In message <20161108.083722.982336643109774878.levitte@xxxxxxxxxxx> on Tue, 08 Nov 2016 08:37:22 +0100 (CET), Richard Levitte <levitte@xxxxxxxxxxx> said: levitte> In message <CADqLbz+3z=ENw9rdJ-3ivd-xa-05-DJ7RGvV4zEUFNq8BxYK2g@xxxxxxxxxxxxxx> on Mon, 7 Nov 2016 21:50:13 +0300, Dmitry Belyavsky <beldmit@xxxxxxxxx> said: levitte> levitte> beldmit> Hello Rich, levitte> beldmit> levitte> beldmit> On Mon, Nov 7, 2016 at 8:34 PM, Salz, Rich <rsalz@xxxxxxxxxx> wrote: levitte> beldmit> levitte> beldmit> > I can find no evidence of "excessive bounces .." so I am just levitte> beldmit> asking here, is levitte> beldmit> > this a standard clean up of the ML or have you really received levitte> beldmit> excessive levitte> beldmit> > bounces from my email address ? levitte> beldmit> levitte> beldmit> The latter. levitte> beldmit> levitte> beldmit> We have seen some more reports of this recently, and are levitte> beldmit> increasing the logging to determine the cause. Interestingly, it's levitte> beldmit> all from gmail.com addresses. levitte> beldmit> levitte> beldmit> levitte> beldmit> I confirm the receiving the similar message. levitte> levitte> The issue is called DMARC, and most certainly with a reject policy, levitte> which basically tells recipients to reject messages that doesn't quite levitte> appear to come from the originator. levitte> levitte> This is problematic for mailing lists, that kind of act as a middle levitte> man, and even moreso because rejections end up as bounces to the levitte> mailing list software, which will end up disabling the bouncing levitte> address. So in the end, it becomes a story of how users from one levitte> domain are capable of throw out everyone else that checks their DMARC levitte> policy. levitte> levitte> Last time we went through this, we ignored the problem, for reasons I levitte> cannot remember now. I'll have a closer look at what mailman can levitte> offer and get back to you. So, I changed this mailing list to munge the From: header of any message coming from a domain that has a DMARC reject or quarantine policy. That should avoid any more silly bouncing of the sort we've experienced. Cheers, Richard -- Richard Levitte levitte@xxxxxxxxxxx OpenSSL Project http://www.openssl.org/~levitte/ -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
