[Mailman-Users] Bounce Processing

Brian Carpenter brian at emwd.com
Wed Apr 20 22:56:07 EDT 2016

> -----Original Message-----
> From: Mailman-Users [mailto:mailman-users-
> bounces+brian=emwd.com at python.org] On Behalf Of Stephen J. Turnbull
> Sent: Wednesday, April 20, 2016 10:03 PM
> To: Richard Robbins <rerobbins at itinker.net>
> Cc: mailman-users at python.org
> Subject: [Mailman-Users] Bounce Processing
> Richard Robbins writes:
>  > I recently switched my mailman host to a new provider.  One of my
>  > users is now encountering problems that he hasn't had before.
> Are you sure your list configuration is the same as before?
>  > When he sends a message to a list an error message is generated
>  > that is in the following form:
> This doesn't look like a problem Mailman itself can help solve, but
> you don't provide the information needed to decide.
>  > From: Mail Delivery System <Mailer-Daemon at cloud1.emwd.com>
>  > To: announce-bounces at usml.net
> announce at usml.net is your mailing list?
> emwd.com is your new host?  (No direct experience, but they have been
> a good citizen on our lists, which gives me some confidence in his
> statements.)
>  > This is a permanent error. The following address(es) failed:
>  >
>  >   [subscriber's email address appeared here and I deleted it]
> The subscriber's address is at pphosted.com (from the name, most
> likely a virtual domain served by pphosted.com)?  Subscriber ==
> sender?  Do you get a pile of these for various senders, or only for
> subscriber == sender?
>  >     host mxa-00149702.gslb.pphosted.com []
>  >     SMTP error from remote mail server after end of data:
>  >     550 5.7.0 You are not authorized to use our domain as a sender
> As your staff says, this could be an SPF issue, but why "mxa-00149702"
> believes your host is claiming to be a domain hosted by pphosted.com,
> I don't know.  Was your domain ("usml.net"?) formerly, or now partially,
> hosted at pphosted.com?
> If your list hosting domain has never had any relation to
> pphosted.com, I would assume that this isn't based on SPF, but rather
> that the sender is the subscriber, and this is a policy rejection
> based on that fact (ie, the subscriber's host believes the mail is
> from a spammer pretending to be the subscriber).
>  > Action: failed
>  > Final-Recipient: rfc822; [subscriber's email address appeared here and
>  > deleted it]
>  > Status: 5.0.0
>  > Remote-MTA: dns; mxa-00149702.gslb.pphosted.com
>  > Diagnostic-Code: smtp; 550 5.7.0 You are not authorized to use our
>  > as a sender address.
>  >
>  > When I asked my host about this I was told that this is an SPF
>  > configuration issue and that the sender needs to adjust relevant
>  > DNS records.
> Could be, I guess.  I would guess a misconfiguration of the receiving
> MTA (mail server).  I don't understand how a DNS misconfiguration of
> SPF would result in that status message, unless the receiver is also
> broken.
> But SPF DNS reconfiguration shouldn't help Mailman mailing lists,
> because mailing lists are expected to fail in SPF.  Configuration of
> the receiving MTA would be more likely to help.
>  > The subscriber spoke to his IT person who said that this appears to
>  > him to be a blacklist issue and that the host needs to make an
>  > adjustment.
> Sounds to me like the IT person just doesn't want to be bothered.  I
> see no evidence of a blacklist in what you've posted, rather, pretty
> clearly the subscriber's host made the reject decision all by itself.
> If there was a blacklist, it's the subscriber's host that consulted
> it, and the IT person should be a lot more helpful about what the
> problem is.
>  > Meanwhile, mailman has now removed the subscriber from the mailing list
> and
>  > I had to put him back on, but I assume he will be deleted soon.
>  >
>  > I'm not really sure what to do.
>  >
>  > Any advice on how to proceed?
> Using one of the DMARC mitigation options (most popular is Privacy |
> Sender Filters | DMARC Moderation Action, set to "Munge From") may
> help.  I'd bet against it, but it's mostly harmless (list traffic will
> continue to be delivered to everybody, some people may complain about
> the awkward From header field from some posters), and easily reversed
> if you do get any complaints.
> If the answers to the initial questions are all "yes" (except the last
> two, which I expect to be "no, only for this sender==subscriber", and
> "no, usml.net has no relation whatsoever to pphosted.com"), I strongly
> suspect that there is a problem at the subscriber's host (quite
> possibly in the IT person's head).  If the subscriber wants reliable
> mail service it's easiest to get another address (Gmail is easy; AOL
> and Yahoo! are deprecated because of their DMARC policies).
> Steve
> ------------------------------------------------------
> Mailman-Users mailing list Mailman-Users at python.org
> https://mail.python.org/mailman/listinfo/mailman-users
> Mailman FAQ: http://wiki.list.org/x/AgA3
> Security Policy: http://wiki.list.org/x/QIA9
> Searchable Archives: http://www.mail-archive.com/mailman-
> users%40python.org/
> Unsubscribe: https://mail.python.org/mailman/options/mailman-
> users/brian%40emwd.com

It does look like it is a SPF issue. The email address that is bouncing is
only bouncing messages that comes from itself. All other messages coming
from other list members are delivered successfully. So every time this list
member posts, he is being sent a copy of his own post and his own posts
bounces when mailman tries to deliver his own post to his own email account.
The domain name in question does have a SPF record. The IP address of this
user's mail server is not listed in their SPF record.


More information about the Mailman-Users mailing list