On 3/31/18 6:33 PM, Lindsay Haisley wrote:
On Sat, 2018-03-31 at 17:57 -0400, Richard Damon wrote:
On 3/31/18 3:35 PM, Lindsay Haisley wrote:
On Sat, 2018-03-31 at 14:50 -0400, Richard Damon wrote:
To me the issue sounds like why is fmp.com forwarding spam?
If this is a case of fmp.com offering forwarding mailboxes to users, who
might be using gmail as a final destination, then yes, fmp needs to try
to be as good at detecting spam as gmail or users need to accept the
increased spam levels.
If pigs could fly ....! I do the very best job I can of filtering spam
from inbound email, and get about 90% of it, maybe more, but fighting
spam is a forever job of whack-a-mole. I certainly wish that I could do
as good a job of parsing spam from legit email as Gmail does, but I'm a
one-person shop, and have many tasks. Gmail has dozens, perhaps
hundreds of very smart people assigned to managing their spam
filtering, and they do a very good job of it. I could _never_ hope to
match their efficiency or accuracy, nor could most small operations
such as FMP Computer Services.
But coming at least close is the job you sign up for in being a mail
forwarder. You at least need to be good enough that you aren't seen by
google as an uncaring domain, and maintain enough information that they
can continue to do what they do well.
Rest assured, we "come at least close". This is not an option here,
it's a necessity. Email redirection is a feature of my MTA (Courier)
and has been offered since FMP went into business in the 1990s. It's a
standard feature of many MTAs and many ESPs offer it.
I've had to deal with Gmail's honey-potting before, and I can do it
again if necessary. I don't imagine that you've ever done commercial
email administration, Richard, or you might have something constructive
to say instead of just spewing admonitions to "do better".
I will admit, that I haven't had to do that sort of email
administration. I have run mail servers for much smaller operations, and
do understand the difficulties (one reason I don't anymore). Just
pointing out that if you have decided to go into that business, you
really need a better story than 'its hard' to convince customers to use
you if you can't meet there expectations and needs.
The problem is that Gmail is whitelisting based on the From address,
rather than the Reply-To address, which should be an _option_ open to
users. On Google's scale of operation, I'm just a fly on a dog turd so
any feature which might benefit my users and subscribers is pretty much
a no-nevermind for them.
Which is why I was saying make a 1:1 mapping of From addresses to
Reply-To addresses.
The From address _has_ to be from an address at fmp.com, which is the
reason for From-munging in the first place. If you don't understand how
DMARC works, or the problems it causes, Mark, or someone else on this
list can send you to a reference on it. The Reply-To address is EITHER
the original Reply-To address on the received email, or, if it had
none, the ORIGINAL From address. Mapping the Reply-To address to the
munged From address makes no sense at all.
Another option is to deterministically munge the from address so every
incoming email address gets a unique fmp address that it represents (it
doesn't have to be absolutely unique, mostly unique is likely good
enough), something like replace the at with _at_ and add a tail wart
like _dm...@fmp.com (so you can have other addresses an not worry about
possible overlaps with those) and use that as the from address. Then a
reply will only whitelist that specific original from address.
Which, as I noted in my original post, will cause the Gmail user's mail
account to end up with a whole lot of useless whitelisted address which
would need to be deleted, and FMP's server might well end up getting
blacklisted as a result.
No more than if GMail did implement a white-list on Reply-To addresses.
No, because the Reply-To address is the _original_ From address. Such a
whitelisting would be useless as long as Gmail's policy with regard to
DMARC rejection remains in place, but unless we get into some kind of
meta-heading BS, it's the best we might do.
I think you aren't understanding the munging I am suggesting. If I sent
a message that went through your system, (and my setup triggered your
munging) would be something like:
richard_at_damon.family.org_dm...@fmp.com
This, and exactly this would be the from address for every message I
sent through your system to a gmail user. This would be the only address
that would get white-listed due to my messages. There should be no
additional whitelisting load due to this, unless I also contact them
outside your system.
--
Richard Damon
------------------------------------------------------
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe:
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
