Comments (19)
Office365, which is used for outlook.com and all private businesses that use Office365 business email has a page with links to their IPs here: https://docs.microsoft.com/en-us/microsoft-365/enterprise/urls-and-ip-address-ranges?view=o365-worldwide
The page has links to a json file that lists all IPs and their use cases (including non-mail sending IPs such as imap migration) as well as an RSS feed for automatic updates.
In my opinion Office365 is extra important to whitelist because they do not follow the resend policy in rfc5321. They attempt resends from a random different IP in their pool each time so mail is never delivered and after enough failures they will blacklist the receiving mail server from sending to Office365 domains.
from postwhite.
Thanks for the project!
I'd like to suggest fastmail.com
from postwhite.
Great tool. Thank you! Please consider allowing custom/local lists be put in a local conf file for options like simplify= and the *_hosts= to allow for easy updating of the main postwhite script. I have added to the *_hosts= lists so updates are difficult. Something like a postwhite.conf file would be very helpful so I could keep my local *_hosts= lists that would be appended to the default lists.
from postwhite.
Consider adding facebookmail.com to social_hosts= list.
from postwhite.
How about Yahoo (yahoo.com
)?
from postwhite.
Hi, @davidcarollo. I'd love to be able to include yahoo.com
- but check the first "Known Issue" in the README: https://github.com/stevejenkins/postwhite/blob/master/README.md :(
from postwhite.
Oops! Now that you mention it again I do recall reading that the other day. My bad.
from postwhite.
No biggie. I wish Yahoo! would get on the bandwagon. But their mailers have marched to the beat of their own drum for a long time now. :)
from postwhite.
Hi,been useing postwhite for a few day now thanks for the very useful project
Here's a few Suggestions
mailgun.com transactional email from rackspace
mailjet.com a other transactional email provider
github.com
from postwhite.
Thanks, @K2rool. I like those suggestions, and have added options for them to 1.22 (they are enabled by default).
from postwhite.
Hi, @6qw. I've added fastmail.com and it's now included as of v1.33. See commit 9a1ada3.
Thanks for the suggestion.
from postwhite.
Done and done! Please see new version. Thanks for the suggestion, @dajones70 :)
from postwhite.
How about Sparkpost and parent company Momentum/MessageSystems?
from postwhite.
comcast.net centurylink.net embarqmail.com rr.com to webmail_hosts
amazonses.com mxlogic.net messagelabs.com messagegears.net authsmtp.com to bulk_hosts
from postwhite.
Thanks for the suggestions, @dajones70!
Those bulk hosts all appear like good potential candidates, but I'm hesitant to include ISPs like Comcast, CenturyLink, and RoadRunner since they are much more than simple webmail hosts. Those residential networks are teaming with botspam from soccer moms' computers who downloaded some toolbar or app or cute game. Postwhite doesn't create a whitelist for Postfix, just for Postscreen. And since the primary purpose of Postscreen is to be a quick frontline defense against botspam, I feel like forcing everyone who uses Postwhite to skip Postscreen analysis of connections from botspam-heavy networks is a bit too aggressive for the average Postfix admin. As far as I know, the webmail hosts you suggested don't do outbound screening for botspam. The "mega" webmail hosts like Google, Yahoo, and Microsoft do.
The ability to easily include custom hosts is there for users like you who are comfortable with more aggressive whitelisting.
Again, thank you for the suggestions. I'll take a closer look at those bulk hosts to make sure, but at first glance I don't see anything wrong with including them. :)
from postwhite.
Biggest RU-Net bulk mailers:
mail.ru yandex.ru qip.ru rambler.ru
from postwhite.
I'd suggest Steam:
smtp-62.steampowered.com[208.64.202.62] and various others, apparently all in 208.64.202.0/24
I know of at least:
smtp-59.steampowered.com 208.64.202.59
smtp-62.steampowered.com 208.64.202.62
smtp-01-tuk1.steampowered.com 208.64.202.37
smtp-02-tuk1.steampowered.com 208.64.202.47
from postwhite.
https://dmarcian.com/spf-survey/?domain=yahoo.com sadly no ips at all is valid
https://dmarcian.com/spf-survey/?domain=gmail.com do we trust to many ips ? :/
i use sqlgrey with 3600 sec delay time, but not for known maillists that is not spaming ips, is postwhite possible to make sqlgrey local skip files ? eq no greylist for known maillists, postfix maillist have no spf, just to be fun :=)
from postwhite.
Tutanota should be added if it wasn't.
Domain list:
w1.tutanota.de - v=spf1 ip4:81.3.6.160/28 -all
w2.tutanota.de - v=spf1 ip4:81.3.6.160/28 -all
w3.tutanota.de - v=spf1 ip4:81.3.6.160/28 -all
w4.tutanota.de - v=spf1 ip4:81.3.6.160/28 -all
Generally, should I write a PR to the postwhite
script, patching the webmail_hosts
section for this to work?
from postwhite.
Related Issues (20)
- function normalize_ipv4 needs fixing with updated despf.sh HOT 2
- Move configuration options and custom hosts to external configuration file.
- Postwhite silently crashes on some custom hosts HOT 8
- Not creating /etc/postfix/postscreen_spf_whitelist.cidr automatically HOT 3
- /32 are removed as invalid HOT 3
- dash doesn't like the yahoo page HOT 4
- /usr/local/bin/spf-tools/despf.sh: Zeile 27: type: host: Not found.. HOT 2
- Distingush language elements by Capitals HOT 2
- Add Wildcard subdomain to custom_hosts field HOT 2
- facebook spf hosts not added to whitelist HOT 1
- Non-null host-address bits HOT 5
- Suggest you use iprange to consolidate and reduce CIDR's
- spf with more then 256 ips HOT 2
- Weird IP addresses in yahoo_static_hosts.txt
- Yahoo! IP address page no longer available HOT 4
- ovh.net
- New URL for Yahoo HOT 6
- Manually allowing some IPs HOT 1
- Better bash scripting HOT 1
- Error Handling with microsoft.com as example HOT 11
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from postwhite.