Hello, Lot of thing are done for fighting spam : dnssec, dane, spf, dkim, dmarc... All of this for "trusting real sender". Some of them break smtp built in fonctionnality : spf break forwarding [1].
If you beleive in spf (gentoo.org have an spf dns entry) , two ways need to be looked at : - fixing real sender with SRS [1]. - stop forwarding mail and do POP (gmail can do it) or IMAP from your favorite (web)mail client. Dmarc dns entry with report activated can help you understand why google blacklist you. [1] http://www.openspf.org/SRS Regards, Charles Nérot Le 11/05/2015 06:26, Robin H. Johnson a écrit : > TL;DR: As of May 17, @gentoo.org will drop incoming spammy mail instead of > delivering it. Speak now or hold your peace. > > Hi all, > > As past long-standing practice, @Gentoo.org system-level mail handling for > incoming mail was officially to tag everything, and delete nothing. > > All deletion decisions were left to developers, via procmail/sieve/etc. > > This was a good early policy, as Gentoo was a much more reliable host than > email providers a decade ago. This isn't true anymore, with the meteoric rise > and success of gmail. > > A LOT of developers forward their mail now, to systems that refuse/temporarily > blacklist the forwarding system because there is a lot of spam. Gmail is > particularly strict in this regard, throttling mail to any recipient from the > forwarding source. > > This is particularly acute, because more than 40% of the outgoing mail goes to > Google (the 25% of destinations below is heavily represented because the very > active devs send their mail to google). > > This unfortunate combination means that ~40% of mail sits in a backlog for a > long time, and the active devs that use Gmail don't get their mail in a timely > fashion. > > Unless there are any major objections, as of May 17th, Infra will start > dropping mail that scores more than 10.0 points in Spamassassin. > > If that is successful, I propose to drop the score point by 1 point every > month > until it hits a score of 5.0 (so by mid-October, it will be dropping mail that > scores more than 5.0). > > Stats on how mail is handled: > ----------------------------- > ~260 active devs > ~180 .forward files > > This breaks down to: > ~70 procmail users > ~10 sieve users > 2 users with both forward and procmail > 1 maildrop user > ~100 devs that send mail outside of @gentoo.org (in their .forward) > > I didn't analyze the procmail/sieve/maildrop accounts further. > > I did break down the other forwarding destinations by domain: > ~50 devs that forward directly to @gmail or @googlemail addresses > ~10 devs that have their own domain hosted at gmail/googlemail > ~40 devs with some other provider. > 0 devs with yahoo, hotmail or msn domains as destinations :-). > > As a result, about 25% of dev mail destinations are actually Google. > > Amavis stats: > ------------- > Here are the amavis summary stats for @gentoo.org incoming mail that was > scanned for content (this happens before exploding to aliases and multiple > recipients, so is a lot lower than you might otherwise expect). > > "SPAMMY" in this case is >= 5.5. > 26 May 3 Blocked INFECTED > 1609 May 3 Passed CLEAN > 1564 May 3 Passed SPAMMY > 35 May 4 Blocked INFECTED > 4129 May 4 Passed CLEAN > 2304 May 4 Passed SPAMMY > 2 May 4 Passed UNCHECKED > 42 May 5 Blocked INFECTED > 4458 May 5 Passed CLEAN > 3183 May 5 Passed SPAMMY > 4 May 5 Passed UNCHECKED > 43 May 6 Blocked INFECTED > 10 May 6 Blocked MTA-BLOCKED > 5027 May 6 Passed CLEAN > 3443 May 6 Passed SPAMMY > 47 May 7 Blocked INFECTED > 2 May 7 Blocked MTA-BLOCKED > 4657 May 7 Passed CLEAN > 3119 May 7 Passed SPAMMY > 2 May 7 Passed UNCHECKED > 35 May 8 Blocked INFECTED > 5025 May 8 Passed CLEAN > 2936 May 8 Passed SPAMMY > 21 May 9 Blocked INFECTED > 2497 May 9 Passed CLEAN > 1765 May 9 Passed SPAMMY > 16 May 10 Blocked INFECTED > 2059 May 10 Passed CLEAN > 2033 May 10 Passed SPAMMY > > Score analysis of 1 week of incoming mail to amavis: > ---------------------------------------------------- > ~51k unique mails were scored, with a rough breakdown as follows: > > ~17k < 0.0 > ~13k 0.0 - 5.0 > ~7k 5.0 - 10.0 > ~5k 10.0 - 20.0 > ~5k 20.0 - 30.0 > ~3k > 30.0 >
