Hey gang,
For all those keeping track on DMARC aol has changed its DMARC settings to reject: http://postmaster-blog.aol.com/2014/04/22/aol-mail-updates-dmarc-policy-to-r...
al
On Thu, Apr 24, 2014 at 12:22 PM, Al Black al-black@telus.net wrote:
Hey gang,
For all those keeping track on DMARC aol has changed its DMARC settings to reject: http://postmaster-blog.aol.com/2014/04/22/aol-mail-updates-dmarc-policy-to-r...
This makes sense for them because they hardly have any active users left. :-)
-Jim P.
On Apr 24, 2014, at 12:22 PM, Al Black al-black@telus.net wrote:
Hey gang,
For all those keeping track on DMARC aol has changed its DMARC settings to reject: http://postmaster-blog.aol.com/2014/04/22/aol-mail-updates-dmarc-policy-to-r...
I was exchanging some email with an AOL email admin contact I have, cc’ing the dmarc-help@teamaol.com email referenced in the blog, and ended up getting this msg:
Hi Conrad,
Thank you for your thoughts. Unfortunately we had to make that decision to curb the amount of spam mail out there. And I am certain that the industry is looking at this very carefully, including other mail providers. And I am sure that they might follow very soon.
This really means that we have to work together with those mailling list developers and they have to come up with solutions to deal with the new reality out there.
The IETF and MAAWG working groups are discussing that. You can find more information particularly about mailling lists here:http://dmarc.org/faq.html#s_3
I encourage you to also share this with whoever is responsible for maintaining the mail solutions you are using.
Thanks, Marcel Becker Director, AOL Mail
Mostly content-free but at least a response from a human.
-Conrad
I don't know if this was the case before, but Gmail is publishing a DMARC record with p=none. I seem to recall that last week the weren't publishing a DMARC record at all, although I might be mistaken.
-- Lindsay Haisley | "Everything works if you let it" FMP Computer Services | 512-259-1190 | --- The Roadie http://www.fmp.com |
On 04/24/2014 12:35 PM, Lindsay Haisley wrote:
I don't know if this was the case before, but Gmail is publishing a DMARC record with p=none. I seem to recall that last week the weren't publishing a DMARC record at all, although I might be mistaken.
These results are from over a week ago. They are in a draft of a report of research and testing I was doing that was last updated on April 15.
_dmarc.gmail.com.: v=DMARC1\; p=none\; rua=mailto:mailauth-reports@google.com _dmarc.googlegroups.com: v=DMARC1\; p=none\; rua=mailto:mailauth-reports@google.com _dmarc.google.com: v=DMARC1\; p=quarantine\; rua=mailto:mailauth-reports@google.com
-- Mark Sapiro mark@msapiro.net The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
On Thu, Apr 24, 2014 at 3:43 PM, Mark Sapiro mark@msapiro.net wrote:
On 04/24/2014 12:35 PM, Lindsay Haisley wrote:
I don't know if this was the case before, but Gmail is publishing a DMARC record with p=none. I seem to recall that last week the weren't publishing a DMARC record at all, although I might be mistaken.
These results are from over a week ago. They are in a draft of a report of research and testing I was doing that was last updated on April 15.
_dmarc.gmail.com.: v=DMARC1\; p=none\; rua=mailto:mailauth-reports@google.com _dmarc.googlegroups.com: v=DMARC1\; p=none\; rua=mailto:mailauth-reports@google.com _dmarc.google.com: v=DMARC1\; p=quarantine\; rua=mailto:mailauth-reports@google.com
GMail's had a p=none for a while now... months.
GMail also had an odd hiccup today. I received a ton of bounces because:
Apr 24 18:20:59 svr6 postfix/smtp[26753]: 2838F36B12: to=
<xxxxxx@gmail.com>, relay=gmail-smtp-in.l.google.com
[74.125.201.109]:25, delay=0.69,
delays=0.26/0/0.38/0.05, dsn=5.5.1, status=bounced (host
gmail-smtp-in.l.google.com[74.125.201.109] said: 530-5.5.1
Authentication Required. Learn more at 530 5.5.1
http://support.google.com/mail/bin/answer.py?answer=14257
b6sm884241igm.2 - gsmtp (in reply to MAIL FROM command))So for some period of time, they wanted Mailman to auth as who? :-)
-Jim P.
On Thu, Apr 24, 2014 at 4:08 PM, Jim Popovitch jimpop@gmail.com wrote:
On Thu, Apr 24, 2014 at 3:43 PM, Mark Sapiro mark@msapiro.net wrote:
On 04/24/2014 12:35 PM, Lindsay Haisley wrote:
I don't know if this was the case before, but Gmail is publishing a DMARC record with p=none. I seem to recall that last week the weren't publishing a DMARC record at all, although I might be mistaken.
These results are from over a week ago. They are in a draft of a report of research and testing I was doing that was last updated on April 15.
_dmarc.gmail.com.: v=DMARC1\; p=none\; rua=mailto:mailauth-reports@google.com _dmarc.googlegroups.com: v=DMARC1\; p=none\; rua=mailto:mailauth-reports@google.com _dmarc.google.com: v=DMARC1\; p=quarantine\; rua=mailto:mailauth-reports@google.com
GMail's had a p=none for a while now... months.
GMail also had an odd hiccup today. I received a ton of bounces because:
Apr 24 18:20:59 svr6 postfix/smtp[26753]: 2838F36B12: to= <xxxxxx@gmail.com>, relay=gmail-smtp-in.l.google.com [74.125.201.109]:25, delay=0.69, delays=0.26/0/0.38/0.05, dsn=5.5.1, status=bounced (host gmail-smtp-in.l.google.com[74.125.201.109] said: 530-5.5.1 Authentication Required. Learn more at 530 5.5.1 http://support.google.com/mail/bin/answer.py?answer=14257 b6sm884241igm.2 - gsmtp (in reply to MAIL FROM command))So for some period of time, they wanted Mailman to auth as who? :-)
OK, that wasn't an odd hiccup, that was/is intentional action by google. Gmail now seems to be bouncing email where From: is another gmail account.
Check your bounce logs.....
-Jim P.
On Fri, 2014-04-25 at 11:54 -0400, Jim Popovitch wrote:
http://support.google.com/mail/bin/answer.py?answer=14257
b6sm884241igm.2 - gsmtp (in reply to MAIL FROMcommand))
So for some period of time, they wanted Mailman to auth as who? :-)
OK, that wasn't an odd hiccup, that was/is intentional action by google. Gmail now seems to be bouncing email where From: is another gmail account.
I'm not seeing this in my mail logs here. The URL cited in the log entry gives no reason for such a policy. The mail log here shows a number of 5.1.1 bounces of list mail to gmail.com addresses for a number of reasons, but this isn't one of them.
# grep gmail mail.log|grep [listname]|grep "5\.1\.1"
Should I be looking for something else? About 25% of the subscribers on our biggest discussion list are gmail.com subscribers.
-- Lindsay Haisley | "Everything works if you let it" FMP Computer Services | 512-259-1190 | --- The Roadie http://www.fmp.com |
On Fri, Apr 25, 2014 at 12:48 PM, Lindsay Haisley fmouse@fmp.com wrote:
On Fri, 2014-04-25 at 11:54 -0400, Jim Popovitch wrote:
http://support.google.com/mail/bin/answer.py?answer=14257
b6sm884241igm.2 - gsmtp (in reply to MAIL FROMcommand))
So for some period of time, they wanted Mailman to auth as who? :-)
OK, that wasn't an odd hiccup, that was/is intentional action by google. Gmail now seems to be bouncing email where From: is another gmail account.
I'm not seeing this in my mail logs here. The URL cited in the log entry gives no reason for such a policy. The mail log here shows a number of 5.1.1 bounces of list mail to gmail.com addresses for a number of reasons, but this isn't one of them.
# grep gmail mail.log|grep [listname]|grep "5\.1\.1"
Should I be looking for something else? About 25% of the subscribers on our biggest discussion list are gmail.com subscribers.
TBH, I'm not sure what else there is to look for. :-) GMail, every so often, is telling my Mailman that it needs to Auth in order to reflect From:gmail to other gmail customers. It's like DMARC without following the DMARC standard (GMail has a p=none policy).
-Jim P.
Jim Popovitch writes:
TBH, I'm not sure what else there is to look for. :-) GMail, every so often, is telling my Mailman that it needs to Auth in order to reflect From:gmail to other gmail customers. It's like DMARC without following the DMARC standard (GMail has a p=none policy).
Is it possible that those users are using their GMail address from a non-Google host? That would explain the intermittent nature of the challenge -- it doesn't have the GMail DKIM signature that identifies GMail-from-GMail messages. And it would also explain why it "looks like" DMARC, since DKIM is one of the underlying protocols used to implement DMARC.
On Sat, Apr 26, 2014 at 2:24 AM, Stephen J. Turnbull stephen@xemacs.org wrote:
Jim Popovitch writes:
TBH, I'm not sure what else there is to look for. :-) GMail, every so often, is telling my Mailman that it needs to Auth in order to reflect From:gmail to other gmail customers. It's like DMARC without following the DMARC standard (GMail has a p=none policy).
Is it possible that those users are using their GMail address from a non-Google host? That would explain the intermittent nature of the challenge -- it doesn't have the GMail DKIM signature that identifies GMail-from-GMail messages. And it would also explain why it "looks like" DMARC, since DKIM is one of the underlying protocols used to implement DMARC.
I strip any existing inbound sigs. The GMail senders were using GMail web interface.
This looks more and more like a lazy DNS issue, as the MX for GMail has flip-flopped over the past ~24 hours. I honestly think that GMail rotated in a wrong server...the only other possibility is that powerdns cached a record beyond it's TTL.
-Jim P.
This really means that we have to work together with those mailling list developers and they have to come up with solutions to deal with the new reality out there.
New reality!? LOL. There's nothing new about fighting spam/phishing emails. AOL just doesn't want to say that they regret laying off their spam fighting group a few years back:
https://www.google.com/#q=aol+postmasters+laid+off
-Jim P.
participants (6)
-
Al Black -
Conrad G T Yoder -
Jim Popovitch -
Lindsay Haisley -
Mark Sapiro -
Stephen J. Turnbull