Hi Gang
Lately I came across various oddities with Amazone SES.
About a year ago, envelope sender @eu-west-1.amazonses.com was known to
send exclusively spam and thus on the personal blocklist of many of our
customers.
Now it looks like some big legitimate companies, like the major food
delivery
If anyone from DHL reads here you should contact your DNS admins and
notify them that your DNS is quite borked due to DNSSec/NSEC3 issues.
Although dhl.com (and possibly other dhl domains) have A and MX in
their zone, the NSEC3 bitmap specifies that those records do **not**
exist. This makes sendi
Benoit schrieb:
> About a year ago, envelope sender @eu-west-1.amazonses.com was known to
> send exclusively spam and thus on the personal blocklist of many of our
> customers.
Which other major ESPs do you block in their entirety? Asking for a
friend.
> Now it looks like some big legitimate com
Am 13.12.2024 um 10:54:17 Uhr schrieb Tobi via mailop:
> If anyone from DHL reads here you should contact your DNS admins and
> notify them that your DNS is quite borked due to DNSSec/NSEC3 issues.
Have you tried to contact netmas...@dhl.com, which is listed in the DNS?
--
Gruß
Marco
__
For a while, the constant stream of spam sent from google servers using sender addresses of the form
[a-z]+-bnc[A-Z809]+@dom.ain was restricted to a reasonable set of IP addresses, which I've decided to block completely
as there was no acceptable traffic from them.
Today, however, they seem to
Isn't this the company that once had a motto that inspired...
"Don't be evil"
On Friday, 13/12/2024 at 13:10 Hans-Martin Mosner via mailop wrote:
For a while, the constant stream of spam sent from google servers
using sender addresses of the form [a-z]+-bnc[A-Z809]+@dom.ain was
restricted t
Interesting! I'm surprised they forward email that fails SPF at all. Is that
mostly a legacy thing? You don't see much legitimate email that fails SPF
nowadays.
Groetjes,
Louis
On Friday, December 13, 2024 10:01 PM, Mark Alley via mailop
wrote:
> Based on what I'm seeing in those headers, SR
Sorry if I missed part of the discussion, but now they're circumventing
the SRS headers and Microsoft is straight up spoofing PayPal envelope
senders. First catch of this for me was today. Here's a look:
https://mxbin.io/89sXAc
The logs showing the envelope sender quite clearly as well:
2024-
Based on what I'm seeing in those headers, SRS did not happen because it
did not satisfy the conditions to have it apply.
SRS will only apply if SPF passed authentication at the time Exchange
Online (EXO) received it. If it failed SPF auth, EXO won't rewrite the
RFC5321.mailfrom to preserve th
For my fellow exim users:
https://github.com/mxroute/da_server_updates/commit/953e4f3f4384010dbd0691a776a166675f17f0ed
One more path closed for the phishing crew.
On 2024-12-13 14:36, Jarland Donnell via mailop wrote:
Sorry if I missed part of the discussion, but now they're circumventing
the
In a very disappointing move
https://gizmodo.com/google-removes-nearly-all-mentions-of-dont-be-evil-from-1826153393
On 14/12/24 06:28, Scott Q. via mailop wrote:
Isn't this the company that once had a motto that inspired... "Don't
be evil"
On Friday, 13/12/2024 at 13:10 Hans-Martin Mosner
The changes to EXO on SRS were relatively recent, back in 2021.
https://learn.microsoft.com/en-us/exchange/reference/sender-rewriting-scheme
- Mark Alley
On 12/13/2024 3:34 PM, Louis via mailop wrote:
Interesting! I'm surprised they forward email that fails SPF at all.
Is that mostly a leg
https://dnsviz.net/d/dhl.com/dnssec/ I have found to be helpful as a resource
to give companies actionable information regarding their DNSSEC remediation
needs.
Regards,
Mark
--
_
L. Mark Stone, Founder
North America's Leading
Google SafeBrowsing seems to think that *.mailchannels.net is a dangerous
website. It kind of makes sense, since this is where customers log in to
search logs and interact with message quarantines that may contain actual
harmful content.
But it’s definitely a misclassification. I’ve submitted the
14 matches
Mail list logo
