Dear James,
everyday I look into my Gmail SPAM folder and your mails (sent to Centos list) are there. Noone else is there but you.
Please finally fix your MX records or whatever is needed. No offence
Greetings from Germany Alex
Dear James,
I for one would suggest: just ignore what gmail people are saying about your MX records.
No offense intended. Just moral support meant.
Valeri
On Tue, November 11, 2014 10:16 am, Alexander Farber wrote:
Dear James,
everyday I look into my Gmail SPAM folder and your mails (sent to Centos list) are there. Noone else is there but you.
Please finally fix your MX records or whatever is needed. No offence
Greetings from Germany Alex _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
++++++++++++++++++++++++++++++++++++++++ Valeri Galtsev Sr System Administrator Department of Astronomy and Astrophysics Kavli Institute for Cosmological Physics University of Chicago Phone: 773-702-4247 ++++++++++++++++++++++++++++++++++++++++
And ignore the Chrome people getting the certificate warning at https://harte-lyne.ca too ;-)
On Tue, Nov 11, 2014 at 5:24 PM, Valeri Galtsev galtsev@kicp.uchicago.edu wrote:
Dear James,
I for one would suggest: just ignore what gmail people are saying about your MX records.
No offense intended. Just moral support meant.
Valeri
On Tue, November 11, 2014 10:16 am, Alexander Farber wrote:
Dear James,
everyday I look into my Gmail SPAM folder and your mails (sent to Centos list) are there. Noone else is there but you.
Please finally fix your MX records or whatever is needed. No offence
Greetings from Germany Alex
On Tue, Nov 11, 2014 at 6:16 PM, Alexander Farber wrote:
Dear James,
everyday I look into my Gmail SPAM folder and your mails (sent to Centos list) are there. Noone else is there but you.
Please finally fix your MX records or whatever is needed. No offence
I bit a tired of this too.
James, be the Man and fix your mail server. Or what else.
Greetings from Germany Alex
Greetins from Ukraine (Donetsk).
That's ridiculous, you don't even know what's wrong or if it's wrong at all or what you want him to do but you have to cry it out loud to the list to put social pressure on him. Please move this to private mail and understand that Gmail is *not* what rules email best practice and also try to understand what Gmail is telling *you* before you ask others to do something.
Kai
On Wed, November 12, 2014 9:46 am, Kai Schaetzl wrote:
That's ridiculous, you don't even know what's wrong or if it's wrong at all or what you want him to do but you have to cry it out loud to the list to put social pressure on him. Please move this to private mail and understand that Gmail is *not* what rules email best practice and also try to understand what Gmail is telling *you* before you ask others to do something.
Kai
+1 Bravo.
Valeri
++++++++++++++++++++++++++++++++++++++++ Valeri Galtsev Sr System Administrator Department of Astronomy and Astrophysics Kavli Institute for Cosmological Physics University of Chicago Phone: 773-702-4247 ++++++++++++++++++++++++++++++++++++++++
On Wed, Nov 12, 2014 at 9:46 AM, Kai Schaetzl maillists@conactive.com wrote:
That's ridiculous, you don't even know what's wrong or if it's wrong at all or what you want him to do but you have to cry it out loud to the list to put social pressure on him.
Well, no. Per the headers:
Authentication-Results: mx.google.com; spf=neutral (google.com: centos-bounces@centos.org does not designate permitted sender hosts) smtp.mail=centos-bounces@centos.org; dkim=neutral (body hash did not verify) header.i=@; dmarc=fail (p=QUARANTINE dis=NONE) header.from=harte-lyne.ca
The p=quarantine setting from his server explicitly requests that the message be marked as spam if it s not sent from an authorized server, which don't include the centos list server. So it is accepted and dropped in the spam folder as requested.
And at the moment, he is the only list member that posts regularly from a server with this setting. (We don't even see ones with p=reject, they'll bounce and get kicked off the list).
On Wed, Nov 12, 2014 at 10:13 AM, Les Mikesell lesmikesell@gmail.com wrote:
On Wed, Nov 12, 2014 at 9:46 AM, Kai Schaetzl maillists@conactive.com wrote:
That's ridiculous, you don't even know what's wrong or if it's wrong at all or what you want him to do but you have to cry it out loud to the list to put social pressure on him.
Well, no. Per the headers:
Authentication-Results: mx.google.com; spf=neutral (google.com: centos-bounces@centos.org does not designate permitted sender hosts) smtp.mail=centos-bounces@centos.org; dkim=neutral (body hash did not verify) header.i=@; dmarc=fail (p=QUARANTINE dis=NONE) header.from=harte-lyne.ca
The p=quarantine setting from his server explicitly requests that the message be marked as spam if it s not sent from an authorized server, which don't include the centos list server. So it is accepted and dropped in the spam folder as requested.
And at the moment, he is the only list member that posts regularly from a server with this setting. (We don't even see ones with p=reject, they'll bounce and get kicked off the list).
I guess that last part isn't true. Apparently forwarded yahoo senders also go to spam instead of bouncing:
Authentication-Results: mx.google.com; spf=neutral (google.com: centos-bounces@centos.org does not designate permitted sender hosts) smtp.mail=centos-bounces@centos.org; dkim=neutral (body hash did not verify) header.i=@; dmarc=fail (p=REJECT dis=NONE) header.from=yahoo.com
Anyway, you can see a domain's dmarc setting with: nslookup -type=txt _dmarc.domain.com and see the p= meanings at http://www.dmarc.org/faq.html In particular, see http://www.dmarc.org/faq.html#r_2 for the effect on mail lists. "If the domain in the From: header is from an organization that publishes a DMARC record, the email is likely to not be delivered."
Les Mikesell wrote on Wed, 12 Nov 2014 10:13:07 -0600:
Well, no.
Well, *yes*. It's not business to be carried out on the list nor does the guy who moans about it seem to know why. And if you are the second from Gmail then please move it off-list as well. It's really not anyone's problem on this list what Gmail does.
Kai
On Wed, Nov 12, 2014 at 11:31 AM, Kai Schaetzl maillists@conactive.com wrote:
Les Mikesell wrote on Wed, 12 Nov 2014 10:13:07 -0600:
Well, no.
Well, *yes*. It's not business to be carried out on the list nor does the guy who moans about it seem to know why. And if you are the second from Gmail then please move it off-list as well. It's really not anyone's problem on this list what Gmail does.
Gmail isn't making this up, it is doing what the sender's domain explicitly tells it to do with mail with a From: address in that domain when it is (re)sent by a non-permitted host. So yes it is relevant to the list that if you don't want your mail to end up in spam folders you shouldn't use a From: address in a domain that sets p=quarantine or p=reject in its dmarc record, because that is exactly what those say to do per the faq from www.dmarc.org.
Once upon a time, Kai Schaetzl maillists@conactive.com said:
Well, *yes*. It's not business to be carried out on the list nor does the guy who moans about it seem to know why. And if you are the second from Gmail then please move it off-list as well. It's really not anyone's problem on this list what Gmail does.
No, it isn't just "what Gmail does." Yahoo and AOL are other major handlers that do the same/similar thing (and there are other not-as-major email handlers doing it too). As has happened many times in the past, the "rules" for email handling have changed. The biggest group of legitimate email handlers affected by this change is mailing list handlers; they need to adapt or get blocked/sidelined/etc.
Is it annoying? Yep. Is what these providers are doing a good idea? That's debatable. Is it here to stay? Most likely.
On Wed, Nov 12, 2014 at 12:29 PM, Chris Adams linux@cmadams.net wrote:
Once upon a time, Kai Schaetzl maillists@conactive.com said:
Well, *yes*. It's not business to be carried out on the list nor does the guy who moans about it seem to know why. And if you are the second from Gmail then please move it off-list as well. It's really not anyone's problem on this list what Gmail does.
No, it isn't just "what Gmail does." Yahoo and AOL are other major handlers that do the same/similar thing (and there are other not-as-major email handlers doing it too). As has happened many times in the past, the "rules" for email handling have changed. The biggest group of legitimate email handlers affected by this change is mailing list handlers; they need to adapt or get blocked/sidelined/etc.
Is it annoying? Yep. Is what these providers are doing a good idea? That's debatable. Is it here to stay? Most likely.
So in practice I think this really boils down to the common problem of ancient software shipped by RHEL and the bug-for-bug compatibility in CentOS with the list system eating its own dog food. That is, there is a fix for mailman, but not in the CentOS version. Sometimes stability is good, sometimes you need the updates.
There is still something of a philosophical issue in changing the apparent authorship (From: ) of the message...
Here's an interesting bug report filed 5/7/2014 by, ummm, James Byrne: https://bugzilla.redhat.com/show_bug.cgi?id=1095359 with the apparent resolution being that you need a support contract to discuss problems.
On 11/12/2014 07:19 PM, Les Mikesell wrote:
On Wed, Nov 12, 2014 at 12:29 PM, Chris Adams linux@cmadams.net wrote:
Once upon a time, Kai Schaetzl maillists@conactive.com said:
Well, *yes*. It's not business to be carried out on the list nor does the guy who moans about it seem to know why. And if you are the second from Gmail then please move it off-list as well. It's really not anyone's problem on this list what Gmail does.
No, it isn't just "what Gmail does." Yahoo and AOL are other major handlers that do the same/similar thing (and there are other not-as-major email handlers doing it too). As has happened many times in the past, the "rules" for email handling have changed. The biggest group of legitimate email handlers affected by this change is mailing list handlers; they need to adapt or get blocked/sidelined/etc.
Is it annoying? Yep. Is what these providers are doing a good idea? That's debatable. Is it here to stay? Most likely.
So in practice I think this really boils down to the common problem of ancient software shipped by RHEL and the bug-for-bug compatibility in CentOS with the list system eating its own dog food. That is, there is a fix for mailman, but not in the CentOS version. Sometimes stability is good, sometimes you need the updates.
can you file this at bugs.centos.org please
On Fri, Nov 14, 2014 at 4:07 AM, Karanbir Singh mail-lists@karan.org wrote:
So in practice I think this really boils down to the common problem of ancient software shipped by RHEL and the bug-for-bug compatibility in CentOS with the list system eating its own dog food. That is, there is a fix for mailman, but not in the CentOS version. Sometimes stability is good, sometimes you need the updates.
can you file this at bugs.centos.org please
There was already one: https://bugs.centos.org/view.php?id=7149 is about this issue. It already has a comment about centos following upstream, but upstream doesn't seem to care unless you have paid support: https://bugzilla.redhat.com/show_bug.cgi?id=1095359
On 14/11/14 18:09, Les Mikesell wrote:
On Fri, Nov 14, 2014 at 4:07 AM, Karanbir Singh mail-lists@karan.org wrote:
So in practice I think this really boils down to the common problem of ancient software shipped by RHEL and the bug-for-bug compatibility in CentOS with the list system eating its own dog food. That is, there is a fix for mailman, but not in the CentOS version. Sometimes stability is good, sometimes you need the updates.
can you file this at bugs.centos.org please
There was already one: https://bugs.centos.org/view.php?id=7149 is about this issue. It already has a comment about centos following upstream, but upstream doesn't seem to care unless you have paid support: https://bugzilla.redhat.com/show_bug.cgi?id=1095359
there are really 2 differnet things here, 1) what is the mailman included in a specific centos vesion doing and 2) what is the lists.centos.org machine doing with DKIM and what is the larger fix for each of those things.
On Sat, Nov 15, 2014 at 4:11 PM, Karanbir Singh mail-lists@karan.org wrote:
On 14/11/14 18:09, Les Mikesell wrote:
On Fri, Nov 14, 2014 at 4:07 AM, Karanbir Singh mail-lists@karan.org wrote:
So in practice I think this really boils down to the common problem of ancient software shipped by RHEL and the bug-for-bug compatibility in CentOS with the list system eating its own dog food. That is, there is a fix for mailman, but not in the CentOS version. Sometimes stability is good, sometimes you need the updates.
can you file this at bugs.centos.org please
There was already one: https://bugs.centos.org/view.php?id=7149 is about this issue. It already has a comment about centos following upstream, but upstream doesn't seem to care unless you have paid support: https://bugzilla.redhat.com/show_bug.cgi?id=1095359
there are really 2 differnet things here, 1) what is the mailman included in a specific centos vesion doing and 2) what is the lists.centos.org machine doing with DKIM and what is the larger fix for each of those things.
The point is that mailman has the fix. I suppose you can look at the question of whether you solve the problem only for yourself or for all centos users as two different things but the solution is pretty much the same as any other bug that has been fixed (far) upstream.
On 15/11/14 23:09, Les Mikesell wrote:
The point is that mailman has the fix. I suppose you can look at the question of whether you solve the problem only for yourself or for all centos users as two different things but the solution is pretty much the same as any other bug that has been fixed (far) upstream.
or host the fix in the plus repos and let people decide which mailman they want to use.
On 11/16/2014 12:09 PM, Les Mikesell wrote:
The point is that mailman has the fix. I suppose you can look at the question of whether you solve the problem only for yourself or for all centos users as two different things but the solution is pretty much the same as any other bug that has been fixed (far) upstream.
I think it's important to note that this actually isn't a bug. This is failure to strip DKIM headers when forwarding a message. Note that when RHEL6 was released DKIM was still new and DMARC was pretty much unheard of. It's not surprising that the version of Mailman in it does not take steps to remove DKIM headers as it's simply a feature that would not have existed when that version was released.
It's also important to note that these headers *can* be removed in postfix (and probably other MTAs can as well) after the messages are submitted by mailman, so while it would be nice for mailman to do it it's not strictly necessary, we can deal with the problem with the versions of mailman and postfix that are running on the server already. The trick is to simply set header_checks to match and remove the DKIM header which is quite easy.
At that point we can have the server sign the message with its own DKIM signature and apply any relevant DMARC policy we want.
I guess what I'm saying is you don't *need* a new version of mailman to deal with this, you don't need a new version of any software really, it can be dealt with the software we already have on the server with just a few config changes.
Peter
On 11/15/2014 5:17 PM, Peter wrote:
I think it's important to note that this actually isn't a bug. This is failure to strip DKIM headers when forwarding a message. Note that when RHEL6 was released DKIM was still new and DMARC was pretty much unheard of. It's not surprising that the version of Mailman in it does not take steps to remove DKIM headers as it's simply a feature that would not have existed when that version was released.
the other important feature the new mailman has is to munge the From: field if the user's DNS has the DMARC records indicating a draconian policy.
On 11/16/2014 02:45 PM, John R Pierce wrote:
the other important feature the new mailman has is to munge the From: field if the user's DNS has the DMARC records indicating a draconian policy.
Grrr, yes, of course, DMARC likes to check the From: header now (utterly stupid). Anyways, it should be possible to rewrite this with header_checks as well. I would tack @centos.org onto the end of the domain and call it a day.
Peter
On 11/12/2014 10:13 AM, Les Mikesell wrote:
On Wed, Nov 12, 2014 at 9:46 AM, Kai Schaetzl maillists@conactive.com wrote:
That's ridiculous, you don't even know what's wrong or if it's wrong at all or what you want him to do but you have to cry it out loud to the list to put social pressure on him.
very good point Kai.
Well, no. Per the headers:
Authentication-Results: mx.google.com; spf=neutral (google.com: centos-bounces@centos.org does not designate permitted sender hosts) smtp.mail=centos-bounces@centos.org; dkim=neutral (body hash did not verify) header.i=@; dmarc=fail (p=QUARANTINE dis=NONE) header.from=harte-lyne.ca
The p=quarantine setting from his server explicitly requests that the message be marked as spam if it s not sent from an authorized server, which don't include the centos list server. So it is accepted and dropped in the spam folder as requested.
And at the moment, he is the only list member that posts regularly from a server with this setting. (We don't even see ones with p=reject, they'll bounce and get kicked off the list).
Les,
i believe problems are on your end, and not with server for James.
i do not see "dmarc=fail" or "p=QUARANTINE" in *any* of his email headers.
therefore, i suggest that it is problem that _you_need_to_correct_.
because you are pulling emails from your server and if your email client is thunderbird, simply create a filter for James where the actions is;
Set Junk Status to Not Junk
then you can stop loading this list with needless *junk* rants about *your* problem.
thank you.
On Wed, Nov 12, 2014 at 2:50 PM, g geleem@bellsouth.net wrote:
Authentication-Results: mx.google.com; spf=neutral (google.com: centos-bounces@centos.org does not designate permitted sender hosts) smtp.mail=centos-bounces@centos.org; dkim=neutral (body hash did not verify) header.i=@; dmarc=fail (p=QUARANTINE dis=NONE) header.from=harte-lyne.ca
Les,
i believe problems are on your end, and not with server for James.
i do not see "dmarc=fail" or "p=QUARANTINE" in *any* of his email headers.
They are not 'in' his headers. They are the settings in his domain's DNS dmarc record.
Do: nslookup -type=txt _dmarc.harte-lyne.ca to see the record, and you'll see the 'p=quarantine' which says that mail with 'From: ' addresses claiming to be someone@harte-lyne.ca that is not sent from their approved hosts should be quarantined.
therefore, i suggest that it is problem that _you_need_to_correct_.
because you are pulling emails from your server and if your email client is thunderbird, simply create a filter for James where the actions is;
Set Junk Status to Not Junk
I'm not pulling emails from a server, I'm using gmail's web interface because it is much more convenient to use from multiple systems. And even if I used imap to sync, I think it would already appear in the spam folder.
then you can stop loading this list with needless *junk* rants about *your* problem.
It's not my problem, it is what his domain says should be done with mail claiming to be from there but isn't.. Your mail system may simply ignore the request, but that doesn't mean it always will or that it is the right thing to do. And on a more practical note, shouldn't be left as each recipient's problem. And particularly since it affects mail from yahoo.com and aol.com senders, the long term fix will have to be in the list software (and already is, in the current version). Meanwhile, the workaround is to not send with a From: address where the domain requests that it not be forwarded.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 2014-11-12 22:11, Les Mikesell wrote:
It's not my problem, it is what his domain says should be done with mail claiming to be from there but isn't.. Your mail system may simply ignore the request, but that doesn't mean it always will or that it is the right thing to do. And on a more practical note, shouldn't be left as each recipient's problem. And particularly since it affects mail from yahoo.com and aol.com senders, the long term fix will have to be in the list software (and already is, in the current version). Meanwhile, the workaround is to not send with a From: address where the domain requests that it not be forwarded.
It might not be your problem, but a perfectly workable solution is in your hands.
Presumably you've already got a filter set up for applying a label to list mails. Simply check the "Never mark as spam" box and those mails will no longer be misplaced.
- -- AF24 6DE9 D1DF DFB8 3A74 A7AC F457 B7A3 5DF1 4240
On Thu, Nov 13, 2014 at 8:53 AM, Elias Persson delreich@takeit.se wrote:
Presumably you've already got a filter set up for applying a label to list mails. Simply check the "Never mark as spam" box and those mails will no longer be misplaced.
I don't bother defining filters for gmail. It is capable of searching for anything I might want to isolate on demand.
On Thu, November 13, 2014 8:53 am, Elias Persson wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 2014-11-12 22:11, Les Mikesell wrote:
It's not my problem, it is what his domain says should be done with mail claiming to be from there but isn't.. Your mail system may simply ignore the request, but that doesn't mean it always will or that it is the right thing to do. And on a more practical note, shouldn't be left as each recipient's problem. And particularly since it affects mail from yahoo.com and aol.com senders, the long term fix will have to be in the list software (and already is, in the current version). Meanwhile, the workaround is to not send with a From: address where the domain requests that it not be forwarded.
It might not be your problem, but a perfectly workable solution is in your hands.
Presumably you've already got a filter set up for applying a label to list mails. Simply check the "Never mark as spam" box and those mails will no longer be misplaced.
I would second that. In general, it is rather discouraging to hear: "hey, fix that thing on your side. Of course, I can make your mail not go into my spambox on my side, but I don't care to change anything on my side". Well if you do care to have someone's e-mail, put some effort in it. Otherwise, if you don't care that much about that person's e-mail, why making all that buzz? It's pretty much the same as: if I do care someone hears understands what I say I do put effort into speaking loud enough and intelligible enough.
Consider it a point of view of external observer.
Valeri
++++++++++++++++++++++++++++++++++++++++ Valeri Galtsev Sr System Administrator Department of Astronomy and Astrophysics Kavli Institute for Cosmological Physics University of Chicago Phone: 773-702-4247 ++++++++++++++++++++++++++++++++++++++++
On Thu, Nov 13, 2014 at 10:25 AM, Valeri Galtsev galtsev@kicp.uchicago.edu wrote:
I would second that. In general, it is rather discouraging to hear: "hey, fix that thing on your side. Of course, I can make your mail not go into my spambox on my side, but I don't care to change anything on my side". Well if you do care to have someone's e-mail, put some effort in it. Otherwise, if you don't care that much about that person's e-mail, why making all that buzz? It's pretty much the same as: if I do care someone hears understands what I say I do put effort into speaking loud enough and intelligible enough.
So you'd make some imaginary value judgement about the content of an email before seeing it? The concept doesn't make much sense in the context of a technical list. How would you know whether it is a question you couldn't answer anyway or the answer you were waiting for that might have gone unseen?
Consider it a point of view of external observer.
I look at my spam folder regularly, because I know that automations generally make mistakes and what I find confirms that. But that lets one person see it - if he knows he was missing it in the first place. If you are the one posting a message to a list and you'd like people to see it, it would currently be wise to not send from an address where the domain requests that messages forwarded by other systems be quarantined or rejected. And if you are running a list and would like the members to see the messages you forward, it would be nice to use current software so that actually will happen instead of just hoping that all of the members know how to work around the problems old software causes.
Once upon a time, Valeri Galtsev galtsev@kicp.uchicago.edu said:
I would second that. In general, it is rather discouraging to hear: "hey, fix that thing on your side. Of course, I can make your mail not go into my spambox on my side, but I don't care to change anything on my side".
The problem with that is, in some cases (depending on the provider's spam filtering), messages may be outright rejected (because that's what the configuration says to do). The _only_ place that can be fixed correctly is at the mailing list server (and that also requires a change in one place, rather than every list subscriber adding local filters). Telling everyone to add filters IMHO is really the same as the old spam argument of "you can just hit delete".
If RHEL isn't going to get an updated mailman that conforms to current (whether good or bad) "best practices", I'd be interested in seeing a newer mailman packaged elsewhere (maybe EPEL?).
On 13 November 2014 @14:53 zulu, Elias Persson wrote:
Presumably you've already got a filter set up for applying a label to list mails.
Actually, on those 'dmarc=fail (p=REJECT/p=QUARANTINE' emails, Thunderbird ignores the filter that moves this list's emails into the local folder I have setup for it and instead puts them into the Spam folder... I have to manually go into the Spam folder in T-Bird and Mark them as Not Spam, then they're automatically moved back to the Inbox and my filter moves them to this list's folder.
Is the SELinux list run on a different mail server? 'cause I haven't seen any 'dmarc=fail' emails to *that* list end up in my Spam folder.
On Thu, Nov 13, 2014 at 12:44 PM, Darr247 darr247@gmail.com wrote:
On 13 November 2014 @14:53 zulu, Elias Persson wrote:
Presumably you've already got a filter set up for applying a label to list mails.
Actually, on those 'dmarc=fail (p=REJECT/p=QUARANTINE' emails, Thunderbird ignores the filter that moves this list's emails into the local folder I have setup for it and instead puts them into the Spam folder... I have to manually go into the Spam folder in T-Bird and Mark them as Not Spam, then they're automatically moved back to the Inbox and my filter moves them to this list's folder.
Is the SELinux list run on a different mail server? 'cause I haven't seen any 'dmarc=fail' emails to *that* list end up in my Spam folder.
That probably just means that no aol or yahoo users are SELinux experts....
On Thu, Nov 13, 2014 at 01:44:15PM -0500, Darr247 wrote:
Is the SELinux list run on a different mail server? 'cause I haven't seen any 'dmarc=fail' emails to *that* list end up in my Spam folder.
Take a look at the headers of a message from that list. If it's RFC compliant it will present you with various mailing-list specific headers, one of which will quite likely identify the mailing list software in use.
John
On 12 November 2014 @20:50 zulu, g wrote:
i believe problems are on your end, and not with server for James. i do not see "dmarc=fail" or "p=QUARANTINE" in *any* of his email headers.
I think you're not seeing the full headers, then.
e.g. most of the headers of a recent message in here from James, and both those criteria appear about 5 lines down:
Received-SPF: none (google.com: centos-bounces@centos.org does not designate permitted sender hosts) client-ip=72.26.200.203; Authentication-Results: mx.google.com; spf=neutral (google.com: centos-bounces@centos.org does not designate permitted sender hosts) smtp.mail=centos-bounces@centos.org; dkim=neutral (body hash did not verify) header.i=@; dmarc=fail (p=QUARANTINE dis=NONE) header.from=harte-lyne.ca Received: from mail.centos.org (localhost [127.0.0.1]) by mail.centos.org (Postfix) with ESMTP id 1CE62A00713; Tue, 11 Nov 2014 17:34:07 +0000 (UTC) X-Original-To: centos@centos.org Delivered-To: centos@centos.org Received: from inet08.hamilton.harte-lyne.ca (inet08.hamilton.harte-lyne.ca [216.185.71.28]) by mail.centos.org (Postfix) with ESMTP id 67F77A002CA for centos@centos.org; Tue, 11 Nov 2014 17:34:04 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by inet08.hamilton.harte-lyne.ca (Postfix) with ESMTP id B436E6043B for centos@centos.org; Tue, 11 Nov 2014 12:34:04 -0500 (EST) X-Virus-Scanned: amavisd-new at harte-lyne.ca Received: from inet08.hamilton.harte-lyne.ca ([127.0.0.1]) by localhost (inet08.hamilton.harte-lyne.ca [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id by9zNScqFHCh for centos@centos.org; Tue, 11 Nov 2014 12:34:01 -0500 (EST) Received: from webmail.harte-lyne.ca (inet04.hamilton.harte-lyne.ca [216.185.71.24]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by inet08.hamilton.harte-lyne.ca (Postfix) with ESMTPSA id 41849602AC for centos@centos.org; Tue, 11 Nov 2014 12:34:00 -0500 (EST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=harte-lyne.ca; s=dkim_hll; t=1415727240; bh=bSzYYms7jOodBs74U9LvZAeQZVdsPPxt1/o9XNYXuR8=; h=In-Reply-To:References:Date:Subject:From:To:Reply-To; b=w1KDyK3Rm7K3CZzoP2ZdIAYwMZ1ZPANhjAn69iRCUvu+ggGgI/j7XBwmXRvYxFC5B GMNJQG6nuEEzhemHim3w5NsmPf2UL/n8LDBPzHvhLYwg3P+2L7GjaWG7tDhG3UDM+H u1v1AS75zKzrf5yznmW91ctz1+jm0Oprn/STmdOYolBeKeiKbNO7sWPfnnHIGk8ml6 tRg4r/WrnwlgxoNc4n6U/r9aLpIkaygm51yzDDPscVz0dWyoP1FCcwCqRKzFy6qF5C L+uCbolF2JlYG1dN10v0t1v3GcMX5un9m73jGHW+fGFfMXSOy9uWBh6D25NLW0T/Gw UuiAj65wERRBA== Received: from 216.185.71.44 (SquirrelMail authenticated user byrnejb) by webmail.harte-lyne.ca with HTTP; Tue, 11 Nov 2014 12:34:00 -0500 Message-ID: ff78832c15a303a9b7a03b842f5fe5cf.squirrel@webmail.harte-lyne.ca In-Reply-To: mailman.12.1415707202.24820.centos@centos.org References: mailman.12.1415707202.24820.centos@centos.org Date: Tue, 11 Nov 2014 12:34:00 -0500 From: "James B. Byrne" byrnejb@harte-lyne.ca To: "CentOS mailing list" centos@centos.org User-Agent: SquirrelMail/1.4.22-4.el6 MIME-Version: 1.0 X-Priority: 3 (Normal) Importance: Normal Subject: Re: [CentOS] Non-Gnome desktop X-BeenThere: centos@centos.org X-Mailman-Version: 2.1.12 Precedence: list Reply-To: CentOS mailing list centos@centos.org List-Id: CentOS mailing list <centos.centos.org> List-Unsubscribe: http://lists.centos.org/mailman/options/centos, mailto:centos-request@centos.org?subject=unsubscribe List-Archive: http://lists.centos.org/pipermail/centos/ List-Post: mailto:centos@centos.org List-Help: mailto:centos-request@centos.org?subject=help List-Subscribe: http://lists.centos.org/mailman/listinfo/centos, mailto:centos-request@centos.org?subject=subscribe Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: centos-bounces@centos.org
On Wed, Nov 12, 2014 at 4:47 PM, Darr247 darr247@gmail.com wrote:
On 12 November 2014 @20:50 zulu, g wrote:
i believe problems are on your end, and not with server for James. i do not see "dmarc=fail" or "p=QUARANTINE" in *any* of his email headers.
I think you're not seeing the full headers, then.
e.g. most of the headers of a recent message in here from James, and both those criteria appear about 5 lines down:
Received-SPF: none (google.com: centos-bounces@centos.org does not designate permitted sender hosts) client-ip=72.26.200.203; Authentication-Results: mx.google.com; spf=neutral (google.com: centos-bounces@centos.org does not designate permitted sender hosts) smtp.mail=centos-bounces@centos.org; dkim=neutral (body hash did not verify) header.i=@; dmarc=fail (p=QUARANTINE dis=NONE) header.from=harte-lyne.ca
These are added by the receiving google server as a trace for how it processed the spf/dkim/dmarc options. They wouldn't be present on a receiving system that ignores them - and probably wouldn't match that format in any case.
On 12 November 2014 @22:47 zulu, Darr247 wrote:
On 12 November 2014 @20:50 zulu, g wrote:
i believe problems are on your end, and not with server for James. i do not see "dmarc=fail" or "p=QUARANTINE" in *any* of his email headers.
I think you're not seeing the full headers, then.
e.g. most of the headers of a recent message in here from James, and both those criteria appear about 5 lines down:
And here are headers from a yahoo.com sender, which I also dug out of my spam folder (I was pretty sure James was *not* the only one, but I hadn't seen any from other senders since this thread started)... note the "dmarc=fail (p=REJECT dis=NONE)" line:
Received-SPF: none (google.com: centos-bounces@centos.org does not designate permitted sender hosts) client-ip=72.26.200.203; Authentication-Results: mx.google.com; spf=neutral (google.com: centos-bounces@centos.org does not designate permitted sender hosts) smtp.mail=centos-bounces@centos.org; dkim=neutral (body hash did not verify) header.i=@; dmarc=fail (p=REJECT dis=NONE) header.from=yahoo.com Received: from mail.centos.org (localhost [127.0.0.1]) by mail.centos.org (Postfix) with ESMTP id CEB02A00361; Wed, 12 Nov 2014 11:13:55 +0000 (UTC) X-Original-To: centos@centos.org Delivered-To: centos@centos.org Received: from nm33-vm5.bullet.mail.ne1.yahoo.com (nm33-vm5.bullet.mail.ne1.yahoo.com [98.138.229.69]) by mail.centos.org (Postfix) with ESMTP id 949F3A001C1 for centos@centos.org; Wed, 12 Nov 2014 11:13:53 +0000 (UTC) Received: from [127.0.0.1] by nm33.bullet.mail.ne1.yahoo.com with NNFMP; 12 Nov 2014 11:13:53 -0000 Received: from [98.138.226.180] by nm33.bullet.mail.ne1.yahoo.com with NNFMP; 12 Nov 2014 11:10:59 -0000 Received: from [98.138.89.160] by tm15.bullet.mail.ne1.yahoo.com with NNFMP; 12 Nov 2014 11:10:59 -0000 Received: from [127.0.0.1] by omp1016.mail.ne1.yahoo.com with NNFMP; 12 Nov 2014 11:10:59 -0000 X-Yahoo-Newman-Property: ymail-4 X-Yahoo-Newman-Id: 659555.68554.bm@omp1016.mail.ne1.yahoo.com Received: (qmail 89140 invoked by uid 60001); 12 Nov 2014 11:10:59 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1415790659; bh=7qbieqBFb43LfAQpJtw5KO2xm6Rn/EkDckMX7LV8vb4=; h=References:Message-ID:Date:From:Reply-To:Subject:To:In-Reply-To:MIME-Version:Content-Type; b=jF9IP9S5JEqueyNjk3NCheNshejVdJ1Vx+Y69HnA570xRpMI72NND3yiGzHQiBIyhjhOZA37xc65I+4Bt0Mczl3+ohjPFgt9m/kCD+21sL2KkpHmrg0XdNc9OC+K7q89MVSHUi1wZJAZGjPFE/Qz622n+VCHKn9w8A1lGojk7b4= X-YMail-OSG: qLXo8CgVM1n0YUBxJOr0lEPeaR8mb1G44c0HNETr4aSfPMs rGnO0UgO3zcyVAEz9zgmftvHOq64olujwnboH7dL6n3OeNeaRjNwln07ewmj E3vPdG0l.zipsTBWyHuWBUv8SlbMmS7pNSNkTnoYQbPeTEGNJmzIu4s11INb rYUTKC1r6OgKlaOXh7moiXRxoQdL9nHKHZUz.DogQN5Qiz38hchKBJ0JgXC4 ty_xkUJA_OVNxRwCe4rz_rGVAuanVAY5J45ZXqK7W5_x0yrpPae03UWokpHs I1.zs9DuUskb4zjFDFh3T2I9rqKGqARLzrT8SplNLd.qBVGAyx1NpK3GhHP1 _4agMu1d0iWqyz46vYN8KVIkAyuJCCJ.OTo0wUFmkCUO5DstvK8wFhpYCH7q MXxoXL4kouNV_dpR0wcGPialrFjoltpR4heBkH7cOrCY.2lSJYoNFg3p8G6. dpLPf8gIAOpjBVTfyo2XUW2DOUZNohfs9ITYmvGjNxGNVGPtkBhtvshMISFr nN4tGR_M6KjhvQcEM9J3PFlpe1EHWRZLxS9n2DHJ9y_VjmYMXOqhvKq5fBgo hzXEQu4W7y29eiHY8VQ-- Received: from [109.190.51.179] by web126105.mail.ne1.yahoo.com via HTTP; Wed, 12 Nov 2014 03:10:59 PST X-Rocket-MIMEInfo: 002.001, RnJvbTogR2lsYmVydCBTZWJlbnN0ZSA8c2ViZW5zdGVAd2VhdGhlci5hZG1pbi5uaXUuZWR1PgoKPiBPbiBNb24sIDEwIE5vdiAyMDE0LCBGcmFuayBDb3ggd3JvdGU6Cj4.ICB5dW0gaW5zdGFsbCBubS1jb25uZWN0aW9uLWVkaXRvcgo.IFllYWgsIEknbSBoYXZpbmcgYSB0b3VnaCBkYXksIFRIQVQgaXMgd2hlcmUgaXQgc2hvdWxkIGJlIGZvdW5kLAo.IGJ1dCBpc24ndCwgdW5kZXIgR25vbWUsIG9uIHRoaXMgb25lIG1hY2hpbmUuIFR5cGluZyB3aGF0IHlvdSBkaWQgYWJvdmUKPiBnYXZlIG1lIGFuIGVycm8BMAEBAQE- X-Mailer: YahooMailWebService/0.8.203.733 References: alpine.LRH.2.03.1411101501100.4499@weather.admin.niu.edu alpine.LRH.2.03.1411101506050.4499@weather.admin.niu.edu 20141110153844.573b95e1e53439551f4f2ef3@melvilletheatre.com alpine.LRH.2.03.1411101542000.5219@weather.admin.niu.edu Message-ID: 1415790659.59608.YahooMailNeo@web126105.mail.ne1.yahoo.com Date: Wed, 12 Nov 2014 03:10:59 -0800 From: John Doe jdmls@yahoo.com To: CentOS mailing list centos@centos.org In-Reply-To: alpine.LRH.2.03.1411101542000.5219@weather.admin.niu.edu MIME-Version: 1.0 Subject: Re: [CentOS] Network menu doesn't appear on system menu on CentOS 6.6 X-BeenThere: centos@centos.org X-Mailman-Version: 2.1.12 Precedence: list Reply-To: CentOS mailing list centos@centos.org List-Id: CentOS mailing list <centos.centos.org> List-Unsubscribe: http://lists.centos.org/mailman/options/centos, mailto:centos-request@centos.org?subject=unsubscribe List-Archive: http://lists.centos.org/pipermail/centos/ List-Post: mailto:centos@centos.org List-Help: mailto:centos-request@centos.org?subject=help List-Subscribe: http://lists.centos.org/mailman/listinfo/centos, mailto:centos-request@centos.org?subject=subscribe Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: centos-bounces@centos.org
On 11/13/2014 05:13 AM, Les Mikesell wrote:
The p=quarantine setting from his server explicitly requests that the message be marked as spam if it s not sent from an authorized server, which don't include the centos list server. So it is accepted and dropped in the spam folder as requested.
This is actually a problem with the CentOS list server. The CentOS list properly changes the envelope sender but leaves in the DKIM signature. Also the body of the email is changed thus invalidating the sig. What should be happening here is the CentOS server should be stripping the DKIM headers and re-signing the message with it's own DKIM key in order to be accepted more widely.
It also doesn't help that centos.org does *not* have an SPF record.
So let's stop ragging on James, he's done what he should be doing and it's the CentOS server that has mucked things up here.
Peter
On Wed, Nov 12, 2014 at 4:46 PM, Kai Schaetzl maillists@conactive.com wrote:
That's ridiculous, you don't even know what's wrong or if it's wrong at all or what you want him to do but you have to cry it out loud to the list to put social pressure on him.
No, actually it's more like you have to get out of a bus - And you ask a person at the door to move a bit. Then suddenly some passengers turn to you and shout: "You don't even know how to drive a bus." :-))
Greetings from Germany Alex