[Mailman-Users] (relatively) new DMARC issues - and Gmail

Richard Damon Richard at Damon-Family.org
Sat Mar 31 17:57:22 EDT 2018

On 3/31/18 3:35 PM, Lindsay Haisley wrote:
> On Sat, 2018-03-31 at 14:50 -0400, Richard Damon wrote:
>> To me the issue sounds like why is fmp.com forwarding spam?
>> If this is a case of fmp.com offering forwarding mailboxes to users, who
>> might be using gmail as a final destination, then yes, fmp needs to try
>> to be as good at detecting spam as gmail or users need to accept the
>> increased spam levels.
> If pigs could fly ....!  I do the very best job I can of filtering spam
> from inbound email, and get about 90% of it, maybe more, but fighting
> spam is a forever job of whack-a-mole. I certainly wish that I could do
> as good a job of parsing spam from legit email as Gmail does, but I'm a
> one-person shop, and have many tasks. Gmail has dozens, perhaps
> hundreds of very smart people assigned to managing their spam
> filtering, and they do a very good job of it. I could _never_ hope to
> match their efficiency or accuracy, nor could most small operations
> such as FMP Computer Services.
But coming at least close is the job you sign up for in being a mail 
forwarder. You at least need to be good enough that you aren't seen by 
google as an uncaring domain, and maintain enough information that they 
can continue to do what they do well.
> The problem is that Gmail is whitelisting based on the From address,
> rather than the Reply-To address, which should be an _option_ open to
> users. On Google's scale of operation, I'm just a fly on a dog turd so
> any feature which might benefit my users and subscribers is pretty much
> a no-nevermind for them.
Which is why I was saying make a 1:1 mapping of From addresses to 
Reply-To addresses.
>> Another option is to deterministically munge the from address so every
>> incoming email address gets a unique fmp address that it represents (it
>> doesn't have to be absolutely unique, mostly unique is likely good
>> enough), something like replace the at with _at_ and add a tail wart
>> like _dmarc at fmp.com (so you can have other addresses an not worry about
>> possible overlaps with those) and use that as the from address. Then a
>> reply will only whitelist that specific original from address.
> Which, as I noted in my original post, will cause the Gmail user's mail
> account to end up with a whole lot of useless whitelisted address which
> would need to be deleted, and FMP's server might well end up getting
> blacklisted as a result.
No more than if GMail did implement a white-list on Reply-To addresses.

Richard Damon

More information about the Mailman-Users mailing list