Gmail seems to require a DKIM signature just to make sure some domain is responsible for the message, doesn't an ARC seal cover the

Re: [mailop] Doesn't ARC substitute DKIM at Gmail inbound?

2024-05-06 Thread Alessandro Vesely via mailop
On Sun 05/May/2024 19:44:57 +0200 Benny Pedersen via mailop wrote: Andrew C Aitchison via mailop skrev den 2024-05-05 18:49: On Sat, 4 May 2024, Alessandro Vesely via mailop wrote: The last URL in the response says something about ARC:    ARC checks the previous authentication status of

Re: [mailop] Gmail has a thing about dots

2024-05-04 Thread Alessandro Vesely via mailop
On Thu 02/May/2024 21:02:28 +0200 John Levine via mailop wrote: While debugging something else, I've been trying to send messages to myself from the address a...@m.jl.ly. RFC 5321 says two dots in a row need to be quoted, and I have checked that my mail system does indeed put in the quotes and i

[mailop] Doesn't ARC substitute DKIM at Gmail inbound?

2024-05-04 Thread Alessandro Vesely via mailop
Hi, I sometimes get this response: 421-4.7.30 This mail has been rate limited because DKIM does not pass. Gmail 421-4.7.30 requires all large senders to authenticate with DKIM. 421-4.7.30 421-4.7.30 Authentication results: 421-4.7.30 DKIM = did not pass 421-4.7.30 For instructi

Re: [mailop] mailop and DKIM signatures

2024-03-22 Thread Alessandro Vesely via mailop
On Fri 22/Mar/2024 18:04:44 +0100 John Levine wrote: It appears that Alessandro Vesely via mailop said: IME, my heuristic algorithm fails more often because senders "oversign", by signing technical such as Content-Type: or Content-Transfer-Encoding: than because it meets

Re: [mailop] mailop and DKIM signatures

2024-03-22 Thread Alessandro Vesely via mailop
On Thu 21/Mar/2024 23:38:22 +0100 Andrew C Aitchison wrote: On Sat, 16 Mar 2024, Gellner, Oliver via mailop wrote: Depending on the kind of changes which have been applied to the message you can reverse the transformations and verify the original DKIM signatures. A member of this list developed

Re: [mailop] mailop and DKIM signatures

2024-03-22 Thread Alessandro Vesely via mailop
On Thu 21/Mar/2024 15:23:59 +0100 Dave Crocker via mailop wrote: On 3/21/2024 3:47 AM, Alessandro Vesely wrote: Mailing lists modify messages in a de-facto standard way. actually, they don't.  or rather, there is more than one de-facto set of modifications and therefore efforts to re

Re: [mailop] mailop and DKIM signatures

2024-03-21 Thread Alessandro Vesely via mailop
On Sun 17/Mar/2024 14:02:23 +0100 Dave Crocker wrote: On 3/16/2024 1:31 PM, Slavko via mailop wrote: And the same RCF clearly suggests to leave other (even invalid) signatures untouched. Which text in RFC 6376 says that? Perhaps you are thinking of Section 6.1 which includes: INFORMATIVE NO

Re: [mailop] Love how people use SPF records.. Just for a chuckle..

2024-03-12 Thread Alessandro Vesely via mailop
Further than trimming, they should consider using neutral qualifiers for generic mail sites. "include:spf.protection.outlook.com" can allow office users to fully impersonate the save.ca domain. Setting "?include:spf.protection.outlook.com" provides for not rejecting due to -all, while not gra

Re: [mailop] % in SRS ?

2024-03-09 Thread Alessandro Vesely via mailop
On 09/03/2024 12:21, Lena--- via mailop wrote: You will still run into a fair number of systems that still see % as an attempt to do source routing and reject the message. Including default Exim config: https://www.exim.org/exim-html-current/doc/html/spec_html/ch-the_default_configuration_file

Re: [mailop] Filter out emoji from email adresses

2024-03-07 Thread Alessandro Vesely via mailop
On 06/03/2024 20:18, Slavko via mailop wrote: Dňa 6. marca 2024 18:13:34 UTC používateľ Bill Cole via mailop napísal: support for SMTPUTF8 *in MTAs operating as MXs* is not widespread enough to be useful Only exim (+ Python and ClawsMail) is usable in that... Courier-MTA + Thunderbird w

Re: [mailop] Why is mail forwarding such a mess?

2024-02-15 Thread Alessandro Vesely via mailop
On Sat 10/Feb/2024 13:10:19 +0100 Archange via mailop wrote: Le 10 février 2024 15:12:29 GMT+04:00, Hal Murray via mailop a écrit : I was picturing something like: user goes to final MTA and says I want you to accept forwarded mail for me from example.com then he goes to example.com an

Re: [mailop] DKIM validity period

2023-12-22 Thread Alessandro Vesely via mailop
On Thu 21/Dec/2023 22:26:34 +0100 Gellner, Oliver wrote: If Google would have published their DKIM private key after it was rotated in 2016, checking the DKIM signature in 2020 would have proven nothing. Yet, if the message was ARC-sealed on forwarding and the forwarder didn't rotate and publ

Re: [mailop] ECDSA DKIM validation?

2023-12-21 Thread Alessandro Vesely via mailop
avko via mailop wrote: Dňa 21. decembra 2023 15:05:08 UTC používateľ Alessandro Vesely via mailop napísal: It seems only (few) small servers dare implementing ed25519. I don't understand why. Do you really don't understand that or do you afraid of what is comming into mind? AFAIK: +

Re: [mailop] ECDSA DKIM validation?

2023-12-21 Thread Alessandro Vesely via mailop
On Thu 21/Dec/2023 14:53:55 +0100 Mike Hillyer via mailop wrote: John Said: I'm sure that Google has code somewhere that can validate ED25519 signatures. But that does not mean that it would be a good idea for them to use that code in production today and try to update their reputation syste

Re: [mailop] ECDSA DKIM validation?

2023-12-21 Thread Alessandro Vesely via mailop
On Thu 21/Dec/2023 10:37:52 +0100 John Levine via mailop wrote: It appears that Alessandro Vesely via mailop said: RFC 8463 still reads out: Signers SHOULD implement and verifiers MUST implement the Ed25519-SHA256 algorithm. Implement is not a synonym for use. Yes, your code should

Re: [mailop] ECDSA DKIM validation?

2023-12-20 Thread Alessandro Vesely via mailop
On Tue 19/Dec/2023 22:12:28 +0100 Gellner, Oliver via mailop wrote: On 19.12.2023 at 12:19 Alessandro Vesely via mailop wrote: On Tue 19/Dec/2023 09:21:55 +0100 Taavi Eomäe wrote: Considering how Gmail and quite a few widespread DKIM implementations still don't support EdDSA DKIM, I wou

Re: [mailop] SMTP smuggling

2023-12-20 Thread Alessandro Vesely via mailop
On Tue 19/Dec/2023 21:19:06 +0100 Marco Moock via mailop wrote: Am 19.12.2023 um 17:20:20 Uhr schrieb Slavko via mailop: Please, understand i properly, that it is no vulnerabiliy in SMTP itself, but in (some) implementations/servers only? According to the stuff I read, sendmail and Postfix (a

Re: [mailop] ECDSA DKIM validation?

2023-12-19 Thread Alessandro Vesely via mailop
On Tue 19/Dec/2023 09:21:55 +0100 Taavi Eomäe wrote: Considering how Gmail and quite a few widespread DKIM implementations still don't support EdDSA DKIM, I wouldn't get my hopes too high. Won't any Google insider shred some lite on why a generally technically sound company lags like that?

Re: [mailop] DMARC processing

2023-12-19 Thread Alessandro Vesely via mailop
On Tue 19/Dec/2023 09:47:15 +0100 Eduardo Diaz Comellas via mailop wrote: I'm starting to deploy DMARC records in all our managed domains, but we don't have any specific tool to parse and extract meaningful information from the reports. Do you have any recomendations? The most basic thing

Re: [mailop] Merry Christmas from Google?

2023-12-17 Thread Alessandro Vesely via mailop
On 17/12/2023 10:45, Benny Pedersen via mailop wrote: hopefully mailman will ARC-Sign / ARC-seal before it breaks dkim That's not the correct way to do it. Authentication results have to be collected on entry, before passing the message to Mailman. The seal, and A-Rs conversion to AAR are

Re: [mailop] Yahoo Feedback Loop

2023-11-30 Thread Alessandro Vesely via mailop
On Wed 29/Nov/2023 20:01:59 +0100 John Levine via mailop wrote: According to Alessandro Vesely via mailop : On Mon 27/Nov/2023 19:28:17 +0100 John Levine via mailop wrote: It appears that Mike Hammett via mailop said: -=-=-=-=-=- -=-=-=-=-=- What do you do when someone keeps reporting

Re: [mailop] Yahoo Feedback Loop

2023-11-29 Thread Alessandro Vesely via mailop
On Mon 27/Nov/2023 19:28:17 +0100 John Levine via mailop wrote: It appears that Mike Hammett via mailop said: -=-=-=-=-=- -=-=-=-=-=- What do you do when someone keeps reporting conversations on a mailman mailing list that is opt-in only to Yahoo? It seems like they forgot they were on NANOG

Re: [mailop] Microsoft's block list?

2023-11-23 Thread Alessandro Vesely via mailop
On Wed 22/Nov/2023 15:25:36 +0100 Otto J. Makela via mailop wrote: Can someone shed light on a Microsoft/Outlook block list? Our hobby server (on upcloud.com) seem to have been blocked for quite some time now. At this time, SPF and DKIM should be correct for our outgoing messages. Is there anyth

Re: [mailop] Google rate-limiting more aggressively than usual?

2023-11-19 Thread Alessandro Vesely via mailop
On Sun 19/Nov/2023 00:15:58 +0100 Philip Paeps via mailop wrote: On 2023-11-18 18:59:53 (+0800), Alessandro Vesely via mailop wrote: On Fri 17/Nov/2023 15:37:58 +0100 Philip Paeps via mailop wrote: We do all the things in the Bulk Sender Guidelines (except DMARC because we don't wa

Re: [mailop] Google rate-limiting more aggressively than usual?

2023-11-18 Thread Alessandro Vesely via mailop
On Fri 17/Nov/2023 15:37:58 +0100 Philip Paeps via mailop wrote: We do all the things in the Bulk Sender Guidelines (except DMARC because we don't want to frustrate our users ability to use third-party mailing lists that don't mitigate it). If you publish p=none you're enabling DMARC without

Re: [mailop] Microsoft lays hands on login data: Beware of the new Outlook

2023-11-13 Thread Alessandro Vesely via mailop
On Sat 11/Nov/2023 10:52:26 +0100 hg user wrote: Do you have a list of IPs that are known to be used for this legit service ? A user of mine used to have logins from my.com (NL), which looks particularly suspect as it is a subsidiary of mail.ru. Mymail behaves similarly to what Luis and oth

Re: [mailop] valid DKIM-signed email spam-classified @gmail only; correct PASS @ other server recipients ?

2023-10-30 Thread Alessandro Vesely via mailop
On Mon 30/Oct/2023 00:37:00 +0100 pgnd via mailop wrote: An obvious question is what's in the mail.  How does it resemble other mail that might have been classified as spam?  Please do not use the terms "DKIM" or "ed25519" in your answer. anything/everything. just the word TEST.  pages of te

Re: [mailop] Success MiTM attack

2023-10-24 Thread Alessandro Vesely via mailop
On Tue 24/Oct/2023 06:53:37 +0200 Matt Palmer via mailop wrote: On Tue, Oct 24, 2023 at 03:11:06AM +0100, Richard Clayton via mailop wrote: In message <07d58480-7dde-4d15-a5ca-5bb6c8e10...@mtasv.net>, Matt Palmer via mailop writes The relative "noisiness" of the attack, in fact, is a fairly st

Re: [mailop] Success MiTM attack

2023-10-22 Thread Alessandro Vesely via mailop
On Sun 22/Oct/2023 13:18:53 +0200 Hans-Martin Mosner via mailop wrote: Am 22.10.23 um 12:23 schrieb Paul Menzel via mailop: It was interesting and surprising to me, as the common perception is, that SSL certificates protect against MiTM attacks as it should provide authenticity. The weak poin

[mailop] Filtered DNS at hhs.gov

2023-10-13 Thread Alessandro Vesely via mailop
That's strange. The same server replies on one query but not the other: ale@pcale:~$ dig +short +norecurse @158.74.30.103 bounce.connect.hhs.gov txt "v=spf1 ip4:158.72.139.19 ip4:158.70.144.146 include:cust-spf.exacttarget.com -all" ale@pcale:~$ ale@pcale:~$ dig +short +norecurse @158.74.30.103

Re: [mailop] fastmail and sender score snafu

2023-10-10 Thread Alessandro Vesely via mailop
On Mon 09/Oct/2023 08:23:33 +0200 Robert Mueller via mailop wrote: I see that current setup might be useful in case some user changes MX before the domain is activated at Fastmail, in which case giving 4xx could make sense. But it is not right to report such re-tries to sender score as attemp

Re: [mailop] Authentication Bounces by Gmail

2023-09-19 Thread Alessandro Vesely via mailop
On Sun 17/Sep/2023 18:58:05 +0200 Ángel via mailop wrote: On 2023-09-15 at 10:26 +0200, Alessandro Vesely via mailop wrote: I get this language, on forwarding: Remote-MTA: dns; gmail-smtp-in.l.google.com [74.125.71.27] Diagnostic-Code: smtp; 550-5.7.26 Unauthenticated email from

Re: [mailop] Authentication Bounces by Gmail

2023-09-15 Thread Alessandro Vesely via mailop
On Wed 13/Sep/2023 02:14:29 +0200 Jason R Cowart wrote: We are seeing an increasing number of bounces by Gmail related to failed authentication checks.  The bounces include language like: <<< 550-5.7.26 This mail is unauthenticated, which poses a security risk to the <<< 550-5.7.26 sender and G

Re: [mailop] Authentication Bounces by Gmail

2023-09-15 Thread Alessandro Vesely via mailop
On Wed 13/Sep/2023 16:34:46 +0200 Grant Taylor via mailop wrote: On 9/13/23 6:04 AM, Jaroslaw Rafa via mailop wrote: So allow your user to specify a list of IP addresses of servers from where the mail is forwarded. I don't buy it. Even if people did know the IP address of their (former) forw

Re: [mailop] Legit-looking mail to the wrong address with no unsubscribe

2023-08-26 Thread Alessandro Vesely via mailop
On Fri 25/Aug/2023 23:12:56 +0200 postfix wrote: users either underuse, or overconsume.  In both cases they are paying more than what a market without subscription would do. Aha, so that's why they tend to give the wrong address... For comparison, the delivery address is wrong in rare cases,

Re: [mailop] Legit-looking mail to the wrong address with no unsubscribe

2023-08-26 Thread Alessandro Vesely via mailop
On Fri 25/Aug/2023 17:36:06 +0200 Chris Adams via mailop wrote: Once upon a time, Jaroslaw Rafa said: Dnia 25.08.2023 o godz. 09:48:35 Chris Adams via mailop pisze: So even for transactional messages, there's usually an account making the purchase, or something is being delivered to an addre

Re: [mailop] [STATE of the UNION] Tails from the trenches of the spam auditing team..

2023-08-25 Thread Alessandro Vesely via mailop
On Thu 24/Aug/2023 17:42:21 +0200 John Levine via mailop wrote: It appears that Slavko via mailop said: In all the years I've been running mail systems (which to my great astonishment is now greater than 25!) I've used a variety of netblock sizes and occasionally entire AS numbers in outright

Re: [mailop] DKIM AUID and subdomains

2023-08-21 Thread Alessandro Vesely via mailop
On Sun 20/Aug/2023 12:35:20 +0200 Slavko via mailop wrote: i recently start to sign subdomain's (no bulk, nor mass, nor advertising, etc) mails by parent (main) domain key, mostly to simplify DNS setup, thus mails looks eg.: DKIM-Signature: ... d=example.org From: That works and AF

Re: [mailop] ANY OVH Contact?

2023-08-10 Thread Alessandro Vesely via mailop
On Wed 09/Aug/2023 18:36:46 +0200 Michael Peddemors via mailop wrote: On 2023-08-09 08:55, Mark Alley via mailop wrote: On 8/9/2023 3:31 AM, Jaroslaw Rafa via mailop wrote: Dnia  9.08.2023 o godz. 11:00:12 Otto J. Makela via mailop pisze: Unless the situation has dramatically changed in the l

Re: [mailop] Antivirus/anti-phish email scanning

2023-08-02 Thread Alessandro Vesely via mailop
On Mon 31/Jul/2023 15:34:39 + Mailop wrote: Use AV products by all means, but don't assume they will catch everything. Do have plans for if/when you find something; both before and after it causes harm. Training users would seem to be a promising activity. There are lots of offers in thi

Re: [mailop] Guide for setting up a mail server ?

2023-07-11 Thread Alessandro Vesely via mailop
On Mon 10/Jul/2023 11:25:04 +0200 Carsten Schiefner via mailop wrote: Home - maddy https://maddy.email/ Courier-MTA is another all-in-one package. https://www.courier-mta.org/ They both have a long list of configuration tasks. I don't think one can work out a guide from comparing them, but

Re: [mailop] SPF +all considered harmful

2023-07-11 Thread Alessandro Vesely via mailop
On Sat 08/Jul/2023 11:47:41 +0200 Sebastian Nielsen via mailop wrote: I would say +all is always harmful. The difference between having +all and not having any at all (or ?all) is that you affirmately, by using +all, tell the system the email is genuine. If you somehow want to treat all emails a

Re: [mailop] Mimecast Adimin Probation Block - 74.203.49.59

2023-07-02 Thread Alessandro Vesely via mailop
On Thu 29/Jun/2023 04:46:35 +0200 Sebastian Nielsen via mailop wrote: See RFC 8058 on doing one-click unsubs in a way unlikely to be mistriggered. Its a good idea, but don't count on all MUAs implementing this function, so best here is to have both, if request arrives from the RFC 8058 header

Re: [mailop] Cannot talk to Sharedband

2023-06-25 Thread Alessandro Vesely via mailop
On Sat 24/Jun/2023 16:41:25 +0200 Bill Cole via mailop wrote: On 2023-06-24 at 05:49:30 UTC-0400 (Sat, 24 Jun 2023 11:49:30 +0200) Alessandro Vesely via mailop is rumored to have said: I had a bounce: Reporting-MTA: dns;PR3PR05MB7547.eurprd05.prod.outlook.com Received-From-MTA: dns

[mailop] Cannot talk to Sharedband

2023-06-24 Thread Alessandro Vesely via mailop
I had a bounce: Reporting-MTA: dns;PR3PR05MB7547.eurprd05.prod.outlook.com Received-From-MTA: dns;wmail.tana.it Arrival-Date: Sat, 24 Jun 2023 03:03:07 + Original-Recipient: rfc822;redac...@sharedband.com Final-Recipient: rfc822;redac...@sharedband.com Action: failed Status: 5.7.520 Diagnost

Re: [mailop] DMARC and subdomains

2023-06-18 Thread Alessandro Vesely via mailop
On Fri 16/Jun/2023 22:41:39 +0200 Gellner, Oliver via mailop wrote: On 16.06.2023 at 16:13 Jaroslaw Rafa via mailop wrote: [...] So at least one (and important one, given the size of this mail service) implementation of DMARC does not use the PSL. eu.org is located in the private domain sectio

Re: [mailop] SPF: Does include: a host without TXT entry invalidate the whole SPF entry?

2023-06-12 Thread Alessandro Vesely via mailop
On Fri 09/Jun/2023 19:14:31 +0200 Slavko via mailop wrote: Dňa 9. júna 2023 16:07:28 UTC používateľ Andrew C Aitchison via mailop napísal: I asked one of the checker websites about that and recieved the reply: RFC6652 is a proposed standard from 2012, but was replaced by DMARC in 2015. DMAR

Re: [mailop] SPF: Does include: a host without TXT entry invalidate the whole SPF entry?

2023-06-09 Thread Alessandro Vesely via mailop
On Fri 09/Jun/2023 07:37:06 +0200 Benoît Panizzon via mailop wrote: If you don't care enough to publish a valid SPF record, why should we think you care whether we deliver your mail? The customer in question used an ESP to send marketing emails. That ESP told him what host to include in his

Re: [mailop] SRS? Was Noticed Google now suggests changing envelope sender for forwarding

2023-06-02 Thread Alessandro Vesely via mailop
On Fri 02/Jun/2023 02:14:50 +0200 Brandon Long via mailop wrote: On Thu, Jun 1, 2023 at 11:20 AM Alessandro Vesely via mailop.org wrote: On Thu 01/Jun/2023 17:45:38 +0200 Robert L Mathews wrote: So I guess it's time to add SRS rewriting for Gmail addresses...! The only points I see i

[mailop] SRS? Was Noticed Google now suggests changing envelope sender for forwarding

2023-06-01 Thread Alessandro Vesely via mailop
On Thu 01/Jun/2023 17:45:38 +0200 Robert L Mathews wrote: So I guess it's time to add SRS rewriting for Gmail addresses...! The only points I see in SRS are mailbox full or oversize. You ought to notify the author that the message got lost. It is just a temporary feature, though. But this

  1   2   3   >