[Mailman-Users] Executive summary of DMARC issues

Gary Algier gaa at ulticom.com
Thu May 15 17:35:04 CEST 2014

On 05/15/14 11:15, Larry Finch wrote:
> On May 15, 2014, at 10:53 AM, Gary Algier <gaa at ulticom.com> wrote:
>> On 05/14/14 23:47, Stephen J. Turnbull wrote:
>> I then sent an email to the list and to my work sendmail address.  It was delivered to both work addresses and the iCloud address.
>> Gmail put it in my Spam folder with the warning:
>> -------------------------------------------------------------------
>> Be careful with this message. Our systems couldn't verify that this message was really sent by yahoo.com. You might want to avoid clicking links or replying with personal information.
>> -------------------------------------------------------------------
>> There is also a link to their "Why messages are marked as Spam" page.
>> On Yahoo I found the bounce in my Spam folder with the following:
>> -------------------------------------------------------------------
>> This is an automated message from the Extensible Content Security
>> at host wg.ulticom.com.
>> The message returned below could not be delivered to its intended
>> destinations.
>> It seems that in the case of a simple Exchange distribution list, the Yahoo members will fail (into their Spam folder!), some others may fail depending upon their service's SPF fussiness, and others may have to root around in their Spam folders for the content.
> On the lists that I manage on listserv I’ve discovered that many ISPs honor Yahoo and AOL’s p=reject, and will not even put the message in the spam folder. Among them are: Comcast, SBCGlobal, AT&T, AOL, Rogers, Earthlink, Hotmail and a few others I don’t recall. So essentially half of my list members will not get posts from Yahoo or AOL.
> best regards,
> Larry
> --
> Larry Finch
> finches at portadmiral.org

Apparently, simple Exchange distribution lists do not rewrite headers or touch 
the body so DKIM passes.  However, the distribution lists also do not change 
the envelope sender so the SPF fails.  In order to get through DKIM, the 
internal author address ("From: ") and a bunch of other headers must stay the 
same, which Exchange does.  Most mailing list software rewrites something, 
which makes DKIM fail.  However, the mailing list software will use an 
envelope address from the list so SPF should not fail.

Can't use Exchange distribution lists: SPF will fail.
Can't use mailing list software without changing the author, etc.: DKIM will fail.

Time for sendmail aliases?  Or perhaps, SPF will fail?

Gary Algier, WB2FWZ            gaa at ulticom.com             +1 856 787 2758
Ulticom Inc., 1020 Briggs Rd, Mt. Laurel, NJ 08054     Fax:+1 856 866 2033

Nielsen's First Law of Computer Manuals:
     People don't read documentation voluntarily.

More information about the Mailman-Users mailing list