I have had a lot of experience with these things. Here are some observations. I have a list of 4000+ subscribers around the world. I have SPF and DKIM but not DMARC. (I never say much point in DMARC, and it does not seem necessary.) Right now every single one of the 4000+ subscribers accepts the mail, most of the time. Occasionally I get msssages (from Europe) saying that the mail has been blocked because it is a "high probability of spam" or "looks like spam". This drives me crazy. These spam-blocking systems are unregulated. They are like snake oil. They should not be blocking mail without telling the recipients, and this is what happens.
A few times, Microsoft has started blocking mail to ALL addresses with domains of outlook, hotmail, msn, or live. Sometimes this was the result of what you are talking about. I was told to sign up for various things, including "sender support": https://sendersupport.olc.protection.outlook.com/snds/ You can get data on what proportion of your mail counts as spam (if you have enough mail, as we do). When they block mail, you can complain: https://support.microsoft.com/supportrequestform/8ad563e3-288e-2a61-8122-3ba... (the one that works for me) or just https://support.microsoft.com/supportrequestform/
If you complain, you will get an automatic reply saying that your problem does not qualify for mitigation and that they are almost always correct. Then you have to respond to that. After a few rounds of this, you will get a response from what seems to be a human being, who will tell you that they are taking your problem very seriously, yada yada.
The last time this happened, they were completely blocking all make for over a week, because my IPV4 address (the one they use) was part of a range of addresses from which spam was being sent. Of course, I have only one ipv4 address (from a cloud server, Linode). The problem seems fixed for now, but I am warning new subscribers not to use Microsoft-controlled addresses.
Of course they won't tell you HOW they decide that something is spam, as this information would just make it easier for spammers.
(But I don't see what is so bad about spam. You just delete it; it helps if possible spam goes to a spefific folder, but any system I've seen makes many mistakes both ways, except spamassassin, which rarely makes a false positive. The real problem is phishing, and there have been no randomized control trials to see whether any system can immunize people against that. I doubt that these spam detectors do it effectively.)
Some references:
https://answers.microsoft.com/en-us/outlook_com/forum/all/hotmailoutlook-blo...
https://lists.mailman3.org/archives/list/mailman-users@mailman3.org/thread/C...
And there are several things like this: https://mxtoolbox.com/blacklists.aspx
But the list called UCEPROTECT3 (I think) is now, happily, widely ignored, because it is based on spam coming from a large range of ipv6 addresses on a cloud server. Spamhause does something like this too, but you can fix it by getting a "proper" ipv6 address that specifies the range ("/64" at the end).
Some geneneral
On 11/29/21 00:51, Jayson Smith wrote:
Hi again,
Good point about DMARC. Does anyone know if Charter suddenly started caring about some DMARC policies on or around this past Friday? I have my list set to munge the From: lines of messages from senders E.G. AOL, Yahoo, etc. that publish a DMARC rejection policy.
On a slightly different topic, I've heard from a few Outlook users that list messages are consistently ending up in their junkmail folders. Could this be because Microsoft doesn't like the fact that my list is causing DMARC to fail, but not actually complaining to me about it? I could solve this problem by having the list munge the From: line for all messages, but sometimes that causes problems with replying. In particular, several years ago when my lists were set up to do that, Thunderbird users were having problems sometimes replying to the sender of a message rather than the entire list.
Jayson
On 11/28/2021 11:45 PM, Mark Sapiro wrote:
On 11/28/21 7:58 PM, Jayson Smith wrote:
Hi,
One of my Mailman lists has a single member at Charter which has occasionally bounced mail over the last few days. When this happens, the reason given, when I look it up on their help page, indicates the message I sent goes against the security policies of my domain, and I should contact my domain administrator (that would be me). I have SPF and DKIM set up, and a quick check at dkimvalidator.com verifies they're both working. I assume this is one of these annoying situations where Charter is seeing what's clearly a transient DNS problem and treating it like a permanent failure? Also I assume there's nothing I can do about this? Is the problem likely to be at Charter's end or at my domain's nameservers' end?
Only guessing, but this sounds like DMARC. Does your list apply DMARC mitigations?
If it is DMARC, the issue is the message sent to the charter subscriber is From: poster@posters.domain. posters.domain publishes a DMARC policy of (probably) reject. Yahoo.com is one such common domain. Your list modifies the message by content filtering, subject prefixing, adding msg_footer or some other transformation that breaks the posters.domain DKIM signature. Your SPF and DKIM signatures pass, but they are not 'aligned' with posters.domain, so they don't count for DMARC.
Mailman-Users mailing list -- mailman-users@python.org To unsubscribe send an email to mailman-users-leave@python.org https://mail.python.org/mailman3/lists/mailman-users.python.org/ Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/ https://mail.python.org/archives/list/mailman-users@python.org/
-- Jonathan Baron, Professor of Psychology, University of Pennsylvania Home page: https://www.sas.upenn.edu/~baron Founding Editor: Judgment and Decision Making (http://journal.sjdm.org)