-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA224
On Mon, 6 Jul 2015, E. Liddell wrote:
On Mon, 06 Jul 2015 12:09:13 +0100 Andrew Young mail@andrewyoung.co.uk wrote:
On 06/07/15 12:01, E. Liddell wrote:
The possible solutions that occur to me are three:
- Whack GMail over the collective head with a blunt instrument until
it behaves
itself (good luck on that) 2. Have the list mailer check for key phrases in bounce messages and
ignore
them if they're found 3. Increase the list mailer's bounce tolerance to 5-10 messages, and
have
affected users use a filter to auto-trash the messages unread.
I'm pretty sure I've been unsubscribed without noticing (because I do
auto-trash
the "threat messages") at least once--that would have been around
April 1 of last
year.
- Use a different mail list backend.
Do you know of any that specifically work around Google's overzealous filters? If not, I doubt it would help--unsubscribing dead accounts is a reasonable thing for ML software to do, and checking whether or not messages to the account bounce is an easy way to do it . . .
Hello from "Jonesy". One of you _not_ using Gmail or other email systems that do not check for a valid DKIM-Signature and SPF record, should re-forward this from _your_ email account to the list for others to see.
The lists.pearsoncomputing.net is re-emailing all subscribed incoming emails to the user list. Each of those emails _claims_ to be From: the original sender. But, when Gmail (or whoever) asks if the original sender (e.g. Jonesy trinity@jonz.net ) is authorized to send via that MTA, the answer is "NO". Of course not. I have no user account there.
The problem has been solved by many of the re-mailers/email reflectors. For instance, one of the ham radio reflectors (called "rover") I belong to now construct the From: viz: From: Jonesy W3DHJ via Rover rover@mailman.qth.net
Ergo, when gmail asks if rover@mailman.qth.net is a permitted sender at mailman.qth.net, the answer is "YES".
Andrew Young's answer to the problem: "4. Use a different mail list backend" is the correct answer.
For a little light reading on the matter:
https://en.wikipedia.org/wiki/DomainKeys_Identified_MailAs for its purpose, it SURE cuts down on the spam coming from botnets with forged From: headers -- _if_ the forged domain supports DKIM. And, my email server supports DKIM.
Just to chime in real quick, I have been aware of the problem and it's "solution" for a while now. There are some drawbacks to just re-writing the headers and as the list software currently in use by the TDE project has issues with properly rewriting the headers I've just been leaving the list alone at the moment. At some point this will need to change, but I wanted to let some time elapse first in the hopes that the list software would be updated to "natively" support DKIM.
Tim