Am 02.02.24 um 16:08 schrieb Mark E. Jeftovic via mailop:
We're having a bit of a theological debate internally on whether to
implement DMARC on our SRS forwarder domains.
On 02.02.24 16:26, Kai Bojens via mailop wrote:
Skip SRS and implement ARC for forwarded e-mails. This should solve
all th
ed e-mails. This should solve
> all these problems.
On Sun, 2024-02-04 at 16:02 +0100, Matus UHLAR - fantomas via mailop wrote:
Does anyone blindly trust ARC signatures from random domains?
On 05.02.24 01:27, Byunghee HWANG (황병희) via mailop wrote:
They(DKIM/ARC) are not distinguishing wh
e
all these problems.
It appears that Matus UHLAR - fantomas via mailop said:
Does anyone blindly trust ARC signatures from random domains?
On 04.02.24 12:08, John Levine via mailop wrote:
No, but we don't blindly trust an SPF pass (SRS or otherwise) either.
we don't, but we can
Dňa 7. 2. o 7:29 Odhiambo Washington via mailop napísal(a):
> I have my local instance of unbound resolver.
On Wed, Feb 7, 2024 at 11:32 AM Slavko via mailop wrote:
It can be not enough. Some time ago i noticed, taht my ISP intercepts
(and redirects) all my DNS requests. Check carefully...
On 08.02.24 05:48, John Covici via mailop wrote:
I have sendmail set up for dkim, I don't see anywhere where you need
anything for dmarc. Right now the opendmarc.conf is just what comes
when you install.
DMARC on domain means setting DNS record in it.
In addition to SPF and DKIM provides reci
On 2024-02-08, Archange via mailop wrote:
[...]
No, I agree with you (I’m running two forwarders that have no issues so
far). And having a DMARC enforcing policy without DKIM is a bad idea.
I would have wished that DMARC would require both SPF and DKIM, but now
it is too late for that. Hopefull
On 08.02.24 21:51, Archange via mailop wrote:
Sorry if I wasn’t clear, I did not meant alignment when I wrote “require”.
Just that they are implemented and passing.
But indeed I am not sure of the value in SPF passing without alignment
though (in a context of DMARC and DKIM working — outside
On 02.02.24 16:26, Kai Bojens via mailop wrote:
Skip SRS and implement ARC for forwarded e-mails. This should
solve all these problems.
On 2024-02-04 23:02:31 (+0800), Matus UHLAR - fantomas via mailop wrote:
Does anyone blindly trust ARC signatures from random domains?
I find it a huge
Matus UHLAR - fantomas via mailop skrev den 2024-02-13 16:00:
I still think implementing SPF and SRS gives more value than ARC.
On 13.02.24 16:17, Benny Pedersen via mailop wrote:
oh dear, if you really need both spf and srs, your problem is more
deep then linux
OP stated they already do
On 05.02.24 14:56, Stefano Bagnara via mailop wrote:
we are a small ESP and every email sent from our system has SPF+DKIM
authentication from our system and most email also have a second DKIM
signature (one signature with our domain, one with the domain of the
sender).
is bago.org that domain?
On Tue, 13 Feb 2024 at 18:09, Matus UHLAR - fantomas
wrote:
- it has some redundant SPF records:
On 13.02.24 18:26, Stefano Bagnara via mailop wrote:
I'm not aware of issues with redundant SPF records, as long as I stay in
the 10 lookup: what are you talking about?
exactly this, I just have
On Sun, Mar 03, 2024 at 05:23:22PM +, Gareth Evans via mailop wrote:
(Error NOERROR looking up 23.24.6.165 PTR,Error Error NXDOMAIN
looking up 23-24-6-165-static.hfc.comcastbusiness.net. A looking up
23-24-6-165-static.hfc.comcastbusiness.net. A,Error Error NXDOMAIN
looking up 23-24-6-165
On 12.03.24 23:09, Andrew C Aitchison via mailop wrote:
https://discourse.ubuntu.com/t/noble-numbat-release-notes/39890#tls-10-11-and-dtls-10-are-forcefully-disabled-13
(which is mostly a template) suggests that TLS 1.0, 1.1 and DTLS 1.0
are "forcefully disabled" in the upcoming Ubuntu release
On 13/03/2024 16:43, Bill Cole via mailop wrote:
What is "poor" or "weak" about TLSv1.0 and TLSv1.1 which is relevant
in the context of SMTP, other than their easily-disabled support for
weak ciphers?
On 13.03.24 18:09, Taavi Eomäe via mailop wrote:
If you disable all the weak ciphers
Hello,
last few days we've had 2 diferent IP addresses listed in SpamHaus ZEN
1. monitoring server which rarely sends e-mail
- to single address in our internal network
- single address of our customer (outside our network)
- got listed after 4 e-mails within one day.
2. nextcloud server which
On Thu, 21 Mar 2024 18:40:16 +0100, Matus UHLAR - fantomas via mailop
wrote:
Are there any other checks or measures I can do?
On 21.03.24 13:58, Michael Rathbun via mailop wrote:
What exactly is the Zen result code? There are many reasons for such
listings.
the result code and the
On Mar 22, 2024, at 10:58 AM, Matus UHLAR - fantomas via mailop
wrote:
the result code and the spamhaus search didn't provide any relevant info.
On 22.03.24 16:32, Robert L Mathews via mailop wrote:
Hmmm. Not relevant to you, perhaps, but it may be relevant to someone else
who can hel
Something bad seems to have gained the ability to use that IP...
Dňa 31. marca 2024 15:02:31 UTC používateľ Odhiambo Washington via mailop
napísal:
Not that easy unless there is some recent exploit that I am not aware of.
On 31.03.24 15:18, Slavko via mailop wrote:
Don't seems as neighbor
Julian Bradfield via mailop skrev den 2024-03-31 17:35:
> It also thinks 41.212.32.14 has been very spammy in recent months.
On Sun, Mar 31, 2024 at 8:54 PM Benny Pedersen via mailop
wrote:
oh https://multirbl.valli.org/lookup/41.212.32.14.html dont send email
from pbl listed ips
OP should a
On 18.04.24 11:52, Sebastian Arcus via mailop wrote:
I hope this is within the allowable topics for this list. I tried
searching the archives, but haven't found an answer for the issue
below yet. If anyone could shed some light, it would be very much
appreciated.
A few days ago I started havi
On 18.04.24 12:22, Sebastian Arcus via mailop wrote:
I am not blocking outbound 587. I usually take the view that some user
devices - such as smartphones - could be configured to retrieve and
send email for their personal email accounts - and need to talk to
other email hosting providers. My se
On 22.04.24 09:28, Paul Menzel via mailop wrote:
A users sends a message to x...@uni-potsdam.de, and the user X there has
a forward set up to their y...@gmail.com address. Now
smtpin.uni-potsdam.de returns a delivery failure from Google Mail:
The following message to was undeliverable.
DKIM will be valid.
On 22.04.24 10:39, Matus UHLAR - fantomas via mailop wrote:
The (ugly but working) possibility is to rewrite From: address to one
@uni-potsdam.de and dkim-sign that one.
It's the same mechanism this mailing list uses to deliver mail.
On 22.04.24 11:03, Laurent S. via ma
On 24.04.24 07:28, Simon Branch via mailop wrote:
For the past 2 weeks, we have been unable to send mails to any gmail users,
nor any email domains hosted on Google's mail servers. We are using
Microsoft 365.
So I assume you send your mail through microsoft/outlook servers, you can't
your ou
On 24.04.24 17:00, Simon Branch via mailop wrote:
Thank you everyone for your input.
After reading the various comments, I decided to try creating a connector
in 365, specifically for emails going to the Gmail domain.
Funnily enough, the emails are now delivered to Google's servers, alb
On Thu, 25 Apr 2024, Paul Menzel via mailop wrote:
Until now we rejected emails from donotre...@invoices.premierinn.de
2024-04-23.log:2024-04-23 17:48:53 194.95.238.12 <22>Apr 23
17:48:53 mgw6-erl postfix/smtpd[744016]: NOQUEUE: reject: RCPT from
fra-smtp2.oracleindustry.com[138.1.67.161]:19
On 2024-04-29 08:02, Mendel Kucharzeck via mailop wrote:
- A newsletter campaign on January, 18th was successful with high
read-rates. DMARC and BIMI were not present during this campaign,
but DKIM and SPF. MAIL FROM domain was amazonses.com
- Another newsletter campaign was send on March 15th,
Matus UHLAR - fantomas via mailop
:
DKIM should help as well or even better.
_domainkey.newsletter.syniumsoftware.com produces NXDOMAIN which means domain
keys don't exist.
On 30.04.24 12:22, Mendel Kucharzeck via mailop wrote:
Thanks for your response. DKIM is set up according to the AW
Dnia 30.04.2024 o godz. 14:05:00 Stefan Bauer via mailop pisze:
Wow. Indeed. Thank you. The ip is 217.160.0.245 and yes, the complete ASN
is blocked.
On 30.04.24 14:18, Jaroslaw Rafa via mailop wrote:
That's why nobody should treat UCEPROTECT seriously (also due to highly
suspicious behavior o
On 29.05.24 16:29, J Doe via mailop wrote:
Has anyone noticed a recent increase in the frequency of scans of their
mail servers by Censys ?
I am seeing the following in my logs more often:
May 29 01:49:13 server smtpd[50661]: 78d6ab67951b801a smtp
connected address=199.45.154.4
host=sc
On 21.06.24 07:20, Jeff Pang via mailop wrote:
today I clear up iptables rules, and run fail2ban again.
in half of an hour, it blocked 1400+ IPs.
$ sudo iptables -L -n|grep DROP|wc -l
1407
I use ipset:
REJECT tcp -- anywhere anywhere match-set
block-mail src rej
On 2024-06-21 04:53, Jeff Pang via mailop wrote:
given currently I have 3000+ block IPs,
every normal client requests to submission,
the ip will be checked through those 3000+ list,
which slow down the normal client's connection certainly.
On 21.06.24 10:57, Anthony Howe via mailop wrote:
I th
On 28.08.24 07:46, Robert Giles via mailop wrote:
So dropping Google Groups entirely: since Google's infrastructure is
"unblockable", I'd suspect keying on a Google Groups-specific header,
but how are you (and other folks) accomplishing this?
I put into local rhsbl:
groups.google.com
googleg
Am 27.08.2024 um 12:56:18 Uhr schrieb Eduardo Diaz Comellas via mailop:
> I think that sending the vacation messages with null sender is an
> standard practise and the best way to avoid loops. I've found no
> problems with any other email providers: only gmail is blocking this
> messages.
On T
On 10/9/2024 11:57 PM, Matus UHLAR - fantomas via mailop wrote:
checking SPF is a fallback mechanism.
On 10.10.24 12:36, Dave Crocker via mailop wrote:
SPF is a fairly complex, fragile tool and it makes DMARC.. It's
inclusion in DMARC is always justified with language such as you used,
On 09.10.24 21:59, Dave Crocker via mailop wrote:
Since the primary function of the SMTP Mail From command is to specify
an address for receiving email handling problem notices, alignment with
the rfc5322.From field domain would seem to be secondary, at best.
On 10.10.24 08:32, Thomas Walter vi
On 10/17/2024 10:00 AM, Alessandro Vesely via mailop wrote:
Missing a backup authentication method would make DMARC even less
reliable.
On 17.10.24 17:18, Dave Crocker via mailop wrote:
A backup method that adds complexity and breaks under significant,
common scenarios does not sound like a gr
Dnia 16.10.2024 o godz. 15:12:00 Brandon Long via mailop pisze:
I'd think "able to send mail to receiver foo" vs not is a measurable
improvement.
On 17.10.24 01:07, Jaroslaw Rafa via mailop wrote:
Only because that receiver arbitrarily decided that they will not accept
mail that doesn't meet s
On 13.10.24 14:20, Dave Crocker via mailop wrote:
I wonder whether anyone has noticed that a thread like this
demonstrates that SPF is far from trivial?
Prehaps I should've said "can be trivial" or "basis SPF record" or something
alike; a SPF record of:
"v=spf1 mx -all"
together with
"v=DMA
On 26.10.24 09:41, Pete Long via mailop wrote:
The issue still exists even after the changes I've made as a result of
reading your replies to my original post. The spaces in the DKIM record
were indeed present (I think I counted five altogether in the main string
of characters in the record) b
Am 25.10.2024 um 16:34:01 Uhr schrieb Tobias Fiebig via mailop:
The earlier message from Marco regarding FCrDNS is, in my opinion, not
100% correct; The host as FCrDNS (fafflords.co.uk IN A
217.155.145.43), and usually ehlo-matches-rdns is not enforced
(otherwise MS would also be in a bit of a bi
On 25.10.24 11:08, Pete Long via mailop wrote:
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
d=valar.uk.net; s=default; h=To:Date:Message-Id:Subject:Mime-Version:
Content-Type:From:Sender:Reply-To:Cc:Content-Transfer-Encoding:Content-ID:
Content-Description:Resent-Date:Resent-F
Am 25.10.2024 um 15:39:15 Uhr schrieb Pete Long via mailop:
Unfortunately, Google is still rejecting emails from valar.uk.net. I
guess I'll wait a bit longer.
Tobias described it properly, there's more what you can and should do.
On 25.10.24 16:58, Marco Moock via mailop wrote:
DNS problem:
Dnia 25.10.2024 o godz. 19:52:09 Matus UHLAR - fantomas via mailop pisze:
>and ehlo/helo hostname matching.
Never heard about this. It's also a RFC violation. The hostname in
EHLO must exist and be canonical name (thus not CNAME), but that's
all.
I have also never heard abo
On 23.10.24 14:35, Ralf Schenk via mailop wrote:
I'm asking if someone is using CSA's (https://certified-senders.org/)
certified senders whitelist which is now delivered in JSON together
with a simple updater script to convert this in a whitelist/table
usable by postfix ?
Looks like dnswl, bu
Am 04.11.24 um 17:14 schrieb Kris Deugau via mailop:
Take a closer look, and I'd bet all five of those specific messages
were sent through Google Groups. Number 2 and 3 I'm sure of as I've
got spamples myself.
Take a broader look and I'd bet you'll find more messages with
similar sender addr
Dnia 30.01.2025 o godz. 14:03:51 Matus UHLAR - fantomas via mailop pisze:
Nowadays, we can mark domains that don't send mail using Null MX (rfc 7505).
But this needs explicit record to say "this domain does not send/receive e-mail"
Requiring MX to explicitly state "t
On 2025/01/28 16:55, Fehlauer, Norbert via mailop wrote:
if a domain has no mx record than a fallback to A/ for the domain is
possible. Is this fallback only to happen when no mx record exists for
the domain or can this fallback happen when no connection to the mx
defined servers is possib
onnection to the mx defined servers is possible? I would "guess"
> > that it only should happen if there are no mx records at all. Can
> > someone confirm this?
On Wed, Jan 29, 2025 at 01:46:59PM +0100, Matus UHLAR - fantomas via mailop
wrote:
Correct, although I believe t
Dnia 3.01.2025 o godz. 11:55:10 Matus UHLAR - fantomas via mailop pisze:
I have put googlegroups.com and groups.google.com to my local rhsbl
list and use it at both MTA and spamassassin level (uribl checks
included).
On 03.01.25 12:27, Jaroslaw Rafa via mailop wrote:
Many people here on this
On 02.01.25 18:20, Jarland Donnell via mailop wrote:
I'm reaching out to ask if anyone on this list has landed on an
effective strategy to block this spam coming from subdomains used on
Google Workspace. I'm certain most of you are seeing it, given the
volume I'm seeing. I'll give 2 samples jus
On 16.01.25 04:32, Scott Q. via mailop wrote:
Thanks, so despite the bounce saying it's a problem with the
recipient, it may very well be a problem with our sending IP ?
the "Recipient address rejected" usually means that your mail was rejected
at the RCPT stage of SMTP transaction.
MTAs do t
On 28.04.25 12:12, Benoit Panizzon via mailop wrote:
Since a couple of days, we get a increased number of complaints from
customer receiving duplicate emails.
Emails duplicated (sometimes sent 5 or more times within a couple
of hours) are all sent from outlook.com.
I start to suspect, that ther
On 07.03.25 10:43, Raymond Dijkxhoorn via mailop wrote:
A very very bad example of how not to retire a rbl.
What they did was just list the world and let everybody suffer with it. This is
just a very malicious act and not now things should have executed at all.
While I agree, I found 5 ticket
On 2025-03-07 at 06:04:25 UTC-0500 (Fri, 7 Mar 2025 12:04:25 +0100)
Thomas Walter via mailop
is rumored to have said:
AFTER they
did contact all the abuse contacts of networks still using it?
On 07.03.25 12:21, Bill Cole via mailop wrote:
That definitely DID NOT HAPPEN, because it is intrins
Dnia 7.03.2025 o godz. 20:39:47 John Levine via mailop pisze:
I have a fake auth on port 25. Local users sending mail do real auth on
port 465 or 587.
I get plenty of bot auth traffic on port 25.
It appears that Jaroslaw Rafa via mailop said:
But why bother about auth attempts on port 25
On 15.05.25 10:39, Benoit Panizzon via mailop wrote:
https://en.wikipedia.org/wiki/DomainKeys_Identified_Mail
Quote:
"DomainKeys Identified Mail (DKIM) is an email authentication method
designed to detect forged sender addresses in email (email spoofing), a
technique often used in phishing and
On 22.05.25 08:56, Nate Burke via mailop wrote:
Has anyone had success getting the "New" Outlook to talk to an Icewarp
Server? With both IMAP and POP3, my server records garbled IMAP/POP3
commands in the connection log from the Microsoft servers. And
outlook just displays the generic 'Cannot
On Tue 17/Jun/2025 14:20:52 +0200 sebastian wrote:
>>Presumably, a mail server should not consult a DNS hacked for browsers?
Presumably, a firewall located between LAN and WAN has no way to
know if the UDP packet is for a SPF client or browser. It sees a DNS
response packet coming from a serve
Dnia 23.06.2025 o godz. 23:54:57 Matt Palmer via mailop pisze:
> What a nonsense! Why they check DMARC at all if they require *both* SPF
> *and* DKIM to pass?
Because DMARC, SPF, and DKIM are different things, that assert different
properties of the email, and thus may have different values to t
60 matches
Mail list logo
