itor traffic on egress day'
(Doesn't every modern router support this? and alarms?)
These are simpler fixes, and if they were just done, would make the
internet a heck of a lot safer in a real hurry..
--
"Catch the Magic of Linux..."
-
ns.. just
that someone (3rd party) told them they had to add it to their SPF
chain.. and someone in management said 'just do it', without realizing
that it completely invalidated the protection afforded by SPF..
--
"Catch the Magic of Linux..."
--------
g for that Solar Flare)
--
"Catch the Magic of Linux..."
--------
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
A Wizard IT Compa
s mentioned previously.. More important issues to address than
SPF, that will make the world a better/safer place.
--
"Catch the Magic of Linux..."
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
hilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
--
"Catch the Magic of Linux..."
--------
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
last few months, not
better.. (Snowshoe spammers)
--
"Catch the Magic of Linux..."
--------
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.l
lip
Forgot Colo-Crossing on that list ;)
--
"Catch the Magic of Linux..."
--------
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
--
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
--
"Catch the Magic of Linux..."
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxma
Linux..."
--------
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
A Wizard IT Company - For More Info http://www.wizard.ca
&quo
n/listinfo/mailop
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
--
"Catch the Magic of Linux..."
--
_
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
--
"Catch the Magic of Linux..."
--
"
"The mail server is clean"
"..signed.. delivery consultant" (Why do they need one?)
"The spam problem related to this issue was already solved"
"We use DKIM and SPF"
--
"Catch the Magic of Linux..."
--
count ;)
See a lot of fred55...@somefreemail.com, asking for removal for a known
compromised server.. hehehe.. yeah right.. sorry if your trojan can't
send email but...
--
"Catch the Magic of Linux..."
--------
Mi
he Magic of Linux..."
--------
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
A Wizard IT Company - For More Info http://www.wizard.ca
"LinuxMagic" a Regi
unassigned.psychz.net
--
"Catch the Magic of Linux..."
--------
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
at (link) is more about issues that haven't been responded to
or addressed, rather than spam sources..
--
"Catch the Magic of Linux..."
--------
Michael Peddemors, President/CEO LinuxMagic Inc.
Visi
would be appreciated.
- mark
--
"Catch the Magic of Linux..."
--------
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
--
SMS Gateways that send email do not have a FQDN in the EHLO/HELO..
--
"Catch the Magic of Linux..."
--------
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @
#x27;, as well as any common OS names, eg
'root','postgres','www-data' etc created and restricted.
All subsequent domains should have 'abuse' and 'postmaster'.
--
"Catch the Magic of Linux..."
h the Magic of Linux..."
--------
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
A Wizard IT Company - For More Info http://www.wizard.ca
"LinuxMagic" a R
ilop
--
"Catch the Magic of Linux..."
--------
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
A Wizard IT Company - For More Info http://www.wizard.ca
"LinuxMagic&q
from their networks..
If any one has a contact, (we tried postmaster already) I will forward
it on to the team ..
--
"Catch the Magic of Linux..."
--------
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://
ail server than my own ;)
On mar. 1 août 08:54:45 2017, Michael Peddemors wrote:
We would expect that the actual SMTP servers themselves should be inserting
a received header.. and that we would see a FQDN for the 'mwinf5d13' that
received the email.. Hard to tell if this was a webmail pr
--
"Catch the Magic of Linux..."
--------
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
A Wizard IT Company - For Mo
"Catch the Magic of Linux..."
--------
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
A Wizard IT Company - For More Info http://www.wizard.ca
"LinuxMagic
ader: softfail (google.com: domain of
transitioning ptp...@gmail.com does not designate 58.64.196.210 as
permitted sender) client-ip=58.64.196.210;
You want it to just fail? That would be silly, we expect people to
forward email.
I'll pass on your compliments.
Brandon
On Tue, Aug 1, 2017
Yes Michael,
If you are going to have your team tackle anything, the ones selling b2b
mailing lists and contacts are one of your higher leakages..
I could send you a bunch off-list if you want ..
Offenders this week.. (just a sampling from my own spam folders)
Return-Path:
Return-Path:
Re
e Magic of Linux..."
--------
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
A Wizard IT Company - For More Info
p
--
"Catch the Magic of Linux..."
--------
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
A Wiz
honoured..
Surprised that there is not more breakage, but noticed that Yahoo's DKIM is now
one long line, in addition to Microsoft's VERY long header lines..
(1845 chars)
Comments?
--
"Catch the Magic of Linux..."
----
--
"Catch the Magic of Linux..."
--------
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
A Wizard IT
/listinfo/mailop
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
--
"Catch the Magic of Linux..."
--------
Michael Peddemors, Pr
g.
Anybody here who might be able to help.
Thanks,
Miles Fidelman
--
"Catch the Magic of Linux..."
--------
Michael Peddemors, President/CEO LinuxMagic Inc.
Visi
locking Port 25 (still, 15
years later same topic, IoT)
(So many foreign ISP's haven't yet made a move in this direction, allowing
for destructive levels of Bot activity)
* EnvelopeFrom Best Practices
* Next Evolution(s) of Email Security (Auth Recommendations)
300
IPv4 addresses in the last 6 hours.
Tim
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
--
"Catch the Magic of Linux..."
--------
Michael Peddemors, President/CE
j.fr
Subject: simple imposition
Message-ID:
X-Priority: 3
MIME-Version: 1.0
Content-Type: text/html; charset=utf-8
Content-Transfer-Encoding: 8bit
--
"Catch the Magic of Linux..."
--------
Michael Peddemors, President/CEO Li
transcripts about connecting to Gmail.
Best regards,
Andris Reinman
On 6 Oct 2017, at 21:24, Brandon Long via mailop
mailto:mailop@mailop.org>> wrote:
I still prefer our sasl extension, PLAIN-CLIENTTOKEN instead,
since you can then use it for imap/pop/smtp simply.
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
--
"Catch the Magic of Linux..."
--------
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
--
"Catch the
Magic of Linux..."
--------
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
A Wizard IT Company - For More Info http://www.wizard.ca
"LinuxMagic" a Regist
he rejection, but this does look
bogus.
Ned
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
--
"Catch the Magic of Linux..."
Just wanted to pass some reports of 'dirty' lists noted in this weeks
reports from the auditors.. that should be reviewed..
Time to do a fall cleaning..
--
"Catch the Magic of Linux..."
--------
Michael Pedd
t;18]" an
artifact or some kind of error?
Thanks for the help.
-Warren
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
--
"Catch the Magic of Linux..."
--------
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
-
ilop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
--
"Catch the Magic of Linux..."
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
-
eal,
Carlsbad, CA, 92008
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
--
"Catch the Magic of Linux..."
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxma
t.com.au
<http://stcolumba.customer-wan.caznet.com.au/>;
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
--
"Catch the Magic of Linux..."
--------
Michael Pedde
--
"Catch the Magic of Linux..."
--------
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
A
--
"Catch the Magic of Linux..."
--------
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
A
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
--
"Catch the Magic of Linux..."
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
--
uff, I was hoping someone else already had.
R's,
John
Google 'imapsync', it is the goto tool for that..
--
"Catch the Magic of Linux..."
--------
Michael Peddemors, President/CEO LinuxMagic Inc.
Vi
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
Curious, we haven't seen an increase of backscatter from o365, do you
have a sample?
--
"Catch the Magic of Linux..."
---
r
--
"Catch the Magic of Linux..."
--------
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
A Wizard IT Company - For More Info http://www.wizard.ca
"LinuxMagic"
as sent, but there's no way to
tell.
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
--
"Catch the Magic of Linux..."
--------
Michael Peddemors, President/CEO Lin
Just for the record, more information on the ClamAv mailing lists..
http://lists.clamav.net/pipermail/clamav-users/2018-January/005722.html
--
"Catch the Magic of Linux..."
--------
Michael Peddemors, President/CEO
ratio normal?
Thank you in advance.
- Chris
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
--
"Catch the Magic of Linux..."
--------
Michael Pe
lli.nosignal.org/cgi-bin/mailman/listinfo/mailop
--
"Catch the Magic of Linux..."
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
-
that Google
outbound filters treat 'Google SEO' and similar 'top ten on google' with
a positive bias ;)
--
"Catch the Magic of Linux..."
--------
Michael Peddemors, President/CEO LinuxMagic Inc.
Vi
tus.
B.
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
--
"Catch the Magic of Linux..."
--
Want to hit me offline, notice that SpamCop considers URL's in 550
errors as 'spamvertizing'
--
"Catch the Magic of Linux..."
--------
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at
is on a private domain.
Please sign in with an authorized account to view this content.
Just pointing it out..
--
"Catch the Magic of Linux..."
--------
Michael Peddemors, President/CEO LinuxMag
.nosignal.org/cgi-bin/mailman/listinfo/mailop
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
--
"Catch the Magic of Linux..."
--------
Michael Pe
Even worse...
For a single email account..
133 AUTH attempts per minute..
Fail2ban or something similar can also be a quick remedy, but looks like
it is something to actually build a ruleset around..
On 18-02-09 08:41 AM, Michael Peddemors wrote:
Not just those ranges... 40.97.117.181
op@mailop.org>
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
--
"Catch the Magic of Linux..."
-----
Sorry for the noise...
Also from EHLO's of
Feb 9 09:29:13 fe1 msd[20338]: EHLO command received, args:
MWHPR22MB0798.namprd22.prod.outlook.com
On 18-02-09 11:23 AM, Michael Peddemors wrote:
Two separate issues I believe...
Aggressive Valid AUTH attempts... EHLO/STARTTLS/AUTH LOGIN
--
"Catch the Magic of Linux..."
--------
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
A Wizard IT Company - For More Info http://www.wizard.ca
"LinuxMagic&
PELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-STARTTLS
250-8BITMIME
250-BINARYMIME
250-CHUNKING
250 SMTPUTF8
--
"Catch the Magic of Linux..."
--------
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @
recipients
S: 221 goodbye
5. Security Considerations
This RFC does not discuss security issues and is not believed
to raise any security issues not endemic in electronic mail
and present in fully conforming implementations of [RFC-821].
On 18-02-15 01:06 PM, Stefano Bagnara wrote:
O
Linux..."
--------
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
A Wizard IT Company - For More Info http://www.wizard.ca
"LinuxMagic" a Registered TradeMark of Wizard Towe
{SORRY}
That was meant to be offlist..
On 18-02-16 01:11 PM, Michael Peddemors wrote:
Had a bunch of reports of this one slipping by our protections..
Judging by the volume of reports, you might want to see how this one
snuck out.. Our team is putting a rule specific for this one right away
On 18-02-14 12:25 PM, Al Iverson wrote:
On Wed, Feb 14, 2018 at 3:06 PM, Michael Peddemors
wrote:
Yes, stop using obfuscated MAIL FROM's
It's not really wise to use non-obfuscated return paths when using
VERP. If it's easily decodable, a goofball could spin up fake ones to
c of Linux..."
--------
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
A Wizard IT Company - For More Info http://www.wizard.ca
"LinuxMagic" a Registered TradeMark of Wizard
I saw the previous email to this one
--srs
On 01/03/18, 2:04 PM, "mailop on behalf of Michael Rathbun"
wrote:
On Thu, 1 Mar 2018 11:00:07 -0800, Michael Peddemors
wrote:
>From: Apple
>Typical Phishing/Fraud..
>
&g
list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
--
"Catch the Magic of Linux..."
--------
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxma
void nasty edge cases in
MUAs you deliver it to is a good idea, if it's not too painful to do.
Cheers,
Steve
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
--
"Catch the Magic of
Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
--
"Catch the Magic of Linux..."
--------
o.. )
Message-ID:
PS, what kind of an email client do you use? Didn't it set the message
ID? Or did your server replace it?
--
"Catch the Magic of Linux..."
--------
Michael Peddemors, Presid
Magic of Linux..."
--------
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
A Wizard IT Company - For More Info http://www.wizard.ca
"LinuxMagic" a Registered TradeMark of W
uld that IPv4 literal be enclosed with "[" and "]" tokens, either as
([a.b.c.d]) or (hostname [a.b.c.d])?
Thanks in advance,
Erwin
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
--
"Catc
yet myself)
https://plus.google.com/u/1/115975444222620703736/posts/HmY1wyAz7Nk
--
"Catch the Magic of Linux..."
--------
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
A Wiza
on of
ticket purchases, they don't need fake @allegiant.com emails telling
them to look at the attached.. well, you get the drift..
BTW, if anyone knows where their transactional email is sent from, let
us know..
--
"Catch the Magic of Linux..."
-----
can try first there.
--
"Catch the Magic of Linux..."
--------
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
A Wizard IT Company - For More Info http://www.wizar
that party that is contravening the
GDPR
I expect it (the wrangling and legal arguments) to go on for some time
yet, before this is all sorted out.
--
"Catch the Magic of Linux..."
--------
Michael Peddemors, Presiden
lop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
--
"Catch the Magic of Linux..."
--------
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
A Wizard I
brovin
@Mail.Ru
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
--
"Catch the Magic of Linux..."
----
Michael Peddemors
4.41
X-Mailgun-Sid: WyJjNWE1OCIsICJzdXBwb3J0QGxpbnV4bWFnaWMuY29tIiwgIjU3MWU2Il0=
X-Mailgun-Batch-Id: 04094e6c-58d1-40e0-900c-a50dd28d5511
--
"Catch the Magic of Linux..."
--------
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic
e Systems (C05875656)
However, MUCH of the IP(s) in use do NOT have SWIP..
52.39.182.205
52.39.183.14
52.35.124.222
.. hundreds of listings..
--
"Catch the Magic of Linux..."
--------
Michael Peddemors, Presid
t's not, like this, maybe take it to the spam or messaging abuse
focused lists, some of which I'm sure you're on or reach out to the relevant
company directly?
Cheers,
Steve
On May 9, 2018, at 11:09 AM, Michael Peddemors wrote:
Return-Path:
Received: from mta65a.sparkpos
Just want to bring it up, the AOL Dkim header is 520 characters long all
on one line...
Suggest that they look at folding that header a little more sanely..
-- Michael --
--
"Catch the Magic of Linux..."
------
and SHOULD be no more than 78 characters, excluding
the CRLF.
And there are a lot more things processing email headers that just
software.. 'view source', human readability.. etc.
--
"Catch the Magic of Linux..."
-----------
"Catch the Magic of Linux..."
--------
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
A Wizard IT Company - For More Info http://www.wizard.ca
"LinuxMagic" a Regist
le brand new internet of 'fresh'
IP(s) to be used.. eg IPv6
Have a happy Spam Free Weekend all..
--
"Catch the Magic of Linux..."
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://w
On 18-06-08 09:14 AM, Stefano Bagnara wrote:
On Fri, 8 Jun 2018 at 17:53, Michael Peddemors wrote:
[...]
And while using that as feedback might seem the logical conclusion, in
the real world we still see more feedback reports from legitimate email
the customer should have wanted, vs emails
Seen that for the last 4 months or so..
Comes from Windows based OS typically, so betting a 'bot' infection..
So far safe to just reject/mark on traffic to port 25 with that HELO/EHLO
--
"Catch the Magic of Linux..."
------
is trying to fool...
--
"Catch the Magic of Linux..."
--------
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
A Wizard IT Company - For More Info http://www.wizard.ca
"
icrosoft.com%7C83a4acbf881445ab9e3d08d5d05e3dfd%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636644025546553986&sdata=611rJzyNK2vtk3xSZlv3jazflA%2FtdHS%2FU5Ux5sJs8gU%3D&reserved=0
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org
art, and check again, until there are no more -parts.
Mailing lists often used this mechanism as well, to find the actual user
that administrates mailinglistname-help@ etc..
Nothing to see here..
--
"Catch the Magic of Linux..."
------
en as many reports as
other parts of their IP space)
But it isnt' only Linode, it is easy to callout many CDN (content
delivery networks) as well .. (Hi Amazon, Digital Ocean and others..)
--
"Catch the Magic of Linux..."
-
gq
173.255.210.199 (RS) 1 asvc.xnxohe.ga
--
"Catch the Magic of Linux..."
--------
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
A Wizard IT Company - For More
ound flow from the IP
and the reputation is "so bad" that they can't mitigate it?
Michael, do you have an answer for this "scenario" or this specific case?
Others: did anyone else see similar issues? How did you fix them?
--
"Catch the Magic of Linux..."
---
1 - 100 of 799 matches
Mail list logo