Mailing List Archive

On 26 Jun 2020, at 20:44, Grant Taylor wrote:

> I received an automated email from Freshdesk about five minutes after
> my post to the SpamAssassin mailing list earlier this afternoon.

I had a similar event 6/30 and poked them about it via both a public
Tweet & a complaint to Sendgrid. Both entities responded *claiming* that
they were looking into the problem. Assuming that yours also came via
Sendgrid, it might help to add your complaint via abuse@sendgrid.com.

> I found an old thread about Freshdesk in the SpamAssassin Users
> archive [1]. This supports (confirms to me) that this is what
> happens.
>
> I object to this type of behavior and would like for whomever is doing
> it to be unsubscribed from the SpamAssassin Users mailing list on
> principal.
>
> Maybe give them one chance to come forward, admit the error of their
> ways, and to promise to cease and desist immediately.

They had their chance 2+ years ago and appear to have resumed the
obnoxious practice. They need to be gone.

On 6/26/20 7:01 PM, Bill Cole wrote:
> I had a similar event 6/30 and poked them about it via both a public
> Tweet & a complaint to Sendgrid. Both entities responded *claiming* that
> they were looking into the problem. Assuming that yours also came via
> Sendgrid, it might help to add your complaint via abuse@sendgrid.com.

I looked after your message and sure enough, the message did come via
Sendgrid.

I've got to say, between NANOG, SDLU, and SpamAssassin, I see a LOT of
complaints about Sendgrid.

> They had their chance 2+ years ago and appear to have resumed the
> obnoxious practice. They need to be gone.

Agreed.



--
Grant. . . .
unix || die

I have reached out to the CISO/CIO and the two members of the company on
this list about the issue. 

Regards,
KAM

On 26 Jun 2020, at 19:01, Bill Cole <sausers-20150205@billmail.scconsult.com> wrote:
> it might help to add your complaint via abuse@sendgrid.com.

I very much doubt it. Sendgrid's business is sending mail and they do not care if that mail is spam or not. If enough servers block them they will go away.




--
Don't be too sure I'm as crooked as I'm supposed to be. ~ Sam Spade

On Sat, 27 Jun 2020, @lbutlr wrote:

> On 26 Jun 2020, at 19:01, Bill Cole <sausers-20150205@billmail.scconsult.com> wrote:
>> it might help to add your complaint via abuse@sendgrid.com.
>
> I very much doubt it. Sendgrid's business is sending mail and they do not care if that mail is spam or not. If enough servers block them they will go away.

They do, however, apparently care about phishing - they did disable the
sendgrid redirect that some phisher has been spamming at me for the last
three weeks.

--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhardin@impsec.org FALaholic #11174 pgpk -a jhardin@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
It is a testament to the effectiveness of government schools that
people angry at government actions will burn down a used book
store, a tire dealership and a bar owned by a black ex-firefighter.
-----------------------------------------------------------------------
7 days until the 244th anniversary of the Declaration of Independence

Hai!

>>> it might help to add your complaint via abuse@sendgrid.com.

>> I very much doubt it. Sendgrid's business is sending mail and they do not
>> care if that mail is spam or not. If enough servers block them they will go
>> away.
>
> They do, however, apparently care about phishing - they did disable the
> sendgrid redirect that some phisher has been spamming at me for the last
> three weeks.

They definately do. I report to them and they do take them down pretty
quickly.

Inside SURBL we do list the abused CT links. Unfortunately SA doesnt make
use of the wildcarded list that SURBL delivers for a long time now.

So if you want to use it add:

util_rb_3tld ct.sendgrid.net

Inside your loca.cf

And while you are at it also add:

util_rb_2tld page.link

Bye, Raymond

>> They definately do. I report to them and they do take them down
pretty quickly.

Make sure you get paid for doing this every time. Because you are doing
the work that they should be doing.

Hello Marc,

>>> They definately do. I report to them and they do take them down
>>> pretty quickly.

> Make sure you get paid for doing this every time. Because you are doing
> the work that they should be doing.

I hear you. And dont worry about that ;)
I rather have a clean inbox and so do more people.

We report abuse to many organisations, including, but not limited to
company's like sendgrid.

Raymond Dijkxhoorn - SURBL

>On Tuesday, July 7, 2020, 11:24:10 AM GMT+2, Raymond Dijkxhoorn <raymond@prolocation.net> wrote:
>Hello Marc,
>I hear you. And dont worry about that ;) rather have a clean inbox and so do more people.

>We report abuse to many organisations, including, but not limited to company's like sendgrid.

>Raymond Dijkxhoorn - SURBL

We are so tired af reporting abuse with no answer at all, that we stopped reporting problems time ago.... :-(as Marc Roos has said... we are not paid for it !  
Ironically... we han run into problems a couple of times for reporting abuses... probable someone considering you are "suggesting" they are not doing their job...
If Sendgrid reacts to the reports, bravo for them!  

----
Pedro

Ha!

> >We report abuse to many organisations, including, but not limited to company's like sendgrid.

> We are so tired af reporting abuse with no answer at all, that we
> stopped reporting problems time ago.... :-( as Marc Roos has said...
> we are not paid for it !  

Understand completely.

> Ironically... we han run into problems a couple of times for reporting
> abuses... probable someone considering you are "suggesting" they are
> not doing their job...

I know at least sendgrid is very much aware of whats going on.

> If Sendgrid reacts to the reports, bravo for them!  

And again i can understand the sentiment. ... :-)

Bye, Raymond

> On Jul 7, 2020, at 3:16 AM, Raymond Dijkxhoorn <raymond@prolocation.net> wrote:
>
> Hai!
>
>>>> it might help to add your complaint via abuse@sendgrid.com.
>
>>> I very much doubt it. Sendgrid's business is sending mail and they do not care if that mail is spam or not. If enough servers block them they will go away.
>>
>> They do, however, apparently care about phishing - they did disable the sendgrid redirect that some phisher has been spamming at me for the last three weeks.
>
> They definately do. I report to them and they do take them down pretty quickly.
>
> Inside SURBL we do list the abused CT links. Unfortunately SA doesnt make use of the wildcarded list that SURBL delivers for a long time now.
>
> So if you want to use it add:
>
> util_rb_3tld ct.sendgrid.net
>
> Inside your loca.cf
>
> And while you are at it also add:
>
> util_rb_2tld page.link
>
> Bye, Raymond


Hmmm… not my experience.

I’ve been calling out phishing from the same (IP) address for 10 days without any apparent (observable) action from Sendgrid.

At this point I’m wondering if they have compromised relays.

-Philip

On 17 Aug 2020, at 11:25, Philip Prindeville <philipp_subx@redfish-solutions.com> wrote:
> I’ve been calling out phishing from the same (IP) address for 10 days without any apparent (observable) action from Sendgrid.

Not a shock; they simply do not care.

> At this point I’m wondering if they have compromised relays.

It seems to me like everything is working by design.

--
According to the philosopher Ly Tin Weedle, chaos is found in
greatest abundance wherever order is being sought. It always
defeats order, because it is better organized.

If they only have some IPs addresses instead of millions of them, for sure they would care!!!!!!!!!!!!!!

----Pedro.
>On Monday, August 17, 2020, 08:52:24 PM GMT+2, @lbutlr <kremels@kreme.com> wrote:

>On 17 Aug 2020, at 11:25, Philip Prindeville <philipp_subx@redfish-solutions.com> wrote:
> I’ve been calling out phishing from the same (IP) address for 10 days without any apparent (observable) action from Sendgrid.

>Not a shock; they simply do not care.
>> At this point I’m wondering if they have compromised relays.
>It seems to me like everything is working by design.