Re: [Mailman-Users] Add PayPal to DNs publishing DMARC p=reject

$ dig +short -t txt _dmarc.paypal.com v=DMARC1\; p=reject\; rua=mailto:d...@rua.agari.com\; ruf=mailto:d...@bounce.paypal.com,mailto:d...@ruf.agari.com; I'm on lots of lists with Paypal employees, who consistently use paypal-inc.com addresses, specicially to avoid DMARC problems. They realized

Re: [Mailman-Users] Add PayPal to DNs publishing DMARC p=reject

I'm on lots of lists with Paypal employees, who consistently use paypal-inc.com addresses, specicially to avoid DMARC problems. $ dig +short -t txt _dmarc.paypal-inc.com v=DMARC1\; p=reject\; rua=mailto:d...@rua.agari.com\; ruf=mailto:d...@bounce.paypal.com,mailto:d...@ruf.agari.com; No joy

Re: [Mailman-Users] DMARC and Reply-To lines with from_is_list munging.

Arguably, the correct response to DMARC filtering _should_ be the MIME encapsulation of list mail, with appropriate RFC 2369 headers added to the enclosing MIME structure leaving the content un-munged, with all information from the original poster intact. Arguably, MUAs should be transparent to

Re: [Mailman-Users] Executive summary of DMARC issues

Actually, From: domains can request reports even if DMARC p=none. It is unclear what might be done with these reports, but given what some domains have done with DMARC already, I for one would not be surprised if this information was used to color the reputation of the sending server. Note that

Re: [Mailman-Users] Who authored the message?

So, addresses get rewritten as: From: yahoousername-at-yahoo@mydomain.com My sense is that someone could come up with arguments as to why this is a bad idea, ... It's a bad idea for the same reason that all of the other anti-DMARC hacks are a bad idea, they break the existing usage of mail.

Re: [Mailman-Users] Who authored the message?

From: yahoousername-at-yahoo@mydomain.com Under the current unpleasant circumstances, it's not much worse than any other, give or take what you do with the replies. Do you forward them back to the original user? Reject with a mysterious failure code? Discard them? Thank you for your

Re: [Mailman-Users] Digest option for Yahoo and AOL subscribers?

I just realized that setting the digest option could be a temporary solution for my Yahoo and AOL subscribers Just make sure you set it for *all* users, not just those using Yahoo! and AOL. You only need to implement it for subscribers using mail systems that implement DMARC rejections.

Re: [Mailman-Users] Digest option for Yahoo and AOL subscribers?

My understanding is that DMARC WAS going through the standardization process, and actually was to the state where experimental use was justified (and in some sense actually required). ... No, not at all. DMARC was designed and implemented by a small closed group of large companies listed on the

Re: [Mailman-Users] Yahoo Groups' From munging and X-Original-From

Until spammers figure out they can send mail From: spam...@evildomain.com X-Original-From: whate...@yahoo.com This is one of the most annoying things about Yahoo and AOL's misuse of DMARC -- they're practically forcing people to use hacks to show unauthenticated fake From: lines. R's, John

Re: [Mailman-Users] Yahoo Groups' From munging and X-Original-From

a) It seems to me that this or something like it (i.e. new de facto standard headers to work around the problem) is surely an almost inevitable outcome anyway. I wouldn't count on it. The reasonable approach to this kind of nonsense is for the relatively small set of ISPs using DMARC policy to

Re: [Mailman-Users] DMARC handler

I was wondering about asking someone to make a Mailman handler that would re-write the From: address after munging to: From: Jane Doe (j...@example.com) via listname l...@example.net My question now is, is there any reason why re-writing it this way would be a bad idea? Well, of course, it's a

Re: [Mailman-Users] DMARC handler

Yahoo Groups also add something like this in a footer: Posted by: a real name a-n...@a-domain.co.uk and a series of mailto links below that for replying to the original sender or to the group. Well, won't this break DKIM? Yes, but if it also takes the real author address out of the From:

Re: [Mailman-Users] Redacted Email Address in Feedback Loop

I think munging the headers is a sensible practice, as it makes it a little harder to listwash; the main idea of the FBL as I understand it is to give you an idea when there's some kind of gross abuse, not that you are required to unsubscribe anyone who complains about your mail. Munging FBLs is

Re: [Mailman-Users] AOL screening Reply-To header thru DMARC ?

I have a somewhat different issue. I am using dmarc_moderation_action = Munge From, and when an AOL user posts to the list, the list message sent back to the user bounces with 521 5.2.1 : AOL will not accept delivery of this message. (in reply to end of DATA command)). The same messages sent to

Re: [Mailman-Users] All AOL unsubscribed

In article CADK0o8yxnQzr-mM=phxpwog+0p0oh+dkztp14z_fvwyhp8_...@mail.gmail.com you write: This morning all of my subscribers with aol addresses were automatically unsubscribed from my list. Why today? I thought all the DMARC issues had been resolved in the latest mailman version, and it's been 8

Re: [Mailman-Users] Which from, reply and DMARC settings for a discussion group?

# 1) as long as the list is not anonymous, the original From: address #should be obviously exposed, i.e. not just in a header that MUAs #don't display. Have you tried any sort of reversible rewriting? On my lists, sending addresses in dmarc'ed domains get a local domain appended on the

Re: [Mailman-Users] List posts sent to AOL list subscribers bounce as undeliverable (v. 2.1.20)

>The issue is that list posts sent to AOL subscriber addresses are now bouncing >as undeliverable with the bounce code: "521 >5.2.1 : AOL will not accept delivery of this message." I see that you have a yahoo.com address. If there's a yahoo.com address on the From: line of the list mail, AOL

Re: [Mailman-Users] List posts sent to AOL list subscribers bounce as undeliverable (v. 2.1.20)

>As Mark related, I suspect the issue is DNS related, and AOL is just finally >cracking down on mail sent from this particular list server. If you told us what the domain was, we could provide a lot more help. Really, we don't bite, if you want help, provide the information that will let people

Re: [Mailman-Users] illegible message in moderation approval queue

In article <57e49a8d.1030...@sgeinc.com> you write: > From a quick look, it looks like base64 encoding. Invented back in the >dialup/uucp days when transport was not always 8bit clean so things were >encoded to make sure only transportable characters were used. Well, actually, we uucp users

Re: [Mailman-Users] Find a smtp server to send out emails

>subscriber. Are there smtp service providers allowing unverified email >address to send out emails, or do I have other solutions? There are cloud hosting providers that let you send mail directly, although I can't vouch for the deliverability, since you're typically on a network full of dusty

Re: [Mailman-Users] Authenticated Received Chain in Mailman?

In article <20170608234027.gu8...@nntp.aegisinfosys.com> you write: >Do you think your analysis will change now that AOL and Yahoo! are >now both part of Verizon? Probably not. Verizon's folded their legacy mail system into AOL's. Maybe they'll merge the AOL and Yahoo mail systems, but I would

Re: [Mailman-Users] Users being unsubscribed without requesting it.

In article <7e0bd0e4-b837-4d76-3c14-a0b6dfda9...@tnetconsulting.net> you write: >-=-=-=-=-=- >-=-=-=-=-=- > >On 08/21/2017 02:08 PM, John Levine wrote: >> which defines a one-click opt-out link that uses POST rather than GET, >> since the URL malware fetchers all d

Re: [Mailman-Users] Users being unsubscribed without requesting it.

In article <201708210145.v7l1io7x003...@fire.js.berklix.net> you write: >> Maybe this would foil ISPs who are automatically following this link to >> unsubscribe people. Do ISPs really do this? There are plenty of anti-spam schemes that fetch all the URLs in a message to see whether they're

Re: [Mailman-Users] Suppress moderation message in mailman 2.1 ?

In article <851008d1-e6dd-bafe-9e85-e1ebaf1b8...@msapiro.net> you write: >So my first question is how/why are the posts being held? Because the people posting from usenet aren't list subscribers. They read the messages on usenet. >> When mailman mdoerates the message, it sends the usual

Re: [Mailman-Users] Suppress moderation message in mailman 2.1 ?

In article <8d629943-93d6-2546-71f9-4484d8ecf...@msapiro.net> you write: >cron/gate_news I'm not using that. My news server isn't on the same network as the mailman system, and the gateway is basically a few lines of procmail and formail I've been using for a decade to splice usenet groups

[Mailman-Users] Suppress moderation message in mailman 2.1 ?

I run a two-way usenet <-> mailman gateway. When I forward someting from the usenet group to mailman, it gets moderated, which is what I want since a fair amount of the stuff in the usenet group is spam. When mailman mdoerates the message, it sends the usual moderation message to the usenet

Re: [Mailman-Users] options for dealing with DMARC

In article you write: >On 12/28/2017 12:57 PM, Jordan Brown wrote: >> Wikipedia tells me that DMARC passes if either SPF or DKIM passes. That is correct. >Sending domain administrators can require that *both* SPF /and/ DKIM

Re: [Mailman-Users] non-subscribers getting through--email address in "Real Name"

In article <885f93f0-36ec-d74f-7c5f-52b42f2d6...@jordan.maileater.net> you write: >Hmm.  It would take MUA changes to be fully effective, but a possibility >that comes to mind is to have mailing lists leave the original message >absolutely unmodified, but wrap it in a message that comes "from"

Re: [Mailman-Users] non-subscribers getting through--email address in "Real Name"

In article <885f93f0-36ec-d74f-7c5f-52b42f2d6...@jordan.maileater.net> you write: >Hmm.  It would take MUA changes to be fully effective, but a possibility >that comes to mind is to have mailing lists leave the original message >absolutely unmodified, but wrap it in a message that comes "from"

Re: [Mailman-Users] Undelivered Mail Returned to Sender

In article <20180804141855.7510026c1...@sharky3.deepsoft.com> you write: >-=-=-=-=-=- > >Do you have access to your inbound mail server? If so, you need to arrange for >that server to *reject* all mail connections from qq.com. qq.com is a >*notorious* source of spam (there are no legitimate E-Mail

Re: [Mailman-Users] non-subscribers getting through--email address in "Real Name"

In article <1ca714d0-da89-aa23-d247-4faa2133b...@msapiro.net> you write: >DMARC checks won't help prevent posts that spoof a member address unless >every list member's domain publishes a DMARC policy of quarantine or >reject, and even then it only checks the From: domain and not the domain >of

Re: [Mailman-Users] ARC, was non-subscribers getting through--email address in "Real Name"

In article you write: >On Sun, Jul 22, 2018 at 3:18 PM Grant Taylor via Mailman-Users < >mailman-users@python.org> wrote: > >> On 07/21/2018 02:24 PM, John Levine wrote: >> > I know people working on whiteish lists to use with ARC, to say that >> > thes

Re: [Mailman-Users] non-subscribers getting through--email address in "Real Name"

In article <78baab65-f7d3-ce56-bc36-a16a15118...@spamtrap.tnetconsulting.net> you write: >> If AOL and Yahoo just used the quarantine option for DMARC, it wouldn’t >> have been quite as bad. But they ABUSED DMARC by their settings. > >I still don't grok what you are considering "abuse" in this

Re: [Mailman-Users] non-subscribers getting through--email address in "Real Name"

In article <88902b3b-7cb3-7991-15c4-4dbc10762...@msapiro.net> you write: >In that sense, many of us think that the person who wrote the post is >still the author even if the list made a few simple changes that didn't >alter the basic text of the original message while the list is a Sender: >

Re: [Mailman-Users] ARC, was non-subscribers getting through--email address in "Real Name"

In article you write: >On 07/19/2018 05:27 PM, Mark Sapiro wrote: >> The problem is downstream has to trust me. If I'm gmail.com, I'll probably >> be trusted. If I'm msapiro.net, probably not. Python.org, who knows. > >Yep. > >I've not yet seen any indication that there will be any good way to

Re: [Mailman-Users] non-subscribers getting through--email address in "Real Name"

In article you write: >On 07/19/18 17:11, John Levine wrote: >> In article >> you write: >>> Yes. Just about everything can be spoofed to some degree. It really >>> depends on what information the owner of the purported sending domain >>> publishe

Re: [Mailman-Users] non-subscribers getting through--email address in "Real Name"

In article <0590fe51-3f96-754d-d155-af0eb9ca4...@spamtrap.tnetconsulting.net> you write: >-=-=-=-=-=- >-=-=-=-=-=- > >On 07/19/2018 04:59 PM, Phil Stracchino wrote: >> Actually, mailing lists and other redistribution are among the places >> DMARC notably breaks. > >Does DMARC actually break or

Re: [Mailman-Users] non-subscribers getting through--email address in "Real Name"

In article you write: >-=-=-=-=-=- >-=-=-=-=-=- > >On 07/22/2018 02:03 PM, John Levine wrote: >> No, it was specified in full knowledge that it would break pretty much >> every mailing list on the planet if used on domains with human users, >> instead of its i

Re: [Mailman-Users] ARC, was non-subscribers getting through--email address in "Real Name"

In article <1fb88a39-0acd-f34f-c504-9eb217a75...@spamtrap.tnetconsulting.net> you write: >Is there some place that I can find out more about these people and / or >their projects? See the archives of the ARC mailing lists. >Aside: What does hosting mailing lists or not have to do with

Re: [Mailman-Users] non-subscribers getting through--email address in "Real Name"

In article you write: >Yes. Just about everything can be spoofed to some degree. It really >depends on what information the owner of the purported sending domain >publishes and what filtering / consumption of said information the >receiving server exercises. Well, you know, this is what

[Mailman-Users] Mailman consultants ?

? Regards, John Levine, jo...@iecc.com, Primary Perpetrator of "The Internet for Dummies", Please consider the environment before reading this e-mail. https://jl.ly -- Mailman-Users mailing list Mailman-Users@python.org https://mail.

Re: [Mailman-Users] Microsoft blocking our Mailman lists

In article you write: >Hi, > >Unfortunately, yes, I have seen this behavior from Microsoft. I have no >idea what triggers it, but my Linode IP has been blocklisted twice, once >a bit over three years ago, and another time less than two weeks ago. It may well not be you. Linode does a poor job

Re: [Mailman-Users] gmail

In article <5b99c857.19328.61f1d...@bernie.fantasyfarm.com> you write: >Well, something changed between Thursday and Friday, because posts to the list >were fine and this one generated a bounce for every gmail member. Any chance that the message in question had a From: address in a domain that

Re: [Mailman-Users] email to sms?

address that takes the contents of the messages and passes it to the SMS API. (Stripping out all the extra cruft, of course.) -- Regards, John Levine, jo...@iecc.com, Primary Perpetrator of "The Internet for Dummies", Please consider the environment before readin

Re: [Mailman-Users] What to do about SPF rejection?

st and do DMARC rewrites even for domains without DMARC policies, but I'd suggest contacting whoever is subscribed there and encourage him or her to subscribe from an address that isn't gratuitiously hostile to mailing lists. Regards, John Levine, jo...@iecc.com, Primary Perpetrator of "The

[Mailman-Users] Re: AT RBL again

It appears that Mark Sapiro said: >> FWIW, a couple of my regular correspondents have said that DO generally >> does not have a great email reputation, and that they're moving lists to >> other platforms. > >That's probably correct, but are there other cloud VPS providers that >are better at