Jump to content

DMARC breaking email forums

SpamCop 98

Recommended Posts

I just saw a couple complaints over in the latest sc outage thread say folks are not getting email messages sent through Listserv, Mailman and other "email forum" software. email_support addressed the issue for paid email users here.

The problem is new draconian DMARC settings. Yahoo! was the first to set a "reject" status at the beginning of this month if the domain does not match the source by either DKIM or SPF. Google: Yahoo Breaks Every Mailing List In The World. AOL has now followed suit. I am especially upset with Comcast because they claim best practices but are not publishing their DMARC status. I feel it is not Comcast's business what mail I receive. What's next, blocking phone calls on their VOIP network?

I don't know about Listserv, but Mailman has a solution, though it is not ideal as the "From" header now must be the domain the list comes from, not the actual sender, so all participants must identify themselves.

The fix is to 1) make sure the domain under which your Mailman list operates has DKIM or SPF set up, and 2) you are using the latest version of Mailman (my hosting provider has 2.1, it looks like 2.16 and beyond address the "anonymous sender" issue).

Link to comment
Share on other sites

Just FYI, I'm now getting spam with proper DKIM (DMARC) headers, such as

From - Tue May 06 09:48:23 2014

DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; s=DKIM1; d=surepays.biz;

h=To:Subject:Message-ID:Date:From:Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding; i=postmaster[at]surepays.biz;





DomainKey-Signature: a=rsa-sha1; c=nofws; q=dns; s=DKIM1; d=surepays.biz;




The Yahoo change was the weekend of April 12th

The workaround was seen the following Monday,

The first forged headers were seen on May 2, sent via a Google Groups bug

It's now May 6

Link to comment
Share on other sites

An update for those of you who administer Mailman lists: they have released v2.18 which has some new options to deal with the DMARC issue, and the devs at cPanel are apparently working to include it into WHM/cPanel ASAP (my VPS, running 11.42.1 Build 13 has Mailman 2.17).


Link to comment
Share on other sites


This topic is now archived and is closed to further replies.

  • Create New...