Getting Yahoo to accept Mailman list messages
Hi all
I got an error message below from Yahoo:
This message was created automatically by mail delivery software.
A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. The following address(es) failed:
xxxxxxxxx@yahoo.com host mta7.am0.yahoodns.net [63.250.192.46] SMTP error from remote mail server after end of data: 554 5.7.9 Message not accepted for policy reasons. See https://help.yahoo.com/kb/postmaster/SLN7253.html xxxxxxxxxxxxx@yahoo.com host mta7.am0.yahoodns.net [63.250.192.46] SMTP error from remote mail server after end of data: 554 5.7.9 Message not accepted for policy reasons. See https://help.yahoo.com/kb/postmaster/SLN7253.html I asked the provider and here is his answer (which does not help me too much since I have not sufficient knowledge about these techniques):
Hi Christian,
The messages were rejected because they weren't properly authenticated. By default, all outgoing messages from xxxx.ch are DKIM and SPF authenticated. Not sure about the mailing list messages, though. Perhaps the Mailman needs authentication on its own. This is a cPanel (56.0.21) installation of Mailman 2.1.20.
I have looked into the list settings but did not find anything about DKIM or SPF, and I also did not really understand the explanations in <https://wiki.list.org/DEV/DKIM>. And also, I did not find any settings for DKIM or SPF in the list administration pages.
Any ideas are most welcome!
Thank you, Christian
-- Christian F. Buser, Hohle Gasse 6, CH-5507 Mellingen (Switzerland) Hilfe fuer Strassenkinder in Ghana: http://www.chance-for-children.org
On 05/28/2016 12:44 PM, Christian F Buser via Mailman-Users wrote:
I got an error message below from Yahoo:
This message was created automatically by mail delivery software.
A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. The following address(es) failed:
xxxxxxxxx@yahoo.com host mta7.am0.yahoodns.net [63.250.192.46] SMTP error from remote mail server after end of data: 554 5.7.9 Message not accepted for policy reasons. See https://help.yahoo.com/kb/postmaster/SLN7253.html
...
I asked the provider and here is his answer (which does not help me too much since I have not sufficient knowledge about these techniques):
Hi Christian,
The messages were rejected because they weren't properly authenticated. By default, all outgoing messages from xxxx.ch are DKIM and SPF authenticated. Not sure about the mailing list messages, though. Perhaps the Mailman needs authentication on its own. This is a cPanel (56.0.21) installation of Mailman 2.1.20.
I have looked into the list settings but did not find anything about DKIM or SPF, and I also did not really understand the explanations in <https://wiki.list.org/DEV/DKIM>. And also, I did not find any settings for DKIM or SPF in the list administration pages.
The reply you received is somewhat misleading. It seems the issue is DMARC policy rejection. Your provider says the outgoing mail is DKIM signed and passes SPF, and there is no reason to believe that is not the case, so the rejection must be DMARC related. The relevant FAQs are <https://wiki.list.org/x/17891458> and <https://wiki.list.org/DEV/DMARC>.
All the mitigations mentioned in the Mailman 2 section of <https://wiki.list.org/DEV/DMARC> should be available. The recommended method is to set Privacy options - Sender filters -> dmarc_moderation_action to Munge From.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
On 05/28/2016 01:01 PM, Mark Sapiro wrote:
On 05/28/2016 12:44 PM, Christian F Buser via Mailman-Users wrote:
The messages were rejected because they weren't properly authenticated. By default, all outgoing messages from xxxx.ch are DKIM and SPF authenticated. Not sure about the mailing list messages, though. Perhaps the Mailman needs authentication on its own.
This is a cPanel (56.0.21) installation of Mailman 2.1.20. ... It seems the issue is DMARC policy rejection. Your provider says the outgoing mail is DKIM signed and passes SPF
Actually, I see the provider is not sure about list mail. It is not clear how mail is being DKIM signed, but if OpenDKIM is being used, your provider should see the "MAILING LISTS" section near the bottom of <http://www.opendkim.org/opendkim-README>.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
participants (2)
-
Christian F Buser
-
Mark Sapiro