Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Thu, 16 Jul 2015 17:41:35 -0700
From: Reed Loden <reed@...dloden.com>
To: oss-security@...ts.openwall.com
Subject: Re: Re: ezmlm warning

Yup, I get these, too... Been happening for almost a year. See also
http://seclists.org/oss-sec/2014/q3/471.

Likely, the ezmlm instance on lists.openwall.com needs to be updated to get
some of the DMARC compliance changes that were made last year (
http://untroubled.org/ezmlm/archive/7.2.2/CHANGES).

~reed

On Mon, Jul 13, 2015 at 5:48 PM, Grant Ridder <shortdudey123@...il.com>
wrote:

> Anyone else get an email like this?  Is the list misconfigured due to
> Yahoo's DMARC change a bit ago?
>
> -Grant
>
> On Mon, Jul 13, 2015 at 5:46 PM, <oss-security-help@...ts.openwall.com>
> wrote:
>
> > Hi! This is the ezmlm program. I'm managing the
> > oss-security@...ts.openwall.com mailing list.
> >
> > I'm working for my owner, who can be reached
> > at oss-security-owner at lists.openwall.com.
> >
> >
> > Messages to you from the oss-security mailing list seem to
> > have been bouncing. I've attached a copy of the first bounce
> > message I received.
> >
> > If this message bounces too, I will send you a probe. If the probe
> bounces,
> > I will remove your address from the oss-security mailing list,
> > without further notice.
> >
> >
> > I've kept a list of which messages from the oss-security mailing list
> have
> > bounced from your address.
> >
> > Copies of these messages may be in the archive.
> >
> > To retrieve a set of messages 123-145 (a maximum of 100 per request),
> > send an empty message to:
> >    <oss-security-get.123_145@...ts.openwall.com>
> >
> > To receive a subject and author list for the last 100 or so messages,
> > send an empty message to:
> >    <oss-security-index@...ts.openwall.com>
> >
> > Here are the message numbers:
> >
> >    17183
> >    17194
> >
> > --- Enclosed is a copy of the bounce message I received.
> >
> > Return-Path: <>
> > Received: (qmail 12122 invoked for bounce); 2 Jul 2015 05:03:53 -0000
> > Date: 2 Jul 2015 05:03:53 -0000
> > From: MAILER-DAEMON@...her.openwall.net
> > To: oss-security-return-17183-@...ts.openwall.com
> > Subject: failure notice
> >
> > Hi. This is the qmail-send program at mother.openwall.net.
> > I'm afraid I wasn't able to deliver your message to the following
> > addresses.
> > This is a permanent error; I've given up. Sorry it didn't work out.
> >
> > <shortdudey123@...il.com>:
> > 64.233.165.26 failed after I sent the message.
> > Remote host said: 550-5.7.1 Unauthenticated email from yahoo.com is not
> > accepted due to domain's
> > 550-5.7.1 DMARC policy. Please contact administrator of yahoo.com domain
> > if
> > 550-5.7.1 this was a legitimate mail. Please visit
> > 550-5.7.1  https://support.google.com/mail/answer/2451690 to learn about
> > DMARC
> > 550 5.7.1 initiative. qo3si969874lbb.122 - gsmtp
> >
> >
>

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.