subject:"\[Mailman\-Users\] DMARC issue with Mailman List"

Re: [Mailman-Users] DMARC issue with Mailman List

2017-03-21 Thread Stephen J. Turnbull

Mark Sapiro writes:

 > > Our configuration is that our web site integration with PayPal has PayPal
 > > sending confirmation emails to a mailman list called treasurer-alias, so
 > > that multiple people are aware of the PayPal transaction.
 > 
 > PayPal.com publishes DMARC p=reject. Your treasurer-alias list makes
 > some message transformation such as adding a footer or subject prefix
 > that breaks PayPal's DKIM signature. Therefore recipient list member's
 > ISPs that honor DMARC will reject the message.
 > 
 > See  items 1) and 2) for ways to deal
 > with this. If your Mailman is 2.1.18+, I suggest setting Privacy
 > options... -> Sender filters -> dmarc_moderation_action to Munge From.

I recommend against that, since this is exactly the transactional
mailflow that DMARC "p=reject" was designed for.  Munge From makes it
difficult-to-impossible to verify mail apparently from PayPal without
ARC, which probably is not available on your site yet.

On the other hand, I suppose that there are few members of
treasurer-alias, and they would probably be willing to accept this
mailflow without the usual Subject tags and footer.  So the annoyance
level should not be huge if they were omitted.  So, I recommend that
you configure your list not to touch the Subject and body instead.

Steve
--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Re: [Mailman-Users] DMARC issue with Mailman List

2017-03-16 Thread Mark Sapiro

On 03/16/2017 06:20 AM, Terry Lund wrote:
> We are getting the following error for one of our users in one of our
> mailman lists. I've tried to figure out if one of the configuration options
> in Privacy Rules can be used to address this issue, but I am afraid I am
> not real clear on the implications of the relevent DMARC related
> parameters. Any insight or assistance would be much appreciated.
> 
> Our configuration is that our web site integration with PayPal has PayPal
> sending confirmation emails to a mailman list called treasurer-alias, so
> that multiple people are aware of the PayPal transaction.


PayPal.com publishes DMARC p=reject. Your treasurer-alias list makes
some message transformation such as adding a footer or subject prefix
that breaks PayPal's DKIM signature. Therefore recipient list member's
ISPs that honor DMARC will reject the message.

See  items 1) and 2) for ways to deal
with this. If your Mailman is 2.1.18+, I suggest setting Privacy
options... -> Sender filters -> dmarc_moderation_action to Munge From.

-- 
Mark Sapiro The highway is for gamblers,
San Francisco Bay Area, Californiabetter use your sense - B. Dylan
--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

[Mailman-Users] DMARC issue with Mailman List

2017-03-16 Thread Terry Lund

We are getting the following error for one of our users in one of our
mailman lists. I've tried to figure out if one of the configuration options
in Privacy Rules can be used to address this issue, but I am afraid I am
not real clear on the implications of the relevent DMARC related
parameters. Any insight or assistance would be much appreciated.

Our configuration is that our web site integration with PayPal has PayPal
sending confirmation emails to a mailman list called treasurer-alias, so
that multiple people are aware of the PayPal transaction.

-- Forwarded message --
From: mailer-dae...@bounce.mail.unifiedlayer.com
To: treasurer-alias-boun...@catoctinareaturners.org
Cc:
Bcc:
Date: 16 Mar 2017 02:55:28 -
Subject: failure notice
Hi. This is the qmail-send program at bounce.mail.unifiedlayer.com.
I'm afraid I wasn't able to deliver your message to the following addresses.
This is a permanent error; I've given up. Sorry it didn't work out.

<28blc...@gmail.com>:
74.125.28.27 failed after I sent the message.
Remote host said: 550-5.7.1 Unauthenticated email from paypal.com is not
accepted due to domain's
550-5.7.1 DMARC policy. Please contact the administrator of paypal.com
 domain
550-5.7.1 if this was a legitimate mail. Please visit
550-5.7.1  https://support.google.com/mail/answer/2451690 to learn about the
550 5.7.1 DMARC initiative. j61si3837935plb.86 - gsmtp

--- Enclosed are the original headers of the message.


-- Forwarded message --
From:
To:
Cc:
Bcc:
Date:
Subject:
(Body supressed)


Regards, and thanks in advance for any assistance.

-- 
Terry Lund
terry.l...@gmail.com
--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Re: [Mailman-Users] DMARC issue with Mailman List

Re: [Mailman-Users] DMARC issue with Mailman List

[Mailman-Users] DMARC issue with Mailman List

3 matches

Site Navigation

Mail list logo

Footer information