On Wed 12/Feb/2025 21:44:48 +0100 John Levine via mailop wrote:
It appears that Niels Kobschätzki via mailop said:
Hello,
I have encountered the first time apparently the problem that I have a user who
forwards mails to another mail-server and a forwarded
mail got rejected because of the dmar
On Wed 12/Feb/2025 21:41:32 +0100 John Levine via mailop wrote:
It appears that Grant Taylor via mailop said:
On 2/11/25 5:12 AM, Alessandro Vesely via mailop wrote:
And what happens if the amount is exceeded?
I don't know.
They politely write to you and ask you to pay.
It'
On Wed 12/Feb/2025 17:02:09 +0100 Louis wrote:
As far as I know, ARC only solves this issue if the recipient trusts your ARC
signature. So it really depends on the environment if it actually will be a
solution.
Correct, up to a workable definition of environment.
In most scenarios, the ma
On Wed 12/Feb/2025 13:49:37 +0100 Matthew Stith via mailop wrote:
Free Usage Limits
Some of the language included in our usage terms is vague (on purpose).
Publishing specific limits leads to abuse of systems in Spamhaus' line of work.
A company of 10 to 50 would be hard pressed to hit the ave
On Tue 11/Feb/2025 03:37:11 +0100 Grant Taylor wrote:
On 2/8/25 13:14, Tapio Peltonen via mailop wrote:
I'm not even sure if I qualify, since I represent a (small) commercial
entity, athough we do not do any e-mail related business; we only use email
as a means of communication and have very lo
On Sun 09/Feb/2025 12:06:36 +0100 Marco Moock wrote:
While analyzing rejected DMARC report mails generated by
opendmarc-reports v1.4.2, I noticed that they are generated in zip
instead of gzip.
Some sites reject zip at all.
|The aggregate data MUST be an XML file that SHOULD be subjected to
|GZ
On Fri 07/Feb/2025 16:31:16 +0100 Slavko via mailop wrote:
On 7. februára 2025 14:03:23 UTC, "L. Mark Stone via mailop"
wrote:
Spamhaus use Github, so if you want to use DQS from within SpamAssassin for
example, you would go here:
Thanks, but i don't use SA. Anyway, i fail to find BCL menti
On Wed 05/Feb/2025 10:34:19 +0100 Kirill Miazine via mailop wrote:
• Tapio Peltonen via mailop [2025-02-05 11:28]:
Not really free, looks like, although they do seem to imply that, e.g. here:
https://submit.spamhaus.org/resources/query-the-legacy-dnsbls-via-hetzner/
There's 30 day free trial,
On Tue 04/Feb/2025 09:50:48 +0100 Jaroslaw Rafa wrote:
Dnia 3.02.2025 o godz. 23:26:05 Graeme Slogrove via mailop pisze:
We asked them to add MX records, but most didn't bother ("It works from
Microsoft/Gmail/Other, why not you??"), and we turned fallback on again.
I already said that - it's
On Wed 29/Jan/2025 15:41:06 +0100 ismael tanguy wrote:
On incoming layer, saying I create an Authentication-Results header and
base a first ARC Set Then, email travels through infra and can be
eventually forwarded to outside (redirection, responder, mailinglist).
This ARC set is noisy and u
On Tue 28/Jan/2025 18:49:01 +0100 Fehlauer, Norbert wrote:
Hi,
Thanks. So, if a domain has correct defined mx records only those can be used
and if they are not reachable for any reason there should never be an attempt
to reach the implicit MX RR of the domain.
Correct.
The reason I'm as
On Tue 10/Dec/2024 23:23:51 +0100 Andrew C Aitchison wrote:
On Tue, 10 Dec 2024, Michael Peddemors via mailop wrote:
Ouch.. getting even harder for recipient spam protections to catch this guy,
given that o365 is also a 'too big to block'..
Standard Paypal Phone Scam we have seen coming from
On Tue 10/Dec/2024 17:49:38 +0100 Laura Atkins wrote:
There is a huge amount of replay going on right now with domains that are
p=reject. Venmo is getting hit - and it’s coming through various infrastructures.
So the To: "noreplies2@highlandspark. store"
line was bogus?
Best
Ale
--
__
On Sun 27/Oct/2024 18:35:29 +0100 John Levine via mailop wrote:
It appears that Viktor Dukhovni via mailop said:
On Sat, Oct 26, 2024 at 02:16:51PM -0400, John Levine via mailop wrote:
I wrote the RFC and I still haven't gotten around to it.
I hope you saw my note about returning to SPKI en
On Mon 21/Oct/2024 17:46:14 +0200 Geoff Mulligan via mailop wrote:
Maybe I'm just now more observant, but I've seen a huge increase in bunches of
systems trying to brute force an SASL login.
Here is a list of IPs that have tried in just the last hour:
[...]
87.120.84.58
[...]
I wrote a script t
On Mon 21/Oct/2024 16:43:03 +0200 Dave Crocker via mailop wrote:
On 10/21/2024 4:39 AM, Alessandro Vesely via mailop wrote:
On Mon 21/Oct/2024 05:50:09 +0200 Dave Crocker wrote:
In other words, to get around DMARC fragility and false positive damage, an
intermediary must
1. Break DMARC, by
On Mon 21/Oct/2024 05:50:09 +0200 Dave Crocker wrote:
On 10/18/2024 7:38 AM, Bill Cole via mailop wrote:
The real original sender is preserved in the Reply-To here (and on most lists
using Mailman today.)
In other words, to get around DMARC fragility and false positive damage, an
intermediary
On Sun 20/Oct/2024 04:17:22 +0200 Viktor Dukhovni wrote:
On 20 Oct 2024, at 7:09 AM, Gellner, Oliver via mailop
wrote:
Apple Mail shows Reply-To headers. Not only by default, but always, you cannot
hide them.
The downside is that it does not show the email addresses but only the display
name
On Fri 18/Oct/2024 19:33:41 +0200 Jaroslaw Rafa wrote:
Dnia 18.10.2024 o godz. 14:24:05 Slavko via mailop pisze:
Of course, and spammers would be stupid to not abuse the
fact, that email client allow to setup to show display name
without email address, with fallback to email, if there is no
On Wed 16/Oct/2024 18:00:47 +0200 Dave Crocker via mailop wrote:
[...]
7. The myth that SPF is simple to implement is because it is simple for a
sender to create a basic SPF record. It does not mean that it is simple to
create a more elaborate record, or to ensure that all authorized sending
On Fri 11/Oct/2024 14:03:40 +0200 Gellner, Oliver via mailop wrote:
On 11.10.2024 at 00:08 Mark Delany via mailop wrote:
Given that you have to allow for a queue time of multiple days, x= seems of
marginal value
- leastwise as an anti-replay mechanism.
If the MTA allows it, it can update the
On Thu 10/Oct/2024 14:42:43 +0200 Atro Tossavainen via mailop wrote:
If you've got any evidence of x= in the wild that you care to share,
thank you kindly in advance!
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=customer.domain; s=k3;
t=1728563812; x=1728824312; i=news@custo
On Mon 07/Oct/2024 08:42:28 +0200 Viktor Dukhovni via mailop wrote:
One can reasonably take the view that U-labels are largely a matter of
the user-interface (presentation) layer, the *real* domain name is the
A-label form! But users don't directly work with attrleaf names, these
arise only
On Fri 04/Oct/2024 19:05:23 +0200 L. Mark Stone via mailop wrote:
FWIW we use Fail2Ban and just block those IPs after X number of failed login
attempts.
Yup, my firewall works in a similar way. However, such attempts are a symptom
that there is a bot at that IP. Reporting them might help c
Hi,
this is the second day that illegal login attempts to IMAP/SMTP accounts are
down by almost an order of magnitude (thousands to hundreds on my tiny server).
Has there been some mayor clearance?
Best
Ale
--
___
mailop mailing list
mailop@mai
On Fri 26/Jul/2024 14:02:43 +0200 Tobias Herkula via mailop wrote:
the empty mail-from is on purpose, it's fire and forget, if you don't
want the reports remove the RUA entry in the DMARC TXT-RR or remove RUA
Address Validation TXT-RRs and we will stop sending them, but we have no
interest in a
Il 11/07/24 23:23, Slavko via mailop ha scritto:
Dňa 11. júla 2024 20:01:17 UTC používateľ Jesse Hathaway via mailop
napísal:
1. Why are the non-delivery notifications sent to
rather than to ?
NDR have to be send to Return-Path of original message, thus it depends
what was in its MAIL
Il 10/07/24 02:18, Lyndon Nerenberg (VE7TFX/VE6BBM) via mailop ha scritto:
I publish SPF records, but refuse to participate in DKIM or DMARC.
By avoiding the latter two, I don't have to navigate all their
associated stupidity, and my mail goes through just fine.
Stupid as it is, DMARC is the b
On Sat 06/Jul/2024 18:22:15 +0200 Scott Mutter via mailop wrote:
If we're all tired of seeing "Anyone from BLANK able to help with the IP BLANK
being blocked?" Then perhaps this is a nod to BLANK that they need to do
better at handling these inquiries or that their means of blocking IPs is too
On Fri 05/Jul/2024 23:21:17 +0200 Jeff Pang via mailop wrote:
OT question, can return-path be customized by sender MTA/MUA? Or must it be
envelope?
Return-path, envelop sender, bounce address and MAIL FROM are all synonyms for
the same thing.
Mailing lists always change it when they forwa
On Fri 05/Jul/2024 15:00:45 +0200 Jaroslaw Rafa wrote:
Dnia 5.07.2024 o godz. 19:45:10 Jeff Pang via mailop pisze:
When an user requests to join mailing list, which address should we
take? The envelope address, or the header From address?
I think you should follow the best practice, ie. how
On Sat 29/Jun/2024 21:04:35 +0200 John Levine via mailop wrote:
PS: before you tell me I don't know what I'm talking about, you might take
a look at this:
https://uasg.tech/download/uasg-030-evaluation-of-eai-support-in-email-software-and-services-report-en/
Contrary to all publishing traditi
On Thu 27/Jun/2024 21:41:39 +0200 Adam D. Barratt via mailop wrote:
On Thu, 2024-06-27 at 14:50 -0400, Ted Smith via mailop wrote:
That conbined with the hard fail indicated could account for the
rejection of the message, except that I don't understand why the SPF
check would be done for the hel
On Fri 28/Jun/2024 11:34:13 +0200 Richard Clayton via mailop wrote:
Finally, you may be seeing X emails per time period from Y people.
Messages sent from Y machines are a different matter, methinks. Except for
expressly requested monitoring services, automatically generated messages
should
On Mon 24/Jun/2024 12:16:32 +0200 Marco Moock via mailop wrote:
Am 24.06.2024 um 12:03:49 Uhr schrieb Alessandro Vesely via mailop:
IME, large sending times are often caused by IMAP. Most clients
operate by first sending the message and then saving it in the Sent
IMAP folder. Just changing
IME, large sending times are often caused by IMAP. Most clients operate by
first sending the message and then saving it in the Sent IMAP folder. Just
changing that method to Bcc: halves the time required.
Best
Ale
On Sat 22/Jun/2024 09:45:36 +0200 Jeff Pang wrote:
Hello
that's b/c the at
On Fri 21/Jun/2024 18:12:13 +0200 Ralph Seichter via mailop wrote:
* Jeff Pang via mailop:
given currently I have 3000+ block IPs, every normal client requests
to submission, the ip will be checked through those 3000+ list, which
slow down the normal client's connection certainly.
I consider
On Fri 21/Jun/2024 14:55:16 +0200 Slavko via mailop wrote:
Dňa 21. júna 2024 11:50:23 UTC používateľ Alessandro Vesely via mailop
napísal:
That db currently holds 2,014,973 records. Rather than ipset or single
iptables rules, the IPs are stored on a Berkeley DB. They get blocked by a few
On Fri 21/Jun/2024 10:55:53 +0200 Jeff Pang wrote:
Here is the drop list by iptables,
https://cloud.hostcache.com/drop.list
can you help take a look?
Of those 2805 addresses, 2726 are also on my block db, 79 are not.
That db currently holds 2,014,973 records. Rather than ipset or single
ip
On Sun 16/Jun/2024 16:38:48 +0200 Tobias Fiebig via mailop wrote:
You'd need several domains, all having a rua= pointing to you. I'd
donate a (sub) domain to that effort. I'm donating a couple of
domains to Project Honey Pot. Unlike that project, however, in this
case donated domains will
On Sat 15/Jun/2024 18:27:15 +0200 Tobias Fiebig via mailop wrote:
Do reports received at dm...@aperture-labs.org contribute to the
output of email-security-scans?
No, of course not; esec.o is tests-are-atomic. Technically I _could_
(or rather: should) try to implement something similar to wh
On Thu 13/Jun/2024 11:14:04 +0200 Tobias Fiebig via mailop wrote:
What if spamd, while authenticating a malformed signature, notifies
the error in DMARC report? Would that "fix" spamd?
Would be somewhat pointless, though; From the top of my head I am not
sure whether there is a fitting fiel
On Sun 09/Jun/2024 02:43:38 +0200 Tobias Fiebig via mailop wrote:
On Sat, 2024-06-08 at 12:36 +0200, Alessandro Vesely via mailop wrote:
... (unless bugs in email-security-scans are just decorative.)
Which ones exactly?
What if spamd, while authenticating a malformed signature, notifies
On Sat 08/Jun/2024 13:28:30 +0200 Slavko via mailop wrote:
Dňa 8. júna 2024 10:36:44 UTC používateľ Alessandro Vesely via mailop
napísal:
Yes, as it seems Tobias is going to file a bug against rspamd, I presume you
are going to somehow fix it (unless bugs in email-security-scans are just
On Fri 07/Jun/2024 17:03:00 +0200 Slavko via mailop wrote:
Dňa 7. júna 2024 14:37:24 UTC používateľ Alessandro Vesely via mailop
napísal:
If I were Slavko I'd fix rspamd by adding bug reporting (if it's not already
there) rather than removing 2047-decoding.
Are you sure, that yo
On Wed 05/Jun/2024 11:58:53 +0200 John Levine via mailop wrote:
It appears that Tobias Fiebig via mailop said:
Well, that would then be rspamd and the python email parser; Question
is whether that would qualify as a bug, i.e., 'should not validate'; My
understanding would be more in a 'be libe
On Fri 31/May/2024 14:59:24 +0200 Slavko via mailop wrote:
Dňa 31. 5. o 11:51 Alessandro Vesely via mailop napísal(a):
What RBLs do you configure?
Beside my own RBLs i use DROP & AuthBL from SpamHaus, BIP from
virusfree.cz, and multiple codes from dronebl.org. They are queried
in par
On Thu 30/May/2024 23:12:17 +0200 Slavko via mailop wrote:
Dňa 30. mája 2024 19:56:01 UTC používateľ Michael Peddemors via mailop
napísal:
However, it isn't as simple as blocking every IP that bangs on your door. If
you block large CGNAT IP's for instance, one compromised IoT device behind
On Sat 18/May/2024 19:37:44 +0200 Dave Crocker via mailop wrote:
On 5/17/2024 7:12 AM, Taavi Eomäe via mailop wrote:
We hope that with some cooperation from mail operators improved defense
measures can be implemented to strengthen DKIM for everyone.
As I recall, the original intent was to pe
On Mon 06/May/2024 19:00:24 +0200 Brandon Long wrote:
On Mon, May 6, 2024 at 12:41 AM Alessandro Vesely via mailop
wrote:
The question is, since Gmail seems to require a DKIM signature just to
make sure some domain is responsible for the message, doesn't an ARC seal
cover the
On Sun 05/May/2024 19:44:57 +0200 Benny Pedersen via mailop wrote:
Andrew C Aitchison via mailop skrev den 2024-05-05 18:49:
On Sat, 4 May 2024, Alessandro Vesely via mailop wrote:
The last URL in the response says something about ARC:
ARC checks the previous authentication status of
On Thu 02/May/2024 21:02:28 +0200 John Levine via mailop wrote:
While debugging something else, I've been trying to send messages to myself
from the address a...@m.jl.ly. RFC 5321 says two dots in a row need to be
quoted, and I have checked that my mail system does indeed put in the quotes
and i
Hi,
I sometimes get this response:
421-4.7.30 This mail has been rate limited because DKIM does not pass. Gmail
421-4.7.30 requires all large senders to authenticate with DKIM.
421-4.7.30
421-4.7.30 Authentication results:
421-4.7.30 DKIM = did not pass
421-4.7.30 For instructi
On Fri 22/Mar/2024 18:04:44 +0100 John Levine wrote:
It appears that Alessandro Vesely via mailop said:
IME, my heuristic algorithm fails more often because senders "oversign", by
signing technical such as Content-Type: or Content-Transfer-Encoding: than
because it meets
On Thu 21/Mar/2024 23:38:22 +0100 Andrew C Aitchison wrote:
On Sat, 16 Mar 2024, Gellner, Oliver via mailop wrote:
Depending on the kind of changes which have been applied to the
message you can reverse the transformations and verify the original
DKIM signatures. A member of this list developed
On Thu 21/Mar/2024 15:23:59 +0100 Dave Crocker via mailop wrote:
On 3/21/2024 3:47 AM, Alessandro Vesely wrote:
Mailing lists modify messages in a de-facto standard way.
actually, they don't. or rather, there is more than one de-facto set of
modifications and therefore efforts to re
On Sun 17/Mar/2024 14:02:23 +0100 Dave Crocker wrote:
On 3/16/2024 1:31 PM, Slavko via mailop wrote:
And the same RCF clearly suggests to leave other (even invalid)
signatures untouched.
Which text in RFC 6376 says that?
Perhaps you are thinking of Section 6.1 which includes:
INFORMATIVE NO
Further than trimming, they should consider using neutral qualifiers for
generic mail sites. "include:spf.protection.outlook.com" can allow
office users to fully impersonate the save.ca domain. Setting
"?include:spf.protection.outlook.com" provides for not rejecting due to
-all, while not gra
On 09/03/2024 12:21, Lena--- via mailop wrote:
You will still run into a fair number of systems that still see % as
an attempt to do source routing and reject the message.
Including default Exim config:
https://www.exim.org/exim-html-current/doc/html/spec_html/ch-the_default_configuration_file
On 06/03/2024 20:18, Slavko via mailop wrote:
Dňa 6. marca 2024 18:13:34 UTC používateľ Bill Cole via mailop
napísal:
support for SMTPUTF8 *in MTAs operating as MXs* is not widespread enough to be
useful
Only exim (+ Python and ClawsMail) is usable in that...
Courier-MTA + Thunderbird w
On Sat 10/Feb/2024 13:10:19 +0100 Archange via mailop wrote:
Le 10 février 2024 15:12:29 GMT+04:00, Hal Murray via mailop
a écrit :
I was picturing something like:
user goes to final MTA and says I want you to accept forwarded mail for me
from example.com
then he goes to example.com an
On Thu 21/Dec/2023 22:26:34 +0100 Gellner, Oliver wrote:
If Google would have published their DKIM private key after it was rotated in
2016, checking the DKIM signature in 2020 would have proven nothing.
Yet, if the message was ARC-sealed on forwarding and the forwarder didn't
rotate and publ
avko via mailop wrote:
Dňa 21. decembra 2023 15:05:08 UTC používateľ Alessandro Vesely via mailop
napísal:
It seems only (few) small servers dare implementing ed25519.
I don't understand why.
Do you really don't understand that or do you afraid of what is
comming into mind?
AFAIK:
+
On Thu 21/Dec/2023 14:53:55 +0100 Mike Hillyer via mailop wrote:
John Said:
I'm sure that Google has code somewhere that can validate ED25519
signatures. But that does not mean that it would be a good idea for them
to use that code in production today and try to update their reputation
syste
On Thu 21/Dec/2023 10:37:52 +0100 John Levine via mailop wrote:
It appears that Alessandro Vesely via mailop said:
RFC 8463 still reads out:
Signers SHOULD implement and verifiers MUST implement the
Ed25519-SHA256 algorithm.
Implement is not a synonym for use.
Yes, your code should
On Tue 19/Dec/2023 22:12:28 +0100 Gellner, Oliver via mailop wrote:
On 19.12.2023 at 12:19 Alessandro Vesely via mailop wrote:
On Tue 19/Dec/2023 09:21:55 +0100 Taavi Eomäe wrote:
Considering how Gmail and quite a few widespread DKIM implementations still
don't support EdDSA DKIM, I wou
On Tue 19/Dec/2023 21:19:06 +0100 Marco Moock via mailop wrote:
Am 19.12.2023 um 17:20:20 Uhr schrieb Slavko via mailop:
Please, understand i properly, that it is no vulnerabiliy in SMTP
itself, but in (some) implementations/servers only?
According to the stuff I read, sendmail and Postfix (a
On Tue 19/Dec/2023 09:21:55 +0100 Taavi Eomäe wrote:
Considering how Gmail and quite a few widespread DKIM implementations still
don't support EdDSA DKIM, I wouldn't get my hopes too high.
Won't any Google insider shred some lite on why a generally technically sound
company lags like that?
On Tue 19/Dec/2023 09:47:15 +0100 Eduardo Diaz Comellas via mailop wrote:
I'm starting to deploy DMARC records in all our managed domains, but we don't
have any specific tool to parse and extract meaningful information from the
reports.
Do you have any recomendations?
The most basic thing
On 17/12/2023 10:45, Benny Pedersen via mailop wrote:
hopefully mailman will ARC-Sign / ARC-seal before it breaks dkim
That's not the correct way to do it. Authentication results have to be
collected on entry, before passing the message to Mailman. The seal,
and A-Rs conversion to AAR are
On Wed 29/Nov/2023 20:01:59 +0100 John Levine via mailop wrote:
According to Alessandro Vesely via mailop :
On Mon 27/Nov/2023 19:28:17 +0100 John Levine via mailop wrote:
It appears that Mike Hammett via mailop said:
-=-=-=-=-=-
-=-=-=-=-=-
What do you do when someone keeps reporting
On Mon 27/Nov/2023 19:28:17 +0100 John Levine via mailop wrote:
It appears that Mike Hammett via mailop said:
-=-=-=-=-=-
-=-=-=-=-=-
What do you do when someone keeps reporting conversations on a mailman mailing list that is opt-in only to Yahoo?
It seems like they forgot they were on NANOG
On Wed 22/Nov/2023 15:25:36 +0100 Otto J. Makela via mailop wrote:
Can someone shed light on a Microsoft/Outlook block list? Our hobby server
(on upcloud.com) seem to have been blocked for quite some time now.
At this time, SPF and DKIM should be correct for our outgoing messages.
Is there anyth
On Sun 19/Nov/2023 00:15:58 +0100 Philip Paeps via mailop wrote:
On 2023-11-18 18:59:53 (+0800), Alessandro Vesely via mailop wrote:
On Fri 17/Nov/2023 15:37:58 +0100 Philip Paeps via mailop wrote:
We do all the things in the Bulk Sender Guidelines (except DMARC because we
don't wa
On Fri 17/Nov/2023 15:37:58 +0100 Philip Paeps via mailop wrote:
We do all the things in the Bulk Sender Guidelines (except DMARC because we
don't want to frustrate our users ability to use third-party mailing lists that
don't mitigate it).
If you publish p=none you're enabling DMARC without
On Sat 11/Nov/2023 10:52:26 +0100 hg user wrote:
Do you have a list of IPs that are known to be used for this legit service ?
A user of mine used to have logins from my.com (NL), which looks particularly
suspect as it is a subsidiary of mail.ru. Mymail behaves similarly to what
Luis and oth
On Mon 30/Oct/2023 00:37:00 +0100 pgnd via mailop wrote:
An obvious question is what's in the mail. How does it resemble other
mail that might have been classified as spam? Please do not use the terms
"DKIM" or "ed25519" in your answer.
anything/everything.
just the word TEST. pages of te
On Tue 24/Oct/2023 06:53:37 +0200 Matt Palmer via mailop wrote:
On Tue, Oct 24, 2023 at 03:11:06AM +0100, Richard Clayton via mailop wrote:
In message <07d58480-7dde-4d15-a5ca-5bb6c8e10...@mtasv.net>, Matt Palmer
via mailop writes
The relative "noisiness" of the attack, in fact, is a fairly st
On Sun 22/Oct/2023 13:18:53 +0200 Hans-Martin Mosner via mailop wrote:
Am 22.10.23 um 12:23 schrieb Paul Menzel via mailop:
It was interesting and surprising to me, as the common perception is, that
SSL certificates protect against MiTM attacks as it should provide authenticity.
The weak poin
That's strange. The same server replies on one query but not the other:
ale@pcale:~$ dig +short +norecurse @158.74.30.103 bounce.connect.hhs.gov txt
"v=spf1 ip4:158.72.139.19 ip4:158.70.144.146 include:cust-spf.exacttarget.com
-all"
ale@pcale:~$
ale@pcale:~$ dig +short +norecurse @158.74.30.103
On Mon 09/Oct/2023 08:23:33 +0200 Robert Mueller via mailop wrote:
I see that current setup might be useful in case some user changes MX
before the domain is activated at Fastmail, in which case giving 4xx
could make sense. But it is not right to report such re-tries to sender
score as attemp
On Sun 17/Sep/2023 18:58:05 +0200 Ángel via mailop wrote:
On 2023-09-15 at 10:26 +0200, Alessandro Vesely via mailop wrote:
I get this language, on forwarding:
Remote-MTA: dns; gmail-smtp-in.l.google.com [74.125.71.27]
Diagnostic-Code: smtp; 550-5.7.26 Unauthenticated email from
On Wed 13/Sep/2023 02:14:29 +0200 Jason R Cowart wrote:
We are seeing an increasing number of bounces by Gmail related to failed
authentication checks. The bounces include language like:
<<< 550-5.7.26 This mail is unauthenticated, which poses a security risk to the
<<< 550-5.7.26 sender and G
On Wed 13/Sep/2023 16:34:46 +0200 Grant Taylor via mailop wrote:
On 9/13/23 6:04 AM, Jaroslaw Rafa via mailop wrote:
So allow your user to specify a list of IP addresses of servers from where
the mail is forwarded.
I don't buy it.
Even if people did know the IP address of their (former) forw
On Fri 25/Aug/2023 23:12:56 +0200 postfix wrote:
users either underuse, or overconsume. In both cases they are paying more than
what a market without subscription would do.
Aha, so that's why they tend to give the wrong address...
For comparison, the delivery address is wrong in rare cases,
On Fri 25/Aug/2023 17:36:06 +0200 Chris Adams via mailop wrote:
Once upon a time, Jaroslaw Rafa said:
Dnia 25.08.2023 o godz. 09:48:35 Chris Adams via mailop pisze:
So even for transactional messages, there's usually an account making
the purchase, or something is being delivered to an addre
On Thu 24/Aug/2023 17:42:21 +0200 John Levine via mailop wrote:
It appears that Slavko via mailop said:
In all the years I've been running mail systems (which to my great astonishment
is now greater than 25!) I've used a variety of netblock sizes and occasionally
entire AS numbers in outright
On Sun 20/Aug/2023 12:35:20 +0200 Slavko via mailop wrote:
i recently start to sign subdomain's (no bulk, nor mass, nor advertising,
etc) mails by parent (main) domain key, mostly to simplify DNS setup,
thus mails looks eg.:
DKIM-Signature: ... d=example.org
From:
That works and AF
On Wed 09/Aug/2023 18:36:46 +0200 Michael Peddemors via mailop wrote:
On 2023-08-09 08:55, Mark Alley via mailop wrote:
On 8/9/2023 3:31 AM, Jaroslaw Rafa via mailop wrote:
Dnia 9.08.2023 o godz. 11:00:12 Otto J. Makela via mailop pisze:
Unless the situation has dramatically changed in the l
On Mon 31/Jul/2023 15:34:39 + Mailop wrote:
Use AV products by all means, but don't assume they will catch everything.
Do have plans for if/when you find something; both before and after it
causes harm.
Training users would seem to be a promising activity. There are lots of
offers in thi
On Mon 10/Jul/2023 11:25:04 +0200 Carsten Schiefner via mailop wrote:
Home - maddy
https://maddy.email/
Courier-MTA is another all-in-one package.
https://www.courier-mta.org/
They both have a long list of configuration tasks. I don't think one can work out a
guide from comparing them, but
On Sat 08/Jul/2023 11:47:41 +0200 Sebastian Nielsen via mailop wrote:
I would say +all is always harmful. The difference between having +all and not
having any at all (or ?all) is that you affirmately, by using +all, tell the
system the email is genuine. If you somehow want to treat all emails a
On Thu 29/Jun/2023 04:46:35 +0200 Sebastian Nielsen via mailop wrote:
See RFC 8058 on doing one-click unsubs in a way unlikely to be mistriggered.
Its a good idea, but don't count on all MUAs implementing this function, so
best here is to have both, if request arrives from the RFC 8058 header
On Sat 24/Jun/2023 16:41:25 +0200 Bill Cole via mailop wrote:
On 2023-06-24 at 05:49:30 UTC-0400 (Sat, 24 Jun 2023 11:49:30 +0200)
Alessandro Vesely via mailop
is rumored to have said:
I had a bounce:
Reporting-MTA: dns;PR3PR05MB7547.eurprd05.prod.outlook.com
Received-From-MTA: dns
I had a bounce:
Reporting-MTA: dns;PR3PR05MB7547.eurprd05.prod.outlook.com
Received-From-MTA: dns;wmail.tana.it
Arrival-Date: Sat, 24 Jun 2023 03:03:07 +
Original-Recipient: rfc822;redac...@sharedband.com
Final-Recipient: rfc822;redac...@sharedband.com
Action: failed
Status: 5.7.520
Diagnost
On Fri 16/Jun/2023 22:41:39 +0200 Gellner, Oliver via mailop wrote:
On 16.06.2023 at 16:13 Jaroslaw Rafa via mailop wrote:
[...]
So at least one (and important one, given the size of this mail service)
implementation of DMARC does not use the PSL.
eu.org is located in the private domain sectio
On Fri 09/Jun/2023 19:14:31 +0200 Slavko via mailop wrote:
Dňa 9. júna 2023 16:07:28 UTC používateľ Andrew C Aitchison via mailop
napísal:
I asked one of the checker websites about that and recieved the reply:
RFC6652 is a proposed standard from 2012, but was replaced by DMARC in 2015.
DMAR
On Fri 09/Jun/2023 07:37:06 +0200 Benoît Panizzon via mailop wrote:
If you don't care enough to publish a valid SPF record, why should
we think you care whether we deliver your mail?
The customer in question used an ESP to send marketing emails.
That ESP told him what host to include in his
On Fri 02/Jun/2023 02:14:50 +0200 Brandon Long via mailop wrote:
On Thu, Jun 1, 2023 at 11:20 AM Alessandro Vesely via mailop.org wrote:
On Thu 01/Jun/2023 17:45:38 +0200 Robert L Mathews wrote:
So I guess it's time to add SRS rewriting for Gmail addresses...!
The only points I see i
On Thu 01/Jun/2023 17:45:38 +0200 Robert L Mathews wrote:
So I guess it's time to add SRS rewriting for Gmail addresses...!
The only points I see in SRS are mailbox full or oversize. You ought to notify
the author that the message got lost. It is just a temporary feature, though.
But this
1 - 100 of 298 matches
Mail list logo