I just received an email from agora-business (the list) to my
callforjudgm...@yahoo.co.uk email address warning me that I was
bouncing emails, and asking me to confirm that the email was still
valid. (The address still works, and I still use it to receive Agoran
mail; it's just that I can no longer send from it easily, so I use a
different address for sending.) That might seem strange, given that I'm
receiving a lot of messages to that email address too; it's not like
everything is bouncing.
The culprit is probably DMARC; Yahoo! are notorious for DMARC
enforcement. DMARC bounces happen when the sender of an email specifies
some rules about how the email should look (e.g. sent via a particular
server, or signed with a particular key), and the email, upon being
received, doesn't comply with them. In other words, someone – but not
most people – is sending emails that look invalid to the recipient.
I'm pretty sure that the person in question is Murphy. E's been having
trouble getting messages through, and eir recent message to BAK let me
see what the headers on eir emails look like (because it's currently
this @alumni.bham.ac.uk email address that's subscribed to BAK). It's
possible to diagnose the problem from a couple of headers on the email:
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
t=1557931409; s=zm2019; d=zoho.com; i=emurph...@zoho.com;
h=To:From:Subject:Message-ID:Date:MIME-Version:Content-Type:Content-Transfer-Encoding;
l=6; bh=fdkeB/A0FkbVP2k4J4pNPoeWH6vqBm9+b0C3OY87Cw8=;
b=mY+jo1/fI+p3ILjXOQGQ/PsgPFmqzsl5wJUzCg7YuHVXIsT1ZFZ9HSXy1NYS95lX
AhYAlfHTWZikn+OfP+ECfVFiHkmpsjDTgtnGAYKjzIKN+nVOg0HBMBGgADCGKuD0xuO
4GUSndRa9qmZ5GSLcmtSdwrqukQzr64Vrs1GQhdo=
Authentication-Results: spf=none (sender IP is 145.0.1.64)
smtp.mailfrom=listserver.tue.nl; alumni.bham.ac.uk; dkim=fail (signature
did not verify) header.d=zoho.com;alumni.bham.ac.uk; dmarc=fail
action=oreject header.from=zoho.com;compauth=fail reason=000
The "dmarc=fail" is explaining the immediate cause of what's going on
here: the email claims to be from zoho.com, but could not be verified
as actually coming from there. The main causal factor is the "h=" part
of the DKIM-Signature line:
DKIM-Signature: … h=To:From:Subject:…
Translated to English, this states that the email should not be
considered valid if the Subject fail was modified in transit. Of
course, the Subject of the email actually was modified (by the list
software, inserting the BAK:), so the message fails to verify. The
cryptography behind DKIM can't detect that a message is "almost right",
it's just a simple pass/fail (in particular, the recipients can't
distinguish an entirely forged email from an email that's correct apart
from the subject line).
zoho.com's DMARC settings are to tell the recipient to reject any
apparently forged message that claims to be from them (without even
sending it to a spam folder). So in theory, anyone who can actually
receive Murphy's emails has a non-compliant mailserver :-)
I used to have a similar problem back when I posted from my yahoo.co.uk
email address. There's a fairly simple workaround to it: just type the
DIS:/BUS:/OFF:/BAK: part of the subject line manually, rather than
letting the list software add it. If you do that, then the list
software doesn't modify the email in transit, so the DKIM signature
starts verifying and allows the email to go through.
(Incidentally, the "DMARC failures mean your email doesn't go through
/and/ bounce other people off the lists" issue is fairly well known;
people warned that it would happen as soon as sites started using
restrictive DMARC settings. There's no really good solution to it at
the list software level, though.)
--
ais523
