[Mailman-Users] Re: Cloudmark blacklist

[Jayson Smith]

Hi,

Comcast/Charter (found out about that one Saturday night when trying to 
reply to a legit individual message) both reject the message as soon as 
a blocked server connects, you don't even get to say HELO. Microsoft, 
when they decide you're evil and put you on their internal blacklist, 
reject after Mail from:. I find these rejections quite annoying, because 
clearly this means their spam analytics software is missing out on a lot 
of details that could help them make a more informed decision about 
whether to accept the message. Are my SPF and DKIM in order? (Yes I know 
spammers can and probably often do also have good SPF and DKIM but it's 
just one factor.) Is the message to a valid recipient? Does the content 
look spammy, as whatever their AI systems are would define spammy? Does 
my sending domain have a good reputation with this provider? Am I 
sending to someone I've sent messages deemed non-spammy to in the past? 
Am I perhaps replying to a message from this person which their software 
can, if they choose to, objectively prove was sent to me through their 
servers by that person?


But oh no, if your IP is on one of the blacklists we check, we won't 
just consider that a factor in delivery decisions, this means you must 
be totally evil and we're not even going to let you talk to us at all, 
even if it was your evil neighbors that got your entire IP range on that 
list. Go away and don't come back until you've solved your spam problem 
that probably isn't even your problem. Goodbye!


Jayson

On 3/18/2024 8:54 AM, Stephen J. Turnbull wrote:

Jayson Smith writes:

  > What I mean is that I'd love to find a good, reliable smarthost I
  > can direct my SMTP server on my VPS to use.

You could try some of the services listed here:
Hosting: https://wiki.list.org/COM/Mailman%20hosting%20services
Consulting: https://wiki.list.org/COM/Mailman%20consulting%20services
They might have a better idea or offer exactly the service you want.

Otherwise, I think you kinda have to move your VPS to the service you
want to use, and on top of the monthlies for running a server they'll
charge you for email volume.  AWS SES for example is 10,000 emails for
$1 billed monthly, and there's a throughput charge as well but that
too is probably negligible unless you're mailing videos.  They do
promise an IP with a clean reputation and they bonk your neighbors
(and you) automatically for sending more than a tiny amount of spam,
so I'd expect it to stay that way.  FWIW 

  > The real problem I'm seeing is that seemingly within the last few
  > years, at least some VPS providers (Linode and Digital Ocean for
  > sure) have started getting entire IP ranges put on blocklists.

This is nothing new.  Effort-minimizing admins have been blocking
whole netblocks for well over a decade.  I think one new aspect is
that non-admins have borrowed the technique of mass-reporting to try
to shut down all aspects of an individual's or organization's Internet
presence.  I wouldn't block at the SMTP CONNECT level based on IP or
domain alone for the reasons you give for running your own smtpd, and
I doubt Google or Microsoft do.  But I know a lot of admins who do.

I don't know what to do about it.  I think my own server at my
university got on Microsoft's bad side once, but it got better fairly
quickly.  I did contact Microsoft but I don't know if it had anything
to do with getting off their blocklist, the only reply I got was a
'bot saying thank you for contacting Microsoft, check this link.  I
don't think they have their best minds working on the problem.
Instead they get customers by being too big to block, is my guess.



--
Mailman-Users mailing list -- mailman-users@python.org
To unsubscribe send an email to mailman-users-le...@python.org
https://mail.python.org/mailman3/lists/mailman-users.python.org/
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/
   https://mail.python.org/archives/list/mailman-users@python.org/
Member address: arch...@mail-archive.com

[Mailman-Users] Re: Cloudmark blacklist

[Jayson Smith]

Hi,

What I mean is that I'd love to find a good, reliable smarthost I can 
direct my SMTP server on my VPS to use. I've heard knowledgeable friends 
say over and over and over again, "Anyone who runs their own Email 
server is just asking for trouble, it's not worth it any more." The real 
problem I'm seeing is that seemingly within the last few years, at least 
some VPS providers (Linode and Digital Ocean for sure) have started 
getting entire IP ranges put on blocklists. My first experience of being 
put on UCEPROTECT level 3 was on January 20, 2021, and a few weeks ago 
my IP wound up on UCEPROTECT level 2. Yes, I know how the UCEPROTECT 
lists work, but the point is that I never used to find my IP on those 
lists, but now it happens every few months. I have to think something 
has happened to cause more spammers to use these providers.


As for incoming Email, I'd like for my own SMTP server to be able to 
continue handling it. The reason is that I don't want some other Email 
provider's spam blocking software deciding what I get to see. I have 
some incoming spam control measures in place for specific Email 
addresses that tend to receive a lot of spam, but for me and my family 
members, everything gets through. Yes this means we get incoming spam 
that comes our way, but it also means we don't have to worry about an 
important incoming message going missing because it was sent to the spam 
folder or silently discarded.


Thanks for any thoughts,

Jayson

On 3/16/2024 5:26 AM, Stephen J. Turnbull wrote:

Jayson Smith writes:

  > I'm getting really tired of these unexplained blacklistings. Does
  > anyone know of any reliable outgoing Email service providers?

What do you mean by that?  Gmail for example allows you (or did allow
you 18 months ago) to validate an alternate address through the usual
"can you read this mail and send back a cookie" dance, and use those
validated addresses in From.

Unfortunately, in my experience at least Gmail won't allow you to use
a non-gmail address in From unless you're using their app or browser
client.  Authenticated SMTP to port 587 doesn't cut it for whatever
reason.  The best I could figure out was sending through eg gmail
using From: m...@gmail.com and setting Reply-To.

  > Ideally I want to continue to handle my own incoming Email because
  > I don't want someone else's spam blocking software deciding what
  > Emails I receive.

I don't know of freemail who allows that, unfortunately.  The closest
I know of is Google, as above.



--
Mailman-Users mailing list -- mailman-users@python.org
To unsubscribe send an email to mailman-users-le...@python.org
https://mail.python.org/mailman3/lists/mailman-users.python.org/
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/
   https://mail.python.org/archives/list/mailman-users@python.org/
Member address: arch...@mail-archive.com

[Mailman-Users] Cloudmark blacklist

[Jayson Smith]

Hi,


I run two very low traffic Mailman lists on my Linode. This morning one 
of them got an Email, and that's when I found out thanks to Comcast that 
my IP is on Cloudmark's blacklist. Naturally I've sent in a reset 
request using the form linked from the Comcast error message, and am 
still waiting to be removed. A few days ago I sent to a Comcast customer 
with no problem.



I've resolved the problem sending to Comcast by enabling my server to 
send using IPv6. This required me to have Linode allocate me my own /64 
since my default IPv6 address was in a /64 blocked by Spamhaus XBL/CSS 
lists.



Does anyone know if Cloudmark blocks entire IP ranges or just individual 
addresses? I don't know why my IP is on Cloudmark's list, as most of the 
Email I send is personal in nature, to people I have corresponded with 
for years. I've used multiple RBL check tools, and everything has come 
back negative, except that my entire subnet is on Spamgrouper.to 
(checked by running a check on a neighboring IP). I have SPF, DKIM, and 
DMARC set up.



I'm getting really tired of these unexplained blacklistings. Does anyone 
know of any reliable outgoing Email service providers? Ideally I want to 
continue to handle my own incoming Email because I don't want someone 
else's spam blocking software deciding what Emails I receive.



Thanks,


Jayson


--
Mailman-Users mailing list -- mailman-users@python.org
To unsubscribe send an email to mailman-users-le...@python.org
https://mail.python.org/mailman3/lists/mailman-users.python.org/
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/
   https://mail.python.org/archives/list/mailman-users@python.org/
Member address: arch...@mail-archive.com

[Mailman-Users] Re: Outlook blocked again, but strange response

[Jayson Smith]

Hi,

Update: Sometime in the night, my IP was silently removed from 
Microsoft's block list. I've never had that happen, but all's well that 
ends well, at least for now.


Jayson

On 3/11/2024 10:18 PM, Mark Sapiro wrote:

On 3/11/24 6:28 PM, Jayson Smith wrote:

Hi,


So it's happened again and I have no idea why, though I suspect some 
of my IP neighbors may have been put on Microsoft's naughty list as 
my subnet with Linode was recently listed on Uceprotect level 2. 
Anyway, I go to send an Email to an Outlook user, and get the typical 
thing, Unfortunately, messages from XXX.XXX.XXX.XXX weren't sent. 
Fill out the support request, expect to get conditionally mitigated 
in a few hours…nope. Instead, I get this:



UCEPROTECTL2 and even more egergious, UCEPROTECTL3 are IMO 
scam/extortion lists. They list entire netblocks and then offer to 
whitelist your specific IP **temporarily** for a fee. Unfortunately 
some ESPs do use them.




Hi ,

Thanks for your patience, we are currently experiencing technical 
difficulties and our engineers are working to resolve the issue at 
the earliest.


Dealing with Microsoft support about issues like this is a pain. My 
experience is it's difficult to tell whether their chatty, friendly 
responses are actually written by a human or a robot and you have to 
keep repeating stuff as they ask for things which were provided 
earlier in the thread, but if you are patient and persistent, you 
eventually get the result you want.




--
Mailman-Users mailing list -- mailman-users@python.org
To unsubscribe send an email to mailman-users-le...@python.org
https://mail.python.org/mailman3/lists/mailman-users.python.org/
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/
   https://mail.python.org/archives/list/mailman-users@python.org/
Member address: arch...@mail-archive.com

[Mailman-Users] Outlook blocked again, but strange response

[Jayson Smith]

Hi,


So it's happened again and I have no idea why, though I suspect some of 
my IP neighbors may have been put on Microsoft's naughty list as my 
subnet with Linode was recently listed on Uceprotect level 2. Anyway, I 
go to send an Email to an Outlook user, and get the typical thing, 
Unfortunately, messages from XXX.XXX.XXX.XXX weren't sent. Fill out the 
support request, expect to get conditionally mitigated in a few 
hours…nope. Instead, I get this:



Hi ,

Thanks for your patience, we are currently experiencing technical 
difficulties and our engineers are working to resolve the issue at the 
earliest.



Thanks again,

Outlook.com Deliverability Support


Has anyone received this from Microsoft before? If so, will the issue 
eventually be resolved, or do I need to wait a few days and submit my 
request again?



Thanks,


Jayson


--
Mailman-Users mailing list -- mailman-users@python.org
To unsubscribe send an email to mailman-users-le...@python.org
https://mail.python.org/mailman3/lists/mailman-users.python.org/
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/
   https://mail.python.org/archives/list/mailman-users@python.org/
Member address: arch...@mail-archive.com

[Mailman-Users] AOL list member not receiving list traffic

[Jayson Smith]

Hi,

Yesterday I received a report from an AOL user that she's not receiving 
traffic from one of my lists. The problem here is that my server logs 
show outgoing mail being accepted by AOL's incoming mail servers, and of 
course after that it's anyone's guess what happens to them. She says 
she's checked her junkmail folder and the messages aren't there. Does 
anyone have any thoughts on this? Is AOL known to silently discard mail 
they think is spam for some reason? I replied to her message from the 
same server and she did receive that reply, so they haven't outright 
blocked my IP or something. Even if I could contact someone who knows 
what they're doing at AOL, there are no error logs for me to show.



Jayson


--
Mailman-Users mailing list -- mailman-users@python.org
To unsubscribe send an email to mailman-users-le...@python.org
https://mail.python.org/mailman3/lists/mailman-users.python.org/
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/
   https://mail.python.org/archives/list/mailman-users@python.org/

[Mailman-Users] Double opt-in, Question about adding people to a Mailman list

[Jayson Smith]

Hi,


I run a Mailman 2 list for an organization of writers with disabilities. 
Recently our president has become concerned that some people wanting to 
join the group may not be responding to the standard Mailman 
subscription confirmation message because, from the From: line and the 
subject line, they're not sure what it is and don't want to open it. I 
understand why the subject line needs to be what it is, so people can 
just reply to the message to confirm their subscription. Even more 
confusing is that for complicated historical reasons the name of our 
list has nothing to do with the name of our organization, which might 
confuse prospective new members further.



One proposal for fixing this problem is for our secretary to confirm 
that a new member does want to be subscribed to our list, then use the 
Mailman interface to add the new member outright, without that person 
having to go through the confirmation process. My concern with this 
approach is the ever-present spam police. I know that the way Mailman 
works by default, where someone requests to subscribe, receives a 
confirmation Email, then has to take some action to confirm their 
subscription, is confirmed opt-in or double opt-in. My question is, if 
person A tells person B they want to join the list, through Email or 
some other method that person B can later document, then person B puts 
person A on the list with no further confirmation required, does this 
constitute confirmed/double opt-in in the eyes of anyone to whom this 
matters?



Thanks for any thoughts,


Jayson


--
Mailman-Users mailing list -- mailman-users@python.org
To unsubscribe send an email to mailman-users-le...@python.org
https://mail.python.org/mailman3/lists/mailman-users.python.org/
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/
   https://mail.python.org/archives/list/mailman-users@python.org/

[Mailman-Users] Re: The Hotmail complaint saga continues

[Jayson Smith]

Hi,

I can confirm that the complaints do cite messages I am sending, and 
know I'm sending. Does anyone know if Microsoft has made any changes to 
their Email user interface recently that would make marking something as 
spam or junk by mistake easier than it was before? This problem started 
out of the blue on March 24. If it makes any difference, the specific 
subscriber involved has an Email address at msn.com, and she's been 
subscribed to the list for close to two years with no problem.


Jayson

On 4/15/2022 1:25 AM, Stephen J. Turnbull wrote:

Jayson Smith writes:

  > 1. Is Linode, my VPS provider, also receiving these complaints? If so,
  > I'm surprised they haven't at least sent me a notice telling me about them.

Seems unlikely, both on general principles and since you haven't heard
from them.

Have you confirmed that these notifications are really from Hotmail
staff (or an automated process there)?  Although other things equal
it's unlikely, the most likely possibility (the subscriber complained)
is denied by the subscriber so it could theoretically be some third
party trying to mess with you or the subscriber.

Also, have you confirmed that it's actually the specific messages from
you or your list that were cited?  Is it possible that some spammer is
spoofing your return address, and the subscriber is legitimately
complaining about mail that to the email provider appear to be from
you but to the subscriber are from somebody else?  Is it possible your
Linode VPS has been hacked, or the MTA is an open relay, and is being
used to send spam?  If you've confirmed that the complaints are citing
mail you know you sent, these possibilities don't apply, and they're
fairly unlikely anyway given that it's only one subscriber that's
having the issue.

  > 2. Does anyone know if having received these complaints might cause
  > Microsoft to be more likely to add my IP to their infamous block list?

More likely, yes, but how much more likely, you'd have to get an
answer from Microsoft.  I don't know anybody who has gotten anything
useful out of them, though.  Mistaken additions to block lists
anywhere seem to quite random for good actors, and the blockers are
rarely willing to explain what the problem was, or how to avoid it.

You could try explaining the situation to staff@hotmail, and get the
subscriber to do so too.  But I wouldn't expect too much.

You could also look up what their mitigation strategies, if any, are.
Some providers have services you can sign up to which provide more
information about complaints, and guidelines on how to keep your
list(s) in good standing with the providers.  I don't know about
Microsoft/Hotmail.

There are also some general rules:

1.  Check that your server is not in any of the reputable RBLs.  I
 don't have a list offhand.
 (A couple of RBLs are known to shake down sites by putting them in
 bad actor lists and then asking for money for a "service" to help
 clean your reputation.  The big providers like Hotmail know who
 they are and ignore them, you probably can ignore them too.)
2.  Make sure that your DNS has correct configurations for SPF and
 DKIM.  Make sure that your signing keys are correct.  It may halp
 a little to do DMARC, too, even if you just set a policy of
 p=none.  If your lists accept posts from off-host, you likely
 would benefit from configuring ARC as well.
3.  Everything that goes *in* to your MTA *except from Mailman* should
 be spam- and virus-filtered.  That should include mail generated
 on the Mailman host.  Then you can safely forward all mail from
 Mailman.  (Filtering mail *from* Mailman on the way out is very
 expensive unless you have very few subscribing domains.)
4.  If your lists are open subscription and of moderate size, and you
 don't require moderator approval of subscriptions, we recommend
 setting all new subscribers to "hold for moderation".  If the
 first post is acceptable, then set them to default processing or
 accept.  For many lists that nearly eliminates "drive-by" spams
 and other unwanted posts.  YMMV of course.

  > 3. I haven't ever received such complaints before this situation started
  > on March 24. Is Microsoft noted for somehow generating spurious
  > complaints like this?

Not that I've heard of.  Maybe somebody else has.  The only case I
know of like that was AOL, which put the "Report Spam" button next to
the "Delete Message" button.  Perhaps Hotmail has a similar issue, but
I haven't heard of it.  You could ask the subscriber if it's possible
she missed and hit the wrong button, but since she's already denied
doing that, you'll have to be careful about it.

I'm sorry not to be of more help, but given that big providers like
Microsoft are never willing to engage in situations like this, there's
little information in the public doma

[Mailman-Users] The Hotmail complaint saga continues

[Jayson Smith]

Hi,


Last week I wrote this list about a situation where I'd received an 
Email from st...@hotmail.com with the subject, "complaint about message 
from MYI.PAD.DRE.SS." Then later I received a second such message, 
identified both complainants as the same person, let her know she'd be 
put on No Mail if she did it again, and received a response from her 
saying she's never marked one of my messages as spam or junk.



The other night I received a third such complaint, duly put her on No 
Mail, and sent her an Email about it. At that point, I was pretty sure 
these complaints were being generated by some automated process, since 
they always came in within two to four minutes of the original messages 
going out. However, this theory was somewhat squashed when she 
supposedly complained about the very message telling her that due to 
complaints she was on No Mail…then responded, indicating she has 
COVID-19 and is putting off everything not critical until later. I sent 
that message yesterday morning, and the complaint came in this evening, 
with her response coming about twenty minutes later. This makes me think 
she's doing something to cause a complaint to be generated, and doesn't 
realize she's doing it. My questions are as follows:



1. Is Linode, my VPS provider, also receiving these complaints? If so, 
I'm surprised they haven't at least sent me a notice telling me about them.



2. Does anyone know if having received these complaints might cause 
Microsoft to be more likely to add my IP to their infamous block list? 
If they do, I'm going to be in a bad position, because they'd be well 
within their rights to say, "You've received four complaints within the 
last three weeks, so no, we won't mitigate anything for you. Get your 
Email sending practices in order, then maybe someday we'll talk."



3. I haven't ever received such complaints before this situation started 
on March 24. Is Microsoft noted for somehow generating spurious 
complaints like this? If so, is that the reason I'm not getting hounded 
about it from Linode, the "Little Boy who Cried Wolf" situation?



Thanks for any thoughts,


Jayson


--
Mailman-Users mailing list -- mailman-users@python.org
To unsubscribe send an email to mailman-users-le...@python.org
https://mail.python.org/mailman3/lists/mailman-users.python.org/
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/
   https://mail.python.org/archives/list/mailman-users@python.org/

[Mailman-Users] Re: ARC protocol in Mailman 2?

[Jayson Smith]

Hi,

To answer your main question, everything is on one Linode VPS, there's 
no networking or separate servers/hosts involved, everything's on one box.


Jayson

On 4/10/2022 4:41 AM, Stephen J. Turnbull wrote:

Jayson Smith writes:

  > I've recently been playing with the OpenARC milter for Sendmail.

IIRC, OpenARC is the sample implementation by the ARC developers.  It
should be robust.  Mailman uses a different implementation based on
Python.  (You should use an MTA-based implementation if it works
correctly for all the usual reasons: performance, more correct
behavior especially for SPF.)

  > I have it running, and it seems to be working properly, except for
  > one thing. When a message is sent to one of my Mailman 2 lists,
  > OpenARC adds an ARC set to the incoming message before it ever hits
  > Mailman.

It's been a while since I read the RFC, but AIUI, adding the full set
is incorrect behavior.  An ARC processor should add only
ARC-Authentication-Results on the way in to the AD (administrative
domain), then add any DKIM stuff, the ARC-Signature, and the ARC-Seal
on the way out of the AD.

The fact that it adds the full set suggests that it thinks that
Mailman is outside of the AD.

  > Then the message hits Mailman,

Is Mailman running on the same host as Sendmail?  Is it the same host
running the same instance of Sendmail on the way in and the on the way
out?

  > and on the way out, OpenARC adds another ARC set to the message,
  > this one indicating the ARC validation failed. Now, if I understand
  > the RFC correctly, any ARC-aware MTA that sees this failure is
  > going to treat the entire ARC chain as though it never existed
  > since the most recent ARC set indicated validation failure.

That is not quite correct.  An ARC-capable MTA will treat the ARC
chain as though it begins at Mailman's outgoing MTA.  If Mailman's MTA
has a good reputation, that may help with some filters.  It will not
help with DMARC, though.

  > If this is the case, then the whole exercise is pointless.

  > Now some questions. OpenARC has a configuration option to treat certain
  > hosts as trusted, and the Man page indicates that if no hosts are listed
  > there, localhost is automatically added. If this is true, I don't know
  > why OpenARC is processing messages on the way out of Mailman, since that
  > should be a localhost to localhost connection.

It's processing on the way out because what ARC establishes is a chain
of custody:

1.  I checked it on the way in (ARC-Authentication-Results = A-A-R).
2.  I watched it all the way to the outgoing MTA, and only processes I
 trust touched it.  They may have changed it (invalidating the
 author's DKIM signature) but I assure you my processes didn't
 change anything you care about (specifically From if you're doing
 DMARC).  If you trust me, you can trust the authenticity of From.
3.  Here's my ARC-Signature (= A-Sig) on the final state (which I
 swear is authentic to the author's intent) just before I put it
 back on the wire, and here's an ARC-Seal to bind up both the A-A-R
 and A-Sig so you can trust them.

If you don't do A-Sig and A-Seal on the way out, the chain of custody
is broken if changes are made to the message (such as mailing lists
typically do) because the incoming signatures (author's DKIM and all
intermediate A-Sigs, as well as your incoming A-Sig!!) are all broken.

  > Is OpenARC the best Milter to use with Sendmail for this purpose?
  > Is there something else I'm doing wrong or overlooking?

I don't see why not.  I'm pretty sure that's what most of the IETF
Working Group used, although Google and Yahoo! probably used their own
code.

I would guess there's some issue with OpenARC configuration, or with
your network configuration (this might include DNS! does Mailman live
on a different domain aliased to that host?), that makes OpenARC think
Mailman leaves the AD.

If this doesn't provide the necessary hints, let me know.  I don't
have time to study up on OpenARC today, but if needed I'll try to get
to it in the next couple of days.

Steve



--
Mailman-Users mailing list -- mailman-users@python.org
To unsubscribe send an email to mailman-users-le...@python.org
https://mail.python.org/mailman3/lists/mailman-users.python.org/
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/
   https://mail.python.org/archives/list/mailman-users@python.org/

[Mailman-Users] ARC protocol in Mailman 2?

[Jayson Smith]

Hi,


I've recently been playing with the OpenARC milter for Sendmail. I have 
it running, and it seems to be working properly, except for one thing. 
When a message is sent to one of my Mailman 2 lists, OpenARC adds an ARC 
set to the incoming message before it ever hits Mailman. Then the 
message hits Mailman, and on the way out, OpenARC adds another ARC set 
to the message, this one indicating the ARC validation failed. Now, if I 
understand the RFC correctly, any ARC-aware MTA that sees this failure 
is going to treat the entire ARC chain as though it never existed since 
the most recent ARC set indicated validation failure. If this is the 
case, then the whole exercise is pointless.



Now some questions. OpenARC has a configuration option to treat certain 
hosts as trusted, and the Man page indicates that if no hosts are listed 
there, localhost is automatically added. If this is true, I don't know 
why OpenARC is processing messages on the way out of Mailman, since that 
should be a localhost to localhost connection. Is OpenARC the best 
Milter to use with Sendmail for this purpose? Is there something else 
I'm doing wrong or overlooking?



Thanks,


Jayson


--
Mailman-Users mailing list -- mailman-users@python.org
To unsubscribe send an email to mailman-users-le...@python.org
https://mail.python.org/mailman3/lists/mailman-users.python.org/
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/
   https://mail.python.org/archives/list/mailman-users@python.org/

[Mailman-Users] Hotmail complaint about list message, but complainant says she never marked anything as junk?

[Jayson Smith]

Hi,


I run a relatively low traffic Email list on my VPS at Linode. Twice 
within the last two weeks, I've received an Email from st...@hotmail.com 
with the subject "Complaint about message from XX.XX.XX.XX" where 
XX.XX.XX.XX is my IP. I'm signed up for Microsoft's Junkmail Reporting 
Program, and this is the first time I've ever received a complaint from 
them. Using message headers, I've identified the complainant to be the 
same list member both times. The actual Emails from st...@hotmail.com 
have nothing in the body, and the complained about message as an attachment.



Obviously I can't have complaints tarnishing my Email sending 
reputation, so I contacted her to see if she was legitimately marking 
messages as spam/junk, or was doing it by accident, etc. Her response is 
that she has never marked any Emails from my list as spam or junk. In 
case it matters as far as the user interface goes, her Email address is 
at the msn.com domain. Obviously *something* has to be causing 
complaints to be generated, so if she's not doing it, what could be 
causing this? Are there any automated processes at Microsoft that could 
cause a complaint of this type to be generated? Is she somehow marking 
messages as spam or junk without realizing it?



Thanks for any thoughts,


Jayson


--
Mailman-Users mailing list -- mailman-users@python.org
To unsubscribe send an email to mailman-users-le...@python.org
https://mail.python.org/mailman3/lists/mailman-users.python.org/
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/
   https://mail.python.org/archives/list/mailman-users@python.org/

[Mailman-Users] The Microsoft saga continues

[Jayson Smith]

Hi,


Last evening I received an Email from "Hotmail deliverability support" 
indicating they'd implemented mitigation for my IP, and that it could 
take up to twenty-four hours for it to propagate through their systems. 
When this has happened before, it has never taken anywhere near that 
long for me to be able to send Emails again. Now over ten hours later 
I'm still unable to send Emails to Hotmail/Live/MSN/Outlook. Normally I 
might think it might actually be taking this long this time, except for 
the fact that their so-called (probably automated) initial investigation 
didn't find anything wrong at their end, and yet I was still block listed.



Has anyone else seen this from Microsoft. Does anyone know if they 
perhaps sometimes block entire subnets? I have to think whatever's going 
on is probably bigger than me E.G. they mitigated my IP (even though 
they couldn't find anything wrong) but something in the bigger picture 
is still insisting I be block listed? This is getting really old, really 
fast.



Thanks for any thoughts,


Jayson


--
Mailman-Users mailing list -- mailman-users@python.org
To unsubscribe send an email to mailman-users-le...@python.org
https://mail.python.org/mailman3/lists/mailman-users.python.org/
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/
   https://mail.python.org/archives/list/mailman-users@python.org/

[Mailman-Users] It gets weirder re. Microsoft block list

[Jayson Smith]

Hi,


I just received Microsoft's response to my deliverability support 
request. Mitigated? Nope. Not qualified for mitigation? Nope again. 
Their resolution states:



We were unable to identify anything on our side that would prevent your 
mail from reaching Outlook.com customers.



I sent a test Email to an Outlook customer after receiving that 
response, and it bounced right back with the same error as always. 
Needless to say I've responded to Microsoft's message. We'll see where 
this goes.



Jayson


--
Mailman-Users mailing list -- mailman-users@python.org
To unsubscribe send an email to mailman-users-le...@python.org
https://mail.python.org/mailman3/lists/mailman-users.python.org/
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/
   https://mail.python.org/archives/list/mailman-users@python.org/

[Mailman-Users] I'm on Microsoft's blocklist again!

[Jayson Smith]

Hi,


Just over two weeks since I found myself on Microsoft's blocklist and 
was manually removed, I find myself back on their blocklist again. 
Possibly coincidentally, this morning MXToolbox informed me that Linode 
has apparently found itself back on Uceprotectl3. Does anyone know if 
Microsoft considers that particular blacklist when deciding to blocklist 
an IP? Naturally, I've submitted a deliverability support ticket, and 
will probably have to wait several hours for the result.



As always, I'm not doing anything wrong (that I know of at least). Even 
if someone had hacked my server, my hypothesis is that they'd have to be 
a very careful and methodical hacker if their aim were to get me 
blocklisted by Microsoft and only Microsoft. If my server were spewing 
out spam, I ought to be hitting Spamhaus/SORBS/etc. spam traps left and 
right. Trust me, one time I was hacked, my server was sending out spam 
and I didn't know it, and I quickly found myself on Spamhaus XBL.



Any thoughts?


Thanks,


Jayson


--
Mailman-Users mailing list -- mailman-users@python.org
To unsubscribe send an email to mailman-users-le...@python.org
https://mail.python.org/mailman3/lists/mailman-users.python.org/
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/
   https://mail.python.org/archives/list/mailman-users@python.org/

[Mailman-Users] Re: Charter occasionally bouncing mail

[Jayson Smith]

inode). The problem seems
fixed for now, but I am warning new subscribers not to use
Microsoft-controlled addresses.

Of course they won't tell you HOW they decide that something is spam,
as this information would just make it easier for spammers.

(But I don't see what is so bad about spam. You just delete it; it
helps if possible spam goes to a spefific folder, but any system I've
seen makes many mistakes both ways, except spamassassin, which rarely
makes a false positive. The real problem is phishing, and there have
been no randomized control trials to see whether any system can
immunize people against that. I doubt that these spam detectors do it
effectively.)

Some references:

https://answers.microsoft.com/en-us/outlook_com/forum/all/hotmailoutlook-block-list-s3140-blocks-all-new/699f3a56-406e-4804-97e2-cbe23b9bb01c?page=2

https://lists.mailman3.org/archives/list/mailman-us...@mailman3.org/thread/CQ6R3WUVVLNOA3UFFCM42GVPKQDC5SPC/

And there are several things like this:
https://mxtoolbox.com/blacklists.aspx

But the list called UCEPROTECT3 (I think) is now, happily, widely
ignored, because it is based on spam coming from a large range of ipv6
addresses on a cloud server. Spamhause does something like this too,
but you can fix it by getting a "proper" ipv6 address that specifies
the range ("/64" at the end).


Some geneneral

On 11/29/21 00:51, Jayson Smith wrote:

Hi again,

Good point about DMARC. Does anyone know if Charter suddenly started
caring about some DMARC policies on or around this past Friday? I
have my list set to munge the From: lines of messages from senders
E.G. AOL, Yahoo, etc. that publish a DMARC rejection policy.

On a slightly different topic, I've heard from a few Outlook users
that list messages are consistently ending up in their junkmail
folders. Could this be because Microsoft doesn't like the fact that
my list is causing DMARC to fail, but not actually complaining to me
about it? I could solve this problem by having the list munge the
From: line for all messages, but sometimes that causes problems with
replying. In particular, several years ago when my lists were set up
to do that, Thunderbird users were having problems sometimes replying
to the sender of a message rather than the entire list.

Jayson

On 11/28/2021 11:45 PM, Mark Sapiro wrote:

On 11/28/21 7:58 PM, Jayson Smith wrote:

Hi,


One of my Mailman lists has a single member at Charter which has
occasionally bounced mail over the last few days. When this
happens, the reason given, when I look it up on their help page,
indicates the message I sent goes against the security policies
of my domain, and I should contact my domain administrator (that
would be me). I have SPF and DKIM set up, and a quick check at
dkimvalidator.com verifies they're both working. I assume this is
one of these annoying situations where Charter is seeing what's
clearly a transient DNS problem and treating it like a permanent
failure? Also I assume there's nothing I can do about this? Is
the problem likely to be at Charter's end or at my domain's
nameservers' end?


Only guessing, but this sounds like DMARC. Does your list apply
DMARC mitigations?

If it is DMARC, the issue is the message sent to the charter
subscriber is From: poster@posters.domain. posters.domain publishes
a DMARC policy of (probably) reject. Yahoo.com is one such common
domain. Your list modifies the message by content filtering,
subject prefixing, adding msg_footer or some other transformation
that breaks the posters.domain DKIM signature. Your SPF and DKIM
signatures pass, but they are not 'aligned' with posters.domain, so
they don't count for DMARC.

See https://wiki.list.org/DEV/DMARC



--
Mailman-Users mailing list -- mailman-users@python.org
To unsubscribe send an email to mailman-users-le...@python.org
https://mail.python.org/mailman3/lists/mailman-users.python.org/
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/
https://mail.python.org/archives/list/mailman-users@python.org/



--
Mailman-Users mailing list -- mailman-users@python.org
To unsubscribe send an email to mailman-users-le...@python.org
https://mail.python.org/mailman3/lists/mailman-users.python.org/
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/
   https://mail.python.org/archives/list/mailman-users@python.org/

[Mailman-Users] Re: Charter occasionally bouncing mail

[Jayson Smith]

Hi again,

Good point about DMARC. Does anyone know if Charter suddenly started 
caring about some DMARC policies on or around this past Friday? I have 
my list set to munge the From: lines of messages from senders E.G. AOL, 
Yahoo, etc. that publish a DMARC rejection policy.


On a slightly different topic, I've heard from a few Outlook users that 
list messages are consistently ending up in their junkmail folders. 
Could this be because Microsoft doesn't like the fact that my list is 
causing DMARC to fail, but not actually complaining to me about it? I 
could solve this problem by having the list munge the From: line for all 
messages, but sometimes that causes problems with replying. In 
particular, several years ago when my lists were set up to do that, 
Thunderbird users were having problems sometimes replying to the sender 
of a message rather than the entire list.


Jayson

On 11/28/2021 11:45 PM, Mark Sapiro wrote:

On 11/28/21 7:58 PM, Jayson Smith wrote:

Hi,


One of my Mailman lists has a single member at Charter which has 
occasionally bounced mail over the last few days. When this happens, 
the reason given, when I look it up on their help page, indicates the 
message I sent goes against the security policies of my domain, and I 
should contact my domain administrator (that would be me). I have SPF 
and DKIM set up, and a quick check at dkimvalidator.com verifies 
they're both working. I assume this is one of these annoying 
situations where Charter is seeing what's clearly a transient DNS 
problem and treating it like a permanent failure? Also I assume 
there's nothing I can do about this? Is the problem likely to be at 
Charter's end or at my domain's nameservers' end?



Only guessing, but this sounds like DMARC. Does your list apply DMARC 
mitigations?


If it is DMARC, the issue is the message sent to the charter 
subscriber is From: poster@posters.domain. posters.domain publishes a 
DMARC policy of (probably) reject. Yahoo.com is one such common 
domain. Your list modifies the message by content filtering, subject 
prefixing, adding msg_footer or some other transformation that breaks 
the posters.domain DKIM signature. Your SPF and DKIM signatures pass, 
but they are not 'aligned' with posters.domain, so they don't count 
for DMARC.


See https://wiki.list.org/DEV/DMARC




--
Mailman-Users mailing list -- mailman-users@python.org
To unsubscribe send an email to mailman-users-le...@python.org
https://mail.python.org/mailman3/lists/mailman-users.python.org/
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/
   https://mail.python.org/archives/list/mailman-users@python.org/

[Mailman-Users] Charter occasionally bouncing mail

[Jayson Smith]

Hi,


One of my Mailman lists has a single member at Charter which has 
occasionally bounced mail over the last few days. When this happens, the 
reason given, when I look it up on their help page, indicates the 
message I sent goes against the security policies of my domain, and I 
should contact my domain administrator (that would be me). I have SPF 
and DKIM set up, and a quick check at dkimvalidator.com verifies they're 
both working. I assume this is one of these annoying situations where 
Charter is seeing what's clearly a transient DNS problem and treating it 
like a permanent failure? Also I assume there's nothing I can do about 
this? Is the problem likely to be at Charter's end or at my domain's 
nameservers' end?



Thanks,


Jayson


--
Mailman-Users mailing list -- mailman-users@python.org
To unsubscribe send an email to mailman-users-le...@python.org
https://mail.python.org/mailman3/lists/mailman-users.python.org/
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/
   https://mail.python.org/archives/list/mailman-users@python.org/

[Mailman-Users] Viewing bounces from Mailman-generated messages?

[Jayson Smith]

Hi,


Here's the situation, MM 2.1.26.


Last night I received an Email from a list member. She's trying to 
change her Email address, and isn't receiving the confirmation request 
message at her new address. At that point I didn't know her new address 
so couldn't check logs. I told her to try subscribing with the new 
address instead, and to give me her new address. This morning she said 
she'd do that.



Now that I have her new Email address, I can check my server logs 
and…the confirmation request is being rejected by her incoming SMTP 
server with a "Service Unavailable" error. However, since Sendmail logs 
don't actually show the full rejection message, that's all I know, and 
it's not enough to go on. I know the bounce report would contain the 
entire rejection message, but at this point I don't have access to that 
since it went to listname-bounces and Mailman happily gobbled it up, 
then did nothing with it.



I ended up having to temporarily change the listname-bounces alias to 
point to a real account on the server, then try to subscribe her again, 
in order to see the bounce. Turns out her ISP thinks Mailman request 
messages are spam and is rejecting them. Of course I put the alias back 
like it was.



My question is, is there a more eloquent way to see or get a log of the 
actual bounce in a situation like this in order to see the entire error 
text as opposed to just "Service Unavailable" or similar?



Thanks,


Jayson


--
Mailman-Users mailing list -- mailman-users@python.org
To unsubscribe send an email to mailman-users-le...@python.org
https://mail.python.org/mailman3/lists/mailman-users.python.org/
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/
   https://mail.python.org/archives/list/mailman-users@python.org/

[Mailman-Users] Re: CenturyTel bouncing mail from one specific AOL list member

[Jayson Smith]

Hi,

I tend to disagree, based on the following line:

From: "F XxxxL via wxxxe" 
From what I see in this line, it seems that Mailman is properly munging 
the problematic AOL From: line, which should in theory make the whole 
AOL/Yahoo DMARC policy irrelevant. Thoughts?


Jayson

On 6/15/2021 1:24 PM, Stephen J. Turnbull wrote:

Jayson Smith writes:

  > I'm having trouble with one of my lists. CenturyTel is bouncing mail
  > from one specific AOL user. The Mailman munge from is working as
  > expected, and I even tried configuring mm_cfg.py to strip incoming DKIM
  > signatures. However, as you'll see, CenturyTel is still complaining of a
  > bad DKIM signature. No one else is.

Have you checked if everyone is seeing the email (see below)?

  > The incoming mail seems to include a DKIM signature as a
  > nonstandard header, maybe CenturyTel knows to look for this, and is
  > throwing a fit when it fails to verify?

The X-SONIC-DKIM-SIGN field is just an unknown field as far as a
properly implemented MTA is concerned.  Theoretically CenturyTel is
upset about that, but there's a much simpler explanation: failed DMARC
>From alignment (to use the technical term), which is what I suspect
"Failed DKIM Authentication" means.

AOL publishes a DMARC p=reject policy, which means that a recipient
must reject (return to sender) or discard the email (without notifying
the sender) if From alignment fails.  (This cannot be enforced.
Gmail, for example, usually puts these in the spam folder rather than
rejecting them.)  From alignment means that the domain of the email in
the From header matches the domain in the d= field of at least one
valid DKIM-Signature in the header.

In the case of the header you appended, there is one valid DKIM
signature, it is the one very near the top of the header, and it has
d=bluegrasspals.com.  The domain of the From address is aol.com, so
they are not aligned, and conforming MTAs will reject.  Almost all
non-conforming MTAs that implement DMARC will quarantine the email,
usually in the spam folder.

So as far as I can tell, CenturyTel is a conforming implementation,
and behaving correctly given the header you posted.  I suspect the
reason that you're not hearing complaints from other MTAs is that
they're all discarding the email with extreme prejudice.

I guess that X-SONIC-DKIM-SIGN was originally a valid DKIM-Signature
header.  By the time it got to sonic302.consmr.mail.bf2.yahoo.com,
either the message was corrupt (so DKIM validation failed) or sonic302
recognized that DMARC From alignment was sure to fail, and so "fixed
up" the header (perhaps for debugging purposes).

So, this user's emails are going to be discarded by a large minority,
if not the vast majority, of sites because they're using an AOL
address in From and sending via Yahoo!:

 Received: by kubenode547.mail-prod1.omega.ne1.yahoo.com (VZM Hermes SMTP
   Server) with ESMTPA ID 754de18d9b1eebb7367c2043d8067b87;
   Tue, 15 Jun 2021 10:21:22 + (UTC)

Tell them to stop doing that.

Although I recognize that's often easier said than done,
unfortunately, that's where my advice ends (I live in Japan, so
mercifully never have to deal with the goat rodeo that is
Verizon/Yahoo/AOL).  Perhaps somebody else can take it from here and
explain how your poor AOL user can get their mail through.

Of course, their best course of action is to switch to Gmail or some
other competent provider, but users often resist that.

Steve




--
Mailman-Users mailing list -- mailman-users@python.org
To unsubscribe send an email to mailman-users-le...@python.org
https://mail.python.org/mailman3/lists/mailman-users.python.org/
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/
   https://mail.python.org/archives/list/mailman-users@python.org/

[Mailman-Users] CenturyTel bouncing mail from one specific AOL list member

[Jayson Smith]

Hi,


I'm having trouble with one of my lists. CenturyTel is bouncing mail 
from one specific AOL user. The Mailman munge from is working as 
expected, and I even tried configuring mm_cfg.py to strip incoming DKIM 
signatures. However, as you'll see, CenturyTel is still complaining of a 
bad DKIM signature. No one else is. The incoming mail seems to include a 
DKIM signature as a nonstandard header, maybe CenturyTel knows to look 
for this, and is throwing a fit when it fails to verify?



I've pasted below the bounce and the headers of the original message, 
with all private info X'd out. Any thoughts about what's going on, or 
what to do about it?



Thanks,


Jayson





The original message was received at Tue, 15 Jun 2021 06:21:30 -0400
from localhost [127.0.0.1]

   - The following addresses had permanent fatal errors -

    (reason: 554 5.7.1 [P-101] Failed DKIM Authentication: permfail 
(signature did not verify))


   - Transcript of session follows -
... while talking to mx.centurylink.net.:
>>> DATA
<<< 554 5.7.1 [P-101] Failed DKIM Authentication: permfail (signature 
did not verify)

554 5.0.0 Service unavailable



==

Return-Path: 
Received: from [127.0.0.1] (localhost [127.0.0.1])
    by bluegrasspals.com (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTP id 
15FALSRU026677

    for ; Tue, 15 Jun 2021 06:21:30 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=bluegrasspals.com;
    s=default; t=1623752490;
    bh=24CUhP05iIsyC0G3FHT2ldx12tu+uz6AwzHIUiMK7Kg=;
h=Date:References:Subject:List-Id:List-Unsubscribe:List-Archive:
     List-Post:List-Help:List-Subscribe:From:Reply-To:Cc:To:From;
b=jkYBn/0VT0JJCiFDtNHp+iKo1jFwm2SSVrRa61q39SMFlMH7t9239eJ1icplXJ0LK
 n0U29ph/i4g+R3SClDOwHylZ2Hu3dhsKqsRygyWc27obmbgrBE0QDsJAeIyJ9NFmTy
     1/I+ZvFTnPu2Ks0+m+Pzhs6KsTEdcS5k08auq1ao=
Received: from sonic302-2.consmr.mail.bf2.yahoo.com
 (sonic302-2.consmr.mail.bf2.yahoo.com [74.6.135.41])
 by bluegrasspals.com (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPS id
 15FALOhI026595
 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO)
 for ; Tue, 15 Jun 2021 06:21:25 -0400
X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; 
s=s2048;

 t=1623752483; bh=Ds3LXRx+BOvjxdRl25AO7ofXzYqWCrmKvce2gThkX/H=;
 h=X-Sonic-MF:From:Date:Subject:To:From:Subject;
 
b=CBgThKtZkAQo7thcnyqsK4Gj9aHFj2u4LIbWzQD4DwhOTWayZAhCf705dAnfjwq05KeBa5rObxyPxM//bwG9rQfGO46Sn6I0ghTuYyPN/u16yocbAw/mU+QI24lVInoFCpMtWoaTybZAvlrQdq6dVbkrsVTneMI5SQVibcKtilkoBE6h6l3usK5NiUB5/wniQ7ix6zgDirR8apQmDLNIohVY0OVm5JhMifig45LmFrWimjmeJi3XnawZ/NoQomcC8A9KBWV7Hm82nekoNTsx8DNbfK02IYXClJhqgEABEF+lSbHf7PBF0fg6gz0yAWqoJ5WCcoRql+tv0SY+aIiRaA==
X-YMail-OSG: XfIgwYIVM1nHydw5YfeXAbXdIV8C_q_OSd.mDYUbE9ExjzkDbxxXp0OF8dxQlHU
 XWhf_KlnSW00w2qJbd0OsWSMaEYR3Esi.kap4EdUdx6bVQwhKstNt9hsiUaQLISfLwItU.kWGsXQ
 .WJe9yVyuXfLnY2gkk24OTMCTCcb9lY8AVYcS9sl9JWieYqiV8wiud1usqBYs7D4EP44sAoiNV_A
 I97_JC1Wmv.h3PEoI_ylekw5LXChz00Bx96Bx11la4SS.g6XnrXeHzYHl_coXkEt4FMlF1TjzKmn
 GhUKPr7_l7wsC3uH1gF5zhmiYsqIgQDmQFPX26PEW7IW7tY_65h3lOXLu9dlITwh408DlkL1WNN2
 4LD0kezio5BSYEic5KpsNoFYVbb4FWS7qZfJQlA7iG27_i.YQfWTTP0GbTk4L4YgH1GgT7ixADIH
 kFsjE5oZyAL2wA5DNeGVHzhIUcDMHBeaReyPu8DcwKo1NM29_9Fpszkcy5rVvAabSrT.0Ac4ePdW
 Qqi_vAUA2s1f0Hf9yl6CB73skXrNOvLWpU9JIlmi1.DYk6Q3GveH9XOp6vJ9RTykKqdOG1p3_fiL
 L3j9vnzYaaIpL_KNtJDU2eWHrkuFR3QxlC61TAi2OvNQNRguzgZvCLtHxnR1_FwzJzXFIWw23U_F
 8.UCN3jzQj2eTmYWOeyHqwSS0lf0b3C49.nUtYvMuTchliknCwUANAihpg1w8Tlw3UIoWOb7vS81
 0GlrYRgE4Z8PGQp2oefuY3mgrGHNzVeA1r0U804GXzYByrcMC8SAPcPpBvA63P4XbfwQFzxur1en
 n7_WZm1fvr0mxLPN8BX1AfEB5Q0q7Kc9M8B8XpKLlEdeXKFs2b5nfjGzxGd9sMOBMc2gq0gjkl2W
 jK6SGFglyas8ePanukAWM68CKMl6ekkQ4gpqZxda7BGDvAhaFFozexnDd9TAK139mZRuL45PEwva
 nxYhfOqWMLI6c_HAb343_b9fzQBaXgidYJGsY57Tqfgdsw5LvykExp7La5TmJDQcfnZKfahhUets
 jEM4znJ2pVgMbUEwJRPbZO.RgUnnbVh9AT.TLvPcm5OIlwvExPXHI00ipIufMQYwRyrAfgdvabyK
 BwFnEhz63jw84WzXoTMirIfgd5AbuLpEwieXG5PbWZ.69.bp8Im2LXcyNb9QhjptJGgZ9gPTeO9h
 3rqmk.Jxl913pyJbZ02Wqx6D1Lj8k7xaiavmifi.iu_zGlGEJbjzsZtqCvqcTbuea6bhihU6T6n1
 lYT7C2BIfc_W99a_o4CwCRVBrAZ_jAuP7Ij6EJ6IWAfyBIOe28w4de3Ya4yH30gphcz7UkFpjU7c
 Ycl4oHnRX.Ijw.p1HGq6UECGahYMW0TjwwXI85nDMi9C3BWqe0nGDElPsAZSC.H_GeDeZY8V2E3.
 r4TlNXifjB2N93elfzYQojmZZEG3MKp9P5c6ykXY3k24ZYf1qWrFJzUNERWoFXBXqcUCTf7Dtni2
 11hXBAEji6DkO6h2mLruknU8yxfMenyiZ415RWvvE1pHA6dgtJy.HWlXD.6.j2L_g0VEDYjAXAeB
 iEAPYnWyiY0jdHB2pq4t_1ya0wKi21VNdf9FnYBgvQyvYNkaRHxsjfv0hLuqy9j1HfczCQYeTcNz
 ASMAGDGkY_1zNf4X_KwhueY2hOtd8pEt15b2wmaJPkqtD_k3Cjy6UvNIYeXm41QZlxB4k5MPWw14
 ntKQ0QqdNd7VKsEzwM1lyNySfKob_C.Gqlbrx.UmpGmnvyba9rRt0YDm5aklxNJfOBoPdnyU5gpH
 lEU_Yl_Bad48NIfDxhvRsbZYmIzi_8.sgiw9Xp_I4Y2J9eNE03Uk0grRD97Sz2xv7Q2y3ZMCDZwl
 9tatBxM8WIeh9zmwTtxY8y3w_3BkbwpA3lnWUlxsBvFkfK0UvBqJKv5z0VCURzCtaETQCk5LkdIl
 vW9OumaF6EDxzE0nVLiBJZ3jjn.dCR1LxM8mVGzpMCNzqbpS3mCCki6KPkv5ojIE0mrrVQicVWdJ
 rZpLxNFODr0DKrrVLg3VwWFbjLEaxCvWiJowS_N.3nuyY4v7xXktInvx6VoUvXeBk6aJiHtWEJMd
 

[Mailman-Users] Okay, you can call me an idiot now

[Jayson Smith]

Hi again,


Last night I posted a message about Mailman and/or Sendmail failing to 
deliver Emails to a particular address with an upper case first letter. 
Two of you pointed out that the mail was probably stuck in Sendmail's 
outgoing queue, and if it wasn't, the Sendmail logs would show what 
happened to it. Turns out, you were right. Sendmail did not have those 
messages in its outgoing queue, and the logs didn't show what happened 
to them…until I suddenly remembered something, and realized I'd been 
making a stupid newbie mistake all along, and I am not a Linux newbie by 
any means! I'd been using Grep to search logs…and I'd forgotten that 
Grep searches, by default, are case sensitive! When I took that into 
account, the nonexistent log entries showing this user's mail going out 
suddenly started existing, wouldn't you know it!



Turns out what's really happening is that all mail from this list is 
going into this user's junk folder. I'm going to ask if he has a 
button/option to declare such mail to not be junk so hopefully this can 
be corrected.



Thanks,


Jayson


--
Mailman-Users mailing list -- mailman-users@python.org
To unsubscribe send an email to mailman-users-le...@python.org
https://mail.python.org/mailman3/lists/mailman-users.python.org/
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/
   https://mail.python.org/archives/list/mailman-users@python.org/

[Mailman-Users] MM2/Sendmail failing to send messages to upper case Email addresses?

[Jayson Smith]

Hi,


I have a strange one here. Earlier this evening I received a report that 
one particular subscriber wasn't receiving messages from one of my 
lists. I knew I wasn't getting any bounce notices, so I decided to look 
at the server logs. I saw messages being received from him when he sent 
mail, but never saw any mail actually going to him. Could he have 
somehow been put on no mail? Checked, nope. Same for digest. At a loss, 
I unsubscribed and resubscribed his address. The unsubscribe message 
went out, but the welcome message didn't. I posted a test message to the 
list, and though his address was listed in the Sendmail outgoing queue 
for a while, the Sendmail logs never showed the message going out to 
him. I discovered that the first letter of his address was capitalized, 
so I unsubscribed him again, and resubscribed him again, this time with 
the address in all lower case. The welcome message went out this time, 
as did my subsequent test message to the list. Has anyone else had this 
happen, or does anyone know what's going on here?



Thanks,


Jayson


--
Mailman-Users mailing list -- mailman-users@python.org
To unsubscribe send an email to mailman-users-le...@python.org
https://mail.python.org/mailman3/lists/mailman-users.python.org/
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/
   https://mail.python.org/archives/list/mailman-users@python.org/

[Mailman-Users] AT RBL update

[Jayson Smith]

Hi,


Great news! Not forty-eight hours after my first Email, my IP is 
unblocked! Then a few hours later I received an Email from the AT 
Postmaster saying my IP will be removed from their RBL within 24 hours 
of this letter. Go figure.



On another note, I use MXToolbox to monitor my IP's RBL status, so I 
knew Linode was on Ucepretect level 3. I'm sorry to know Digital Ocean 
is also on that list. It just means I can't in good faith tell someone 
I'm not on any RBL's because they can do a quick check and find out I 
am, in fact, on one. To a poorly programmed automation or an ignorant 
human, an RBL no one pays attention to is still an RBL.



Jayson

Jayson


--
Mailman-Users mailing list -- mailman-users@python.org
To unsubscribe send an email to mailman-users-le...@python.org
https://mail.python.org/mailman3/lists/mailman-users.python.org/
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/
   https://mail.python.org/archives/list/mailman-users@python.org/

[Mailman-Users] AT RBL again

[Jayson Smith]

Hi,


I know there was a thread on this a few weeks ago, but I deleted those 
messages. My server has found itself, for no apparent reason, on AT's 
RBL. I've already written to abuse_...@abuse-att.net as suggested in the 
error message. I assume the upshot of the earlier thread was that all I 
can do is wait, possibly write again, and hope the AT RBL removal gods 
smile down upon me, is that right?



Thanks,


Jayson


--
Mailman-Users mailing list -- mailman-users@python.org
To unsubscribe send an email to mailman-users-le...@python.org
https://mail.python.org/mailman3/lists/mailman-users.python.org/
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/
   https://mail.python.org/archives/list/mailman-users@python.org/

[Mailman-Users] MM2: Archive search function for a private list?

[Jayson Smith]

Hi,


I run a list for members of an organization. Recently I was asked by a 
member if the archives had a search function. With MM2 they don't, I 
know. This is a private list, so I don't want it publicly searchable. 
Does anyone know of a web application that can be deployed on a Linux 
server which will go through a list's archives, generate a searchable 
index, and allow members (possibly using their mailing list Email and 
password, or maybe something else) to access it?



Thanks,


Jayson


--
Mailman-Users mailing list -- mailman-users@python.org
To unsubscribe send an email to mailman-users-le...@python.org
https://mail.python.org/mailman3/lists/mailman-users.python.org/
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/
   https://mail.python.org/archives/list/mailman-users@python.org/

[Mailman-Users] Does Mailman address need to receive mail from the outside world?

[Jayson Smith]

Hi,


Recently I've started receiving spam at the mail...@mysite.net address. 
I've been manually discarding such mail from the Mailman moderation 
queue, but I'm wondering if there's any legitimate reason to allow any 
incoming mail to that address in the first place? If not, I could almost 
certainly use a milter I have installed to reject such messages at the 
SMTP stage and thus stop it in its tracks.



Thanks,


Jayson

--
Mailman-Users mailing list -- mailman-users@python.org
To unsubscribe send an email to mailman-users-le...@python.org
https://mail.python.org/mailman3/lists/mailman-users.python.org/
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/
   https://mail.python.org/archives/list/mailman-users@python.org/

Re: [Mailman-Users] msg marked as spam 554 5.7.1 [P4]

[Jayson Smith]

Hi,

I've seen this exact error before with various ISPs. I believe one of 
them is Centurytel. I assume what's happened is that several ISPs use a 
certain spam filtering service or app, and that filter is rejecting the 
messages for some unknown reason. If that's the case, the particular ISP 
in question probably won't have a clue what's going on. Hopefully 
they'll care enough to consult with the third-party filtering service.


Jayson

On 1/5/2020 5:23 PM, Bruce Johnson wrote:

I was the off-list person...

This was the actual bounce error from one of the offending messages:

A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:

   
[redacted]@alaskan.com


 host
inbound.gci.net
  [69.168.106.130]
 SMTP error from remote mail server after end of data:
 554 5.7.1 [P4] Message blocked due to spam content in the message.

It’s being bounced by some spam rule on CGI.net; it’s a global one so it’s 
something in their configuration, since none of the other providers are 
bouncing it, it’s not really recognizable as spam.

(or one user reported it as spam and they took the lazy way out and blocked all 
the emails from that list address…we have one user who routinely marks email 
from one list on our domain as ’spam’…then complains that he’s not getting 
emails from the list…sigh )




On Jan 5, 2020, at 11:48 AM, Jim Dory  wrote:

On Sun, Jan 5, 2020 at 12:56 AM Stephen J. Turnbull <
turnbull.stephen...@u.tsukuba.ac.jp> wrote:


Jim Dory writes:



Sometimes I do get this: host mx1.arandomserver.com [198.252.100.64]
SMTP error from remote mail server after end of data:
550 Headers contain illegal BOM
on my personal email from the same sender (city), but not sure that is

same

issue.

I don't understand.  You say it's personal mail *from the city*, but
you're getting the bounce message?  That should not happen; the bounce
message should go to the city.




I don't think the city would see a bounce because the list accepted their
message and a lot of subscribers would see it.. but it was rejected only by
one or two other subscriber email providers. That is my understanding
anyway, perhaps I'm wrong.  I see the bounces as admin for the list. Isn't
this proper behavior of the mailman software? It seems that people would
complain (or ask about it) if they saw all the bounces caused by one of
their messages and they never have.




That's nothing.  Don't hesitate.  It's much more annoying to have to
go back and forth if you send incomplete headers.



Could it be that GCI needs to whitelist or something?

Not enough information.  It sounds like either or both the city and
GCI have difficulty with email since it's that particular combination,
but which one is whack I can't tell without a look at the delivery
status notice (bounce message) for the mass bounces.  This is often in
your mail server's log as well.




Steve, thanks very much for replying and looking at this. I realize now I
didn't provide sufficient info and will in the future amend my ways.

I'm going to contact GCI and see if I can get them to either whitelist or
clean up a possible mis-configure in their system. Another kind gentlemen
from this mailman list contacted me off-list with an offer to help - I sent
him the complete header and reject message.. and he felt that there was
nothing apparent to warrant an email provider to reject it.

thanks, Jim
--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/johnson%40pharmacy.arizona.edu



--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Re: [Mailman-Users] user unsubscribe

[Jayson Smith]

Hi,

If the notification was sent at 9:00 AM server time, it probably means 
the subscriber was bouncing Email (changed their Email address and 
didn't update their list subscription, their mail server thinks your 
messages are spam, etc.) and didn't respond to multiple "Your mail is 
bouncing, click here if you received this message" Emails. If this is 
the case and the list is in the default configuration, you should assume 
they haven't been receiving Email for at least three weeks.


Jayson

On 11/2/2019 7:46 PM, Bernie Cosell wrote:

i received a notification that one of the users on my list was unsubscribed.  
I'm
surprise because the configuration for the list specified that unsubscribes 
have to
be approved, and this wasn't.  How could that happen?

   /Bernie\
 Bernie Cosell
ber...@fantasyfarm.com
-- Too many people; too few sheep --





--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/jaybird%40bluegrasspals.com




--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Re: [Mailman-Users] Totally disable list subscriptions?

[Jayson Smith]

Hi,

To clarify, I did get off Microsoft's blacklist, but after I did I 
decided that particular list was probably too high traffic.


Jayson

On 9/25/2019 10:10 AM, Brian Carpenter wrote:

Are they subscribing via the listinfo page? If so then you can edit that
page via the list admin interface and remove the subscription form.

Also getting off of Microsoft's blacklist is not hard to do. It certainly
would have been easier than all the trouble you are going through now.

Have a great day!

Brian Carpenter
EMWD.com
br...@emwd.com

-Original Message-
From: Mailman-Users  On
Behalf Of Jayson Smith
Sent: Wednesday, September 25, 2019 10:04 AM
To: mailman-users@python.org
Subject: [Mailman-Users] Totally disable list subscriptions?

Hi,


For years I ran a Mailman list on my own server, until it obviously
became too much of a load for certain ISPs to think I was sending
legitimate Email. The final straw was when Microsoft blacklisted my IP
from sending to all of their Email services (Hotmail, live.com, Outlook,
etc.). I decided to move that heavy traffic list to groups.io. Still, I
wanted there to be a placeholder at the list's old URL that would tell
people the list has moved, and where to find it. For this reason, I
created a new, empty, dummy list with the old list's name, and set
subscriptions to require moderator approval. I have a Milter set up to
block all inbound mail to the list's old addresses with a 551 failure
message giving the URL of the new list. However, from time to time
someone will subscribe via the web, so I still need to reject their
subscriptions and point them to the new location. Is there any way in
Mailman to outright disable any and all subscription attempts for a
specific list?


Thanks,


Jayson


--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe:
https://mail.python.org/mailman/options/mailman-users/brian%40emwd.com




--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

[Mailman-Users] Totally disable list subscriptions?

[Jayson Smith]

Hi,


For years I ran a Mailman list on my own server, until it obviously 
became too much of a load for certain ISPs to think I was sending 
legitimate Email. The final straw was when Microsoft blacklisted my IP 
from sending to all of their Email services (Hotmail, live.com, Outlook, 
etc.). I decided to move that heavy traffic list to groups.io. Still, I 
wanted there to be a placeholder at the list's old URL that would tell 
people the list has moved, and where to find it. For this reason, I 
created a new, empty, dummy list with the old list's name, and set 
subscriptions to require moderator approval. I have a Milter set up to 
block all inbound mail to the list's old addresses with a 551 failure 
message giving the URL of the new list. However, from time to time 
someone will subscribe via the web, so I still need to reject their 
subscriptions and point them to the new location. Is there any way in 
Mailman to outright disable any and all subscription attempts for a 
specific list?



Thanks,


Jayson


--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Re: [Mailman-Users] messages fail to @yahoo @aol @outlook

[Jayson Smith]

Hi,

The problem I'm familiar with is messages *from* AOL/Hotmail/Yahoo/etc. 
being rejected by other Email providers. I haven't done it in years so 
I'm not sure where it is, but there's an option in the list config to 
munge the From: lines of messages where Mailman detects this will be an 
issue.


If that's not the problem, my only advice would be to check to see if 
your IP is on any spam blacklists, insure SPF and DKIM are set up for 
better message authentication, insure your IP has proper reverse DNS, etc.


Hope this helps,

Jayson

On 7/28/2019 10:58 AM, Loren Engrav via Mailman-Users wrote:

Greetings

I use Mailman (2.1.26) at Site5.com.

Several of the member addresses are @yahoo.com @aol.com and @outlook.com.

Messages to these address bounce and fail and / or just fail.  Messages to 
other addresses pass.

The latest notice(s) are summarized below.

Site5 people cannot seem to fix this.

Any advice for me / Site5? (I am not expert at this)

Thank you

Loren Engrav

===
his is a Mailman mailing list bounce action notice:

List:   testwg
Member: engravosaurus...@aol.com 
Action: Subscription disabled.
Reason: Excessive or fatal bounces.


From: mailer-dae...@gateway1.unifiedlayer.com 
 (Mail Delivery System)
Subject: Undelivered Mail Returned to Sender
Date: July 27, 2019 at 9:38:57 PM PDT
To: testwg-boun...@engrav.mobi 


This is the mail system at host gateway1.unifiedlayer.com 
.

I'm sorry to have to inform you that your message could not
be delivered to one or more recipients. It's attached below.

For further assistance, please send mail to postmaster.

If you do so, please include this problem report. You can
delete your own text from the attached returned message.

   The mail system

mailto:engravosaurus...@aol.com>>: delivery 
temporarily suspended: lost connection
with mx-aol.mail.gm0.yahoodns.net 
[98.136.101.116] while sending RCPT TO
Reporting-MTA: dns; gateway1.unifiedlayer.com 

X-Postfix-Queue-ID: 47C7320078818
X-Postfix-Sender: rfc822; testwg-boun...@engrav.mobi 

Arrival-Date: Sat, 27 Jul 2019 21:13:17 -0500 (CDT)

Final-Recipient: rfc822; engravosaurus...@aol.com 

Original-Recipient: rfc822;engravosaurus...@aol.com 

Action: failed
Status: 4.4.2
Diagnostic-Code: X-Postfix; delivery temporarily suspended: lost connection
with mx-aol.mail.gm0.yahoodns.net 
[98.136.101.116] while sending RCPT TO

From: testwg-requ...@engrav.mobi 
Subject: confirm 29e587acb271cfb11cfadd8ca325f3ffa9bd2fca
Date: July 27, 2019 at 7:13:15 PM PDT
To: engravosaurus...@aol.com 

Your membership in the mailing list testwg has been disabled due to
excessive bounces The last bounce received from you was dated
27-Jul-2019.

If you have any questions or problems, you can contact the list owner
at

testwg-ow...@engrav.mobi 


This is a Mailman mailing list bounce action notice:

List:   testwg
Member: engravosau...@yahoo.com 
Action: Subscription disabled.
Reason: Excessive or fatal bounces.



The triggering bounce notice is attached below.

Questions? Contact the Mailman site administrator at
mail...@engrav.mobi .

From: mailer-dae...@gateway13.unifiedlayer.com 
 (Mail Delivery System)
Subject: Undelivered Mail Returned to Sender
Date: July 27, 2019 at 10:19:15 PM PDT
To: testwg-boun...@engrav.mobi 


This is the mail system at host gateway13.unifiedlayer.com 
.

I'm sorry to have to inform you that your message could not
be delivered to one or more recipients. It's attached below.

For further assistance, please send mail to postmaster.

If you do so, please include this problem report. You can
delete your own text from the attached returned message.

   The mail system

mailto:engravosau...@yahoo.com>>: delivery 
temporarily suspended: lost connection with
mta5.am0.yahoodns.net [98.137.159.24] while 
sending RCPT TO
Reporting-MTA: dns; gateway13.unifiedlayer.com 

X-Postfix-Queue-ID: 598BC200A4FF9
X-Postfix-Sender: rfc822; testwg-boun...@engrav.mobi 

Arrival-Date: Sat, 27 Jul 2019 21:53:54 -0500 (CDT)

Final-Recipient: rfc822; engravosau...@yahoo.com 

Original-Recipient: 

[Mailman-Users] Roadrunner/TWC blocking Emails

[Jayson Smith]

Hi,


I run a few Mailman lists, and yesterday evening I started having 
trouble sending Email to Roadrunner customers. I figured it was a 
temporary failure of some kind, until this morning when I received the 
same bounces. Whenever Sendmail connects to a Roadrunner Email server, 
it immediately gets this error:



   - Transcript of session follows -
... while talking to dnvrco-cmedge01.email.rr.com.:
<<< 554 dnvrco-cmimta17 esmtp ESMTP server not available AUP#I-1000
... while talking to dnvrco-cmedge02.email.rr.com.:
<<< 554 dnvrco-cmimta14 esmtp ESMTP server not available AUP#I-1000
554 5.0.0 Service unavailable

Various attempts at Googling this error have lead me to believe that my 
IP may have been blacklisted by RR/TWC for some reason. Since the 
blocking happens immediately upon connect, my server doesn't have enough 
time to send enough information for RR/TWC to do an SPF check much less 
a DKIM validation. Various links I've tried to reach RR/TWC's postmaster 
site now lead to a Spectrum support page targeted at Spectrum customers 
having problems sending Email or receiving spam or other unwanted Email, 
not mail servers having problems sending into Spectrum/Roadrunner/TWC. 
Does anyone here know of an up-to-date link where I can find out if my 
IP is blacklisted by them, submit a removal request, etc?



Various RBL checking tools indicate I'm not on any blacklists, and 
several reputation check tools show my IP as being clean. I don't 
know—and probably never will—why Time Warner/Roadrunner would put me on 
their blacklist. This happened all of a sudden, a message addressed to 
two Roadrunner customers yesterday afternoon was accepted, then about 
five hours later they started blocking my IP.



Thanks for any help,


Jayson


--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

[Mailman-Users] OT - Smart .forward replacement?

[Jayson Smith]

Hi,


I've been using .forward to forward Email from some user mailboxes to 
other addresses. Normally this works just fine, but a few weeks ago a 
situation happened which demonstrates how it can be an epic fail. I had 
a Mailman/DNS problem after upgrading a lot of packages. A message came 
in, Mailman couldn't properly look up the DMARC policy of the sending 
ISP, didn't munge the From: and sent the message on its way, and of 
course the message was from AOL, just about everybody rejected it, I 
woke up to fifty-five bounce reports…and all those bounce reports were 
also forwarded to an Email account on an Internet by telephone service, 
where deleting them was extremely slow.



What I'm looking for is possibly something that checks mailboxes from 
time to time, and forwards all incoming messages that meet certain 
parameters, taking care of DMARC difficulties along the way so the 
forwarded messages will be accepted by the remote servers. E.G. my mom 
uses that net by phone service, and would like to see Email which comes 
to her regular Email address, but doesn't want to spend time deleting 
Amazon order confirmations, Mailman moderation notices, and other 
routine, automated, or irrelevant messages. Does such a thing exist?



Thanks for any help,


Jayson


--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Re: [Mailman-Users] DMARC mitigation failure

[Jayson Smith]

Hi,

That did the trick, thanks!

Jayson

On 11/14/2018 6:09 PM, Mark Sapiro wrote:

On 11/14/18 2:35 PM, Jayson Smith wrote:

Hi,

The error in /var/lib/mailman/log/error is as follows:

Nov 14 10:24:29 2018 (1063) DNS lookup for dmarc_moderation_action for
list (Redacted) not available


That says Mailman couldn't import dns.resolver.

You need to have the dnspython package installed for Python. Get it from
<http://www.dnspython.org/> or <https://pypi.python.org/pypi/dnspython/>
or just do

pip install dnspython



--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Re: [Mailman-Users] DMARC mitigation failure

[Jayson Smith]

Hi,

The error in /var/lib/mailman/log/error is as follows:

Nov 14 10:24:29 2018 (1063) DNS lookup for dmarc_moderation_action for 
list (Redacted) not available


I recently upgraded a lot of packages on my Debian system. I compiled 
Mailman from source since Debian didn't have the version I wanted. Do I 
need to recompile and reinstall?


Thanks,

Jayson

On 11/14/2018 5:25 PM, Mark Sapiro wrote:

On 11/14/18 11:53 AM, Jayson Smith wrote:

Did my server fail to retrieve the DMARC information for AOL for some
transient reason, or could there be another problem? I have double
checked that the list is set to munge the From: of such messages, but it
didn't this time.


What's in Mailman's vette and error logs? and what Mailman version is this?

Errors in retrieving DMARC policy should be logged in 'error'. Also,
since Mailman 2.1.25, if the policy can't be retrieved, mitigations will
be applied as if the policy were reject.



--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

[Mailman-Users] DMARC mitigation failure

[Jayson Smith]

Hi all,


I have a weird one. This morning an AOL user posted to one of my lists. 
Normally this is no problem, since I have the list in question set to 
munge the From: of messages from problematic domains (AOL, Yahoo, etc). 
For some reason it didn't work this time. Naturally, I received bounce 
reports left and right, complaining about unauthenticated Email from AOL.



Did my server fail to retrieve the DMARC information for AOL for some 
transient reason, or could there be another problem? I have double 
checked that the list is set to munge the From: of such messages, but it 
didn't this time.



Thanks for any help,


Jayson


--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Re: [Mailman-Users] Microsoft blocking our Mailman lists

[Jayson Smith]

Hi,

I've learned this lesson the hard way. Back in early 2011 I signed up 
with a company called Serverpronto where I could get my own dedicated 
server. Their terms of service were very clear on the fact that they 
have a zero-tolerance policy when it comes to spammers, and all the 
horrible things they would do to you if you even thought about getting 
any of their network on any Email blacklists. Well I signed up, moved 
lists over, and five days later I started getting bounces left and right 
because my IP was on blacklists. I assume it wasn't my specific IP but 
an IP range. I contacted support, and they did…absolutely nothing about 
it! They weren't willing to investigate, they weren't willing to contact 
the blacklists on my behalf since "they never respond," etc. I ended up 
leaving them and switching to Linode. They've since merged with another 
outfit I think, but unless they've straightened their act up big time, I 
wouldn't recommend them to anyone!


Just goes to show, the terms of service can be all "We hate spammers 
just as much as you do, and if we find out you're a spammer we'll do 
unspeakable things," but it might not mean a thing.


Jayson

On 10/7/2018 4:25 PM, Mike Starr wrote:

On 10/7/2018 1:25 PM, John Levine wrote:

It may well not be you.  Linode does a poor job of keeping their
network clean of spammers and other miscreants.  They always kick them
off when you report it, but by then it's too late, so their whole
network has an iffy reputation.

Linode's hosting is nothing special, either in features or price.  You
might consider moving your system somewhere else that manages their
network better.
And there's the problem... you can switch hosts but not know if they 
manager their network better until you know they don't because your 
email gets blocked. Like they say in the pool hall, poke and hope. 
Unless there's some way to shop for a hosting company on the basis of 
their "network reputation." As far as hosting companies go, like the 
rotisserie ad said, I just want to set it and forget it.



--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: 
http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/jaybird%40bluegrasspals.com





--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Re: [Mailman-Users] Microsoft blocking our Mailman lists

[Jayson Smith]

Hi,

Unfortunately, yes, I have seen this behavior from Microsoft. I have no 
idea what triggers it, but my Linode IP has been blocklisted twice, once 
a bit over three years ago, and another time less than two weeks ago.


If you haven't already, try signing up for their Smart Network Data 
Service at https://postmaster.live.com/snds. On the FAQ page there you 
will find a link to submit a delivery support ticket, you can request 
your IP be removed from the blocklist. I have no idea how long your IP 
will stay on their blocklist if you don't request removal. Before 
requesting removal you should probably use some online checkers to 
insure you're not on any other blacklists, check your IP at 
senderscore.org, etc.


The last incident inspired me to move a high-traffic list I run from 
Mailman to Groups.IO.


Hope this helps,

Jayson

On 10/7/2018 12:28 PM, Lindsay Haisley wrote:

FMP's mail and web server is a virtual server at Linode. We run half a
dozen Mailman lists or so, all opt-in lists for a couple of non-profits
and small business customers, all of which have been running
successfully for many months. Today I got a large number of
unsubscription notices from one of our lists, all of them for addresses
at hotmail.com, msn.com and outlook.com. They contain the following
text:

  hotmail-com.olc.protection.outlook.com [104.47.44.33]:
  >>> MAIL FROM:
BODY=8BITMIME SIZE=5492
  <<< 550 5.7.1 Unfortunately, messages from [198.58.125.221] weren't
sent. Please contact your Internet service provider since part of their
network is on our block list (S3140). You can also refer your provider
to http://mail.live.com/mail/troubleshooting.aspx#errors.
[SN1NAM04FT034.eop-NAM04.prod.protection.outlook.com]

Has anyone seen similar problems recently with Microsoft mail customers
who are Mailman list subscribers?



--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

[Mailman-Users] Sender address as footer field?

[Jayson Smith]

Hi,


I run a mailing list where posters are supposed to put their Email 
address somewhere in their message to make private replies easier, but 
some don't, even after being reminded privately. A year or two ago I 
investigated putting the sender's Email address in the footer, but when 
I checked, that wasn't one of the substitutions that were available. If 
personalization is enabled I can give the Email address receiving the 
message, but not the sender. Are there any plans to include this as a 
substitution, or is there a simple patch which could be applied to source?



Thanks,


Jayson


--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Re: [Mailman-Users] Unexpected password reminder from this list

[Jayson Smith]

Hi again,

This was not a monthly password reminder. It specifically said that 
"You—or someone posing as you—has requested" this password reminder.


Jayson

On 8/6/2018 5:52 AM, mailman-admin wrote:

Hello

Am 06.08.2018 um 10:22 schrieb Jayson Smith:

Last night at 11:15 or so, I received a password reminder from
Mailman-users, with my correct password. Only problem is, I never
requested such a reminder. Did anyone else get one, was someone testing
something with a random sample of subscribers, or was I targeted (not
realizing that they'd have to hack my Email account to get the password)?


Password reminders are enabled on List level.
Each admin of a list can set that.
You can disable monthly reminders in the listinfo page after login with
your list credentials.


Kind regards,
Christian Mack

--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/jaybird%40bluegrasspals.com




--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

[Mailman-Users] Unexpected password reminder from this list

[Jayson Smith]

Hi,


Last night at 11:15 or so, I received a password reminder from 
Mailman-users, with my correct password. Only problem is, I never 
requested such a reminder. Did anyone else get one, was someone testing 
something with a random sample of subscribers, or was I targeted (not 
realizing that they'd have to hack my Email account to get the password)?



Thanks,


Jayson


--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

[Mailman-Users] Mailman 2.1.X and HTTPS

[Jayson Smith]

Hi,


I'm currently using 2.1.26. Recently I had LetsEncrypt add lines to my 
Apache configuration to redirect browsers from HTTP to HTTPS URLs. This 
morning I found that this doesn't seem to work well with Mailman 
database admin pages, I couldn't get Mailman to reject a held message 
until I commented out those Apache config lines. Is there a way to make 
Mailman work using HTTPS?



My reason for the redirect is that I'd heard that browsers, in 
particular Chrome, are going to start warning about insecure sites. Does 
this mean if any URL begins with HTTP people will have to click through 
warnings, or is just the fact that HTTPS is available good enough, even 
if the user or link didn't specify HTTPS?



Thanks,


Jayson


--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Re: [Mailman-Users] non-subscribers getting through--email address in "Real Name"

[Jayson Smith]

Hi,

Both of these approaches seem to be specific to Postfix if I'm not 
mistaken. There's a similar milter for Sendmail called Mailman-Milter 
which I was using for a while. However, it worked based on Mailman's 
action E.G. it would use a Python script to determine what Mailman would 
do with a particular sender's mail for a particular list. If the answer 
was reject or discard, the incoming message got rejected at the SMTP 
data stage. This meant the list owner had to set up Mailman to reject or 
discard mail from non-subscribers. Unfortunately when I upgraded to 
Debian 9 from CentOS 6, Mailman-Milter broke somehow, and I don't 
understand the code well enough to figure out why. It also hasn't been 
updated in quite some time, and has virtually no documentation.


Could either of these milter solutions linked previously be adapted for 
use as a Sendmail milter? I'd love to find something which would query 
Mailman about the status of a particular sender address at the RCPT 
stage of the SMTP transaction so spoofed mail can be rejected right 
away, however, this might not be possible for one reason or another. Any 
thoughts would be appreciated.


Thanks,

Jayson

On 7/19/2018 2:55 PM, Jim Popovitch via Mailman-Users wrote:

On July 19, 2018 6:53:52 PM UTC, Jim Popovitch  wrote:

On July 19, 2018 5:28:24 PM UTC, Mark Sapiro  wrote:

On 07/19/2018 08:02 AM, Grant Taylor via Mailman-Users wrote:

I have often wondered about enhancing Mailman, or augmenting it with

a

milter, to be able to test the SMTP envelope from, to, and body

content

against list parameters and be able to reject messages during the

SMTP

delivery transaction.


You might be interested in
.

Here's an alternate take on the same thing that I wrote a couple years
back.

With link this time!

https://code.launchpad.net/~jimpop/mailman/check_subscriber

-Jim P.


--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/jaybird%40bluegrasspals.com




--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Re: [Mailman-Users] Installing Mailman on a Debian system with Apache 2.4.2, CGI error!

[Jayson Smith]

Hello,

Okay, now I feel like a total dummy. No, Suexec wasn't enabled as far as 
I can tell. Yes, the CGI scripts are owned by mailman:mailman. Yes, the 
permissions are correct. So what was the problem, you ask.


It seems that by default, Debian's Apache install doesn't enable the CGI 
module. Somehow, it sort of works better if you enable CGI. It works 
better if you plug it in.


Head…desk. I'd spent hours trying to troubleshoot this! Sometimes the 
most obvious things escape the best of us.


Thanks anyway.

Jayson

On 5/6/2018 11:10 PM, Mark Sapiro wrote:

On 05/06/2018 07:16 PM, Jayson Smith wrote:

ScriptAlias /mailman/ /usr/lib/mailman/cgi-bin/

     AllowOverride None
     Options ExecCGI
     Require all granted



This looks correct.



The problem is that the CGI isn't working. If I go to
http://temphostname/mailman/listinfo/mailman for example, Apache says
/usr/lib/mailman/cgi-bin/listinfo/mailman doesn't exist. If I just go to
/mailman/listinfo I get an Elf binary thrown at me, rather than the page
saying there are no advertised lists. If I do the same thing from the
server using the Lynx web browser, I get the same binary thrown at me,
with a page title, "Mailman CGI error!" It sounds to me like Apache
2.4.2 isn't seeing that /usr/lib/mailman/cgi-bin is, in fact, CGI
scripts, and is trying to treat them like regular files. Has something
else changed between Apache versions?


Is Suexec enabled? That could explain it. If that isn't it, are the
various compiled wrappers in /usr/lib/mailman/cgi-bin/ all in Mailman's
group (probably 'mailman' if you installed from source, but Debian likes
'list') and permissions like -rwxr-sr-x (o+x is I think the important
one here).

And are there any other Directory blocks in the apache config for /,
/usr, /usr/lib or /usr/lib/mailman?



--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

[Mailman-Users] Installing Mailman on a Debian system with Apache 2.4.2, CGI error!

[Jayson Smith]

Hi,


This is a weird one. I think of myself as knowing my way around Mailman 
pretty well for a user/admin/installer/upgrader. I'm upgrading to a 
Debian 9 system from CentOS 6.5. Debian's Apache configs took a bit of 
getting used to, but I actually like them better. It uses Apache 2.4.2.


I wanted to install Mailman from source, since the latest version is 
2.1.26, Debian has 2.1.23, and IIRC that's too old to have some screen 
reader optimizations I want. So I built, installed, all working well. I 
copied over the Mailman config from my CentOS system to use in Apache, 
making some changes so it'd work under 2.4.2. Here it is:






#
#  httpd configuration settings for use with mailman.
#

ScriptAlias /mailman/ /usr/lib/mailman/cgi-bin/

    AllowOverride None
    Options ExecCGI
    Require all granted



Alias /pipermail/ /var/lib/mailman/archives/public/

    Options Indexes MultiViews FollowSymLinks
    AllowOverride None
    Require all granted
    AddDefaultCharset Off


# Uncomment the following line, to redirect queries to /mailman to the
# listinfo page (recommended).

# RedirectMatch ^/mailman[/]*$ /mailman/listinfo




The problem is that the CGI isn't working. If I go to 
http://temphostname/mailman/listinfo/mailman for example, Apache says 
/usr/lib/mailman/cgi-bin/listinfo/mailman doesn't exist. If I just go to 
/mailman/listinfo I get an Elf binary thrown at me, rather than the page 
saying there are no advertised lists. If I do the same thing from the 
server using the Lynx web browser, I get the same binary thrown at me, 
with a page title, "Mailman CGI error!" It sounds to me like Apache 
2.4.2 isn't seeing that /usr/lib/mailman/cgi-bin is, in fact, CGI 
scripts, and is trying to treat them like regular files. Has something 
else changed between Apache versions?



Thanks,


Jayson


--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Re: [Mailman-Users] Sending domain does not exist but it actually does?

[Jayson Smith]

Hi,

I checked my domain, and it turns out somehow my MX record got blown 
away. Also a while back I canceled No-Ip Plus managed DNS, thinking it 
was only used for dynamic DNS, but in the process I threw away my SPF 
record which I've now recreated after re-enabling Plus. Also lost my 
DKIM record which I've recreated. We'll see if that resolves anything.


Thanks for your pointers.

Jayson

On 3/22/2018 2:48 PM, Mark Sapiro wrote:

On 03/22/2018 11:14 AM, Jayson Smith wrote:

FYI the host in question is bluegrasspals.com. It does have an A record,
and its ip has proper reverse nslookup back to the domain. My host
supports IPV6 but I'm not using it for mail.


That should be OK assuming as Dimitri Maziuk says you have
"inet_protocols = ipv4" in your postfix config (or the
equivalent for your MTA).

However, I note the domain doesn't have an MX. That should be OK as it
does have an A, but since plus.com is apparently misbehaving, we have no
clue as to what they are looking at, and adding an MX may help.



--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Re: [Mailman-Users] Sending domain does not exist but it actually does?

[Jayson Smith]

FYI the host in question is bluegrasspals.com. It does have an A record, 
and its ip has proper reverse nslookup back to the domain. My host 
supports IPV6 but I'm not using it for mail.


Jayson

On 3/22/2018 1:41 PM, Mark Sapiro wrote:

On 03/22/2018 07:10 AM, Jayson Smith wrote:

<<< 550 #5.1.8 Domain of sender address <xxx-boun...@xxx.com>
does not exist
554 5.0.0 Service unavailable


I would check the following in DNS

Does xxx.com have an A record (not a CNAME)?
Does the IP address in that A record have a PTR (rDNS) back to xxx.com?
If you support IPv6, check the same things for the  record.




--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

[Mailman-Users] Sending domain does not exist but it actually does?

[Jayson Smith]

Hi,


Lately I've been getting some bounced mail from people at the 
provider/server plus.com. I've redacted addresses, but this is the error 
message:



<<< 550 #5.1.8 Domain of sender address  
does not exist

554 5.0.0 Service unavailable

Obviously, the sending domain *does* exist, so I assume it's their 
problem. Is there anything at all I can do about this? Not all mail to 
these users bounces.



Thanks,


Jayson


--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

[Mailman-Users] Can a list owner address be allowed to post to their own list?

[Jayson Smith]

Hi,


I'm in the design stages of creating a script for my own use. This 
script will send a predetermined Email to a predetermined mailing list. 
I want it to be set up so anyone receiving this message can just hit 
Reply and reach the list owner address, listname-owner@domain. Is there 
any problem with subscribing that address to the list in question, as 
long as it's set to Nomail? Or is there an easy way to tell a list to 
accept all mail from a certain address, even though it's not subscribed 
to the list?



Thanks,


Jayson


--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

[Mailman-Users] Any way to disable bounce subscription disabling for just certain users?

[Jayson Smith]

Hi,


I have a weird situation I'm sure others have had, and I'm wondering if 
there's any way in Mailman 2 to deal with it. I have three subscribers 
to one of my lists who are on ISP's who do spam filtering at the SMTP 
level, rejecting with a 554 any message they don't like. And as so often 
happens, their definition of spam and our definition of spam can 
sometimes be totally different. I'm assuming here that the particular 
subscribers probably have no way to turn off this spam filtering.



I have my bounce score threshold set to 2.9 so whenever someone bounces 
three days within a week, they get disabled. What ends up happening is 
that I have to go in and re-enable their subscriptions. Normally I could 
just do a reset_bounce on that list, but I also have someone whose 
mailbox is full, and I want to keep them disabled, hoping they'll clean 
it up, get a mail is bouncing message, and come back. I've tried 
contacting these subscribers, asking if they have another Email address 
they could use, but have had no response.



Is there any way to disable the automatic disabling of just specific 
member addresses? If I could find a way to do it, would setting their 
bounce score to something like negative 1,000,000,000 do the trick, or 
would Mailman just consider that the same as 0 and set it to 1 the next day?



Thanks for any thoughts.


Jayson


--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Re: [Mailman-Users] Problem with AOL

[Jayson Smith]

Hi,

A while back, I was getting irregular AOL bounces. By that, I mean some 
messages would go through just fine, and some would bounce with the 
error "AOL will not accept delivery of this message." Very unhelpful, as 
you can see. Furthermore, if a message bounced, it was probably always 
going to bounce no matter what you did E.G. send a copy to that 
particular user rather than a mailing list, etc.


One of my mailing lists has one AOL user who finally got tired of *his* 
messages to the list being rejected by AOL. We did some investigating, 
and it turns out they have a whitelist program. I don't know the exact 
URL but can probably find it if you're interested.


Hope this helps,

Jayson

On 2/13/2017 10:45 PM, David Andrews wrote:
Does anyone know if AOL has changed its DMARC policies recently.  All 
of a sudden I am getting lots of AOL bounces, or maybe they have black 
listed us?  nfbnet.org


--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: 
http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/jaybird%40bluegrasspals.com


.



--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Re: [Mailman-Users] Users complain, they don't receive mails from the list

[Jayson Smith]

Hello,

This bounce message clearly indicates that your IP address doesn't have 
a reverse DNS entry. This is a standard lookup done as a part of spam 
fighting efforts. You need to get your provider to set the reverse DNS 
for your IP address to the domain name of your mail server if possible.


Newer Mailman versions (I know 2.1.20 at least) have an option to alert 
list admins when anyone's bounce score is incremented. I have this 
feature enabled, and it's helped me catch some bounces before they 
resulted in disabling addresses. Years ago, I switched to a new provider 
and thought everything was going well. Then five days later I received a 
bunch of bounce notices telling me that addresses had been disabled. It 
turns out my IP address was apparently on some blacklists, and the way 
Mailman used to work, I was left blissfully unaware there was a problem 
until days later, when possibly many messages to these people could have 
been rejected and lost. Until Mailman offered the choice of receiving 
alerts as soon as someone bounces a message and gets their bounce score 
incremented, the only way I could be sure my Emails weren't bouncing was 
to set Mailman to disable member addresses after just one bounce. This 
worked, but had the unpleasant side effect of disabling member addresses 
who bounced a single message because their ISP thought it was spam for 
some reason, or for some other temporary reason.


Jayson

On 1/25/2016 5:48 PM, Sascha Rissel wrote:

Mark,

thanks for your answer.
I just checked the bounce log.

And I discovered a lot of entries like:

Jan 25 18:33:24 2016 (2741)  processing 9 queued
bounces
Jan 25 18:33:24 2016 (2741) :  already
scored a bounce for date 25-Jan-2016
Jan 25 18:33:24 2016 (2741) :  already
scored a bounce for date 25-Jan-2016
Jan 25 18:33:24 2016 (2741) :  already
scored a bounce for date 25-Jan-2016

where all mail addresses are from German Web.de and GMX. Both providers
belong to the same company.
Thinking about this, I remembered a bounce notification I received last
week, where some of these addresses were set to disabled by Mailman, with
the notification below.

Did GMX/Web.de maybe change their mail processing policies with the start
of the new year?
Below follows an excerpt from the bounce notification.

Kind regards,
Sascha.


Bounce Mail:

: host mx-ha02.web.de[212.227.17.8] refused to talk
 to me: 554-web.de (mxweb107) Nemesis ESMTP Service not available 554-No
 SMTP service 554-Bad DNS PTR resource record. 554 For explanation visit
 http://postmaster.web.de/error-messages?ip=62.75.175.182=rdns

Final-Recipient: rfc822; @gmx.de
Original-Recipient: rfc822;@gmx.de
Action: failed
Status: 4.0.0
Remote-MTA: dns; mx00.emig.gmx.net
Diagnostic-Code: smtp; 554-gmx.net (mxgmx002) Nemesis ESMTP Service not
 available 554-No SMTP service 554-Bad DNS PTR resource record. 554 For
 explanation visit
 http://postmaster.gmx.com/en/error-messages?ip=62.75.175.182=rdns

Final-Recipient: rfc822; @web.de
Original-Recipient: rfc822;andreas_hac...@web.de
Action: failed
Status: 4.0.0
Remote-MTA: dns; mx-ha02.web.de
Diagnostic-Code: smtp; 554-web.de (mxweb107) Nemesis ESMTP Service not
 available 554-No SMTP service 554-Bad DNS PTR resource record. 554 For
 explanation visit
 http://postmaster.web.de/error-messages?ip=62.75.175.182=rdns

2016-01-25 23:35 GMT+01:00 Mark Sapiro :


On 01/25/2016 01:59 PM, Sascha Rissel wrote:

I have some user on my lists, who complain they don't receive the list
mails anymore, since a few days.

Am am running Mailman 2.1.15 on Debian.
The error log is empty, the archive seems to correctly contain all recent
mails.
The people saying, they don't receive the mails are on GMail and German
Web.de hosts and they don't have bounces logged by Mailman.


If there is nothing in Mailman's error log or bounce log, it is almost
certain the mail is being delivered by Mailman to the outgoing MTA and
the outgoing MTA is successfully delivering the mail to the mail
exchange server for the recipient domain.

You can confirm this if you have access to the Mailman (and it's
outgoing MTA) server's mail.log.

If this is the case and the users have checked their gmail or web.de
spam or junk folders and the messages aren't there, the messages are
likely being silently discarded somewhere in the delivery chain after
leaving the outgoing MTA.

Solving this is difficult. Some steps are outlined in the FAQ article at
.

I sometimes will copy the specific MTA log messages indicating
acceptance by the receiving MTA, e.g., messages like

Jan 24 19:09:41 sbh16 postfix/smtp[1053]: 1279111E1A8F:
to=, relay=gmail-smtp-in.l.google.com[74.125.28.26]:25,
delay=5.8, delays=4.9/0.66/0.09/0.13, dsn=2.0.0, status=sent (250 2.0.0
OK 1453691381 tt2si3153213pac.167 - gsmtp)

and tell the user to ask gmail what happened to that message. In that
message, (250 2.0.0 OK 

Re: [Mailman-Users] Handling bogus subscribe requests

[Jayson Smith]

Hi,

Just my $0.02 worth, but as a blind person, were I going to implement a 
CAPTCHA, I would probably write some sort of simple math problem system 
or something. Besides the benefit of not needing registration, this 
CAPTCHA can be solved by anybody who can solve simple problems. 
ReCaptcha has a visual challenge and an audio challenge. That's great 
for those of us who are blind. However, as far as I know, they offer no 
alternative for people who are deaf blind.


Jayson

On 1/17/2016 9:34 AM, Perry E. Metzger wrote:

On Sat, 16 Jan 2016 18:27:00 -0800 Mark Sapiro 
wrote:

Would it be hard to add optional recaptcha support for the pages
with forms in a future release? That would probably prevent most
such games and it doesn't seem so bad.

I hate them. I'd really have to be convinced of the need.

In any case, you already have that ability. The only place I think
you need it is the subscribe form on the listinfo page. It is a
simple matter to install a sitewide custom listinfo template in
(for example for english) $prefix/templates/site/en/listinfo.html
or to make a list specific one through the web admin UI.

Since reCAPTCHA in particular requires registration and perhaps
other steps outside of Mailman, I don't think it's too burdensome
that the Mailman part requires making a custom template.

Mostly it just requires registration. Doing a custom template is
probably fine for someone like me who is able to deal with the
technical steps involved but it might be too much of a burden for
many users. If such code was contributed would you be willing to
include it? You don't have to use it yourself of course if you find
it overly vile.

Perry


--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Re: [Mailman-Users] Many users unsubscribed at once (not by me)

[Jayson Smith]

Hi,

Unfortunately, disabling automatic removal from the list will only fix 
one effect of the problem, not the problem itself. There's something 
going on which is causing mail to those addresses to bounce. If you are 
receiving messages with the subject of "Bounce action notification" 
these will tell you who is bouncing mail, and the attached mail delivery 
failure reports will tell you why they are bouncing mail, which is 
important. I suspect you have a DMARC or IP reputation issue.


Hope this helps.

Jayson

On 12/13/2015 5:55 AM, Hal wrote:

On 13/12/2015 11:14, Hal wrote:

On 12/12/2015 23:04, Mark Sapiro wrote:

On 12/12/2015 01:46 PM, Hal wrote:

Today I received 18 unsubscribe notification mesages, each one telling
me that "n...@addr.ess has been removed from my_list_name".


If they were sent at 09:00 server time (that's the default, but it 
could

be different) They were almost certainly unsubscribes done by Mailman's
cron/disabled job.


Thanks -Yes, that's right! 09.00 at the server's time.



Seeing that 17 out of those 18 unsubscribed messages were sent from
Hotmail I can only assume the above was what happened. Next I will
locate the other instance I had of automated removals to see if there's
a similar pattern there.


I found the previous instance (actually a couple of other instances) 
when list members had automatically been removed at 09:00, but I 
didn't see any pattern in the addresses as they were all different.
Still, I suppose I should just turn the automatic removal option off 
so this won't ever happen again.


Hal




--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: 
http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/jaybird%40bluegrasspals.com





--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Re: [Mailman-Users] Many users unsubscribed at once (not by me)

[Jayson Smith]

Hi,

The problem isn't with Mailman receiving unwanted messages. The problem 
is that Mailman is trying to deliver outbound messages, and is having 
problems, messages are being returned as undeliverable. Everything in 
Mailman is working properly up to the point where messages are being 
bounced. This could be for a number of reasons. Some users might have 
outdated addresses, in which case messages would be bounced back with 
errors similar to "No such user" or "User unknown." Some people may have 
full mailboxes. But the more likely problem, since you're having many 
issues come up all at once is that there's a problem between your server 
and the destination mail server for those messages. It could be that the 
DMARC settings in Mailman aren't set correctly and those servers are 
rejecting messages they don't like, or it could be that your server's IP 
address has somehow received a bad reputation, and certain mail servers 
will reject all mail from your server, regardless of sender, recipient, 
or content.


Jayson

On 12/13/2015 7:42 AM, Hal wrote:

On 13/12/2015 13:05, Jayson Smith wrote:

Hi,

Unfortunately, disabling automatic removal from the list will only fix
one effect of the problem, not the problem itself. There's something
going on which is causing mail to those addresses to bounce. If you are
receiving messages with the subject of "Bounce action notification"
these will tell you who is bouncing mail, and the attached mail delivery
failure reports will tell you why they are bouncing mail, which is
important. I suspect you have a DMARC or IP reputation issue.


I'm not sure I fully understand this and what to do about it.

Are you saying that even though I turn "automatic removal" off I will 
still have postings from certain list members NOT reaching the list 
(but bouncing with an error message back to me, the list owner 
-possibly also with an error alert to the poster as well)?


Are there other restrictions in the Mailman software which stops 
postings based on other criteria? If yes, can this/these features be 
turned off so in the end I only rely on "only allow posting from 
existing members"? I assume having the latter enabled will at least 
prevent automated spam messages from reaching the list.


Alternatively I'm guessing the solution is to set the list to 
moderation and approve every single message manually. I do have a 
relatively low-volume list, so this is doable (but not something I 
would enjoy enabling) -how is this done actually? By logging into the 
administration interface and clicking on something for every message, 
or can it be done simpler/quicker by simply pressing reply to a 
certain admin message or something?




Hal





--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Re: [Mailman-Users] List posts sent to AOL list subscribers bounce as undeliverable (v. 2.1.20)

[Jayson Smith]

Hi,

I'd say the domain does need to be fixed first. I recently encountered a 
mail server (not AOL) which refused to accept mail from my domain 
because I didn't have an MX record.


As far as I can tell, it is not the individual AOL users who need to 
request whitelisting, but rather, the server sending mail on behalf of 
the list. Remember, all the AOL users are doing is possibly sending some 
messages if they participate on the list, and they're also receiving 
list traffic. Since the issue is with AOL users receiving mail, not 
sending mail, it's the mail server that needs to be whitelisted, but 
before doing that I'd make sure all the DNS stuff is in order.


Jayson

On 12/4/2015 5:06 PM, Woody Mon via Mailman-Users wrote:

Thank you  for everyone's ideas and recommends.

I've checked and every list subscriber has the

As Mark suggested trying, I'll change "from_is_list" to "Munge From" to see if that has 
any effect. And if not will try "Wrap Message".

Note that almost all list subscribers are set to receive Digests, so hoping 
this doesn't mess with the format of the digests any (the list is text only, no 
html or attachments)..

As Mark related, I suspect the issue is DNS related, and AOL is just finally 
cracking down on mail sent from this particular list server.

A free web based DNS checker reports the following for the listserver domain:

1. FAIL - SOA record check. "No nameservers provided an SOA record for the 
zone".

2. FAIL - MX records check. "No MX records exist within the zone. This is legal, but 
if you want to receive E-mail on this domain, you should have MX record(s)."

3. PTR record for the domain "Error: Invalid IP address"

I'm not privy to the details but I suspect the list server runs within a 
virtual host environment.

>From the header of a list digest email I received yesterday

-
Return-Path: listname-boun...@lsubdomain.domain1.org
X-RC-FROM: 
Received: from localhost ([127.0.0.1]:obfuscated-port# 
helo=hostname.domain2.org)
by hostname.domain2.org with esmtp (Exim 4.85)
(envelope-from )
id obfuscated date & timestamp

X-AntiAbuse: Primary Hostname - hostname.domain2.org
X-AntiAbuse: Original Domain - domain3.org
X-AntiAbuse: Sender Address Domain - subdomain.domain1.org

From: listname-requ...@subdomain.domain1.org
Subject: Listname Digest, Vol ##, Issue ###
To: listn...@subdomain.domain1.org
Reply-To: listn...@subdomain.domain1.org
---

It appears the listserver domain (domain1) runs on the domain2.org host and 
which is responsible for sending mail for domain1. Whereas the 'abuse' domain 
(domain3) is the domain name of the parent organization which hosts domain2, 
which the domain1 listserver runs upon.

I'm considering sending a direct email to all the list subscribers with AOL 
addresses, recommending they either contact AOL to request a whitelist solution 
or to send us an alternative (freemail) email address which we'll change their 
list subscription to.

Besides the list provider repairing their DNS configuration, is the above a 
recommended solution?

If I was a network administrator I likely could phrase all this in better 
terms. ;-)
--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/jaybird%40bluegrasspals.com




--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Re: [Mailman-Users] list-owner getting spammed

[Jayson Smith]

Hi,

I was having this happen, but in my case there was a very easy way to 
get rid of it. Whoever set up that spam mailing list made a very big 
mistake. They chose to send their spam to the owner address *and* the 
address for posting to the list! Normally there is absolutely no valid 
reason for sending the same message to those two particular recipients, 
so I installed Milter-Greylist and set it up to block those messages at 
the SMTP level. Hasn't stopped the spammers, but at least my system 
doesn't have to process the spam.


If something like this is going on in your case, that might be an 
option. If not, and if the spam has nothing in common, as far as I know 
there's nothing Mailman can do in this situation, you'll need to employ 
spam filtering before Mailman sees the mail.


Jayson

On 9/29/2015 7:32 AM, Dennis Putnam wrote:

The list-owner of one of my lists is getting spammed. Is there an easy
way to block that? TIA.



--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/jaybird%40bluegrasspals.com


--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Re: [Mailman-Users] How to get the senders email address in the custom footer?

[Jayson Smith]

Hi,

I've also been looking for a variable giving the sender's Email address, 
but came to the same conclusion--it doesn't exist. Imho this would be a 
useful feature.


I admin a mailing list where I had to set it up to munge the From: 
header because of DMARC, and some Email clients--even though they should 
know better--were replying to the list even though replies were supposed 
to go to the sender. I've since taken advantage of the DMARC moderation 
feature, but we've been encouraging people to give their Email address 
somewhere in their message. If there were a footer variable with the 
sender's Email address, this wouldn't be necessary. Just my $0.02 worth.


Jayson

On 9/20/2015 11:49 AM, Mark Sapiro wrote:

On 09/19/2015 04:58 AM, Arlen Raasch wrote:

We are using version 2.1.16 of Mailman.

The emails that currently are sent out via the listserv server have headers
that include the original sender's email address as the "From:" address.
Yahoo's and Aol's DMARC policy causes these to bounce as our server is not
one they recognize.

I have seen many posts regarding this problem, but no actual solutions that
told me what I should do.


Have you seen the FAQ article at .



This is not my area of expertise, just something that dropped in my lap.

A strategy that makes some sense to me is to take ownership of the emails
by identifying the listserv as the From and Reply-To addresses, but
including a custom footer in the email that exposes the actual sender's
email address.


Mailman has various mitigation strategies described in the above
referenced FAQ article. With Mailman 2.1.16, you are limited to munging
the From: header on all list posts, not just those From: domains that
publish DMARC reject and optionally quarantine policies.

2.1.18 adds this latter ability and removes the requirement to add

ALLOW_FROM_IS_LIST = Yes

to mm_cfg.py to enable the from_is_list setting. 2.1.19 has a few minor
bug fixes to the features.


...

I set the annonomous_list setting to yes under general options, and sent a
test email.  The email went out fine, but nothing in the default email
footer allowed others to know who actually sent the email out.


Correct. While anonymous_list = Yes will avoid DMARC issues, that's not
what it is designed for.



I attempted to change the default non-digest footer to include the sender's
address, but did not succeed.  It appears that this info is regarding the
recipient,not the sender's info.


Correct again. There are no footer replacement variables relating to the
sender.


...

So, the question is how to get the sender's email address in the footer.


You would need to modify the source code, but if you have the ability to
do that, a much better solution is to upgrade to the current 2.1.20
release  or even the head of
the development branch at
 and use the
dmarc_moderation_action settings for this.

Note that Mailman's strategy is to put the original From: in Reply-To:
or in some cases in 2.1.19+ in Cc: to both expose the address and make
'reply' and 'reply all' work as closely as possible to the non-munged case.

Also note that the development branch is actually quite solid for
production use. It is what we are using for all the python.org lists.



--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

[Mailman-Users] Rejecting spam at the SMTP level?

[Jayson Smith]

Hello,

I've been running several Mailman lists for the past ten years or so. 
Unfortunately, in recent months some list addresses have fallen into the 
hands of spammers, which is a real headache. Even worse, one particular 
-owner address is receiving nothing but spam, and I don't assume there's 
anything I can do about that without disabling that address for 
legitimate use, as well as for use by Mailman itself.


A few months ago I did some Googling and found a project called 
Mailman-Milter which claims to reject unwanted list mail i.e., nonmember 
postings at the SMTP level. I would love to use this, but there's 
virtually no documentation and I've never been able to get it working. 
Has anyone else had any better luck, or do you know of any other 
solutions? I'm using Sendmail, by the way.


I would set all my lists to just discard nonmember traffic, but I want 
to allow for legitimate users who perhaps don't understand that they 
need to subscribe to lists before posting, legitimate members sending 
from wrong accounts, etc. My current compromise solution is to set my 
lists to hold such messages for moderation, but not send the posters 
messages telling them such, so as to avoid backscatter caused by trying 
to send You're not a member, your message is being held messages to 
bogus spammer Email addresses. When I get a held message notice, if it's 
a spammer I discard it and add the address to the discard list, for what 
good that does, and if it's legitimate I reject it, perhaps explaining 
in my own words why the message was rejected, especially if I know the 
person and know they tend to post from the wrong account, etc.


Thanks for any help!

Jayson

--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org