swinog November 2023

swinog@lists.swinog.ch

8 participants
3 discussions

Contacts and Experts for Security Incidents
by Michael Righter 23 Nov '23

23 Nov '23

Hi We are creating an emergency handbook if we would have a critical security incident. Is there someone who can suggest a company which can help to find how the guys hacked the infrastructure and how to fix it? I hope we never have to use it, but be prepared is better Thanks Michael

4 3

Mails from Proton to Outlook land in spam
by Mat Kowalski 06 Nov '23

06 Nov '23

Hi all, I wonder if someone could point me in a correct direction for debugging mails between Proton and Outlook landing in spam... What happens is * my domain XXX plugged to mail.protonmail.ch. * my 2nd domain YYY plugged to mail.protection.outlook.com. * every mail sent from Proton to Outlook lands in spam * headers as seen by Outlook indicate SCL score 5 The content I use for the test is not anything synthetic but a real message. In the headers I can also see that the "basic configuration" is correct, i.e. * SPF passed * DKIM passed * DMARC passed so this gives no useful information sadly. Maybe someone here has experience with debugging Microsoft? The issue is that this makes my private mailbox unusable as whoever out there uses Outlook as their mail service is not getting my emails. Quite sick... Thanks a lot for any help, Mateusz

4 4

ip-plus.net SPF Policy invalid
by Mario Rimann 02 Nov '23

02 Nov '23

Hoi zäme One of our customers includes the SPF-Policy of ip-plus.net in his domain. Through this (and our monitoring of it), we noticed a problem that popped up this morning. If someone at ip-plus.net / Swisscom could have a look into it, that would be great. ➜ ~ dig +short TXT ip-plus.net | grep spf "v=spf1 ip4:193.222.75.178 ip4:212.243.7.144/29 ip4:194.209.127.144/29 ip4:212.243.190.136/29 ip4:164.128.36.0/24 ip4:164.128.36.32 ip4:195.65.89.0/24 ip4:164.128.223.0/24 ip4:217.192.233.192/29 " "a:mailout.ip-plus.net ip4:138.190.0.0/16 ip4:193.222.81.96/27 ip4:212.243.177.176/29 ip4:138.188.166.0/24 ip4:138.188.176.0/24 ip4:212.243.37.66" "ip4:212.243.96.74 ip4:164.128.243.19 mx -all" The problematic part is the missing space before the second-last "ip4:" block (after 212.243.37.66). Error message the SPF validator throws is: SPF Permanent Error: Invalid IP4 address: ip4:212.243.37.66ip4:212.243.96.74 Best wishes, Mario

1 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

swinog November 2023