[Mailman-Users] Bounce Processing

Stephen J. Turnbull stephen at xemacs.org
Wed Apr 20 22:03:07 EDT 2016


Richard Robbins writes:

 > I recently switched my mailman host to a new provider.  One of my
 > users is now encountering problems that he hasn't had before.

Are you sure your list configuration is the same as before?

 > When he sends a message to a list an error message is generated
 > that is in the following form:

This doesn't look like a problem Mailman itself can help solve, but
you don't provide the information needed to decide.

 > From: Mail Delivery System <Mailer-Daemon at cloud1.emwd.com>
 > To: announce-bounces at usml.net

announce at usml.net is your mailing list?

emwd.com is your new host?  (No direct experience, but they have been
a good citizen on our lists, which gives me some confidence in his
statements.)

 > This is a permanent error. The following address(es) failed:
 > 
 >   [subscriber's email address appeared here and I deleted it]

The subscriber's address is at pphosted.com (from the name, most
likely a virtual domain served by pphosted.com)?  Subscriber ==
sender?  Do you get a pile of these for various senders, or only for
subscriber == sender?

 >     host mxa-00149702.gslb.pphosted.com [67.231.156.216]
 >     SMTP error from remote mail server after end of data:
 >     550 5.7.0 You are not authorized to use our domain as a sender address.

As your staff says, this could be an SPF issue, but why "mxa-00149702"
believes your host is claiming to be a domain hosted by pphosted.com,
I don't know.  Was your domain ("usml.net"?) formerly, or now partially,
hosted at pphosted.com?

If your list hosting domain has never had any relation to
pphosted.com, I would assume that this isn't based on SPF, but rather
that the sender is the subscriber, and this is a policy rejection
based on that fact (ie, the subscriber's host believes the mail is
from a spammer pretending to be the subscriber).

 > Action: failed
 > Final-Recipient: rfc822; [subscriber's email address appeared here and I
 > deleted it]
 > Status: 5.0.0
 > Remote-MTA: dns; mxa-00149702.gslb.pphosted.com
 > Diagnostic-Code: smtp; 550 5.7.0 You are not authorized to use our domain
 > as a sender address.
 > 
 > When I asked my host about this I was told that this is an SPF
 > configuration issue and that the sender needs to adjust relevant
 > DNS records.

Could be, I guess.  I would guess a misconfiguration of the receiving
MTA (mail server).  I don't understand how a DNS misconfiguration of
SPF would result in that status message, unless the receiver is also
broken.

But SPF DNS reconfiguration shouldn't help Mailman mailing lists,
because mailing lists are expected to fail in SPF.  Configuration of
the receiving MTA would be more likely to help.

 > The subscriber spoke to his IT person who said that this appears to
 > him to be a blacklist issue and that the host needs to make an
 > adjustment.

Sounds to me like the IT person just doesn't want to be bothered.  I
see no evidence of a blacklist in what you've posted, rather, pretty
clearly the subscriber's host made the reject decision all by itself.
If there was a blacklist, it's the subscriber's host that consulted
it, and the IT person should be a lot more helpful about what the
problem is.

 > Meanwhile, mailman has now removed the subscriber from the mailing list and
 > I had to put him back on, but I assume he will be deleted soon.
 > 
 > I'm not really sure what to do.
 > 
 > Any advice on how to proceed?

Using one of the DMARC mitigation options (most popular is Privacy |
Sender Filters | DMARC Moderation Action, set to "Munge From") may
help.  I'd bet against it, but it's mostly harmless (list traffic will
continue to be delivered to everybody, some people may complain about
the awkward From header field from some posters), and easily reversed
if you do get any complaints.

If the answers to the initial questions are all "yes" (except the last
two, which I expect to be "no, only for this sender==subscriber", and
"no, usml.net has no relation whatsoever to pphosted.com"), I strongly
suspect that there is a problem at the subscriber's host (quite
possibly in the IT person's head).  If the subscriber wants reliable
mail service it's easiest to get another address (Gmail is easy; AOL
and Yahoo! are deprecated because of their DMARC policies).

Steve


More information about the Mailman-Users mailing list