because people are just fundamentally assholes
jb2cool at gmail.com
Fri Nov 12 11:52:07 PST 2021
I can’t really help with checking the DKIM but I for one appreciate all the work you do behind the scenes to keep this project running. I know there are times you are sorely tested by things that happen and it makes you question all the time and effort you put in but I and countless silent others appreciate it.
Thanks as always
Sent from my iPhone
> On 12 Nov 2021, at 19:34, Dirk Hohndel via subsurface <subsurface at subsurface-divelog.org> wrote:
> Yeah, great subject, I know
> So I was wondering why I was seeing more and more bounces and delayed deliveries or completely failed deliveries for emails from the cloud servers.
> Turns out that some asshole has started to spam our mailing list subscribe feature and has managed to send out more than ten thousand unsolicited subscribe requests to random emails in the past two weeks. And as a result the mail gateway server that I use has started to get negative reputation and was being either rejected or throttled by the large email providers (yahoo/AOL, outlook.com/hotmail, iCloud.com/me.com, etc). Gmail continued to take the emails, but appears to have gotten even more aggressive to disappear them after delivery.
> First thing I did was blacklist the top 20 IP addresses used in this spam attempt.
> Then I enabled the subscription spam protections in mailman (why aren't those enabled by default in mailman2?).
> Then I cleared out the more than six hundred pending subscription confirmation emails that filled the mail queue on my gateway server.
> And I finally broke down and implemented DKIM on the server (as Linus and I speculated that that might help to not be "disappeared" by gmail).
> So hopefully we'll see fewer emails get delayed or rejected or marked as spam.
> And hopefully we'll get fewer victims sent unsolicited subscription confirmations...
> I hate people. I mean, seriously. What the heck is wrong with people who do shit like this???
> Anyway, so this is what I did with my spare time the last couple of days - I hope you were doing things that are more fun. Like diving. Or writing code for Subsurface.
> Those of you with mail admin experience...
> - do the DKIM headers look right to you?
> - any other measures I should take to protect mailman?
> subsurface mailing list
> subsurface at subsurface-divelog.org
More information about the subsurface