Re: [mailop] help with running a listserv and DMARC

On 2015-02-12 23:33, Michael Wise wrote: Or better yet, strip the DKIM record and resign it with your own key. Bottom line, end of the matter is, your list, your responsibility. The traffic needs to be seen as coming from you, but with enough details to identify the original author for auditin

Re: [mailop] help with running a listserv and DMARC

That is what the RFC822 Sender header is for. The fact that DMARC bases it’s “validation” on the From header instead of the Sender header is a flaw in DMARC and why DMARC shouldn’t be used until this is fixed. The RFC4407 Purported Responsible Address rules are correct and should be used, and

Re: [mailop] help with running a listserv and DMARC

On Feb 12, 2015, at 9:31 PM, Dave Warren wrote: > On 2015-02-12 16:35, Michael Orlitzky wrote: >> On 02/12/2015 01:26 PM, Michael Wise wrote: >>> You need to rewrite the From: Header. >>> >> To elaborate: if you send a message claiming to be From: u...@aol.com, >> it's going to be rejected by a

Re: [mailop] help with running a listserv and DMARC

On Fri, Feb 13, 2015 at 7:46 AM, Steve Atkins wrote: >> Such is life. Personally, I have no problem mangling or blocking messages >> from users using a domain with a restrictive DMARC policy as needed. > > Mangling encourages bad behaviour. Blocking discourages it. Blocking, aka rejecting parti

Re: [mailop] help with running a listserv and DMARC

Hi, > Blocking, aka rejecting participation from legitimate users because of > their domain, might be easy for hobbyists to stomach, but is not > always the best path for an existing group or enterprise. It leaves > the affected end users feeling hurt and caught in the middle in a > scenario they

Re: [mailop] help with running a listserv and DMARC

On Feb 13, 2015, at 8:13 AM, Al Iverson wrote: > On Fri, Feb 13, 2015 at 7:46 AM, Steve Atkins wrote: > >>> Such is life. Personally, I have no problem mangling or blocking messages >>> from users using a domain with a restrictive DMARC policy as needed. >> >> Mangling encourages bad behavio

Re: [mailop] help with running a listserv and DMARC

/golf_clap ☺ Especially the bit about, “nearly useless”. It is distressing that almost everyone pays more attention to how the sender describes themselves in a comment than the easily forge-able 822 From: address, and the trivially spoofable 821 MAIL FROM address, and that all of this traffic s

Re: [mailop] help with running a listserv and DMARC

On Feb 13, 2015, at 11:53 AM, Brandon Long wrote: > > > On Fri, Feb 13, 2015 at 10:51 AM, Steve Atkins wrote: > >> >> Sometimes your requirements mean that you have to encourage >> bad behaviour. But it's good to be clear that that's what you're doing, >> and that you're making discussion l

Re: [mailop] help with running a listserv and DMARC

On Feb 13, 2015, at 12:48 PM, Brandon Long wrote: > On Fri, Feb 13, 2015 at 12:33 PM, Steve Atkins wrote: > >> >> Sure. DMARC protects a field that most people don't care about or, in some >> cases even see. I'm not surprised that it's nearly useless to the majority >> of users in preventin

Re: [mailop] help with running a listserv and DMARC

Being able to render a judgment on the validity of the 822 From is too far away from the real question, and gets back to my point about a whole stack approach. The issue isn't the 822 From, or even the 821 MAIL FROM, but ... did this email come from whom the classical "Elderly Parents Reading E

Re: [mailop] help with running a listserv and DMARC

DMARC is just the shiny top of the iceberg, that gets people motivated to do something. then you learn more, and then it is just a ploy to add more domain authentication to emails (SPF/DKIM/TLS), because there is a benefit to do so (get the DMARC reports) and it helps find infrastructure that c

[mailop] AOL SCOMP messages

Thank you to everyone that provided ideas on how I should deal with aol, yahoo and such with my listserv. I've modified my software to do some header munging and I'll see how that works. I'm still confused though on how I'm supposed to deal with SCOMP messages from AOL. Since I'm on and ne

Re: [mailop] AOL SCOMP messages

They are in response to someone with an AOL mailbox clicking on an email sent from your IP and then on the, "Report Spam" button. You should look at the traffic and either ... ignore it if it's a one-off, block the sender, or unsub the recipient. It's a bit of a time figuring out which is the be

Re: [mailop] help with running a listserv and DMARC

It's a part of the jigsaw puzzle, surely. But to make the pretty picture, many pieces are required, and at the end of the day, all the pieces must lock together. Aloha, Michael. -- Michael J Wise | Microsoft | Spam Analysis | "Your Spam Specimen Has Been Processed." | Got the Junk Mail Reportin

Re: [mailop] AOL SCOMP messages

On 2/13/15 14:11, Geoff Mulligan wrote: > Thank you to everyone that provided ideas on how I should deal with aol, > yahoo and such with my listserv. > > I've modified my software to do some header munging and I'll see how > that works. > > I'm still confused though on how I'm supposed to deal wi

Re: [mailop] AOL SCOMP messages

On Fri, Feb 13, 2015 at 02:39:36PM -0800, Jay Hennigan wrote: > On 2/13/15 14:11, Geoff Mulligan wrote: > > Thank you to everyone that provided ideas on how I should deal with aol, > > yahoo and such with my listserv. > > > > I've modified my software to do some header munging and I'll see how > >

Re: [mailop] AOL SCOMP messages

On Feb 13, 2015, at 3:03 PM, Mike A wrote: > On Fri, Feb 13, 2015 at 02:39:36PM -0800, Jay Hennigan wrote: >> On 2/13/15 14:11, Geoff Mulligan wrote: >>> Thank you to everyone that provided ideas on how I should deal with aol, >>> yahoo and such with my listserv. >>> >>> I've modified my softwa

Re: [mailop] help with running a listserv and DMARC

On 15-02-13 02:08 PM, Franck Martin wrote: DMARC is just the shiny top of the iceberg, that gets people motivated to do something. then you learn more, and then it is just a ploy to add more domain authentication to emails (SPF/DKIM/TLS), because there is a benefit to do so (get the DMARC rep

Re: [mailop] AOL SCOMP messages

There might be some of that. However, I have seen conversations. (Nested RE:'s) come back in our feedback loop. And I have thought MANY times that some of these people simple use the "Report as spam" vs "delete". Maybe it removes them faster? I have never used AOL but maybe they need to work o

Re: [mailop] AOL SCOMP messages

Great story, we did email for a local school district. Little Johnny would come home from school and check email first so that he could mark his teacher's disciplinary messages as spam before Mom and Dad and came home. We would just forward off the reports to the Sys Admin to deal with, the a

Re: [mailop] AOL SCOMP messages

I have been told but have not verified that if the AOL user leaves the email in spam box and then empties the spam box without moving good email into the normal inbox, then all email in the spam box is thus treated as SPAM and reported as such. This actually explains those situation where we

Re: [mailop] AOL SCOMP messages

On 2015-02-13 15:26, Franck Martin wrote: On Feb 13, 2015, at 3:03 PM, Mike A > wrote: On Fri, Feb 13, 2015 at 02:39:36PM -0800, Jay Hennigan wrote: On 2/13/15 14:11, Geoff Mulligan wrote: Thank you to everyone that provided ideas on how I should deal with aol, y

Re: [mailop] AOL SCOMP messages

On the other hand, when I've had actual compromised accounts that start spamming, AOL's SCOMPs have always been the first external report, so I actually find them quite useful. Only once did they notice a problem before I did (or my systems) found and plugged the hole, but still, it's nice to

Re: [mailop] AOL SCOMP messages

Exactly. We only really take AOL SCOMP reports at face value when there is a cluster of them; enough to lift the complaint above the noise down I the dust. It's very noisy, but has a tendency to be a canary in the coal mine to be sure. Aloha, Michael. -- Michael J Wise | Microsoft | Spam Analy

Re: [mailop] AOL SCOMP messages

This is were I wish there was some standardization of bounce messages. If email server operators could receive reports of X number of bounces reliably it may cut down on the number of compromised accounts considerably, by scripting some sort of shutdown of the account. At the current state it

Re: [mailop] AOL SCOMP messages

> 2) emphasize how easy it is to unsubscribe, also at the TOP of the email. I agree that people who sign up for a mailing list should unsubscribe when they change their mind, but there are a lot of senders who add people to lists without asking or even mentioning that the list exists. > 1) e

Re: [mailop] AOL SCOMP messages

Yes, and we call people who add other people to lists without their explicit permission, "Spammers". :) How you acquire permission, or better yet prove it after the fact ... questions for another day. Aloha, Michael. -- Michael J Wise | Microsoft | Spam Analysis | "Your Spam Specimen Has Been

Re: [mailop] AOL SCOMP messages

>> 2) emphasize how easy it is to unsubscribe, also at the TOP of the email. > > I agree that people who sign up for a mailing list should unsubscribe when > they change their mind, but there are a lot of senders who add people to > lists without asking or even mentioning that the list exists.