steve lund writes:
Seems like Google is mucking about with its filters!
That's their raison d'etre. (It certainly can't be their execrable UI.)
They do a good job, sometime they make mistakes. Users want them to shoot first and ask questions later. They're pretty good (too good when it comes to test messages :-( ) about resisting user pressure to decrease mail reliability.
If I had to guess though, the next most likely thing after DMARC is the sending server was blacklisted by some recipient domains.
This is what I was afraid of. Is there any way of confirming or denying that this is happening.
Not individual domains. However, most likely they subscribe to a block list ("black hole"). There are free services that will check block lists for you. I have a meeting in 5 minutes so no time to look up now, maybe after work if nobody else chimes in.
So how does an ISP keep their mail server OFF of the SPAM blacklist?
Get the DNS in order (MXes have A records, A records round-trip through PTR, DKIM, DMARC, and SPF configs are present, correct DKIM pubkey is present). Configure DKIM signing and ARC sealing in the MTA. Subscribe to various reporting services at major email providers (Google, Yahoo!, outlook, o365, hotmail, others). It's a PITA.
Check our FAQ and archives:
Mailman FAQ: http://wiki.list.org/x/AgA3
Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/
https://mail.python.org/archives/list/mailman-users@python.org/
Steve