I have found mine does whatever it wants.  Does not always update, i cant always mark all as read... Mind of its own.

Sat Jan 16 2021 11:53:50 EST from sethmhur

is there anyway to tell thunderbird how many messages to download
instead of downloading all of them?

Hi everyone.

I have this error on port 25, on my RaspberryPi.

Unable to connect to the remote host:connection refused.

And the netstat -ntlp | grep 25 shows me this:

tcp 0  127.0.0.1:25   0.0.0.0:*   LISTEN 369/msmtpd

Any chance of making it listen on all interfaces? how exacty should I do that? Thanks in advance....

A real annoyance and "crime against decent puter users" is when a domain is blacklisted, and then you buy it, not knowing this.  But it's YOUR goddam problem now.  YOU did all those nasty things you spamming bastard.  And applying to get your name "cleared" is a government-like process similar to medieval torture.  It's not gonna happen, and is it even worth it?

I learned a lot about these shoddy "systems" while setting up Citadel.  Some domains were clean, others so dirty google wouldn't even put them in YOUR spam folder.  Like they never existed.  [Censorship?  Don't get me started.]  But I could see them on Thunderbird with my other mail server.  Naturally, I despise spam and mailing lists of any kind and wish them the worst.  But pointing the finger at someone "new" for someone else's bs is such shite.

That's all, I hope I posted in the right forum  :)

Here recently my domain got spoofed for a bit. ( long story. My hosting provider didnt lock things down by default, and i didnt know i had to look into all that stuff myself until it was too late.  Why it took them decades to find me, i donno )   I'm not 100% blacklisted but there are places i can no longer send mail to.   

I have had the domain since you could first register non-governmental names and *had* to deal with 'netsol' to do it. ( and back in the early 90s, god help you if you lost access to email due to being a dumbass and wanted to transfer the domain away to a provider instead of self-host.. another long story. about lost the name  )

Entire thing pisses me off

I took me several attempts to get stuff working right ( with my hosting people i dont know the buttons they pushed )

Fri Dec 10 2021 04:21:04 PM EST from IGnatius T Foobar Subject: Re: Spamhaus and domain registrars molest you right from the start ..

After setting up a DMARC record I am beginning to receive reports, but I'm not 100% sure how to read them. If I am reading them correctly, there may actually be spammer scum out in the wild spoofing my domain.

At least its a step in the right direction. 

So i know its basic, but never did understand why it worked.

I have hosted mail. I no longer self host, so its on a remote server, not even on my network. it has all the normal protections : Not a relay SPF, bla bla bla.   Run an online test and other than some initial connect speed it passes all checks.

So at home i have several devices. One of them is a PVE server. It will send email notices.  It has no local SMTP server. It has no login credentials to my mail server. Yet it can send mail to it..  

I understand its spoofing an account on my domain to send to an account on my domain ( its self.  ) but why does that still work, with all the protections from above active? Sure, it does not 'hurt' but it is an open door, of sorts, that could be used to spam the hell out of me..

Nope its not even a true login. its just a valid email.  i have it setup to forward several email addresses to my real one. But they dont have actual logins. ( common ones like sales, admin, etc ). PVE also does not ask for email login info, or even server, just asks for the admin email to send notices to.

I guess i can call the hosting service later this week as its not an 'emergency'. it passed all the 'checks' i ran. so i would have assumed this wasn't possible either.

Mon Oct 02 2023 13:07:03 EDT from IGnatius T Foobar

If it accepts that, your email server is not configured properly. Otherwise some spammer can come along and just send zillions of messages pretending to be you.

Are you sure you didn't perhaps give your username and password to PVE while configuring the mail server? Then it would log in.

for what its worth this is what i was using to test.  That its not a 'true' open proxy again, i wont panic but ill will get a hold of them later.

https://mxtoolbox.com/diagnostic.aspx

Right, but i thought with all the stuff they had in place, that would have stopped this too. Its not a HUGE risk since they cant use me as a relay, but i will take some time to close that hole too. Of course if one day i get flooded, that goes on the top of my to-do list..

Wed Oct 18 2023 16:46:39 EDT from darknetuser

That is pretty standard.

Lots of email service appliances don't get pesky about the origin of emails and just process anything they get sent to port 25.

If you are concerned about spoofing you set some DMARC policy. THat is what it is for.

Your PVE is not loging to your mail server or anything. It is just sending a regular email with the integrated postfix if ships with. What your remote email service sees is an email comming from another server addressed to an account the remote server controls.

SPF is supposedly setup. Cant say about DMARC, not a mail expert, but i had the hosting people do stuff for me. Hey, i pay my bill, they can help :)

not naming names, but they are a large provider, been around 20 years.  I moved to them around 15 years ago, if i remember right. 

Wed Oct 18 2023 19:23:51 EDT from darknetuser

Maybe send an email from your hosted email to a main tester and check the headers to learn which stack they are running.

Most modern stacks will respect DMARC, so if you don't want to be flooded by email falselly sent from your domain, just add SPF and DMARC entries to your DNS and you will slash most spoofing down.

If you fear being flooded by random flooders, then I hope your mail host has the usual countermeasures (blacklists, greylisting and the like)