<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]--><style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:"` Segoe UI`";
panose-1:0 0 0 0 0 0 0 0 0 0;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
span.EmailStyle19
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:72.0pt 72.0pt 72.0pt 72.0pt;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-AU" link="blue" vlink="purple" style="word-wrap:break-word">
<div class="WordSection1">
<p class="MsoNormal"><span style="mso-fareast-language:EN-US">Or at the bare minimum, require a response. Just assuming the email went through and then blaming that for a pedo keeping their job for another year and a half is just bad on the officials side.
With scams increasing, measures need to be in place. Unfortunately, several agencies seem to think that you should just trust anything that comes from their address but that’s how we end up with email spoofing. The agencies need to ensure they have the right
setup in place to avoid ending up in spam and also ensure they are following up in some form, especially when its to do with child safety.<o:p></o:p></span></p>
<div>
<p class="MsoNormal"><span style="mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal">- Jeremy <b><i><span style="color:#548235"><o:p></o:p></span></i></b></p>
</div>
<p class="MsoNormal"><span style="mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0cm 0cm 0cm">
<p class="MsoNormal"><b><span lang="EN-US">From:</span></b><span lang="EN-US"> NANOG <nanog-bounces+jeremy=resolvergroup.com.au@nanog.org>
<b>On Behalf Of </b>Suresh Ramasubramanian<br>
<b>Sent:</b> Wednesday, 24 August 2022 12:52 PM<br>
<b>To:</b> Eric Tykwinski <eric-list@truenet.com><br>
<b>Cc:</b> nanog@nanog.org<br>
<b>Subject:</b> Re: email spam<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<table class="MsoNormalTable" border="0" cellspacing="0" cellpadding="0" align="left" width="100%" style="width:100.0%">
<tbody>
<tr>
<td style="background:#BEDCFF;padding:5.25pt 1.5pt 5.25pt 1.5pt"></td>
<td width="100%" style="width:100.0%;background:black;padding:5.25pt 3.75pt 5.25pt 11.25pt">
<div>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-element:frame;mso-element-frame-hspace:2.25pt;mso-element-wrap:around;mso-element-anchor-vertical:paragraph;mso-element-anchor-horizontal:column;mso-height-rule:exactly">
<b><span style="font-size:9.0pt;font-family:"` Segoe UI`",serif;color:white">[External Sender] Be cautious of any links or attachments within this email as it has come from an External Sender.</span></b><o:p></o:p></p>
</div>
</td>
</tr>
</tbody>
</table>
<div>
<div>
<div>
<p class="MsoNormal">100%. Also - there’s no way to offer a delivery sla for email. If you have something business critical, let alone anything that affects child safety, pick up a phone and call, or send an officer over to the school.<o:p></o:p></p>
</div>
</div>
<div id="ms-outlook-mobile-signature">
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">--srs<o:p></o:p></p>
</div>
</div>
</div>
<div class="MsoNormal" align="center" style="text-align:center">
<hr size="2" width="98%" align="center">
</div>
<div id="divRplyFwdMsg">
<p class="MsoNormal"><b><span style="color:black">From:</span></b><span style="color:black"> Eric Tykwinski <<a href="mailto:eric-list@truenet.com">eric-list@truenet.com</a>><br>
<b>Sent:</b> Wednesday, August 24, 2022 8:14:16 AM<br>
<b>To:</b> Suresh Ramasubramanian <<a href="mailto:ops.lists@gmail.com">ops.lists@gmail.com</a>><br>
<b>Cc:</b> <a href="mailto:nanog@nanog.org">nanog@nanog.org</a> <<a href="mailto:nanog@nanog.org">nanog@nanog.org</a>><br>
<b>Subject:</b> Re: email spam</span> <o:p></o:p></p>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
</div>
<p class="MsoNormal">Sorry about the bad examples, but I remember contacting both about issues with SPF multiple times. They both have seemed have to fixed things at least searching my logs for the last week. Most of my customers have had to whitelist them
though for past issues. It’s also <a href="http://ezpassnj.com">ezpassnj.com</a> for the NJ collection. Point still stands, assume incompetence over malice.
<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<div>
<div>
<p class="MsoNormal"><span style="color:black">Sincerely,<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span style="color:black"><o:p> </o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span style="color:black">Eric Tykwinski<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span style="color:black">TrueNet, Inc.<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span style="color:black">P: 610-429-8300<o:p></o:p></span></p>
</div>
</div>
</div>
<div>
<p class="MsoNormal"><br>
<br>
<o:p></o:p></p>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<div>
<p class="MsoNormal">On Aug 23, 2022, at 10:20 PM, Eric Tykwinski <<a href="mailto:eric-list@truenet.com">eric-list@truenet.com</a>> wrote:<o:p></o:p></p>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<div>
<div>
<p class="MsoNormal">Bill,<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<p class="MsoNormal">Not only that, did they even follow their own rules, I’ve been fighting with
<a href="http://septa.org/">septa.org</a>, the Pennsylvania train authority, and <a href="http://easypassnj.com/">
easypassnj.com</a>, the New Jersey transit toll collectors about invalid SPF records for years, and they literally don’t give a shit. If they say to put it in spam, well than that is their own fault.
<o:p></o:p></p>
<div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<div>
<div>
<p class="MsoNormal">Sincerely,<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">Eric Tykwinski<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">TrueNet, Inc.<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">P: 610-429-8300<o:p></o:p></p>
</div>
</div>
</div>
<div>
<p class="MsoNormal"><br>
<br>
<o:p></o:p></p>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<div>
<p class="MsoNormal">On Aug 23, 2022, at 10:00 PM, Suresh Ramasubramanian <<a href="mailto:ops.lists@gmail.com">ops.lists@gmail.com</a>> wrote:<o:p></o:p></p>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<div>
<div>
<div>
<div>
<div>
<p class="MsoNormal">Without saying why the mail was blocked (dumb content filter looking for porn? a spamhaus listing because the police server was hacked? something else?) that’s not going to help too much.<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">I’ve been spam filtering stuff at large providers since the late 90s and it never gets any easier to block 100% spam or let 100% legit mail through.<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">—srs<o:p></o:p></p>
</div>
</div>
</div>
<div id="x_ms-outlook-mobile-signature">
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">--srs<o:p></o:p></p>
</div>
</div>
</div>
<div class="MsoNormal" align="center" style="text-align:center">
<hr size="2" width="98%" align="center">
</div>
<div id="x_divRplyFwdMsg">
<p class="MsoNormal"><b>From:</b> NANOG <<a href="mailto:nanog-bounces+ops.lists=gmail.com@nanog.org">nanog-bounces+ops.lists=gmail.com@nanog.org</a>> on behalf of William Herrin <<a href="mailto:bill@herrin.us">bill@herrin.us</a>><br>
<b>Sent:</b> Wednesday, August 24, 2022 7:03:52 AM<br>
<b>To:</b> <a href="mailto:nanog@nanog.org">nanog@nanog.org</a> <<a href="mailto:nanog@nanog.org">nanog@nanog.org</a>><br>
<b>Subject:</b> email spam <o:p></o:p></p>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class="MsoNormal">Hello,<br>
<br>
To folks at places like Google and Godaddy which have gotten, shall we<br>
say, overzealous about preventing spam from entering their systems,<br>
consider the risk:<br>
<br>
<a href="https://www.washingtonpost.com/education/2022/08/23/fairfax-county-counselor-solicitation-minor/">https://www.washingtonpost.com/education/2022/08/23/fairfax-county-counselor-solicitation-minor/</a><br>
<br>
"Chesterfield County police said emails notifying Fairfax County<br>
Public Schools that an employee was arrested and charged with<br>
soliciting prostitution from a minor were not delivered to the school<br>
system."<br>
<br>
Long story short, the pedo kept his school job another year and a half.<br>
<br>
There was once a time when both the outbound emails and the bounce<br>
messages when they failed... worked. It was a spammy place but the<br>
important emails got through.<br>
<br>
Regards,<br>
Bill Herrin<o:p></o:p></p>
</div>
</div>
</div>
</div>
</blockquote>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
</div>
</div>
</div>
</blockquote>
</div>
<div>
<div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
</div>
</div>
</div>
</body>
</html>