[kwlug-disc] mutt-compatible mail client
Bob Jonkman
bjonkman at sobac.com
Sun May 11 12:39:31 EDT 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Paul asks:
> But no messages to kwlug-disc seem to be affected. What's so
> different? Could it be a hostname thing?
DMARC relies on SPF, which are stored in TXT records in DNS. Digging
around[1], I see that kwlug.org has no TXT record, but wpirg.org has a
peculiar TXT record of " (yes, the escaped HTML entity for a
quote mark).
That just looks wrong. It is possible Yahoo is interpreting " as
an SPF restriction, so Paul's mail is not getting through.
FWIW, sobac.com has a TXT record of "v=spf1 mx ~all" (yes, including
the doublequote marks). This was supplied by my domain name
provider[2], and I'm unaware of any mail delivery problems to sobac.com.
My guess is someone tried to use a Web interface to update the DNS,
and the quotes were escaped, and everything else was truncated.
Better call the Tech Support Hotline at CCJ.
- --Bob.
[1] using these commands:
> dig kwlug.org any
> dig wpirg.org any
See what I did there?
[2] That's https://register4less.com/ who may cost a little more than
GoDaddy, but provide awesome service like creating custom DNS records
for you.
On 14-05-11 06:42 AM, Paul Nijjar wrote:
> On Sun, May 11, 2014 at 03:24:57AM -0400, Bob Jonkman wrote:
>>
>> William Park wrote:
>>> Well, if it was working, then what's changed?
>>
>> Yahoo changed. They recently started enforcing DMARC, which, to
>> quote, Breaks! Every! Mailing! List! In! The! World!
>>
>> http://www.theregister.co.uk/2014/04/08/yahoo_breaks_every_mailing_list_in_the_world_says_email_guru/
>>
>>
>>
>>
I see Paul is using a Yahoo e-mail address, so he might be affected.
>
> Thanks for that link. I think you are on to the right track,
> although I am still not sure how to fix things. I look at the
> messages that I cannot reply to, and there are dkim errors. But I
> can post fresh messages to those lists.
>
> Here is the offending header, from lists.wpirg.org (which is
> hosted by CCj/Clearline):
>
> Authentication-Results: mta1596.mail.gq1.yahoo.com
> from=lists.wpirg.org; domainkeys=neutral (no sig); from=yahoo.ca;
> dkim=permerror (bad sig)
>
> It's the "dkim=permerror" that is causing the issue.
>
> Here is a message I sent to kwlug-disc (also hosted by
> CCj/Clearline):
>
> Authentication-Results: mta1510.mail.ne1.yahoo.com
> from=kwlug.org; domainkeys=neutral (no sig); from=yahoo.ca;
> dkim=neutral (no sig)
>
> I can see that other people sending to the garden list are
> producing messages with "dkim=permerror" as well (eg from Gmail).
> This is also affecting other messages on this server
> (fvc-wat-announce, discuss at kwartzlab, rainbow-announce) and at
> least one email list on another server.
>
> But no messages to kwlug-disc seem to be affected. What's so
> different? Could it be a hostname thing? (kwlug.org vs
> lists.wpirg.org?). But then the kwartzlab.ca lists should be okay
> too, I think.
>
> Of course, if I respond to this list using the Yahoo! webmail
> interface (which I kind of hate) then my messages will go through.
> That is why I was asking about mutt; I assumed something in my
> mail client was messed up.
>
>> Perhaps the list causing problems mungs the message headers so
>> that the mail appears to come from the mailing list, whereas the
>> KWLUG mailing list preserves the original sender's name and
>> address. DMARC requires the headers to remain unmodified, and
>> for the Return-to header to match the sending domain. Mailing
>> lists can modify those things, so Yahoo could now be rejecting
>> those messages.
>
> This is not the case, I think. But there could be some mailman
> configuration setting at work.
>
>> I suggest that Paul tries sending messages to the mailing list
>> from a different (non-Yahoo) address. If that works, then I
>> suggest finding a new mail provider.
>>
>> - --Bob, who suggests finding a new mail provider regardless.
>
> I understand the sentiment, but boy does that idea make me
> grouchy. I have no great love for Yahoo!, but it has been working
> "well enough". There is a lot of inertia involved in switching
> addresses. Also, I am a cheapskate, so finding a gratis email
> provider that is reliable is difficult and unfair to expect. (I
> guess my privacy is a small price to pay for "free" email?)
>
> - Paul
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Ensure confidentiality, authenticity, non-repudiability
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEARECAAYFAlNvp8AACgkQuRKJsNLM5erXbQCg8K3jsc/DH4zidhLKAF83aar/
9+UAn21zvX98VoY6lo6BQg3By5JqtiCt
=Oohb
-----END PGP SIGNATURE-----
More information about the kwlug-disc
mailing list