[Mailman-Users] AOL rejecting connections from mailman servers for DMARC Munging.

Ted Hatfield ted at io-tx.com
Thu Aug 25 18:31:02 EDT 2016

On Thu, 25 Aug 2016, Steve Wehr wrote:

> -----Original Message-----
> From: Mailman-Users
> [mailto:mailman-users-bounces+steve=tunedinweb.com at python.org] On Behalf Of
> Ted Hatfield
> Sent: Tuesday, August 23, 2016 6:56 PM
> To: mailman-users at python.org
> Subject: [Mailman-Users] AOL rejecting connections from mailman servers for
> DMARC Munging.
> Hey all,
> Recently my mailman server was flagged by AOL and my messages were rejected
> with this error.
> SMTP DATA-2 protocol error: 521 5.2.1 :  AOL will not accept delivery of
> this message.
> When I queried the AOL Postmaster about this issue this was my response.
> Few mails from IP xxx.xxx.xxx.xx were getting rejected from one of filters
> as
> Reply-to address is same as the TO address. This is caused as one of our
> filters triggered these emails as spam. I have added protection for your IP.
> As
> a good mailing practice, please use a different email address for your
> reply-to
> address.
> It seems to me that since dmarc munging adds the senders address to the
> reply-to header, if a user receives a copy of their own postings this is the
> result.
> Can anyone else confirm that this has happened to them and if so what else
> can
> someone do except to wrap the message from senders that implement dmarc
> rejection as in dmarc_moderation_action?
> Is there a recommended policy regarding this issue?
> Ted Hatfield

> I recently have been fighting AOL over this exact same thing. To solve it I
> contacted AOL via their postmaster page and opened a ticket. They got back
> to me and said they "made some changes to their handling of mail from my IP
> address."
> I had been using mailman to send to AOL users for over a decade, so I didn't
> change anything in mailman. After about 2-3 weeks AOL has now stopped
> rejecting mailman emails.
> In the interim, I used Mark Sapiro's script to reset the moderation bits on
> all AOL users, encased in a little shell script I wrote:
> #!/bin/bash
> # This script resets the bounce bits for certain users in ALL lists.
> #
> # Run this script as ROOT
> for listname in $(ls /var/lib/mailman/lists/);
> do
>   echo Resetting bounce bits in list $listname
>   # Reset bounce bits for only AOL.COM members.
>   /usr/lib/mailman/bin/withlist -r reset_bounce $listname -d aol.com
> done;
> Hope this is helpful.
> _____________________
> Steve Wehr
> Tunedin Web Design
> 845-246-9643


Glad to see I'm not the only one.  This was also my solution. I just 
wanted to see if there was a better way to handle the issue but I don't 
see any recommended advice that would solve the issue in a technical way.

I'm considering setting dmarc_moderation_action to "Wrap Message" and 
setting from_is_list back to "No"

This will at least only affect the users who use email that enforces
DMARC p=quarantine and p=reject.

Ted Hatfield

More information about the Mailman-Users mailing list