Re: [Mailman-Users] OSError: [Errno 13] Permission denied /var/lib/mailman/archives/private/list/attachments: No such file or directory
On Wed, May 9, 2012 at 12:17 AM, Mark Sapiro m...@msapiro.net wrote: On 5/8/2012 8:22 PM, David wrote: On Tue, May 8, 2012 at 9:34 PM, Mark Sapiro m...@msapiro.net mailto:m...@msapiro.net wrote: What about newly archived messages. Presumably, those are not owned by www-data. can you access them? They are owned by www-data and I can access them. The reason they are owned by www-data is because of the directory permissions the bin/check_perms -f command created: drwxrwsr-x 2 www-data list 4096 May 8 22:42 . The group s permission, which the check_perms script set, does the following: If the SGID (Set Group Identification) attribute is set on a directory, files created in that directory inherit its group ownership. Yes, and what that means is that created subordinate directories will be group 'list' and SETGID, and created subordinated files will be group 'list' But, the owner, not the group, will be the id of the user that created them which for archived files will normally be 'list' not 'www-data' because the files are created by ArchRunner, not by the web server. So, back to my original questions. What is the ownership of files archived after you ran your 'chown -R', and can you access them, and what were the ownership and permissions of some example archived messages and their containing directories before you changed them? -- Yes, I can access all the archived messages now, as expected. You are right about the ownership. In checking again, I can access files from the listing below regardless of whether the owner is www-data or list. I did not change any permissions directly. I ran the check_perms script. It fixed over 200 items, but but would not fix 12 items. Re-running it several times would not fix those remaining items (I assume because they were all symlinks). So I fixed the symlinks manually, such as: chgrp -h list /var/lib/mailman/templates After fixing the remaining group ownerships in this way, I ran check_perms again and it reported no problems. But then I was unable to access the public archices. That's when I changed ownership with: chown -R www-data /var/lib/mailman/archives/private As soon as I ran that command, I was able to access the archives again. I can't say absolutely what the group ownership was prior to that, but I think the owner was list and group was list, judging from the directory listing below. root@localhost:/var/lib/mailman/archives/private# ls -la list/2012-May total 432 drwxrwsr-x 2 www-data list 4096 May 8 22:42 . drwxrwsr-x 5 www-data list 4096 May 8 03:27 .. -rw-rw-r-- 1 www-data list 11654 May 7 22:22 00.html -rw-rw-r-- 1 www-data list 8492 May 8 02:18 01.html -rw-rw-r-- 1 www-data list 14475 May 8 18:54 02.html -rw-rw-r-- 1 www-data list 2865 May 8 18:54 03.html -rw-rw-r-- 1 www-data list 3390 May 8 18:54 04.html -rw-rw-r-- 1 www-data list 4521 May 8 18:54 05.html -rw-rw-r-- 1 www-data list 3790 May 8 02:18 06.html -rw-rw-r-- 1 www-data list 11299 May 8 18:54 07.html -rw-rw-r-- 1 www-data list 4833 May 8 02:18 08.html -rw-rw-r-- 1 www-data list 3134 May 8 18:54 09.html -rw-rw-r-- 1 www-data list 5923 May 8 18:54 10.html -rw-rw-r-- 1 www-data list 8348 May 8 02:18 11.html -rw-rw-r-- 1 www-data list 3847 May 8 18:54 12.html -rw-rw-r-- 1 www-data list 20422 May 8 18:54 13.html -rw-rw-r-- 1 www-data list 3687 May 8 18:54 14.html -rw-rw-r-- 1 www-data list 5147 May 8 18:54 15.html -rw-rw-r-- 1 www-data list 4133 May 8 18:54 16.html -rw-rw-r-- 1 www-data list 6029 May 8 18:54 17.html -rw-rw-r-- 1 www-data list 5171 May 8 18:54 18.html -rw-rw-r-- 1 www-data list 3434 May 8 18:54 19.html -rw-rw-r-- 1 www-data list 5875 May 8 18:54 20.html -rw-rw-r-- 1 www-data list 3533 May 8 18:54 21.html -rw-rw-r-- 1 www-data list 3996 May 8 18:54 22.html -rw-rw-r-- 1 www-data list 7329 May 8 18:54 23.html -rw-rw-r-- 1 www-data list 4985 May 8 18:54 24.html -rw-rw-r-- 1 www-data list 5136 May 8 18:54 25.html -rw-rw-r-- 1 www-data list 7115 May 8 18:54 26.html -rw-rw-r-- 1 www-data list 6618 May 8 18:54 27.html -rw-rw-r-- 1 www-data list 3929 May 8 18:54 28.html -rw-rw-r-- 1 www-data list May 8 19:43 29.html -rw-rw-r-- 1 www-data list 4049 May 8 18:54 30.html -rw-rw-r-- 1 www-data list 4980 May 8 19:42 31.html -rw-rw-r-- 1 www-data list 5532 May 8 18:54 32.html -rw-rw-r-- 1 list list 3202 May 8 18:54 33.html -rw-rw-r-- 1 list list 3471 May 8 18:54 34.html -rw-rw-r-- 1 list list 4488 May 8 18:54 35.html -rw-rw-r-- 1 list list 4294 May 8 18:54 36.html -rw-rw-r-- 1 list list 5253 May 8 19:42 37.html -rw-rw-r-- 1 list list 4388 May 8 20:50 38.html -rw-rw-r-- 1 list list 3992 May 8 22:42 39.html -rw-rw-r-- 1 list list 8728 May 8
Re: [Mailman-Users] Help with Bounce Processing
Hello, Yes, I meant 2.1.5 -- thank you. This is the additional information: mail...@list.informs.org 5/7/2012 9:58 AM This is a Mailman mailing list bounce action notice: List: Listname Member: email address Action: Subscription disabled. Reason: Excessive or fatal bounces. The triggering bounce notice is attached below. Questions? Contact the Mailman site administrator at mail...@list.informs.org. Received: from [64.56.46.224] (localhost [127.0.0.1]) by mail.informs.org (8.13.1/8.13.1) with ESMTP id q47Dm58n027853; Mon, 7 May 2012 09:50:13 -0400 X-SenderID: Sendmail Sender-ID Filter v0.2.14 mail.informs.org q47Dm58n027853 Authentication-Results: mail.informs.org sender=transci-logistics-society-boun...@list.informs.org; sender-id=neutral; spf=neutral X-DKIM: Sendmail DKIM Filter v2.2.1 mail.informs.org q47Dm58n027853 DKIM-Signature: v=1; a=rsa-sha1; c=simple/simple; d=informs.org; s=iol-mail; t=1336398721; bh=nBoB7gLpyON0aTfYk/86AG+8qdc=; h=Authentication-Results:Authentication-Results:From:To:Date: Message-ID:Accept-Language:acceptlanguage:Subject:Sender; b=DDR/BS 5R1Rg1ZFSefHd9sxFAzBL//DzEFLlSzj8ugS0fU0YaIJBnBo9/0tKK8eAKthApq60EL NAV4j5wAFhn+5wnJcTRvqfRCsGH4i0ZGjFK3E4cFNFQeylcGs3po6mK4o7ChJn+L9Rq UqaqYnbP8XM+y7nNLIv53AphKDs0QVU= Received: from mail.informs.org (localhost [127.0.0.1]) by mail.informs.org (8.13.1/8.13.1) with ESMTP id q47C8hZH014190 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 7 May 2012 08:08:43 -0400 X-SenderID: Sendmail Sender-ID Filter v0.2.14 mail.informs.org q47C8hZH014190 Authentication-Results: mail.informs.org from=elis...@umd.edu; sender-id=neutral; spf=neutral Received: (from root@localhost) by mail.informs.org (8.13.1/8.13.1/Submit) id q47C8hP3014187; Mon, 7 May 2012 08:08:43 -0400 Received: from sdc-mx1.umd.edu (sdc-mx1.umd.edu [128.8.162.150]) by mail.informs.org (8.13.1/8.13.1) with ESMTP id q47C8f8l014174; Mon, 7 May 2012 08:08:41 -0400 X-SenderID: Sendmail Sender-ID Filter v0.2.14 mail.informs.org q47C8f8l014174 Authentication-Results: mail.informs.org from=elis...@umd.edu; sender-id=neutral; spf=neutral X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: ArsCAKC6p0+ACAzogWdsb2JhbABEgkanDwGDEYZTAQEWJieCEAMFIAgBXQElAQEBCgoUBRAP DCYBBAERAQgGDId0C7EkiQmQPGMEkBoBiS2PfQ Received: from oitpmxht01.umd.edu (HELO exch.mail.umd.edu) ([128.8.12.232]) by sdc-mx1.umd.edu with ESMTP; 07 May 2012 08:08:40 -0400 Received: from oitmxcms01vi.AD.UMD.EDU ([169.254.1.122]) by OITPMXHT01.AD.UMD.EDU ([128.8.12.232]) with mapi; Mon, 7 May 2012 08:08:40 -0400 From: Elise Miller-Hooks elis...@umd.edu To: transci-logistics-sect...@list.informs.org transci-logistics-sect...@list.informs.org, transci-logistics-soci...@list.informs.org transci-logistics-soci...@list.informs.org Date: Mon, 7 May 2012 08:08:37 -0400 Thread-Topic: A great loss for the TSL Society Thread-Index: Ac0sSaLy16gsDbusR+ShPb1Nsm9MIA== Message-ID: 0d78e3bee1f5c04ca3641f214ee381ad01a4eba48...@oitmxcms01vi.ad.umd.edu Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: yes X-MS-TNEF-Correlator: acceptlanguage: en-US MIME-Version: 1.0 X-Spam-Status: No, score=-5.8 required=2.9 tests=AWL,BAYES_00,HTML_MESSAGE, RCVD_IN_DNSWL_MED shortcircuit=no autolearn=unavailable version=3.2.5 X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on mail.informs.org X-Mailman-Approved-At: Mon, 07 May 2012 09:48:04 -0400 Cc: Subject: [Transci-logistics-society] A great loss for the TSL Society X-BeenThere: transci-logistics-soci...@list.informs.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Transportation Science and Logistics Society of INFORMS transci-logistics-society.list.informs.org List-Unsubscribe: http://list.informs.org/mailman/listinfo/transci-logistics-society, mailto:transci-logistics-society-requ...@list.informs.org?subject=unsub scribe List-Archive: http://list.informs.org/pipermail/transci-logistics-society List-Post: mailto:transci-logistics-soci...@list.informs.org List-Help: mailto:transci-logistics-society-requ...@list.informs.org?subject=help List-Subscribe: http://list.informs.org/mailman/listinfo/transci-logistics-society, mailto:transci-logistics-society-requ...@list.informs.org?subject=subsc ribe Content-Type: multipart/mixed; boundary1216496403== Sender: transci-logistics-society-boun...@list.informs.org Errors-To: transci-logistics-society-boun...@list.informs.org Return-path: Received: from mail.informs.org (localhost [127.0.0.1]) by mail.informs.org (8.13.1/8.13.1) with ESMTP id q47ER99A006791 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for transci-logistics-society-boun...@list.informs.org.procmail; Mon, 7 May 2012
Re: [Mailman-Users] Dumb Me Tried to Update Mandriva (Again)
I've made the decision to abandon Mandriva and migrate to Centos. I have mailman up an running (sort of) but now have the opposite problem. This is a vanilla install of Apache so the only config file is mailman.conf at this time. The cgi extension does not exist, in cgi-bin, on this installation of mailman. However, apache is looking for command.cgi. I don't understand why this is a problem out of the box. Shouldn't a vanilla install have this configured correctly? In any case what is the correct way to configure this? Thanks. On 5/4/2012 12:12 PM, Mark Sapiro wrote: Dennis Putnam wrote: Thanks. The cgi scripts do have the cgi extension on them. I put CGIEXT = '' in mm_cfg.py which, of course fixed the problem. It may have fixed the problem for the moment, but it is the wrong way to do it. If the cgi-bin/* wrappers have .cgi extensions, the proper value for CGIEXT is '.cgi'. If that is resulting in the web server looking for *.cgi.cgi files, this is due to something that was added to the web server configuration, possibly as a prior 'solution' to a problem of the web server looking for files without the '.cgi' extension. Anyway, I would find what's adding the extra '.cgi' in the web server and remove it and then either remove the CGIEXT setting from mm_cfg.py or set it to '.cgi'. signature.asc Description: OpenPGP digital signature -- Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] OSError: [Errno 13] Permission denied/var/lib/mailman/archives/private/list/attachments: No such file or directory
David wrote: Yes, I can access all the archived messages now, as expected. You are right about the ownership. In checking again, I can access files from the listing below regardless of whether the owner is www-data or list. I did not change any permissions directly. I ran the check_perms script. It fixed over 200 items, but but would not fix 12 items. Re-running it several times would not fix those remaining items (I assume because they were all symlinks). So I fixed the symlinks manually, such as: chgrp -h list /var/lib/mailman/templates check_perms does not work with symlinks, but it doesn't matter because the ownership/permissions of a symlink are irrelevant, only the target ownership and permissions are relevant. What happens is check_perms sees the ownership and permissions of the symlink and complains and if run with -f, 'fixes' the ownership and permissions of the target, but since the permissions of the symlink haven't changed, check_perms complains again the next time. In a standard source install, there are no symlinks so this is not in issue. In certain packages (Debian/Ubuntu for example) there are symlinks. See the FAQ at http://wiki.list.org/x/OIDD. After fixing the remaining group ownerships in this way, I ran check_perms again and it reported no problems. But then I was unable to access the public archices. That's when I changed ownership with: chown -R www-data /var/lib/mailman/archives/private As soon as I ran that command, I was able to access the archives again. I can't say absolutely what the group ownership was prior to that, but I think the owner was list and group was list, judging from the directory listing below. I can't diagnose what the real issue was without knowing the ownership and permissions before the change, but I doubt that running chown -R www-data /var/lib/mailman/archives/private with -R was necessary. In fact, if the permissions drwxrwsr-x 2 www-data list 4096 May 8 22:42 . you show in the post at http://mail.python.org/pipermail/mailman-users/2012-May/073397.html are those of /var/lib/mailman/archives/private, I think you could run chown -R list /var/lib/mailman/archives/private or even chown -R nobody /var/lib/mailman/archives/private and public archive access would still work because according to the listing below, the /var/lib/mailman/archives/private/list directory and its subordinates are all world searchable/readable and in that case it should be sufficient for /var/lib/mailman/archives/private to be drwxrws--x 2 list list ... root@localhost:/var/lib/mailman/archives/private# ls -la list/2012-May total 432 drwxrwsr-x 2 www-data list 4096 May 8 22:42 . drwxrwsr-x 5 www-data list 4096 May 8 03:27 .. -rw-rw-r-- 1 www-data list 11654 May 7 22:22 00.html -rw-rw-r-- 1 www-data list 8492 May 8 02:18 01.html -rw-rw-r-- 1 www-data list 14475 May 8 18:54 02.html -rw-rw-r-- 1 www-data list 2865 May 8 18:54 03.html -rw-rw-r-- 1 www-data list 3390 May 8 18:54 04.html -rw-rw-r-- 1 www-data list 4521 May 8 18:54 05.html -rw-rw-r-- 1 www-data list 3790 May 8 02:18 06.html -rw-rw-r-- 1 www-data list 11299 May 8 18:54 07.html -rw-rw-r-- 1 www-data list 4833 May 8 02:18 08.html -rw-rw-r-- 1 www-data list 3134 May 8 18:54 09.html -rw-rw-r-- 1 www-data list 5923 May 8 18:54 10.html -rw-rw-r-- 1 www-data list 8348 May 8 02:18 11.html -rw-rw-r-- 1 www-data list 3847 May 8 18:54 12.html -rw-rw-r-- 1 www-data list 20422 May 8 18:54 13.html -rw-rw-r-- 1 www-data list 3687 May 8 18:54 14.html -rw-rw-r-- 1 www-data list 5147 May 8 18:54 15.html -rw-rw-r-- 1 www-data list 4133 May 8 18:54 16.html -rw-rw-r-- 1 www-data list 6029 May 8 18:54 17.html -rw-rw-r-- 1 www-data list 5171 May 8 18:54 18.html -rw-rw-r-- 1 www-data list 3434 May 8 18:54 19.html -rw-rw-r-- 1 www-data list 5875 May 8 18:54 20.html -rw-rw-r-- 1 www-data list 3533 May 8 18:54 21.html -rw-rw-r-- 1 www-data list 3996 May 8 18:54 22.html -rw-rw-r-- 1 www-data list 7329 May 8 18:54 23.html -rw-rw-r-- 1 www-data list 4985 May 8 18:54 24.html -rw-rw-r-- 1 www-data list 5136 May 8 18:54 25.html -rw-rw-r-- 1 www-data list 7115 May 8 18:54 26.html -rw-rw-r-- 1 www-data list 6618 May 8 18:54 27.html -rw-rw-r-- 1 www-data list 3929 May 8 18:54 28.html -rw-rw-r-- 1 www-data list May 8 19:43 29.html -rw-rw-r-- 1 www-data list 4049 May 8 18:54 30.html -rw-rw-r-- 1 www-data list 4980 May 8 19:42 31.html -rw-rw-r-- 1 www-data list 5532 May 8 18:54 32.html -rw-rw-r-- 1 list list 3202 May 8 18:54 33.html -rw-rw-r-- 1 list list 3471 May 8 18:54 34.html -rw-rw-r-- 1 list list 4488 May 8 18:54 35.html -rw-rw-r-- 1 list list 4294 May 8 18:54 36.html -rw-rw-r-- 1 list list 5253 May 8 19:42 37.html -rw-rw-r-- 1 list list 4388 May 8 20:50 38.html -rw-rw-r--
Re: [Mailman-Users] OSError: [Errno 13] Permission denied/var/lib/mailman/archives/private/list/attachments: No such file or directory
On Wed, May 9, 2012 at 12:20 PM, Mark Sapiro m...@msapiro.net wrote: I can't diagnose what the real issue was without knowing the ownership and permissions before the change Thank you. This discussion has increased my understanding and better prepared me to deal with these issues after future upgrades. I know what to look for now. We also have a test box running an identical installation of Mailman. If we can reproduce this I'll let you know. (I can't go back and check permissions on the test box now, however, because I actually did these steps on that box first, then implemented them on the production box -- before I noticed the loss of access to the archives. So both boxes have the same permissions/ownerships at this point.) The good news is that everything is working. -- Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org
[Mailman-Users] How to change a mailing list password?
Hi, As an owner of a mailing list, how can the owner change the admin password of the mailing list? Thanks. Yuan Ma -- Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] View all topics and who's subscribed to them
On Tue, 2012-05-08 at 19:00 -0700, Mark Sapiro wrote:
You probably need to create at least a withlist script, but it's pretty
simple. something like
def list_topics(mlist):
if mlist.topics:
print ('List %s has the following topics defined:' %
mlist.real_name)
for name, pattern, desc, emptyflag in mlist.topics:
print 'Topic name: %s; Pattern: %s' % (name, pattern)
print 'Subscribed users:'
for user in mlist.getRegularMemberKeys():
if name in mlist.getMemberTopics(user):
print '%s' % user
else:
print 'List %s has no topics defined.' % mlist.real_name
This will print a topic followed by the list of users subscribed to it,
followed by the next, etc.
I tried the first one and it worked! I got exactly the info I needed,
and I learned about the withlist script - thanks!
Note: I have not been using mailman for very long, so I'm still learning
lots (i.e. massive gaps in knowledge). :P
Regards,
Ranbir
--
Kanwar Ranbir Sandhu
Linux 3.3.2-6.fc16.x86_64 x86_64 GNU/Linux
15:20:11 up 20:05, 3 users, load average: 0.05, 0.06, 0.05
signature.asc
Description: This is a digitally signed message part
--
Mailman-Users mailing list Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe:
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] How to change a mailing list password?
* Ma, Yuan ma...@osu.edu: Hi, As an owner of a mailing list, how can the owner change the admin password of the mailing list? Via the webinterface. -- Ralf Hildebrandt Charite Universitätsmedizin Berlin ralf.hildebra...@charite.deCampus Benjamin Franklin http://www.charite.de Hindenburgdamm 30, 12203 Berlin Geschäftsbereich IT, Abt. Netzwerk fon: +49-30-450.570.155 -- Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] Dumb Me Tried to Update Mandriva (Again)
On Wed, May 9, 2012 at 10:48 AM, Dennis Putnam d...@bellsouth.net wrote: I've made the decision to abandon Mandriva and migrate to Centos. If you wanted to migrate to Ubuntu 12.04, I could give you all the steps for getting Mailman up and running easily. But someone else will probably be able to help you with Apache on Centos. -- Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org
[Mailman-Users] Giving away the secrets of 99.3% email delivery
Is this an appropriate place to discuss the broader topic of how to best use Mailman? Now that we have it running well, we would like to take additional steps to ensure that the list's emails are delivered as well as they can be. The 37Signals article caught my attention. I would enjoy knowing others's thoughts about how to apply these (or other) suggestions to Mailman. It seems to me that Mailman provides at least some of the intelligence (via logs) that 37Signals custom developed on top of Postfix. Am I right? The core suggestions seem to be universalL SPF records, DKIM signing, reverse DNS entries, etc.. (And, btw, I don't yet know how to implement any of those things except SPF records.) Giving away the secrets of 99.3% email deliveryhttp://37signals.com/svn/posts/3096-giving-away-the-secrets-of-993-email-delivery We send a lot of mail for Basecamp http://basecamphq.com/?source=svn_post, Highrise http://highrisehq.com/?source=svn_post, Backpackhttp://backpackit.com/?source=svn_post, and Campfire http://campfirenow.com/?source=svn_post (and some for Sortfolio http://sortfolio.com, the Jobs Board http://jobs.37signals.com, Writeboard http://writeboard.com, and Tadalist http://tadalist). One of the most frequently asked questions we get is about how we handle mail delivery and ensure that emails are making it to people’s inboxes. Some statistics First, some numbers to give a little context to what we mean by “a lot” of email. In the last 7 days, we’ve sent just shy of 16 million emails, with approximately 99.3% of them being accepted by the remote mail server. Email delivery rate is a little bit of a tough thing to benchmark, but by most accounts we’re doing pretty well at those rates (for comparison, the tiny fraction of email that we use a third party for has had between a 96.9% and 98.6% delivery rate for our most recent mailings). How we send email We send almost all of our outgoing email from our own servers in our data center located just outside of Chicago. We use Campaign Monitorhttp://campaignmonitor.comfor our mailing lists, but all of the email that’s generated by our applications is sent from our own servers. We run three mail-relay servers running Postfix that take mail from our application and jobs servers and queue it for delivery to tens of thousands of remote mail servers, sending from about 15 unique IP addresses. How we monitor delivery We have developed some instrumentation so we can monitor how we are doing on getting messages to our users’ inbox. Our applications tag each outgoing message with a unique header with a hashed value that gets recorded by the application before the message is sent. To gather delivery information, we run a script that tails the Postfix logs and extracts the delivery time and status for each piece of mail, including any error message received from the receiving mail server, and links it back to the hash the application stored. We store this information for 30 days so that our fantastic support team http://smiley.37signals.com is able to help customers track down why they may not have received an email. We also send these statistics to our statsd server so they can be reported through our metrics dashboard. This “live” and historical information can then be used by our operations team to check how we’re doing on aggregate mail delivery for each application. Why run your own mail servers? Over the last few years, at least a dozen services that specialize in sending email have popped up, ranging from the bare-bones to the full-service. Despite all these “email as a service” startups we’ve kept our mail delivery in-house, for a couple of reasons: - *We don’t know anyone who could do it better.* With a 99.3% delivery rate, we haven’t found a third party provider that actually does better in a way they’re willing to guarantee. - *Setup hassle* Most of the third party services require that you verify each address that sends email by clicking a link that gets sent to that address. We send email from thousands and thousands of email addresses for our products, and the hassle of automatically registering and confirming them is significant. Automating the process still introduces unnecessary delivery delays. Given all this, why should we pay someone tens of thousands of dollars to do it? We shouldn’t, and we don’t. *Read more about how we keep delivery rates high after the jump…* How we keep our mail delivery rates up Lets be honest from the get-go. Mail delivery is more of an art than a science. We’ve found that even when you “play by the rules”, there’s still times when a major provider will reject all your mail without notice. Usually it takes a couple emails to to the providers abuse address, and things get resolved. In spite of these “out of our control” issues, we’ve found a few things help us keep delivery rates up: 1. *Constantly monitor spam
Re: [Mailman-Users] Dumb Me Tried to Update Mandriva (Again)
Dennis Putnam wrote: I've made the decision to abandon Mandriva and migrate to Centos. I have mailman up an running (sort of) but now have the opposite problem. This is a vanilla install of Apache so the only config file is mailman.conf at this time. The cgi extension does not exist, in cgi-bin, on this installation of mailman. However, apache is looking for command.cgi. I don't understand why this is a problem out of the box. Shouldn't a vanilla install have this configured correctly? In any case what is the correct way to configure this? Thanks. Please post /etc/httpd/conf.d/mailman.conf and /etc/mailman/mm_cfg.py or /usr/lib/Mailman/mm_cfg.py (I think one will be a symlink to the other). -- Mark Sapiro m...@msapiro.netThe highway is for gamblers, San Francisco Bay Area, Californiabetter use your sense - B. Dylan -- Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] Dumb Me Tried to Update Mandriva (Again)
Thanks for the reply. I think you'll it pretty much vanilla.
mm_py.cfg
---
# -*- python -*-
# Copyright (C) 1998,1999,2000,2001,2002 by the Free Software
Foundation, Inc.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
This module contains your site-specific settings.
From a brand new distribution it should be copied to mm_cfg.py. If you
already have an mm_cfg.py, be careful to add in only the new settings you
want. Mailman's installation procedure will never overwrite your mm_cfg.py
file.
The complete set of distributed defaults, with documentation, are in the
file
Defaults.py. In mm_cfg.py, override only those you want to change,
after the
from Defaults import *
line (see below).
Note that these are just default settings; many can be overridden via the
administrator and user interfaces on a per-list or per-user basis.
###
# Here's where we get the distributed defaults.
from Defaults import *
import pwd, grp
##
# Put YOUR site-specific settings below this line.
#ATTENTION: when you use SELinux, mailman might not
#be able to recompile the configuration file
#due to policy settings. If this is the case,
#please run (as root) the supplied mailman-update-cfg script
##
#Here's where we override shipped defaults with settings #
#suitable for the RPM package. #
MAILMAN_UID = pwd.getpwnam('mailman')[2]
MAILMAN_GID = grp.getgrnam('mailman')[2]
##
#Set URL and email domain names #
#
# Mailman needs to know about (at least) two fully-qualified domain
# names (fqdn)
#
# 1) the hostname used in your urls (DEFAULT_URL_HOST)
# 2) the hostname used in email addresses for your domain
(DEFAULT_EMAIL_HOST)
#
# For example, if people visit your Mailman system with
# http://www.dom.ain/mailman; then your url fqdn is www.dom.ain,
# and if people send mail to your system via yourl...@dom.ain then
# your email fqdn is dom.ain. DEFAULT_URL_HOST controls the former,
# and DEFAULT_EMAIL_HOST controls the latter. Mailman also needs to
# know how to map from one to the other (this is especially important
# if you're running with virtual domains). You use
# add_virtualhost(urlfqdn, emailfqdn) to add new mappings.
# Default to using the FQDN of machine mailman is running on.
# If this is not correct for your installation delete the following 5
# lines that acquire the FQDN and manually edit the hosts instead.
from socket import *
try:
fqdn = getfqdn()
except:
fqdn = 'mm_cfg_has_unknown_host_domains'
DEFAULT_URL_HOST = fqdn
DEFAULT_EMAIL_HOST = fqdn
# Because we've overriden the virtual hosts above add_virtualhost
# MUST be called after they have been defined.
##
# Put YOUR site-specific configuration below, in mm_cfg.py . #
# See Defaults.py for explanations of the values.#
# Note - if you're looking for something that is imported from mm_cfg,
but you
# didn't find it above, it's probably in Defaults.py.
---
mailman.conf
--
# Directives for the mailman web interface
Alias /pipermail/ /var/lib/mailman/archives/public/
ScriptAliasMatch ^/mailman/([^/]*)(.*)$ /usr/lib/mailman/cgi-bin/$1.cgi$2
# For the archives
Directory /var/lib/mailman/archives/public
Options +FollowSymLinks
Order allow,deny
Allow from all
/Directory
---
On 5/9/2012 4:07 PM, Mark Sapiro wrote:
Dennis Putnam wrote:
I've made the decision to abandon Mandriva and migrate to Centos. I have
mailman up an running (sort of) but now have the opposite problem. This
is a vanilla install of Apache so the only config file is mailman.conf
at this time. The cgi extension
Re: [Mailman-Users] Dumb Me Tried to Update Mandriva (Again)
Dennis Putnam wrote: mailman.conf -= - # Directives for the mailman web interface Alias /pipermail/ /var/lib/mailman/archives/public/ ScriptAliasMatch ^/mailman/([^/]*)(.*)$ /usr/lib/mailman/cgi-bin/$1.cgi$2 Either remove the '.cgi' from the above line making it ScriptAliasMatch ^/mailman/([^/]*)(.*)$ /usr/lib/mailman/cgi-bin/$1$2 or remove the line completely and replace it with ScriptAlias /mailman/ /usr/lib/mailman/cgi-bin/ Now the real question is was that file part of the Centos (RedHat) Mailman package or was it residue from Mandriva. If you're sure it was part of the Centos rpm, file a bug report with whoever made the rpm. If not look for some Mailman config in /etc/httpd/conf/httpd.conf or some other included file. If you find other Mailman configuration, it may be correct so you maybe could just remove /etc/httpd/conf.d/mailman.conf. -- Mark Sapiro m...@msapiro.netThe highway is for gamblers, San Francisco Bay Area, Californiabetter use your sense - B. Dylan -- Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] All mails do not reach to all users...
So it means we have to do it every time when a new member join us? because such problem is faced by almost every member of our mailing list. Suppose I do send 20 messages a day, many of our subscriber get only 10 messages. Similarly, if some others send 20 messages, I and other subscribers get only a few messages, but not all 20. This is just for example. Thanks, amit Bhatt - Original Message - From: Mark Sapiro m...@msapiro.net To: Amit Bhatt misterbh...@gmail.com Cc: Mailman-Users@python.org Sent: Wednesday, May 09, 2012 6:16 AM Subject: Re: [Mailman-Users] All mails do not reach to all users... On 5/8/2012 9:43 AM, Amit Bhatt wrote: I finally shifted to the new service provider and they are Internationally known as very good service provider and their mail delivery and other services seem to be working fine but the issue of non delivery of E-mails to some users still remain there. I have discussed this matter with other moderators of two different mailing list and they told me that they also confront the same issue some time. so what does it mean? Is this a bug on Mailman? Can we expect not to be happened in mailman 3 in the coming future? No, it is not a bug in Mailman and it probably will be no different under Mailman 3. You have to follow the mail through the various MTAs between your Mailman server and the recipient server. Typically, you or your service provider will find a log message indicating the original email message was accepted for delivery by the recipient's ISP, but the recipient never gets the mail. At this point, All you can do is provide the recipient with the full log message containing timestamp and the receiving server's queue ID, and then the recipient has to take this up with their ISP. -- Mark Sapiro m...@msapiro.netThe highway is for gamblers, San Francisco Bay Area, Californiabetter use your sense - B. Dylan -- Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] All mails do not reach to all users...
Amit Bhatt wrote: So it means we have to do it every time when a new member join us? because such problem is faced by almost every member of our mailing list. Suppose I do send 20 messages a day, many of our subscriber get only 10 messages. Similarly, if some others send 20 messages, I and other subscribers get only a few messages, but not all 20. This is just for example. This is not a Mailman issue. It seems likely that your mail is triggering various ISPs spam filters based on its content. This can only be resolved by communicating with the ISPs involved. If you can convince them that your lists are confirmed opt-in (aka double opt-in) and that everyone on your lists have made an informed, affirmative decision to be on the list and that anyone can easily unsubscribe, some of them may whitelist you. No one said this was easy. Quite a few years ago, I was 'felt out' for my interest in working for an email list provider on a full time basis doing exactly this kind of liason with ISPs. I wasn't interested in any paid employment at the time and even if I had been, I wouldn't have been interested in that one. I can only imagine that the magnitude of this job has grown significantly since then. -- Mark Sapiro m...@msapiro.netThe highway is for gamblers, San Francisco Bay Area, Californiabetter use your sense - B. Dylan -- Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org
[Mailman-Users] SPF MAIL FROM check failed: [MAIL_FROM]
On Wed, May 9, 2012 at 4:01 PM, David d...@fiteyes.com wrote: Re: Giving away the secrets of 99.3% email delivery 1. Constantly monitor spam blacklists. We have a set of Nagios alerts that regularly check if we’re listed on any delivery blacklists, and whenever they go off we take whatever corrective action we need to get back off the blacklist. 2. Have valid SPF records. Don’t impersonate your users. When running a web app like Basecamp, which sends email that are generated by another user, it can be tempting to send the email from that user (e.g., so that a comment I wrote on Basecamp would appear to come from noah at 37signals dot com), which might make people feel more comfortable. Unfortunately, this is a surefire way to end up on spam lists, since you’ll likely be sending from an IP address that does not have the valid SPF records. And chances are, if the user’s domain does have an SPF record, it doesn’t include your application’s IP. 3. Sign the mail! DKIM and Domain Keys. Yahoo and Gmail both score signed email higher. 4. Dedicated and conditioned email sending IPs. 5. Configure reverse dns entries. Most of the “big boys” won’t accept mail from your servers if your reverse dns entries don’t match. You might need your IP provider to help with setting up these records. 6. Enroll in feedback loops. We haven’t automated our parsing of feedback, but a daily / weekly review of feedback loop emails helps us know when there’s an unhappy user, or other problem. Too many complaints and you’ve got trouble. I started by setting up an SPF record (#2 on the list above). However, shortly after setting it up, we got a bounce with this reason: SPF MAIL FROM check failed: [MAIL_FROM] I searched a bit and came across things like this: http://comments.gmane.org/gmane.org.user-groups.linux.new-zealand.general/34245 But nothing I found answered my questions. Looking at the headers of the bounced message, I note: Received-SPF: pass (domain of lists.example.com designates 10.10.10.99 as permitted sender) X-Originating-IP: [10.10.10.99] That would seem to indicate things are OK, but maybe X-Originating-IP isn't the line I need to be looking at... I'm not sure what [MAIL_FROM] (in the SPF check failed line) matches in the email header. Also, I note: X-YahooFilteredBulk: 10.10.10.99 -- what does X-YahooFilteredBulk mean? And there is another value for this field. X-Originating-IP: [76.21.140.158] These are the headers of the bounced message: Subject: Failure Notice Sorry, we were unable to deliver your message to the following address. recipi...@destination.com.br: Remote host said: 550 5.7.1 SPF MAIL FROM check failed: [MAIL_FROM] --- Below this line is a copy of the message. Received: from [72.30.22.79] by nm1.bullet.mail.sp2.yahoo.com with NNFMP; 09 May 2012 21:51:02 - Received: from [68.142.200.224] by tm13.bullet.mail.sp2.yahoo.com with NNFMP; 09 May 2012 21:51:02 - Received: from [66.94.237.102] by t5.bullet.mud.yahoo.com with NNFMP; 09 May 2012 21:51:01 - Received: from [127.0.0.1] by omp1007.access.mail.mud.yahoo.com with NNFMP; 09 May 2012 21:51:01 - X-Yahoo-Newman-Property: ymail-3 X-Yahoo-Newman-Id: 502900.95307...@omp1007.access.mail.mud.yahoo.com X-Yahoo-Forwarded: from recipi...@destination.com to recipi...@destination.com.br Return-Path: all-boun...@lists.example.com X-YahooFilteredBulk: 10.10.10.99 Received-SPF: pass (domain of lists.example.com designates 10.10.10.99 as permitted sender) X-YMailISG: x X-Originating-IP: [10.10.10.99] Authentication-Results: mta1017.biz.mail.mud.yahoo.com from= lists.example.com; domainkeys=neutral (no sig); from=att.net; dkim=permerror (bad sig) Received: from 127.0.0.1 (EHLO localhost) (10.10.10.99) by mta1017.biz.mail.mud.yahoo.com with SMTP; Wed, 09 May 2012 14:51:01 -0700 Received: from myhost.hostingprovider.com (localhost [127.0.0.1]) by localhost (Postfix) with ESMTP id E9CA1123AB; Wed, 9 May 2012 21:43:23 + (UTC) X-Original-To: l...@lists.example.com Delivered-To: l...@lists.example.com Received: from fmailhost01.isp.att.net (fmailhost01.isp.att.net [204.127.217.101]) by localhost (Postfix) with ESMTP id 1D84D123A4 for l...@lists.example.com; Wed, 9 May 2012 20:52:06 + (UTC) DKIM-Signature: v=1; q=dns/txt; d=att.net; s=dkim01; i=memb...@domain.net; a=rsa-sha256; c=relaxed/relaxed; t=1336596725; h=Content-Type: MIME-Version:Message-ID:Date:Subject:In-Reply-To:References:To: From; yyy Received: from homecomputer3 (c-76-21-140-158.hsd1.va.comcast.net[76.21.140.158]) by worldnet.att.net (frfwmhc01) with SMTP id 20120509205204H0100sdv2pe; Wed, 9 May 2012 20:52:05 + X-Originating-IP: [76.21.140.158] From: Member One memb...@domain.net To: 'Example Discussion' l...@lists.example.com References: 13283191.1336591910177.javamail.r...@wamui-june.atl.sa.earthlink.net In-Reply-To:
[Mailman-Users] Message delivery and Logs
Ian Prietz wrote: We have multiple lists set up with our Mailman host. We have had some delivery issues recently. One of the new lists has had some real trouble getting the messages delivered. However, there are members of LIST A that are also member of the problem list, LIST B. might possibly be related to a recipient's having list_a-bounces at example.com but not list_b-bounces at example.com in her address book. -- Mark Sapiro mark at msapiro.net Mark, In your response above, why did you specify that list_a-bounces at example.com should be added to the recipient's address book instead of list_a at example.com? -- Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] SPF MAIL FROM check failed: [MAIL_FROM]
On 9 May 2012, at 20:32, David wrote: On Wed, May 9, 2012 at 4:01 PM, David d...@fiteyes.com wrote: Re: Giving away the secrets of 99.3% email delivery 1. Constantly monitor spam blacklists. We have a set of Nagios alerts that regularly check if we’re listed on any delivery blacklists, and whenever they go off we take whatever corrective action we need to get back off the blacklist. 2. Have valid SPF records. Don’t impersonate your users. When running a web app like Basecamp, which sends email that are generated by another user, it can be tempting to send the email from that user (e.g., so that a comment I wrote on Basecamp would appear to come from noah at 37signals dot com), which might make people feel more comfortable. Unfortunately, this is a surefire way to end up on spam lists, since you’ll likely be sending from an IP address that does not have the valid SPF records. And chances are, if the user’s domain does have an SPF record, it doesn’t include your application’s IP. 3. Sign the mail! DKIM and Domain Keys. Yahoo and Gmail both score signed email higher. 4. Dedicated and conditioned email sending IPs. 5. Configure reverse dns entries. Most of the “big boys” won’t accept mail from your servers if your reverse dns entries don’t match. You might need your IP provider to help with setting up these records. 6. Enroll in feedback loops. We haven’t automated our parsing of feedback, but a daily / weekly review of feedback loop emails helps us know when there’s an unhappy user, or other problem. Too many complaints and you’ve got trouble. Something about how you are composing mail is resulting in an ugly mess on the receiving side, with your quoting completely broken. See above as an example. Perhaps sending as HTML and having it whacked by Mailman... I started by setting up an SPF record (#2 on the list above). However, shortly after setting it up, we got a bounce with this reason: SPF MAIL FROM check failed: [MAIL_FROM] I searched a bit and came across things like this: http://comments.gmane.org/gmane.org.user-groups.linux.new-zealand.general/34245 But nothing I found answered my questions. Looking at the headers of the bounced message, I note: Received-SPF: pass (domain of lists.example.com designates 10.10.10.99 as permitted sender) X-Originating-IP: [10.10.10.99] That would seem to indicate things are OK, but maybe X-Originating-IP isn't the line I need to be looking at... I'm not sure what [MAIL_FROM] (in the SPF check failed line) matches in the email header. This is probably running off the topical edge of the Mailman-Users list, but I'll be brief. Before publishing an SPF record, you should understand what SPF is and how it works. If you don't understand it, don't try to use it. SPF is a weak but sometimes useful mechanism that allows a SMTP server to check whether a given SMTP envelope sender address (a.k.a. Return-Path or MAIL_FROM or bounce address) should be trusted as valid when given by the particular IP address of an SMTP client, using DNS records. In most cases it is only applied to the domain part of an address. There's not much else to say about your specific problem, since you seem to have obfuscated everything of significance about the specific message with a problem. For example, and most importantly, lists.example.com is bogus. The SPF coherency to check is between the outbound IP address of whatever machine (at Yahoo??? ugh.) generated that bounce and the domain you've obfuscated as lists.example.com. Your SPF record(s) need to the reality of where mail systems to whom you are not known will be receiving your mail from, not the original source of your mail. So if you have made the inexplicable decision to route your mail out via Yahoo, you need to consult with Yahoo about how to set up your SPF record(s). Also, I note: X-YahooFilteredBulk: 10.10.10.99 -- what does X-YahooFilteredBulk mean? Ask Yahoo. Any email header that starts with X- is non-standard and could mean anything or nothing. -- Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] Dumb Me Tried to Update Mandriva (Again)
Yep, I copied the config from my Mandriva installation thinking they would be compatible. I was wrong and restoring the default fixed it. Thanks. On 5/9/2012 7:36 PM, Mark Sapiro wrote: Dennis Putnam wrote: mailman.conf -= - # Directives for the mailman web interface Alias /pipermail/ /var/lib/mailman/archives/public/ ScriptAliasMatch ^/mailman/([^/]*)(.*)$ /usr/lib/mailman/cgi-bin/$1.cgi$2 Either remove the '.cgi' from the above line making it ScriptAliasMatch ^/mailman/([^/]*)(.*)$ /usr/lib/mailman/cgi-bin/$1$2 or remove the line completely and replace it with ScriptAlias /mailman/ /usr/lib/mailman/cgi-bin/ Now the real question is was that file part of the Centos (RedHat) Mailman package or was it residue from Mandriva. If you're sure it was part of the Centos rpm, file a bug report with whoever made the rpm. If not look for some Mailman config in /etc/httpd/conf/httpd.conf or some other included file. If you find other Mailman configuration, it may be correct so you maybe could just remove /etc/httpd/conf.d/mailman.conf. -- Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] Message delivery and Logs
David wrote: Mark, In your response above, why did you specify that list_a-bounces at example.com should be added to the recipient's address book instead of list_a at example.com? lis...@example.com or lis...@example.com would never be the sender of the mail from the list so 'whitelisting' it by adding it to your address book would do nothing. List-a mail is sent with an envelope from list-a-boun...@example.com and similarly for list-b so 'whitelisting' that address can help. If one needs to 'whitelist' the From: address of the post, that is generally not possible as it is normally the poster's address and that could be any list member or maybe even a non-member. -- Mark Sapiro m...@msapiro.netThe highway is for gamblers, San Francisco Bay Area, Californiabetter use your sense - B. Dylan -- Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] SPF MAIL FROM check failed: [MAIL_FROM]
David wrote: I started by setting up an SPF record (#2 on the list above). However, shortly after setting it up, we got a bounce with this reason: SPF MAIL FROM check failed: [MAIL_FROM] [...] Looking at the headers of the bounced message, I note: Received-SPF: pass (domain of lists.example.com designates 10.10.10.99 as permitted sender) X-Originating-IP: [10.10.10.99] That line says that Yahoo checked your SPF when it received the mail from you and your lists.example.com SPF designated your IP as a permitted sender so it was OK. However, the message was then relayed by Yahoo to the recipient's MX and the recipient's MX checked the domain of the envelope sender (still lists.example.com) and it's SPF did not designate nm1.bullet.mail.sp2.yahoo.com which is the serve from which it received the mail as a permitted or at least neutral sender, so the recipients MX refused the mail. Your choices are: 1) don't publish SPF 2) don't relay via Yahoo 3) designate ?all in your domain's SPF (maybe others, I'm not an SPF expert) [...] Also, I note: X-YahooFilteredBulk: 10.10.10.99 -- what does X-YahooFilteredBulk mean? Ask Yahoo. It's their non-standard (private) header. And there is another value for this field. X-Originating-IP: [76.21.140.158] It appears that the mail originated at your homecomputer3 via a comcast ip and was relayed via worldnet.att.net which noted that it originated from the comcast IP 76.21.140.158. Subsequently, it was delivered to l...@lists.example.com at some server variously reported as 'localhost', 127.0.0.1 (Generally the IP of 'localhost'), myhost.hostingprovider.com (aka the local network IP 10.10.10.99), and mta1017.biz.mail.mud.yahoo.com all of which appear to be tthe same actual machine, and subsequently it was relayed via another Yahoo server which checked the SPF for lists,example.com and found it designated 10.10.10.99 as a premitted sender. These are the headers of the bounced message: Subject: Failure Notice Sorry, we were unable to deliver your message to the following address. recipi...@destination.com.br: Remote host said: 550 5.7.1 SPF MAIL FROM check failed: [MAIL_FROM] --- Below this line is a copy of the message. Received: from [72.30.22.79] by nm1.bullet.mail.sp2.yahoo.com with NNFMP; 09 May 2012 21:51:02 - Received: from [68.142.200.224] by tm13.bullet.mail.sp2.yahoo.com with NNFMP; 09 May 2012 21:51:02 - Received: from [66.94.237.102] by t5.bullet.mud.yahoo.com with NNFMP; 09 May 2012 21:51:01 - Received: from [127.0.0.1] by omp1007.access.mail.mud.yahoo.com with NNFMP; 09 May 2012 21:51:01 - X-Yahoo-Newman-Property: ymail-3 X-Yahoo-Newman-Id: 502900.95307...@omp1007.access.mail.mud.yahoo.com X-Yahoo-Forwarded: from recipi...@destination.com to recipi...@destination.com.br Return-Path: all-boun...@lists.example.com X-YahooFilteredBulk: 10.10.10.99 Received-SPF: pass (domain of lists.example.com designates 10.10.10.99 as permitted sender) X-YMailISG: x X-Originating-IP: [10.10.10.99] Authentication-Results: mta1017.biz.mail.mud.yahoo.com from=3D lists.example.com; domainkeys=3Dneutral (no sig); from=3Datt.net; dkim=3Dpermerror (bad sig) Received: from 127.0.0.1 (EHLO localhost) (10.10.10.99) by mta1017.biz.mail.mud.yahoo.com with SMTP; Wed, 09 May 2012 14:51:01 -0700 Received: from myhost.hostingprovider.com (localhost [127.0.0.1]) by localhost (Postfix) with ESMTP id E9CA1123AB; Wed, 9 May 2012 21:43:23 + (UTC) X-Original-To: l...@lists.example.com Delivered-To: l...@lists.example.com Received: from fmailhost01.isp.att.net (fmailhost01.isp.att.net [204.127.217.101]) by localhost (Postfix) with ESMTP id 1D84D123A4 for l...@lists.example.com; Wed, 9 May 2012 20:52:06 + (UTC) DKIM-Signature: v=3D1; q=3Ddns/txt; d=3Datt.net; s=3Ddkim01; i=3Dmember1@do= main.net; a=3Drsa-sha256; c=3Drelaxed/relaxed; t=3D1336596725; h=3DContent-Type: MIME-Version:Message-ID:Date:Subject:In-Reply-To:References:To: From; yyy Received: from homecomputer3 (c-76-21-140-158.hsd1.va.comcast.net[76.21.140.158]) by worldnet.att.net (frfwmhc01) with SMTP id 20120509205204H0100sdv2pe; Wed, 9 May 2012 20:52:05 + X-Originating-IP: [76.21.140.158] From: Member One memb...@domain.net To: 'Example Discussion' l...@lists.example.com References: 13283191.1336591910177.javamail.r...@wamui-june.atl.sa.earthlink.net In-Reply-To: 13283191.1336591910177.javamail.r...@wamui-june.atl.sa.earthlink.net Date: Wed, 9 May 2012 16:52:07 -0400 Message-ID: !!a=3D=3...@att.net MIME-Version: 1.0 X-Mailer: Microsoft Office Outlook 12.0 Thread-Index: xyxyzyzy Content-Language: en-us X-Mailman-Approved-At: Wed, 09 May 2012 21:43:22 + Subject: [Example Discussion 110] Re: Example Subject X-BeenThere: l...@lists.example.com X-Mailman-Version: 2.1.14 Precedence: list Reply-To: Example Discussion l...@lists.example.com List-Id: Example
