[sf-lug] Switch meeting from Jitsi to Zoom
Rick Moen
rick at linuxmafia.com
Sat Sep 12 04:16:59 PDT 2020
Quoting Glen Jarvis (glen at glenjarvis.com):
> I have known about these bounced for some time. I get the DMARC policy
> reports of which ones get rejected as well and have seen these bounce
> (but only for linuxmafia). I do not have issues with other mailing
> lists nor google groups.
It's entirely possible that other mailing lists are able to implement
DMARC mitigations, which (e.g.) very recent versions of Mailman make
possible. linuxmafia.com is for the time being stuck on its present
older version of Mailman.
> The DMARC entry is intentional and has been great for me.
OK, fine, you will have problems on mailing lists hosted on my server,
then. You do what you think best.
_However_, if (as just happened) your postings repeatedly cause -other-
mailing list members to have high bounce scores, and thereby cause me a
great deal of work re-enabling their mail delivery, I may not be able to
tolerate you much longer as a subscriber. We will need to see.
FWIW, I get perfect anti-forgery results from my two domains' strongly
asserted SPF records. Unlike DMARC/DKIM, the SPF antiforgery technique
was correctly drafted and isn't hostile to mailing lists. Thus, I
continue to use and endorse it, just as I do _not_ use (and recommend
against) Yahoo's (botched) DMARC/DKIM.
> For what it's worth, I think that for most mailing lists that I'm on,
> they can do a forward without changing the envelope (and thus,
> changing the DKIM and invalidating the signature).
Actually, the recent-version Mailman DMARC mitigation is a bit more
complicated than that, but I am rather too tired to get into it and it's
too late at night. Basically, Mailman is forced to do Reply-To munging
in order to do an end-run around the damage caused by DMARC's
mailing-list-hostile design. And FWIW, every MLM, including every
release of GNU Mailman, rewrites the envelope upon retransmission to
subscribers. That's not a bug, but rather a feature: It's what makes
it possible for MLMs' mail to not appear to be forged, unlike mail
retransmitted by /etc/aliases and ~/.forward entries that do _not_
rewrite the envelope (an obsolete approach).
I am guessing that other MLMs like Sympa and whatever proprietary junk
Google Groups uses employ a similar kludge to the DMARC-workaround
kludge that recent Mailman releases can do.
I consider this regrettable at best. I would enable the kludge to
compensate for the DMARC damage if I were running a very recent Mailman
release, but I'm not.
> If it looks like the mail is coming from 'glenjarvis.com' (instead of
> a mailing list server), it will fail these tests and be rejected. But,
> if it looks like it's coming from the mail server itself, all is fine.
I have of course no problems with your mail server rejecting whatever
your local domain/host policy dictates. I _do_ have problems with your
sending mail to linuxmafia.com's mailing lists that cause its
subscribers to build up high bounce scores and therefore get their
delivery disabled and eventually unsubscribed. If that persists, I will
consider your posting traffic to be the problem.
This will not be open for much in the way of further discussion. I'm
just explaining what the problem is and what the only options available
to me are.
More information about the sf-lug
mailing list