Re: [mailop] Mail Monitoring Service

Am 04.07.25 um 15:09 schrieb Mike Hammett via mailop: I'm aware of (but have not looked THAT deep into) EasyDMARC, MX Toolbox, and Hetrix. I'm looking for a service that I could use for MSP customers that not only monitors, but also tests the deliverability of my client's mail. I don't mean ma

Re: [mailop] Google Block My Email Images ?

Am 03.07.25 um 12:26 schrieb Emre Üst via mailop: Hello Admins, Recently, our images in the emails we send to Gmail are being blocked with the 429 - Too Many Requests error. Does Gmail have such a restriction? Or are we being blocked from where we actually host the images ? Who is reporting t

Re: [mailop] Checking existence of recipients

Am 26.06.25 um 10:33 schrieb Support 3Hound via mailop: Dear list, is it fair/correct to check the existence of a mailbox for about 30/50 mail addresses/day? This is generally frowned upon, although you may technically get away with it in most cases. When there's a chain of data collection a

Re: [mailop] iphmx.com - who owns that server (SPF fault)

Not directly related, but how do people feel about those mail-as-a-service providers who basically hide their mixed bag of legitimate and abusive customers behind anonymous names? My old-school thinking is that I want to know who I'm talking to (or rather, who's mailserver my mailserver is talki

Re: [mailop] Weird junk emails via Google Groups

Am 05.06.25 um 11:13 schrieb Paul Smith* via mailop: We're getting loads of "acknowledgement" emails from numerous legitimate helpdesk systems coming to us, from emails that we didn't send. Analyzing the headers, it appears that the helpdesks are sending automated messages to email addresses

Re: [mailop] Icewarp and "New" Outlook

Actually, port 587 is normal SMTP at first and requires STARTTLS to be encrypted, while 465 is TLS from the start :-) A while ago, there was a recommendation to prefer direct TLS (465) over port 587 and STARTTLS, I think due to some possible MITM attack, but I don't remember the details, and as

Re: [mailop] SumUp phishing at Hetzner

Am 25.04.25 um 10:20 schrieb Hetzner Blacklist via mailop: Hi Hans-Martin, Happy to take a look. Kind regards Bastiaan van den Berg Thank you, Bastiaan, highly appreciated! Cheers, Hans-Martin ___ mailop mailing list mailop@mailop.org https://lis

[mailop] SumUp phishing at Hetzner

Hi, for some days now, I'm reporting an ongoing phishing run to Hetzner abuse, without much success yet. The scammers are registering new domains (or use pre-registered ones) each day, and use Hetzner infrastructure both for spamming as well as for the landing pages. The nameless abuse people

Re: [mailop] OVH: RIPE listed abuse address sends automated reply to use form

Am 31.03.25 um 11:44 schrieb Alexandre Dangreau via mailop: Hello benoit, I'm not able to send you direct answer, your mail server seems to decline my corp mail ... We checked your 3 reports (2018, 2019, 2025). For the last one, you talk about botnet but add attachment. I hope you can underst

Re: [mailop] Strange attack - what do they want?

Am 27.03.25 um 21:55 schrieb Jaroslaw Rafa via mailop: However I wonder - and here I'm looking for your opinion - what can be a possible gain for the attacker from such an attack? The form does not have any field to enter own information that could be passed to the recipient - just login, passwor

Re: [mailop] Requesting Feedback from the community.. Compromised Email Account reporting.

Am 13.03.25 um 18:50 schrieb Michael Peddemors via mailop: ... So, assuming we see one of the above types of operators, leaking dangerous content, where the authenticating IP is on a known threat database (eg, a bullet proof hoster, or IP associated with a well known APT actor), the questions ar

Re: [mailop] Human contact at Office365?

Am 20.02.25 um 16:31 schrieb Atro Tossavainen via mailop: Are you forwarding the messages, or including full messages as attachments as their instructions say? (I think this is wholly unreasonable, but it is what they say, and I am very mildly curious as to whether it makes a difference if you do

Re: [mailop] back blowing backscatter

I usually report them via Spamcop and add their IPs and/or domain names into our local blocklist. If this causes issues with legitimate mail from them, they can use the link that we give in every SMTP error reply to contact us. I just don't have time to educate mail ops who didn't request it. C

Re: [mailop] Anyone else having troubles with MX: spool.mail.gandi.net for specific domains?

Am 06.01.25 um 09:03 schrieb Benoit Panizzon via mailop: As Gandi Support states there is no issue with that specific domain of their customer - what else could cause this issue? You're assuming a desire to fix the problem and sufficient competence to do so. I'm not sure that's the right appro

Re: [mailop] Google Workspace subdomain spam

I'm rejecting using a regular expression on the sender address, and I've also compiled a list of outgoing IP addresses which I block fully when I'm getting too fed up with it. Do I care that this might block legit mail? Not much more than Google cares about their outgoing spam... Cheers, Hans

[mailop] GMX blocking legitimate forwarded mails

It looks like GMX has upped their anti-spam measures, temp rejecting valid mails from GMX to GMX recipients delivered through a forwarder at our site. DKIM is valid as the mail wasn't modified in transfer, SPF should be ok as we're creating a SRS-wrapped SMTP MAIL FROM sender, so it shouldn't be

Re: [mailop] grossd milter

Am 15.12.24 um 19:14 schrieb Marco Moock via mailop: Hello! grossd is a milter that supports greylisting based on dnsbl. I am using it on Debian. The bug you've experienced seems to be known: https://groups.google.com/g/linux.debian.bugs.dist/c/EJi1DRhNYDs It seems like the original authors

[mailop] @Google: please refrain from snowshoeing your spam emitters

For a while, the constant stream of spam sent from google servers using sender addresses of the form [a-z]+-bnc[A-Z809]+@dom.ain was restricted to a reasonable set of IP addresses, which I've decided to block completely as there was no acceptable traffic from them. Today, however, they seem to

Re: [mailop] How much mail is spam?

Am 09.12.24 um 17:59 schrieb John Levine via mailop: I ask because I've ben looking at a paper that asserts that the number is about 50% and has been for a long time, which just seems wrong. At our small company mail server, it's about right. rspamd says 29% reject, 11% greylist, 3% each addin

Re: [mailop] Gmail not accepting the spam they sent themselves

Am 04.11.24 um 17:14 schrieb Kris Deugau via mailop: Take a closer look, and I'd bet all five of those specific messages were sent through Google Groups.  Number 2 and 3 I'm sure of as I've got spamples myself. Take a broader look and I'd bet you'll find more messages with similar sender addres

[mailop] Spam/scam from salud.pr.gov (via O365/Microsoft)

Hi folks, the government of Puerto Rico doesn't seem to be able to fix their spam sources at salud.pr.gov (an O365 tenant if I understand correctly). I've reported it to the (hopefully correct) Microsoft abuse address, but did not receive a reaction (unlike the quick and satisfactory response

Re: [mailop] Underscore in DKIM Selectorname?

Am 07.11.24 um 13:22 schrieb Fehlauer, Norbert via mailop: Hi, thanks to all answers. So it is not allowed to use underscores in DKIM selectors but even large companies are using such selectors. So what's the usual case than? Try to convince the sender of their problem or ignore the error at a

Re: [mailop] Gmail not accepting the spam they sent themselves

Am 02.11.24 um 18:45 schrieb Sebastian Nielsen via mailop: If its those pesky crap TLD’s just block the whole TLD. As you said the spammer is not sending from @gmail.com but from a own domain using gmail MX right? My blocklist is: /\.(accountant|accountants|asia|auto|berlin|bid|buzz|camera|c

[mailop] Gmail not accepting the spam they sent themselves

Hi folks, today I noticed a spam wave sent through Gmail accounts - Gmail happily pushes the spam into our users inboxes, but some of our addresses are role accounts which forward to personal Gmail accounts. So this is what we get when trying to forward such a piece: 421-4.7.28 Gmail has dete

Re: [mailop] SPF fragility vs. utility

Am 18.10.24 um 15:16 schrieb Paul Smith* via mailop: A spammer can send SPF-authenticated mail 'From: "b...@microsoft.com" ', but any spam filtering knows that it's not really from Microsoft. What they actually do is register a domain "micorsoft.com", send SPF-authenticated mail 'From: "b..

Re: [mailop] SPF fragility vs. utility

Am 17.10.24 um 19:42 schrieb L. Mark Stone via mailop: Back in May at the InboxExpo conference in Atlanta, I was told by a consultant to very large senders that they advise customers to set their DMARC to "p=quarantine" because they had been observing that Microsoft's processing of some emails

Re: [mailop] Need help with finding cause for Microsoft Error Code / IP SMTP Blocklist S3150

Am 14.10.24 um 19:00 schrieb Jaroslaw Rafa via mailop: If you don't want to use the name "spam" for the folder (which, in fact, may be also misleading for the user - as I have written several times previously, many users don't look at spam folder at all, as it clearly says "spam", so they think,

[mailop] Gmail spammer regex - may be useful if you're affected

Hi folks, for a while now I've been seeing spam mail from gmail addresses matching this firstname/lastname regex: /[a-z]{3}(anthony|brian|charles|christopher|daniel|david|donald|edward|george|james|jason|jeff|john|joseph|kenneth|kevin|mark|michael|paul|richard|robert|ronald|steven|thomas|willi

Re: [mailop] Domains discrimination

Am 11.07.24 um 21:20 schrieb John Levine via mailop: It appears that Ralph Seichter via mailop said: Personally, I don't factor the price of domains into the block/pass decisions, You should. There is a very strong correlation between cheap and bad. And there are very rational reasons for t

Re: [mailop] [E] Re: AT&T Block

Am 07.07.24 um 14:54 schrieb Alessandro Vesely via mailop: (a bit of understandable ranting) Is that anyhow related to democracy? No. But mail interoperation isn't govered by democracy. Idealized history: Initially (when there were a few dozen mailhosts), there was mutual understanding that e

Re: [mailop] Massive mail flooding from gmail

Am 05.07.24 um 09:24 schrieb Gerald Vogt via mailop: Hi, since June 28th we are flooded with thousands of emails from various gmail accounts going to one of our list addresses. We have already reported some of them at https://support.google.com/mail/contact/abuse but it didn't really helped.

Re: [mailop] salesforce phishing emails

Am 12.06.24 um 18:04 schrieb Anne P. Mitchell, Esq. via mailop: I've also always found abuse@ to be responsive there, and it's peopled by a real person, who gives real responses (at least that was the case as recently as 12/21/23. That's interesting, I've been sending lots of abuse reports to

Re: [mailop] salesforce phishing emails

Am 28.11.23 um 11:54 schrieb Mary via mailop: Dear salesforce, Please stop your clients from sending Facebook phishing emails. Sorry for digging up this old thread... I seem to have found a contact at salesforce which reads, responds and apparently reacts to reports: security -at- salesforce.

Re: [mailop] Phishing hosted by Cloudflare-ipfs.com / Abuse Handled by Sparkpostmail.com?

IPFS is a p2p file storage, so cloudflare doesn't control what content is put there, they don't even know who put it there, so it's a natural extension of their "we're not responsible, it's our customer's responsibility, but we won't tell you who that customer is" policy. I chose to reject all

Re: [mailop] [spamhaus] de-listing requests successful, but only for a couple of days.

Am 17.03.24 um 14:05 schrieb Jaroslaw Rafa via mailop: Dnia 17.03.2024 o godz. 08:30:39 Hans-Martin Mosner via mailop pisze: does IPv6 (not exclusively though), and I've been trying to usher in the future by setting up at least dual stack on my home DSL connection (that at least works now

Re: [mailop] [spamhaus] de-listing requests successful, but only for a couple of days.

Am 17.03.24 um 04:23 schrieb Jarland Donnell via mailop: I'm gonna be "that guy" though for a minute. If there are any IPv6 only mail servers, they are hobbyists trying to prove a point. There are a ton of IPv4 only mail servers. In short, there is no benefit to sending mail over IPv6 beyond th

Re: [mailop] [spamhaus] de-listing requests successful, but only for a couple of days.

Am 15.03.24 um 09:11 schrieb Alexandre Dangreau via mailop: Hello, In fact, if you need a /64 IPv6 range you probably use the wrong service. For VPS and Public Cloud instances (PCI) the IPv6 range is shared with all the VM, so each VM (VPS or PCI) have one single IPv4 (/32) and one single IPv6

Re: [mailop] Filter out emoji from email adresses

Am 04.03.24 um 22:40 schrieb Sebastian Nielsen via mailop: Anyone that have a general algoritm to filter out emoji from sender addresses? It's possible that the problem isn't specific to emojis but to any unicode code point in the supplementary planes (code point values above U+). Applicat

Re: [mailop] One click unsubscribe in mailing list messages

Am 25.02.24 um 04:10 schrieb Philip Paeps via mailop: It's actually encouraging to see the web-MUAs driving improvement in this space.  Parsing List-Unsubscribe: to present a button feels like a very obvious thing to do.  It's surprising how few traditional MUAs have ever done that. Yes. I'm

Re: [mailop] One click unsubscribe in mailing list messages

Am 24.02.24 um 00:12 schrieb Mark Fletcher via mailop: On Fri, Feb 23, 2024 at 3:09 PM Jay Hennigan via mailop wrote: There are many systems that scan links in email and falsely unsubscribe. I'd make it two-click. When clicked, have it go to a page that says: You are about to uns

Re: [mailop] Outgoing Spam from Microsoft IPs

Am 16.02.24 um 03:37 schrieb Matt Palmer via mailop: Although I must say that without reverse DNS would seem to be the easier blocking option -- when was the last time you saw legitimate mail from an IP without rDNS? - Matt We do that, with some exceptions, as we indeed get some legitimate

[mailop] Outgoing Spam from Microsoft IPs

We've been seeing runs of spam mails from Microsoft IP addresses without reverse DNS (possibly cloud servers). One is sending with addresses , starting on February 8. The other (same or different spammer?) uses and started just yesterday. Have others seen these? Is there some way to identify

Re: [mailop] problem setting up open-dmarc

Am 09.02.24 um 16:20 schrieb Gellner, Oliver via mailop: A not really serious reply: I'm interested to learn how I can get amused by looking at XML data, this would greatly improve my professional life. Until now I have been more in the state of wanting to jump out the window when I see DMARC re

Re: [mailop] Ooops - sorry

Am 02.02.24 um 04:03 schrieb Lou Katz via mailop: Wound up way back in my archive and responded to an old, dead issue. If only the issue were as dead as it is old... SPF is a PITA that stays. :-) Hans-Martin ___ mailop mailing list mailop@mailop.or

Re: [mailop] Extortion spam from OVH-hosted *.sbs domains

Am 26.01.24 um 09:42 schrieb Simon Bressier via mailop: Hi all, FYI Hans-Martin, I reached out to ovh team yesterday night to push your message, seems your abuse report has been processed by the proper team. No idea if they answered you, but at least, they have handled the report, and probably

Re: [mailop] Extortion spam from OVH-hosted *.sbs domains

Am 26.01.24 um 09:42 schrieb Simon Bressier via mailop: Hi all, FYI Hans-Martin, I reached out to ovh team yesterday night to push your message, seems your abuse report has been processed by the proper team. No idea if they answered you, but at least, they have handled the report, and probabl

[mailop] Extortion spam from OVH-hosted *.sbs domains

Tonight we received a huge wave of extortion spams from OVH hosted domains trying to get bitcoin payments. The senders claim that recipients watched child porn. This is the final straw for me to add a rule to reject all mail traffic from OVH until the sender is whitelisted. OVH is completely un

Re: [mailop] Anyone else noticing an increase in spam from Office365 distribution lists?

Am 17.01.24 um 15:35 schrieb Hans-Martin Mosner via mailop: Am 17.01.24 um 15:20 schrieb Paul Menzel via mailop: With this in mind, did somebody compile a block list yet? Or should I just create a whitelist? A block list does not make sense, as new domains are added continuously. It's

Re: [mailop] Anyone else noticing an increase in spam from Office365 distribution lists?

Am 17.01.24 um 15:20 schrieb Paul Menzel via mailop: With this in mind, did somebody compile a block list yet? Or should I just create a whitelist? A block list does not make sense, as new domains are added continuously. It's just too simple. I've had good experience with a whitelist, but tha

Re: [mailop] Samsung and SIZE

Am 15.01.24 um 07:54 schrieb Sebastian Nielsen via mailop: That header is supposed to be attached by the originating MUA, and I don't *think* transit MTAs are permitted to rewrite it... Problem is, that when MUA or first MTA has a incorrect date set, the email comes like last in inbox... hav

Re: [mailop] Incoming spam from outlook.com

Am 15.12.23 um 14:49 schrieb L. Mark Stone via mailop: We too are seeing high volumes of such email. Historically, we have avoided deploying greylisting*, but are curious if greylisting would block these emails? Could anyone who is doing greylisting comment on whether these garbage emails are

Re: [mailop] salesforce phishing emails

Am 28.11.23 um 11:54 schrieb Mary via mailop: Dear salesforce, Please stop your clients from sending Facebook phishing emails. I've been asking them something like that by way of abuse reports since end of September, to no avail. They don't seem to care. Sadly, they host legitimate customer

Re: [mailop] Success MiTM attack

Am 22.10.23 um 12:23 schrieb Paul Menzel via mailop: It was interesting and surprising to me, as the common perception is, that SSL certificates protect against MiTM attacks as it should provide authenticity. The weak point of SSL certificates is that clients are willing to accept new certs fo

Re: [mailop] belgacom.be / skynet.be - massing phishing

Am 13.10.23 um 18:30 schrieb Mary via mailop: Hello everyone, Anyone from belgacom.be notice massive amounts of phishing with/from skynet.be addresses? I've tried to report them without success. Posted on spamcop.net in case anyone would notice, again without success. No, they don't notice,

[mailop] Noticeable increase of spam emanating from Colocrossing?

Hi, does anybody else see a noticeable increase of spam from Colocrossing hosted IPs? I don't have hard data but my gut feeling is that the number of attempts have increased by a significant amount during the few weeks. Cheers, Hans-Martin ___ mailop

Re: [mailop] spamhaus false positive ?

Am 19.08.23 um 10:43 schrieb Pascal HOARAU via mailop: Hello, Since this night (French time) a lot of companies are blacklisted by spamhaus, mostly transactional IPs. Do you have the same issue and any info ? Regards, Pascal The spamhaus rejections that I see look all justified. Maybe you

Re: [mailop] Guide for setting up a mail server ?

Has anyone on this list tried forwarding (e.g. for ex-employees) via attachment? The original message would be kept intact, while the outer message clearly originates with the forwarding agent who may even add a human readable reminder to the addressee to let the sender know about the changed a

[mailop] SPF +all considered harmful

Most likely none of you would consider adding +all to an SPF record a smart move, here's another reason why you shouldn't do it: Google cloud services are being used to spam (ongoing for a long time, Google doesn't seem to care). What I noticed today is that the spammer is using domains with S

Re: [mailop] SendGrid is deleting your mail

Am 22.06.23 um 06:52 schrieb Matt Harris via mailop: On Wed, Jun 21, 2023 at 6:11 PM Sebastian Nielsen via mailop wrote: >>The RFC forbids doing that, and I argued against it The RFC and reality is two different things. If a client don't want to retry, I think they are free to cho

Re: [mailop] Strange mail delivery from microsoft

Am 19.06.23 um 06:36 schrieb Klaus Ethgen via mailop: I have some update.. Greylisting was not the problem I had/have with microsoft. Your original mail sounded a little different. However, upon re-reading it is possible that you activated greylisting in response to the previous perceived attac

Re: [mailop] Strange mail delivery from microsoft

Am 18.06.23 um 18:53 schrieb Klaus Ethgen via mailop: Hi, I have tighten my firewall a bit and seen many attacks from Microsoft (40.92.0.0/16). Attacks or mail delivery attempts? They contact once from a IP and then never again. If I greylist them, the will try to deliver from a different addr

Re: [mailop] Port 25 Pingback?

Am 16.06.23 um 20:02 schrieb Benny Pedersen via mailop: Mike Hillyer via mailop skrev den 2023-06-16 19:48: Sources or hosts? I don’t expect a given host to answer on port 25 just because it sends, but the domain in the return path should be accepting mail properly. If they can’t be bothered to

Re: [mailop] Port 25 Pingback?

Am 16.06.23 um 19:37 schrieb John Possidente via mailop: A sender of legally mandated bulk mail who are very conscious of making sure they're dotting every i and crossing every t (because they're required to) asked me today whether port 25 pingback is still necessary. I immediately thought, "Of

Re: [mailop] Transparency is key... Here is a perfect example.. M3AAWG is coming.. time to take a st

Am 31.05.23 um 01:18 schrieb Sebastian Nielsen via mailop: I don't agree with your stance. Hiding whois details doesn't mean you hiding your identity. Normally, this type of privacy is also used when you want to hide the actual person that is responsible for, lets say paying the domains. Still

[mailop] Someone from nifty.com / sion.ne.jp an this list?

There's been an ongoing phishing wave originating from nifty.com. I (and most likely others) have sent abuse reports, but the root of the problem apparently hasn't been found and fixed. Would you please see that this phishing stops? If you contact me off-list, I will provide you with the addresse

Re: [mailop] Microsoft Office365 not rejecting emails when instructed so by SPF recored?

Am 25.05.23 um 07:33 schrieb Slavko via mailop: I am confused now as in RFC 7505 sect. 4.2 one can read: Null MX is primarily intended for domains that do not send or receive any mail... And: ...mail systems SHOULD NOT publish a null MX record for domains that they use in R

Re: [mailop] SMTP disconnect… (Was: Hosteurope contact?)

Am 07.05.23 um 00:12 schrieb Thomas Walter via mailop: Turns out mx-out-02:~$ nc mx0.webpack.hosteurope.de 25 220 mx0.webpack.hosteurope.de ESMTP (mi005.mc1.hosteurope.de) (even more power) Sun, 07 May 2023 00:03:13 +0200 ehlo mx-out-02.fh-muenster.de 550-REJECT: 212.201.120.206 is in csi.cloud

Re: [mailop] Yahoo: SOA record per subdomain required?!

Am 06.05.23 um 18:44 schrieb Christian Seitz via mailop: Hello, ... I already tried to contact Yahoo before sending this email to the list and they acknowledged the issue "You are correct, we are indeed looking for an SOA for each individual subdomain if you're going to use it in the SMTP (

Re: [mailop] ab...@microsoft.com => Mailbox full

Am 20.04.23 um 21:25 schrieb Jarland Donnell via mailop: The age old problem: Hire a bunch of people to read it that aren't skilled enough to do anything about it, or hire people who are skilled to handle it but don't have the time or manpower to read it all. There's a third option: Handle mos

Re: [mailop] linodeusercontent.com/googleusercontent.com, I'm so done with you

Am 08.04.23 um 06:17 schrieb Jarland Donnell via mailop: To be clear they have an amazing abuse team, easily the first people I would hit up if I were hiring in that area. Just top notch admins. If they are top notch but have their hands tied they are essentially worthless to me. They could just

Re: [mailop] linodeusercontent.com/googleusercontent.com, I'm so done with you

Am 04.04.23 um 23:02 schrieb Brandon Long via mailop: Google Cloud, which I assume is what googleusercontent.com is from this, is only unblocked for smtp for supposedly good customers... though I think they are allowed to connect to the Workspace relays (but then I

[mailop] linodeusercontent.com/googleusercontent.com, I'm so done with you

Those two cloud providers are currently providing 99% of the incoming spam at one site. googleusercontent.com sends a never-ending flood of DHL phishing mails. linodeusercontent.com sends unsolicited ad crap using a domain "klwinkel.app". Time for large scale IP range blocking, I really can't

Re: [mailop] sender domain reputation

Am 28.03.23 um 14:19 schrieb John Levine via mailop: It appears that Dan Malm via mailop said: And then we have freenom, still giving away .tk, .ml, .ga, .cf and .gq domains for free... I don't block those TLDs, but they spew out enough spam that they go directly to the spam folder. Not any mo

Re: [mailop] How to address Microsoft if spaming Office365 customers cause collateral damage for other Office365 customers sharing the same IP?

Am 30.03.23 um 18:11 schrieb Francois Petillon via mailop: On 3/30/23 16:37, Benoit Panizzon via mailop wrote: Unfortunately, this massively affects other Office365 customers. But they complaint because we (operating the SWINOG blacklist) block them, they don't complaint to Microsoft for being t

[mailop] Sendgrid abuse forwarding to Google - not one of your brightest ideas

I tried to report a phishing spam to Sendgrid, and look what I got: - The following addresses had permanent fatal errors - (reason: 552-5.7.0 This message was blocked because its content presents a potential) - Transcript of session follows - ... while talking to aspm

[mailop] Human contact at Proximus/Belgacom?

Hello, abuse reporting to Proximus/Belgacom is made as inconvenient as possible by * Not accepting e-mail reports (automatic reply points to abuse submission form) * Telephone number as required field on the submission form (I absolutely don't want to be contacted by phone regarding abuse

Re: [mailop] SPF and DMARC Passed Phishing Spam from Oracle.com

Am 23.02.23 um 05:30 schrieb Peter Beckman via mailop: It seems that if you are able to get a server in oraclecloud.com, you can send SPF- and DMARC-passing spam to be sent by Oracle.com, which includes a phishing URL attempt. Actually, sending SPF- and DMARC-passing spam is possible from about

Re: [mailop] How to get Google to set a null MX for gmail.co ?

Am 16.02.23 um 17:57 schrieb Tom Perrine via mailop: The subject says it all. We’ve got users (who doesn’t?) who fat-finger gmail.com to gmail.co – apparently A LOT. The domain gmail.co seems to be an anti-squat domain, and on HTTP it throws a 404 – as expected. (Although they could have red

Re: [mailop] Hetzner

Am 08.02.23 um 02:44 schrieb Michael Peddemors via mailop: On 2023-02-07 14:00, Hans-Martin Mosner via mailop wrote: Another thing is that it should go absolutely without question that as the hoster will not divulge the identity of their customers to abuse reporters, Okay, going to start a

Re: [mailop] Hetzner

Am 07.02.23 um 13:31 schrieb Ralph Seichter via mailop: When a third party X complains that Hetzner customer Y is a spammer, I consider it only appropriate that Hetzner passes the complaint along and asks Y for a statement, and does not simply impose restrictions on Y based on X's say-so. Ther

Re: [mailop] Simple mailing list expander program for aliases files?

I've written something like that a while ago. It's in Rust, it's probably too specialized and restricted for general use, but it does mostly what you describe (in addition, it keeps sender addresses secret becaue I've encountered too many cases of hacked e-mail accounts where address books have

Re: [mailop] Anyone know about this list washing organization from yesterday?

Am 08.12.22 um 17:25 schrieb Michael Peddemors via mailop: The IP(s) are geo-located as Romania, but the IPs are registered to Dutch and UK companies.. All the domains are tossing a cloudflare unknown error.. Digital Virtualisation Solutions London, 5.157.216.0/22 GMG Amsterdam Infrastructure,

Re: [mailop] off-topic? useless Subject tags

Am 27.11.22 um 17:19 schrieb ml+mailop--- via mailop: Hmm, so something "tagged" the previous mail as [Marketing Email] Subject: Re: [mailop] [Marketing Email] t-online.de Seems to be really bogus to me IMHO it would be nice if those (misleading) "tags" could be removed before replying, s

Re: [mailop] Partial issues forwarding mails to gmail.com

Am 24.11.22 um 17:20 schrieb Martin Flygenring via mailop: ... [Google says] Our system has detected an unusual rate of unsolicited mail originating from your IP address. ... Now, the interesting part is that for almost 98% of the mails currently in queue, Google is the original sender of the e

Re: [mailop] Massive bounce report campaign

24. November 2022 08:48, "Cyril - ImprovMX via mailop" mailto:mailop@mailop.org?to=%22Cyril%20-%20ImprovMX%20via%20mailop%22%20)> schrieb: I'd love to be able to drop them, but the situation is made in a way that we can not do anything: That user configured their bounce domain to pass thr

Re: [mailop] Things to do on a Sunday, when there is an atmospheric river.. Investigate 'code200 UAB'

They are validating addresses using incomplete SMTP dialogs. Either nullroute or block at the MAIL FROM stage, so they don't even get to check whether RCPT TO would be accepted. Cheers, Hans-Martin Am 30. Oktober 2022 23:23:51 schrieb Michael Peddemors via mailop : Can anyone give insight

Re: [mailop] How do I break Gmail forwarding?

"multiple people" - 3..5, or 60..100? If it's not too many who could have done it, ask them, have them fess up, and let the one who did it repair it. Otherwise, blocking the gmail address on mail ingress is probably the simplest solution. Cheers, Hans-Martin Am 24. Oktober 2022 15:16:30 sc

Re: [mailop] T-Online is now really blocking messages from non-commercial and simliar senders

Am 19.10.22 um 13:33 schrieb Heiko Schlittermann via mailop: 554 IP=168.119.159.241 - A problem occurred. … The sending IP belongs to a rented host (rented from a major German hoster). @mailops: What's your opinion? I consider this unacceptable (at least when they don't offer a whitelistin

Re: [mailop] Massive Spam Incident @ Outlook.com?

Am 10.10.22 um 15:25 schrieb Benoît Panizzon via mailop: Hi Team Anyone else observing an absurd increase of 'erotica' related spam mails, most probably sent over phished Outlook.com accounts over the last couple of days? On the account most affected by this, the wave seems to have stopped ar

Re: [mailop] Threat Update.. Tales from the Trenches..

Am 05.10.22 um 19:13 schrieb Michael Peddemors via mailop: PS, don't know what o365 is doing, but a marked reduction in uncaught spam leaking from their networks.. Really? I'm seeing a constant stream of fake dating spam from apparently compromised O365 accounts, with no end in sight. Many

Re: [mailop] Gmail as well as Google Worskapce refuse all email from my domain

Am 02.10.22 um 13:56 schrieb Arek Patyk via mailop: what is strange i have on this microsoft tenant another domain with .digital suffix - and all mails from this domain are delivered to gmail without any problems. That might be an indication that the .pl TLD is at least part of the problem. The

Re: [mailop] Gmail as well as Google Worskapce refuse all email from my domain

Am 02.10.22 um 12:44 schrieb Arek Patyk via mailop: We have had MFA authentication on all accounts for years and we checked all logs from email activity from last month. Compromising an account is almost impossible. I must be something else. It's not about you, it's about other Office365 custom

Re: [mailop] Gmail as well as Google Worskapce refuse all email from my domain

There probably wasn't suspicious activity from your domain, but there has been a significant wave of fake dating spam sent via presumably compromised Office365 accounts. I've noticed such waves a number of times in the past, but haven't been able to get information about the root cause for such

Re: [mailop] Microsoft 365 send spam via high-risk delivery pool (instead of block it)

Am 29.09.22 um 08:19 schrieb Alessio Cecchi via mailop: I think it is not a correct behavior, if you can identify a message as unwanted why do you have to send it anyway? Often such identification isn't 100% certain (in fact, no spam/ham distinction can ever be 100% correct). Of course, if

Re: [mailop] mta4.de

Am 16.09.22 um 15:24 schrieb ask--- via mailop: JFYI. new spam player from azure IP space calling themself "mta4.de" sending lottery spam. first appearing in our logs yesterday. currently not yet listed at spamhaus. Saw them too today. They were temp rejected because that's how we treat domai

Re: [mailop] The oligopoly has won.

Am 13.09.22 um 07:57 schrieb Eduardo Diaz Comellas via mailop: I agree with the general sense that GMail is misbehaving at spam management, both incoming and outgoing processing is flawed (in my opinion). I will just talk from the gmail's customer side: a customer of mine moved to gmail. They

Re: [mailop] The oligopoly has won.

Am 12.09.22 um 22:29 schrieb Grant Taylor via mailop: On 9/12/22 2:01 PM, Slavko via mailop wrote: Thus it was not self-hosted, only (semi) self-managed ;-) I don't agree. If you use that mentality, nobody, not even Google, self hosts as they get their facilities -> connectivity -> domain ->

Re: [mailop] does outbound.protection.outlook.com ignore 550 for RCPT?

I'd guess that myprasarana.onmicrosoft.com is compromised (or has compromised accounts). I've seen this name before, reported the spam, and put it on our reject list. Don't know whether Microsoft failed to forward the spam report, or the tenant's admins are simply incompetent. Cheers, Hans-Mar

Re: [mailop] SMTP noise from *.bouncer.cloud

Am 04.09.22 um 21:49 schrieb Radek Kaczynski via mailop: > Those few domains with small traffic are: > - bringmesomejuice.com > - iusedtolikeit.com > - sometimeinthepast.com > - mybigfluffyfriend.com

Re: [mailop] State of the Union - Update due to activity..

Am 30.08.22 um 22:49 schrieb Michael Peddemors via mailop: On 2022-08-30 13:33, Hans-Martin Mosner via mailop wrote: I just checked a few samples, really can't be bothered to do it for all of them. NameCheap (registrar-servers.com) DNS all over the place (in fact didn't find on

  1   2   3   >