@scottalanmiller said in Configure Mastodon to Use Zoho ZeptoMail for SMTP Email:

@PhlipElder said in Configure Mastodon to Use Zoho ZeptoMail for SMTP Email:

All of our mail servers are properly set up with a SmartHost, SPF, and DMARC. We don't have any reputation issues. That's a 2000s kind of problem.

No, it's current. Microsoft blacklists entire datacenters still. There's a lawsuit in Illinois about it that they lost. It's a very real thing still that RBL are used by the majors (like Microsoft, but not Google) and used to shut down entire ISPs and IP blocks. I've been brought in to help providers with these issues, it's a huge legal problem and if you don't get hit with it, it seems like it doesn't exist, and if you do get hit, it seems like there's no recourse (hint: there isn't.)

We're dealing with a client who has their site hosted in a Yandex.RU data centre and guess what? Yeah, some putz between their web server and ProofPoint has a sinkhole because Ukraine. The web server can e-mail @Outlook.Com because they have servers around the world but not ProofPoint.

We've had lots of issues over the years where one midbone/backbone provider either shapes or blocks packets from another because they're in a contract dispute. Poof. Packets gone.

@travisdh1 thanks! 🙂

@JasGot Intermedia doesn't' host as far as I know any Exchange Servers through Rackspace.

@scottalanmiller said in SAMIT: Stop Using Secure Email:

@JaredBusch said in SAMIT: Stop Using Secure Email:

Also, accepting insecure email is different than allowing your organization to send insecure email.

Very true. Accepting things insecurely is better than sending them.

I accept email in any way that it is sent. But all sent email is required to be TLS or it will not send. I have a couple of people that the boss cannot email because of it, as well as one prior customer that is still running an ancient ass GroupWise 6 email server. They email asking for one off support for their routers sometimes.

@scottalanmiller said in Send an Email via SMTP from Command Line with cURL:

@Pete-S said in Send an Email via SMTP from Command Line with cURL:

@scottalanmiller said in Send an Email via SMTP from Command Line with cURL:

@Pete-S said in Send an Email via SMTP from Command Line with cURL:

@Dashrender said in Send an Email via SMTP from Command Line with cURL:

@Pete-S said in Send an Email via SMTP from Command Line with cURL:

@scottalanmiller said in Send an Email via SMTP from Command Line with cURL:

First the command itself, showing gmail settings here by default but obviously fill in with your own details:

Does it work? I thought gmail required OAuth nowadays and you couldn't use plain username & password for authentication anymore.

gmail still allows the creation of app passwords.

OK, then it works for now I guess.

I always cringe when I see MSPs that set up their clients MFPs and other devices using random gmail accounts.

IMHO it's unprofessional and much better to use a real transactional email service for these kinds of applications.

It depends. If it is going out to customers, then it's weird. If it is for purely internal stuff then transactional email doesn't make too much sense. But if it is internal, normally you can just use whatever internal tool you already have.

Typical scenario with gmail is that someone sets up a MFP to use a random gmail address for sending alerts and scanned documents.

When the user scans the document it's often sent to his own email address [email protected]. So primarily internal.

Well, problem is that gmail saves mail sent over SMTP in the sent folder. Which means that the "printer guy", who if often not even an employee, can read all the scanned document that was ever scanned and emailed by logging in to the gmail account he set up.

And of course sent email coming from outside your domains might be flagged as spam. So people scan documents and it doesn't work. I mean the list of problems is long.

Well when lots and lots of companies still demand to only use Gmail already, it's not so weird.

You'd be amazing how often we get people requiring that they stay on Yahoo and AOL addresses for their businesses. I kid you not.

5f34099e-464c-4cd3-a7e3-f7845ca46d05-picardfacepalm.jpg

@JaredBusch said in Email auto CC:

@Dashrender said in Email auto CC:

Yeah - this is straight up spying - in some states this would be illegal!

Which? Because most states I know the details of, this is 100% employer right.

Often if disclosed, but yes. Because it is the employer's system, after the point of sending. There's no assumption of privacy. It's not like cracking someone's encryption.

@scottalanmiller No example output? 🙂

@pmoncho said in Email retention for non-regulated businesses?:

@dashrender said in Email retention for non-regulated businesses?:

@pmoncho said in Email retention for non-regulated businesses?:

@dashrender said in Email retention for non-regulated businesses?:

@scottalanmiller said in Email retention for non-regulated businesses?:

@pete-s In the US they tend to say "as short as possible." Email is always a legal quagmire and the best thing to do is to delete is as quickly as possible. Which, of course, can't be that fast. So we are generally talking 1-2 years. But you rarely want to keep it longer not because it likely contains details of people breaking the law, but because a legal discovery request is extremely expensive and a great way to attack even otherwise honorable businesses. It's a huge cost you can leverage against someone that they can only reasonably mitigate by not having much email to go through.

Man - that would be so awesome. But even if management did agree that - you'd have people that would be looking for ways to maintain the data for a much longer period - like printing and saving in a cabinet.. shudder.

I like many of the replies I get about cleaning out email. "Why, its free!" "Why, my 50 GB of email is nothing when we have 16TB drives for $200" "Why do I have to remove email older than 13 years, it isn't hurting anyone" "Why would I do that, I may need it later (Medicare Newsletters prior to 2010)" and the list goes on and on.

Exactly!

Then my next question is - if something is so important that you need to keep it - why is it in email in the first place? Why can't you get that data someplace else more related to whatever it is you're saving it for? (That said, I realize that other documentation for something simply don't exist).

Don't you dare get me started down this path. I had HUGE arguments about this with an ex-employee over the period of 10 years. The user could not/would not understand her email box is not a document database / DMS. The last I counted, she had over 300 different nested folders in her email.

Now that the user is gone, their mail copied to a shared mailbox for management to hunt/search and waste their time with if they choose.

It probably easier to have retention policy in place from the start.

If you know email retention is time-limited, you'd have to come up with some other way to store things.

But some people are just hopeless no matter what...

@travisdh1 said in Best practice MFP scanning to email for M365 shop?:

@dashrender said in Best practice MFP scanning to email for M365 shop?:

@travisdh1 said in Best practice MFP scanning to email for M365 shop?:

@pete-s said in Best practice MFP scanning to email for M365 shop?:

@dashrender said in Best practice MFP scanning to email for M365 shop?:

@gjacobse
what brand MFPs are those?

My Canon's do fine with 1.2 to MS.

Do you set up the MFP with credentials from a M365 user?

Yep, need a licensed account, and the lowest priced one doesn't work. I forget what it's called at the moment, but you need a license that includes the local apps.

Even if you go with option 1, not sure why the lowest account with an email account wouldn't work?

Because the lowest cost email account is online only. A local device can't login.

I don't understand - why can't a local device login? Sure it likely can't use modern auth - but normal SMTP logon should work (though I think MS is killing that)

Also, as I mentioned - i'm using a totally free account (a shared account - shared only with me :P) through option 2 in the link I provided.

@pete-s said in DMARC monitoring services/tools?:

Found this as well, but it's $200 to $1500 per month:
https://www.valimail.com/pricing/

Actually searching for the one @VoIP_n00b mentioned and the one above, I found a list. Haven't checked all of them yet, but it's a start.

If anyone has experience using any of these services please share your opinion of it!

https://dmarc.postmarkapp.com/
https://www.valimail.com/
https://report-uri.com/products/dmarc_monitoring
https://mxtoolbox.com/Pro/DmarcSetup/f/RegisterDomain#/
https://uriports.com
https://dmarcian.com/
https://easydmarc.com
https://powerdmarc.com/power-dmarc-pricing-policy/
https://dmarcly.com
https://glockapps.com/dmarc-analyzer/
https://www.dmarcanalyzer.com/
https://ondmarc.com/pricing
https://godmarc.com/
https://250ok.com/tour/dmarc/
https://www.agari.com/products/business-fraud-protection/
https://www.fraudmarc.com/
https://www.barracuda.com/products/sentinel
https://www.symantec.com/products/messaging-gateway
https://www.proofpoint.com/us/products/email-fraud-defense

@pete-s said in Email Send Error Research:

@dashrender said in Email Send Error Research:

@jaredbusch said in Email Send Error Research:

@wrcombs said in Email Send Error Research:

So would it likely to assume that Username and password are incorrect ?

If the computer receives email, then the username and password were likely correct. Outlook's account setup wizard will only ask for the information one time by default.

If this system has never been able to send email, what is likely incorrect is the email server configuration details.

If it once sent email, then mostlikely Outlook had a connection problem once and popped up the credentials box, then the user put in the wrong info.

This seems VERY likely at this point!

Probably entered the Windows password he uses to login.

Probably his personal email password from home.

@stacksofplates said in I need this script to email the log it generates:

@Pete-S said in I need this script to email the log it generates:

OK, I understand. Thanks.

Also, I wasn't trying to be abrasive. I kind of worded that strongly. I just don't like Bash much. I find it annoying, so I'd rather use something else unless it's a really simple thing.

No problem. Bash is primitive for sure. Pick the right tool for the job I guess.

@kmac76 It works well, just haven't tried this.

@JasGot said in Creating email signatures?:

@Pete-S said in Creating email signatures?:

@JasGot said in Creating email signatures?:

For a few people to use? or for an entire organization and forced through policies?

For a small organization where everyone would change their email signature themselves or have an admin do it for them.

If we had the html for one email signature it would be simple to create a script that would create the individual email signatures.

For a relatively small group of people, most companies we work with just have one decision maker create their own, then distribute it to everyone else.

Notes:
The decision makers usually can't figure out how, so we (IT) hold their hand through the process.
Use their e-mail program of choice.
Do it in HTML.
Use standardize fonts (This doesn't mean don't use fancy fonts, it means use fonts that are likely in most OSes.)

Send it around with cut and paste instructions, asking each employee to edit the Name, Title and phone extension accordingly.

For groups under 25, we just do it, it's faster for to just do it than to teach 22 people about signatures. 🙂

Great, thanks!

We use Google services here. We had a quirk around 6am-7am on Monday. No end-user issues reported since that 1 hour. However all of our facilities are within TX.