[Mailman-Users] Postings being discarded due to DKIM failures?
heller at deepsoft.com
Fri May 16 02:38:03 CEST 2014
At Thu, 15 May 2014 17:14:38 -0700 Mark Sapiro <mark at msapiro.net> wrote:
> On 05/15/2014 08:43 AM, Robert Heller wrote:
> > A list member recently tried to post a message to a list and the message was
> > discarded for no *appearent* reason. The only clue is that for some reason
> > the message is failing the DKIM check (DKIM=fail). I am using Mailman 2.1.16
> > on CentOS 5 (python-2.4.3-56.el5, httpd-2.2.3-85.el5.centos,
> > dkim-milter-2.8.3-8.el5). Is there some way to get Mailman to log why it is
> > discarding messages?
> I assume you've seen the vette log entry saying the message was
> discarded, but it doesn't say why.
> Essentially all discards are because the message met some condition for
> which the action is Discard. These are all in the list's web admin
> interface. The most common one is Content filtering with a filter_action
> of discard and a message whose top level Content-Type: is either in
> filter_mime_types or not in pass_mime_types. This could be, e.g., a
> multipart/related message with multipart/alternative and multipart/mixed
> as the only multipart types in pass_mime_types or a text/html message
> without text/html in pass_mime_types. It is a common misconception that
> convert_html_to_plaintext will handle the latter, but you have to accept
> the HTML before you can convert it.
> Other places to look for Discard actions are:
> Privacy options...
> Sender filters
> dmarc_moderation_action (Mailman 2.1.18 and up)
> Spam filters
> If you want to see the reason and the message, change the action from
> Discard to Hold.
It wasn't any of these. I believe I have figured out what happened. The poster
did something 'bad': instead of creating a fresh message he located an old
message with a return address of the list and did a reply and then edited
*some* of the headers: only some of the 'visible' ones and did not delete the
'hidden' ones, which confused the list server.
I discovered this when saw dkim log messages suggesting that the server the
message came from might be pretending to be my server and then when I looked
at the headers of another message from this poster that had headers it should
not have had.
Robert Heller -- 978-544-6933 / heller at deepsoft.com
Deepwoods Software -- http://www.deepsoft.com/
() ascii ribbon campaign -- against html e-mail
/\ www.asciiribbon.org -- against proprietary attachments
More information about the Mailman-Users