Might seem like small potatoes given that we're still dealing with a coup from an unelected billionaire, but we do what we can, right?
-
wrote last edited by [email protected]
Might seem like small potatoes given that we're still dealing with a coup from an unelected billionaire, but we do what we can, right? This story from Nextgov caught my eye, because it points out that OPM didn't have the capability to send millions of emails to govt employees at the scale they did recently offering widespread buyouts.
"A lawsuit filed by unnamed federal employees in Washington, D.C. on Monday alleges that OPM violated the E-Government Act of 2002 by failing to conduct and publish required Privacy Impact Assessments before deploying the new email arrangement to collect the responses from government employees."
"Just days before President Donald Trump’s inauguration, OPM did not have the capability to send a mass email of that scale, according to a person familiar with the matter. To send mass emails, the agency had used govDelivery, a cloud communications service provided by public sector IT company Granicus, a different person familiar said."
"The govDelivery contract had restrictions on the volume of emails available to send without incurring added costs, and the agency would not have been able to reach 2.3 million people, the approximate number of all civilian federal employees, the second person added. Both people were granted anonymity to be candid about the sensitive nature of OPM’s email policies."
OPM’s new email system sparks questions about cyber compliance
Until very recently, the Office of Personnel Management lacked the capability to send mass emails to all federal employees, a person familiar said, fuel...
Nextgov.com (www.nextgov.com)
I had a look at the DNS records for opm.gov and I can't recall ever seeing a TXT record as verbose as this. It includes a large number of network blocks, and references the domain myemma.com as allowed to send email.
Myemma is an email marketing company, which in turn is run by a Nashville, TN company called Marigold.
Learn More About Our Service Agreement | Marigold
Secure the best services agreement with Meet Marigold. Our team of experts helps you select the agreement that meets your needs.
Marigold (meetmarigold.com)
It also includes Salesforce and the education technology company Leepfrog.
Here is the full TXT record, for posterity:
opm.gov
TXT
"MS=ms15252846"
"MS=ms35255137"
"tbcd7kxrzkw9py7sh6kksn5zfs19l4sy"
"miro-verification=20a9378d17adc5ca3…
9d6221caf668c258d0f7e5b"
"ms-domain-verification=9d72a4cb-
d7c8-4d15-baf9-7f5d507e2972"
"ms-domain-verification=e38d1b0f-
60ce-46ad-a462-c89c61cfe55a"
"7axh6RhNhWWjGH/6UD54HHrA3x0tNqHi2MG…
EN6MM/dyqbLwZqEnDkW+RndcBz2grhSSLNJ9…
qRSBXZxnUG96VWA=="
"v=spf1 ip4:205.131.184.50/32 ip4:
205.131.184.51/32 ip4:205.131.177.
50/32 ip4:205.131.177.151/32 ip4:
205.131.184.52/32 ip4:205.131.177.
152/32 ip4:205.131.184.125/32 "
"ip4:205.131.184.126/32 ip4:205.
131.177.125/32 ip4:205.131.177.
126/32 ip4:73.23.28.0/24 ip4:208.
76.128.0/21 ip4:66.159.72.186/32
ip4:216.230.115.73/32 ip4:216.52.
6.89/32 " "ip4:216.230.115.69/24
ip4:66.169.72.166/24 ip4:216.230.
114.66/24 ip4:216.230.101.69/24
ip4:66.169.72.176/32 ip4:173.201.
193.170/24 ip4:107.20.210.250/32
ip4:52.1.14.157/32 " "ip4:52.6.
44.126/32 ip4:52.207.153.36/32
ip4:65.196.93.7/32 ip4:96.43.152.
64/28 ip4:96.43.152.80/32 " "ip4:
149.19.38.227/32 " "ip4:149.19.
37.167 ip4:149.19.38.138 ip4:149.
19.37.159 ip4:149.19.37.32 ip4:
149.19.37.73 ip4:149.19.37.55 "
"ip4:163.120.86.44 ip4:163.120.
86.62 ip4:149.19.37.109 ip4:149.
19.37.33 ip4:149.19.37.49 ip4:149.
19.37.86 ip4:163.120.86.56 ip4:
163.120.84.26 ip4:149.19.38.45
" "ip4:163.120.84.80 ip4:149.19.
38.69 ip4:149.19.38.87 ip4:149.
19.38.105 ip4:163.120.84.62 ip4:
163.120.84.37 ip4:149.19.38.63
ip4:163.120.84.20 " "ip4:52.61.
131.175/32 ip4:52.61.131.176/28
ip4:52.61.135.175/32 ip4:52.61.
135.176/28 ip4:34.206.132.87/32
ip4:18.233.74.128/32 include:spf.protection.outlook.com" " a:usalearn…ing.net mx:usalearning.net include:e2ma.net exists:%{i}._spf.mta.salesf…orce.com include:leepfrog.com -
all" opm.govThis TXT record was entered at 11:57 am on Jan. 29 [I believe this record is UTC]
[edited to add effective date at bottom]
-
J [email protected] shared this topic
-
Might seem like small potatoes given that we're still dealing with a coup from an unelected billionaire, but we do what we can, right? This story from Nextgov caught my eye, because it points out that OPM didn't have the capability to send millions of emails to govt employees at the scale they did recently offering widespread buyouts.
"A lawsuit filed by unnamed federal employees in Washington, D.C. on Monday alleges that OPM violated the E-Government Act of 2002 by failing to conduct and publish required Privacy Impact Assessments before deploying the new email arrangement to collect the responses from government employees."
"Just days before President Donald Trump’s inauguration, OPM did not have the capability to send a mass email of that scale, according to a person familiar with the matter. To send mass emails, the agency had used govDelivery, a cloud communications service provided by public sector IT company Granicus, a different person familiar said."
"The govDelivery contract had restrictions on the volume of emails available to send without incurring added costs, and the agency would not have been able to reach 2.3 million people, the approximate number of all civilian federal employees, the second person added. Both people were granted anonymity to be candid about the sensitive nature of OPM’s email policies."
OPM’s new email system sparks questions about cyber compliance
Until very recently, the Office of Personnel Management lacked the capability to send mass emails to all federal employees, a person familiar said, fuel...
Nextgov.com (www.nextgov.com)
I had a look at the DNS records for opm.gov and I can't recall ever seeing a TXT record as verbose as this. It includes a large number of network blocks, and references the domain myemma.com as allowed to send email.
Myemma is an email marketing company, which in turn is run by a Nashville, TN company called Marigold.
Learn More About Our Service Agreement | Marigold
Secure the best services agreement with Meet Marigold. Our team of experts helps you select the agreement that meets your needs.
Marigold (meetmarigold.com)
It also includes Salesforce and the education technology company Leepfrog.
Here is the full TXT record, for posterity:
opm.gov
TXT
"MS=ms15252846"
"MS=ms35255137"
"tbcd7kxrzkw9py7sh6kksn5zfs19l4sy"
"miro-verification=20a9378d17adc5ca3…
9d6221caf668c258d0f7e5b"
"ms-domain-verification=9d72a4cb-
d7c8-4d15-baf9-7f5d507e2972"
"ms-domain-verification=e38d1b0f-
60ce-46ad-a462-c89c61cfe55a"
"7axh6RhNhWWjGH/6UD54HHrA3x0tNqHi2MG…
EN6MM/dyqbLwZqEnDkW+RndcBz2grhSSLNJ9…
qRSBXZxnUG96VWA=="
"v=spf1 ip4:205.131.184.50/32 ip4:
205.131.184.51/32 ip4:205.131.177.
50/32 ip4:205.131.177.151/32 ip4:
205.131.184.52/32 ip4:205.131.177.
152/32 ip4:205.131.184.125/32 "
"ip4:205.131.184.126/32 ip4:205.
131.177.125/32 ip4:205.131.177.
126/32 ip4:73.23.28.0/24 ip4:208.
76.128.0/21 ip4:66.159.72.186/32
ip4:216.230.115.73/32 ip4:216.52.
6.89/32 " "ip4:216.230.115.69/24
ip4:66.169.72.166/24 ip4:216.230.
114.66/24 ip4:216.230.101.69/24
ip4:66.169.72.176/32 ip4:173.201.
193.170/24 ip4:107.20.210.250/32
ip4:52.1.14.157/32 " "ip4:52.6.
44.126/32 ip4:52.207.153.36/32
ip4:65.196.93.7/32 ip4:96.43.152.
64/28 ip4:96.43.152.80/32 " "ip4:
149.19.38.227/32 " "ip4:149.19.
37.167 ip4:149.19.38.138 ip4:149.
19.37.159 ip4:149.19.37.32 ip4:
149.19.37.73 ip4:149.19.37.55 "
"ip4:163.120.86.44 ip4:163.120.
86.62 ip4:149.19.37.109 ip4:149.
19.37.33 ip4:149.19.37.49 ip4:149.
19.37.86 ip4:163.120.86.56 ip4:
163.120.84.26 ip4:149.19.38.45
" "ip4:163.120.84.80 ip4:149.19.
38.69 ip4:149.19.38.87 ip4:149.
19.38.105 ip4:163.120.84.62 ip4:
163.120.84.37 ip4:149.19.38.63
ip4:163.120.84.20 " "ip4:52.61.
131.175/32 ip4:52.61.131.176/28
ip4:52.61.135.175/32 ip4:52.61.
135.176/28 ip4:34.206.132.87/32
ip4:18.233.74.128/32 include:spf.protection.outlook.com" " a:usalearn…ing.net mx:usalearning.net include:e2ma.net exists:%{i}._spf.mta.salesf…orce.com include:leepfrog.com -
all" opm.govThis TXT record was entered at 11:57 am on Jan. 29 [I believe this record is UTC]
[edited to add effective date at bottom]
@briankrebs ohh... wooow..
-
Might seem like small potatoes given that we're still dealing with a coup from an unelected billionaire, but we do what we can, right? This story from Nextgov caught my eye, because it points out that OPM didn't have the capability to send millions of emails to govt employees at the scale they did recently offering widespread buyouts.
"A lawsuit filed by unnamed federal employees in Washington, D.C. on Monday alleges that OPM violated the E-Government Act of 2002 by failing to conduct and publish required Privacy Impact Assessments before deploying the new email arrangement to collect the responses from government employees."
"Just days before President Donald Trump’s inauguration, OPM did not have the capability to send a mass email of that scale, according to a person familiar with the matter. To send mass emails, the agency had used govDelivery, a cloud communications service provided by public sector IT company Granicus, a different person familiar said."
"The govDelivery contract had restrictions on the volume of emails available to send without incurring added costs, and the agency would not have been able to reach 2.3 million people, the approximate number of all civilian federal employees, the second person added. Both people were granted anonymity to be candid about the sensitive nature of OPM’s email policies."
OPM’s new email system sparks questions about cyber compliance
Until very recently, the Office of Personnel Management lacked the capability to send mass emails to all federal employees, a person familiar said, fuel...
Nextgov.com (www.nextgov.com)
I had a look at the DNS records for opm.gov and I can't recall ever seeing a TXT record as verbose as this. It includes a large number of network blocks, and references the domain myemma.com as allowed to send email.
Myemma is an email marketing company, which in turn is run by a Nashville, TN company called Marigold.
Learn More About Our Service Agreement | Marigold
Secure the best services agreement with Meet Marigold. Our team of experts helps you select the agreement that meets your needs.
Marigold (meetmarigold.com)
It also includes Salesforce and the education technology company Leepfrog.
Here is the full TXT record, for posterity:
opm.gov
TXT
"MS=ms15252846"
"MS=ms35255137"
"tbcd7kxrzkw9py7sh6kksn5zfs19l4sy"
"miro-verification=20a9378d17adc5ca3…
9d6221caf668c258d0f7e5b"
"ms-domain-verification=9d72a4cb-
d7c8-4d15-baf9-7f5d507e2972"
"ms-domain-verification=e38d1b0f-
60ce-46ad-a462-c89c61cfe55a"
"7axh6RhNhWWjGH/6UD54HHrA3x0tNqHi2MG…
EN6MM/dyqbLwZqEnDkW+RndcBz2grhSSLNJ9…
qRSBXZxnUG96VWA=="
"v=spf1 ip4:205.131.184.50/32 ip4:
205.131.184.51/32 ip4:205.131.177.
50/32 ip4:205.131.177.151/32 ip4:
205.131.184.52/32 ip4:205.131.177.
152/32 ip4:205.131.184.125/32 "
"ip4:205.131.184.126/32 ip4:205.
131.177.125/32 ip4:205.131.177.
126/32 ip4:73.23.28.0/24 ip4:208.
76.128.0/21 ip4:66.159.72.186/32
ip4:216.230.115.73/32 ip4:216.52.
6.89/32 " "ip4:216.230.115.69/24
ip4:66.169.72.166/24 ip4:216.230.
114.66/24 ip4:216.230.101.69/24
ip4:66.169.72.176/32 ip4:173.201.
193.170/24 ip4:107.20.210.250/32
ip4:52.1.14.157/32 " "ip4:52.6.
44.126/32 ip4:52.207.153.36/32
ip4:65.196.93.7/32 ip4:96.43.152.
64/28 ip4:96.43.152.80/32 " "ip4:
149.19.38.227/32 " "ip4:149.19.
37.167 ip4:149.19.38.138 ip4:149.
19.37.159 ip4:149.19.37.32 ip4:
149.19.37.73 ip4:149.19.37.55 "
"ip4:163.120.86.44 ip4:163.120.
86.62 ip4:149.19.37.109 ip4:149.
19.37.33 ip4:149.19.37.49 ip4:149.
19.37.86 ip4:163.120.86.56 ip4:
163.120.84.26 ip4:149.19.38.45
" "ip4:163.120.84.80 ip4:149.19.
38.69 ip4:149.19.38.87 ip4:149.
19.38.105 ip4:163.120.84.62 ip4:
163.120.84.37 ip4:149.19.38.63
ip4:163.120.84.20 " "ip4:52.61.
131.175/32 ip4:52.61.131.176/28
ip4:52.61.135.175/32 ip4:52.61.
135.176/28 ip4:34.206.132.87/32
ip4:18.233.74.128/32 include:spf.protection.outlook.com" " a:usalearn…ing.net mx:usalearning.net include:e2ma.net exists:%{i}._spf.mta.salesf…orce.com include:leepfrog.com -
all" opm.govThis TXT record was entered at 11:57 am on Jan. 29 [I believe this record is UTC]
[edited to add effective date at bottom]
I contacted Marigold to find out if they had any arrangement to send email for OPM or if they had sent the "fork" campaign emails offering buyouts. Their CIO declined to confirm or deny it.
"Unfortunately we are not able to provide any information to confirm or deny whether any specific entity is a current or former customer of the Marigold family of products, or whether a specific email was sent from our services."
-
I contacted Marigold to find out if they had any arrangement to send email for OPM or if they had sent the "fork" campaign emails offering buyouts. Their CIO declined to confirm or deny it.
"Unfortunately we are not able to provide any information to confirm or deny whether any specific entity is a current or former customer of the Marigold family of products, or whether a specific email was sent from our services."
@briankrebs right…….
-
I contacted Marigold to find out if they had any arrangement to send email for OPM or if they had sent the "fork" campaign emails offering buyouts. Their CIO declined to confirm or deny it.
"Unfortunately we are not able to provide any information to confirm or deny whether any specific entity is a current or former customer of the Marigold family of products, or whether a specific email was sent from our services."
wrote last edited by [email protected]@briankrebs did anybody get one they would like to forward so we can look at the headers?
-
Might seem like small potatoes given that we're still dealing with a coup from an unelected billionaire, but we do what we can, right? This story from Nextgov caught my eye, because it points out that OPM didn't have the capability to send millions of emails to govt employees at the scale they did recently offering widespread buyouts.
"A lawsuit filed by unnamed federal employees in Washington, D.C. on Monday alleges that OPM violated the E-Government Act of 2002 by failing to conduct and publish required Privacy Impact Assessments before deploying the new email arrangement to collect the responses from government employees."
"Just days before President Donald Trump’s inauguration, OPM did not have the capability to send a mass email of that scale, according to a person familiar with the matter. To send mass emails, the agency had used govDelivery, a cloud communications service provided by public sector IT company Granicus, a different person familiar said."
"The govDelivery contract had restrictions on the volume of emails available to send without incurring added costs, and the agency would not have been able to reach 2.3 million people, the approximate number of all civilian federal employees, the second person added. Both people were granted anonymity to be candid about the sensitive nature of OPM’s email policies."
OPM’s new email system sparks questions about cyber compliance
Until very recently, the Office of Personnel Management lacked the capability to send mass emails to all federal employees, a person familiar said, fuel...
Nextgov.com (www.nextgov.com)
I had a look at the DNS records for opm.gov and I can't recall ever seeing a TXT record as verbose as this. It includes a large number of network blocks, and references the domain myemma.com as allowed to send email.
Myemma is an email marketing company, which in turn is run by a Nashville, TN company called Marigold.
Learn More About Our Service Agreement | Marigold
Secure the best services agreement with Meet Marigold. Our team of experts helps you select the agreement that meets your needs.
Marigold (meetmarigold.com)
It also includes Salesforce and the education technology company Leepfrog.
Here is the full TXT record, for posterity:
opm.gov
TXT
"MS=ms15252846"
"MS=ms35255137"
"tbcd7kxrzkw9py7sh6kksn5zfs19l4sy"
"miro-verification=20a9378d17adc5ca3…
9d6221caf668c258d0f7e5b"
"ms-domain-verification=9d72a4cb-
d7c8-4d15-baf9-7f5d507e2972"
"ms-domain-verification=e38d1b0f-
60ce-46ad-a462-c89c61cfe55a"
"7axh6RhNhWWjGH/6UD54HHrA3x0tNqHi2MG…
EN6MM/dyqbLwZqEnDkW+RndcBz2grhSSLNJ9…
qRSBXZxnUG96VWA=="
"v=spf1 ip4:205.131.184.50/32 ip4:
205.131.184.51/32 ip4:205.131.177.
50/32 ip4:205.131.177.151/32 ip4:
205.131.184.52/32 ip4:205.131.177.
152/32 ip4:205.131.184.125/32 "
"ip4:205.131.184.126/32 ip4:205.
131.177.125/32 ip4:205.131.177.
126/32 ip4:73.23.28.0/24 ip4:208.
76.128.0/21 ip4:66.159.72.186/32
ip4:216.230.115.73/32 ip4:216.52.
6.89/32 " "ip4:216.230.115.69/24
ip4:66.169.72.166/24 ip4:216.230.
114.66/24 ip4:216.230.101.69/24
ip4:66.169.72.176/32 ip4:173.201.
193.170/24 ip4:107.20.210.250/32
ip4:52.1.14.157/32 " "ip4:52.6.
44.126/32 ip4:52.207.153.36/32
ip4:65.196.93.7/32 ip4:96.43.152.
64/28 ip4:96.43.152.80/32 " "ip4:
149.19.38.227/32 " "ip4:149.19.
37.167 ip4:149.19.38.138 ip4:149.
19.37.159 ip4:149.19.37.32 ip4:
149.19.37.73 ip4:149.19.37.55 "
"ip4:163.120.86.44 ip4:163.120.
86.62 ip4:149.19.37.109 ip4:149.
19.37.33 ip4:149.19.37.49 ip4:149.
19.37.86 ip4:163.120.86.56 ip4:
163.120.84.26 ip4:149.19.38.45
" "ip4:163.120.84.80 ip4:149.19.
38.69 ip4:149.19.38.87 ip4:149.
19.38.105 ip4:163.120.84.62 ip4:
163.120.84.37 ip4:149.19.38.63
ip4:163.120.84.20 " "ip4:52.61.
131.175/32 ip4:52.61.131.176/28
ip4:52.61.135.175/32 ip4:52.61.
135.176/28 ip4:34.206.132.87/32
ip4:18.233.74.128/32 include:spf.protection.outlook.com" " a:usalearn…ing.net mx:usalearning.net include:e2ma.net exists:%{i}._spf.mta.salesf…orce.com include:leepfrog.com -
all" opm.govThis TXT record was entered at 11:57 am on Jan. 29 [I believe this record is UTC]
[edited to add effective date at bottom]
@briankrebs absolutely nobody should look closer at those IPs to see what other slapdash shit those servers are running.
