On 11/28/21 7:58 PM, Jayson Smith wrote:
Hi,
One of my Mailman lists has a single member at Charter which has occasionally bounced mail over the last few days. When this happens, the reason given, when I look it up on their help page, indicates the message I sent goes against the security policies of my domain, and I should contact my domain administrator (that would be me). I have SPF and DKIM set up, and a quick check at dkimvalidator.com verifies they're both working. I assume this is one of these annoying situations where Charter is seeing what's clearly a transient DNS problem and treating it like a permanent failure? Also I assume there's nothing I can do about this? Is the problem likely to be at Charter's end or at my domain's nameservers' end?
Only guessing, but this sounds like DMARC. Does your list apply DMARC mitigations?
If it is DMARC, the issue is the message sent to the charter subscriber is From: poster@posters.domain. posters.domain publishes a DMARC policy of (probably) reject. Yahoo.com is one such common domain. Your list modifies the message by content filtering, subject prefixing, adding msg_footer or some other transformation that breaks the posters.domain DKIM signature. Your SPF and DKIM signatures pass, but they are not 'aligned' with posters.domain, so they don't count for DMARC.
See https://wiki.list.org/DEV/DMARC
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan