[openssl-users] mailing list registration renewal - clarify bounce errors

Richard Levitte levitte at openssl.org
Tue Nov 8 08:19:06 UTC 2016 

In message <20161108.083722.982336643109774878.levitte at openssl.org> on Tue, 08 Nov 2016 08:37:22 +0100 (CET), Richard Levitte <levitte at openssl.org> said:

levitte> In message <CADqLbz+3z=ENw9rdJ-3ivd-xa-05-DJ7RGvV4zEUFNq8BxYK2g at mail.gmail.com> on Mon, 7 Nov 2016 21:50:13 +0300, Dmitry Belyavsky <beldmit at gmail.com> said:
levitte> 
levitte> beldmit> Hello Rich,
levitte> beldmit> 
levitte> beldmit> On Mon, Nov 7, 2016 at 8:34 PM, Salz, Rich <rsalz at akamai.com> wrote:
levitte> beldmit> 
levitte> beldmit>     > I can find no evidence of "excessive bounces .." so I am just
levitte> beldmit>     asking here, is
levitte> beldmit>     > this a standard clean up of the ML or have you really received
levitte> beldmit>     excessive
levitte> beldmit>     > bounces from my email address ?
levitte> beldmit> 
levitte> beldmit>     The latter.
levitte> beldmit> 
levitte> beldmit>     We have seen some more reports of this recently, and are
levitte> beldmit>     increasing the logging to determine the cause. Interestingly, it's
levitte> beldmit>     all from gmail.com addresses.
levitte> beldmit> 
levitte> beldmit> 
levitte> beldmit> I confirm the receiving the similar message.
levitte> 
levitte> The issue is called DMARC, and most certainly with a reject policy,
levitte> which basically tells recipients to reject messages that doesn't quite
levitte> appear to come from the originator.
levitte> 
levitte> This is problematic for mailing lists, that kind of act as a middle
levitte> man, and even moreso because rejections end up as bounces to the
levitte> mailing list software, which will end up disabling the bouncing
levitte> address.  So in the end, it becomes a story of how users from one
levitte> domain are capable of throw out everyone else that checks their DMARC
levitte> policy.
levitte> 
levitte> Last time we went through this, we ignored the problem, for reasons I
levitte> cannot remember now.  I'll have a closer look at what mailman can
levitte> offer and get back to you.

So, I changed this mailing list to munge the From: header of any
message coming from a domain that has a DMARC reject or quarantine
policy.  That should avoid any more silly bouncing of the sort we've
experienced.

Cheers,
Richard

-- 
Richard Levitte         levitte at openssl.org
OpenSSL Project         http://www.openssl.org/~levitte/

More information about the openssl-users mailing list