For some reason, my relay MTA accepts mail where one of the recipient domains in the Cc: list is invalid, while sendmail on my mail host issues a soft reject with (in this particular case) "host map: lookup (users.sourceforge.jp): deferred".
This is, indeed, currently a invalid domain. But why the hell does the mail pass through on the relay (also running sendmail)?
Eighteen Years of Greytrapping - Is the Weirdness Finally Paying Off? https://nxdomain.no/~peter/eighteen_years_of_greytrapping.html (tracked https://bsdly.blogspot.com/2025/08/eighteen-years-of-greytrapping-is.html)
Friends, it finally happened. On August 7th, 2025, the number of spamtraps intended to woo the unwary spammer rolled past the number of inhabitants in my home country of Norway.
It's time for a retrospective.
In 2013 I wrote up "Maintaining A Publicly Available Blacklist - Mechanisms And Principles" (also https://bsdly.blogspot.com/2013/04/maintaining-publicly-available.html) . TL;DR: blocklisting is a kind of public shaming, be sure your process is verifiable and transparent.
Minor edits today, links to resources and #eurobsdcon inside. #blocklists #spamtraps #antispam #smtp #spamd #openbsd #freebsd #security #cybercrime
The BIG MAIL operators disappear valid mail. We have all seen it happen.
I am pondering starting a campaign to collect war stories with as much log data and other relevant data as possible in order to write an article which may
evolve to something else.
If you have potentially useful input, I want to hear from you.
For further notes going back to 2017, see "Twenty-plus years on, SMTP callbacks are still pointless and need to die" https://nxdomain.no/~peter/twenty-plus_years_on_smtp_callbacks_are_still_pointless.html #spam #smtp #smtpcallbacks #callbacks #email #verification #cybercrime #hacking #stupidity
Post #SMTP plugin flaw exposes 200K #WordPress sites to hijacking attacks
hey, #SMTP lazyweb! what's the deal with ECDSA certs these days?
4/5 Until now, I have been using IMAP+SMTP, and TbSync for address books and calendars. After going through a few iterations, I have now settled on using Exchange (native, experimental) accounts (yes, plural) for email and sticking with TbSync for calendars and address books.
3/5 Right now, Exchange requires add-ons to work. Usually this means TbSync or OWL. Each of these has its own set of features and limitations to consider. Account Hub will show you Exchange in two flavors… one says “add-on required” and the other doesn’t. It’s the latter one that is the native integration in experimental form at this time (and does email ONLY for now).
2/5 Further, the “native” connection to EWS/OWA within Thunderbird is only available in 140 when you enable a custom setting (search for “ews”). What you see in the new Account Hub will depend on whether that custom setting is enabled.
5/5 TbSync was a small challenge because, as has happened in the past with major Thunderbird updates, it was declared unsupported and automatically disabled by Thunderbird 140esr. Following the instructions in https://github.com/jobisoft/TbSync/issues/753#issuecomment-3051737579 (file-based reinstall of TbSync and EAS-4-TbSync) resolves the issue for now.
1/5 @padraig @thunderbird Took a little searching but I am working again! Yay. The complexity is that which setup to use with Exchange can be legacy (POP3, IMAP+SMTP, EAS, EWS/OWA) or current Graph API. Thunderbird 140 supports all of the legacy API but not yet Graph API.
HELP !
Free m'a bloqué les ports #IMAP et #SMTP, et refuse de les réouvrir. Je vous raconte.
Je fais un peu de #autohébergement sur mon serveur, et derniièrement, j'y ai installé #docker-mailserver
je configure #thunderbird , tout fonctionne nickel, et au bout d'un moment, impossible d'envoyer des emails ou d'en recevoir
Il se trouve que #Free a bloqué le port 25
En 5G par contre, pas de probléme
Et le support a rejeté ma demande
Please #retoot en espérant atteindre quelqu'un de Free 
Sharing @futurile's excellent blog series on how to configure #IMAP and #SMTP for #NeoMutt, including setups for Runbox.
Configure IMAP, SMTP or msmtp, set up multiple accounts - this tutorial has you covered.
Check out the posts here: https://www.futurile.net/archives.html
https://www.futurile.net/2025/05/18/neomutt-email-native-imap-tutorial/
Big thanks to https://mastodon.social/@futurile
Remember the threads¹² about #LetsEncrypt removing a crucial key usage from certificates issued by them in predictive obedience to their premium sponsor Google?
We were at first concerned about #SMTP. While I had lived through this problem with #StartSSL by #StartCom back in 2011, I only had a vague recollection of Jabber but recalled in detail that it broke server-to-server SMTP verification (whether the receiving server acted on it or just documented it).
Well, turns out someone now reported that it indeed breaks #XMPP entirely: https://community.letsencrypt.org/t/do-not-remove-tls-client-auth-eku/237427/66
This means that it will soon no longer be possible at all to operate Jabber (XMPP) servers because the servers use the operating system’s CA certificate bundle for verification, which generally follows the major browsers’ root stores, which has requirements from the CA/Browser forum who apparently don’t care about anything else than the webbrowser, and so no CA whose root certificate is in that store will be allowed to issue certificates suitable for Jabber/XMPP server-to-server communication while these CAs are the only ones trusted by those servers.
So, yes, Google’s requirement change is after all breaking Jabber entirely. Ein Schelm, wer Böses dabei denkt.
While https://nerdcert.eu/ by @jwildeboer would in theory help, it’s not existent yet, and there’s not just the question of when it will be included in operating systems’ root CA stores but whether it will be included in them at all.
Google’s policy has no listed contact point, and the CA/B forum isn’t something mere mortals can complain to, so I’d appreciate if someone who can, and who has significant skills to argument this in English and is willing to, to bring it to them.
① mine: https://toot.mirbsd.org/@mirabilos/statuses/01JV8MDA4P895KK6F91SV7WET8
② jwildeboer’s: https://social.wildeboer.net/@jwildeboer/114516238307785904
Hi @delta 
I am making updates to https://delightful.coding.social/delightful-activitypub-development and bumped into this interesting #SMTP to #ActivityPub proof of concept. Just a heads-up to make you aware, in case it is interesting for #DeltaChat in some way or other.
Maintenant, « Auto-hébergez une messagerie e-mail qui délivre » par les gens de #Galae.
Pourquoi auto-héberger ? Parmi les réponses : « parce que c'est possible »
@rl_dane @ShinjiLE if you or someone else wants to help argue, the thread is at https://community.letsencrypt.org/t/do-not-remove-tls-client-auth-eku/237427 (Discourse, so JS webbrowser), I’m exhausted.
I've ranted before about #DMARC and whether it's worth private mail-server admins implementing.
Today's rant: the reference implementation, https://github.com/trusteddomainproject/OpenDMARC, has been abandoned for ~4 years, and its maintainers, http://www.trusteddomain.org/, are completely AWOL.
Linux distro maintainers have had to do proxy maintenance themselves, picking and choosing patches from pull requests submitted to the project to add to their distributions.
This sucks.
#FOSS #SMTP #OpenDMARC #TrustedDomainProject
