* Broken DMARC workaround for glibc mailing lists @ 2017-04-28 16:29 Florian Weimer 2017-04-30 2:32 ` Christopher Faylor 0 siblings, 1 reply; 10+ messages in thread From: Florian Weimer @ 2017-04-28 16:29 UTC (permalink / raw) To: overseers Hi, we have received a report that at least one of the glibc mailing lists lacks anti-DMARC header rewriting: https://sourceware.org/ml/libc-help/2017-04/msg00034.html I have seen the usual âviaâ From rewriting on other sourceware.org lists. I don't think we have much choice but to enable that for all the glibc lists, too. Thanks, Florian ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: Broken DMARC workaround for glibc mailing lists 2017-04-28 16:29 Broken DMARC workaround for glibc mailing lists Florian Weimer @ 2017-04-30 2:32 ` Christopher Faylor 2017-04-30 15:41 ` Christopher Faylor [not found] ` <20170430053402.GA6286@ednor.casa.cgf.cx> 0 siblings, 2 replies; 10+ messages in thread From: Christopher Faylor @ 2017-04-30 2:32 UTC (permalink / raw) To: Florian Weimer, overseers On Fri, Apr 28, 2017 at 06:29:38PM +0200, Florian Weimer wrote: >Hi, > >we have received a report that at least one of the glibc mailing lists >lacks anti-DMARC header rewriting: > > https://sourceware.org/ml/libc-help/2017-04/msg00034.html > >I have seen the usual âviaâ From rewriting on other sourceware.org >lists. I don't think we have much choice but to enable that for all the >glibc lists, too. ? We don't arbitrarily turn on/off features like that for different mailing lists. This feature is on for every mailing list. cgf ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: Broken DMARC workaround for glibc mailing lists 2017-04-30 2:32 ` Christopher Faylor @ 2017-04-30 15:41 ` Christopher Faylor [not found] ` <20170430053402.GA6286@ednor.casa.cgf.cx> 1 sibling, 0 replies; 10+ messages in thread From: Christopher Faylor @ 2017-04-30 15:41 UTC (permalink / raw) To: Florian Weimer, overseers On Sat, Apr 29, 2017 at 10:32:42PM -0400, Christopher Faylor wrote: >On Fri, Apr 28, 2017 at 06:29:38PM +0200, Florian Weimer wrote: >>Hi, >> >>we have received a report that at least one of the glibc mailing lists >>lacks anti-DMARC header rewriting: >> >> https://sourceware.org/ml/libc-help/2017-04/msg00034.html >> >>I have seen the usual âviaâ From rewriting on other sourceware.org >>lists. I don't think we have much choice but to enable that for all the >>glibc lists, too. > >? We don't arbitrarily turn on/off features like that for different >mailing lists. This feature is on for every mailing list. I found what should have been a minor misconfiguration in libc-help mailing list configuration. I don't know if it will help or not. I'll monitor the mailing list to see if this fixes it. cgf ^ permalink raw reply [flat|nested] 10+ messages in thread
[parent not found: <20170430053402.GA6286@ednor.casa.cgf.cx>]
* Re: Broken DMARC workaround for glibc mailing lists [not found] ` <20170430053402.GA6286@ednor.casa.cgf.cx> @ 2017-05-01 10:18 ` Florian Weimer 2017-05-02 14:07 ` Christopher Faylor 0 siblings, 1 reply; 10+ messages in thread From: Florian Weimer @ 2017-05-01 10:18 UTC (permalink / raw) To: overseers On 04/30/2017 07:34 AM, Christopher Faylor wrote: > On Sat, Apr 29, 2017 at 10:32:42PM -0400, Christopher Faylor wrote: >> On Fri, Apr 28, 2017 at 06:29:38PM +0200, Florian Weimer wrote: >>> Hi, >>> >>> we have received a report that at least one of the glibc mailing lists >>> lacks anti-DMARC header rewriting: >>> >>> https://sourceware.org/ml/libc-help/2017-04/msg00034.html >>> >>> I have seen the usual âviaâ From rewriting on other sourceware.org >>> lists. I don't think we have much choice but to enable that for all the >>> glibc lists, too. >> >> ? We don't arbitrarily turn on/off features like that for different >> mailing lists. This feature is on for every mailing list. > > I found what should have been a minor misconfiguration in libc-help > mailing list configuration. I don't know if it will help or not. > > I'll monitor the mailing list to see if this fixes it. Thanks for investigating this. Florian ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: Broken DMARC workaround for glibc mailing lists 2017-05-01 10:18 ` Florian Weimer @ 2017-05-02 14:07 ` Christopher Faylor 2017-05-05 10:32 ` Florian Weimer 0 siblings, 1 reply; 10+ messages in thread From: Christopher Faylor @ 2017-05-02 14:07 UTC (permalink / raw) To: Florian Weimer, overseers On Mon, May 01, 2017 at 12:18:51PM +0200, Florian Weimer wrote: >On 04/30/2017 07:34 AM, Christopher Faylor wrote: >> On Sat, Apr 29, 2017 at 10:32:42PM -0400, Christopher Faylor wrote: >>> On Fri, Apr 28, 2017 at 06:29:38PM +0200, Florian Weimer wrote: >>>> Hi, >>>> >>>> we have received a report that at least one of the glibc mailing lists >>>> lacks anti-DMARC header rewriting: >>>> >>>> https://sourceware.org/ml/libc-help/2017-04/msg00034.html >>>> >>>> I have seen the usual âviaâ From rewriting on other sourceware.org >>>> lists. I don't think we have much choice but to enable that for all the >>>> glibc lists, too. >>> >>> ? We don't arbitrarily turn on/off features like that for different >>> mailing lists. This feature is on for every mailing list. >> >> I found what should have been a minor misconfiguration in libc-help >> mailing list configuration. I don't know if it will help or not. >> >> I'll monitor the mailing list to see if this fixes it. > >Thanks for investigating this. Could you ask them to send another message to the list to see if the From is properly mangled? cgf ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: Broken DMARC workaround for glibc mailing lists 2017-05-02 14:07 ` Christopher Faylor @ 2017-05-05 10:32 ` Florian Weimer 2017-05-08 5:34 ` Christopher Faylor 0 siblings, 1 reply; 10+ messages in thread From: Florian Weimer @ 2017-05-05 10:32 UTC (permalink / raw) To: overseers [-- Attachment #1: Type: text/plain, Size: 1494 bytes --] On 05/02/2017 04:07 PM, Christopher Faylor wrote: > On Mon, May 01, 2017 at 12:18:51PM +0200, Florian Weimer wrote: >> On 04/30/2017 07:34 AM, Christopher Faylor wrote: >>> On Sat, Apr 29, 2017 at 10:32:42PM -0400, Christopher Faylor wrote: >>>> On Fri, Apr 28, 2017 at 06:29:38PM +0200, Florian Weimer wrote: >>>>> Hi, >>>>> >>>>> we have received a report that at least one of the glibc mailing lists >>>>> lacks anti-DMARC header rewriting: >>>>> >>>>> https://sourceware.org/ml/libc-help/2017-04/msg00034.html >>>>> >>>>> I have seen the usual âviaâ From rewriting on other sourceware.org >>>>> lists. I don't think we have much choice but to enable that for all the >>>>> glibc lists, too. >>>> >>>> ? We don't arbitrarily turn on/off features like that for different >>>> mailing lists. This feature is on for every mailing list. >>> >>> I found what should have been a minor misconfiguration in libc-help >>> mailing list configuration. I don't know if it will help or not. >>> >>> I'll monitor the mailing list to see if this fixes it. >> >> Thanks for investigating this. > > Could you ask them to send another message to the list to see if the > From is properly mangled? The most recent message didn't have rewriting applied. I assume that gmail.com has strict DMARC policies and would ordinarily trigger rewriting. However, I don't see this happening on other sourceware.org lists, either. Maybe we'd need a test posting from google.com. Thanks, Florian [-- Attachment #2: Re: GMail DMARC : 'ezmlm warning' - '550-5_7_1 DMARC policy_ ___ of google_com domain' not considered an authorized sender ?.eml --] [-- Type: message/rfc822, Size: 7951 bytes --] From: Jason Vas Dias <jason.vas.dias@gmail.com> To: Florian Weimer <fweimer@redhat.com> Cc: libc-help@sourceware.org Subject: Re: GMail DMARC : 'ezmlm warning' - '550-5.7.1 DMARC policy. ... of google.com domain' not considered an authorized sender ? Date: Fri, 5 May 2017 10:22:17 +0000 Message-ID: <CALyZvKzULTzj6TNHgD0xgYhYC+mPt7xQmLj5=kAFBb1rjD=_-w@mail.gmail.com> Hi Florian - > Jason, would you please send another message to the libc-help list? I am doing so hereby. I haven't got any more of these failed-to-deliver messages since: libc-help-help | Inbox, To Jason | ezmlm warning - .1 DMARC policy. Please contact the administrator of google.com domain 550-5.7.1 if this was a legitimate mail. Please 16/11/2016 I just thought I should report it because it looked like all is not quite OK with authenticating your email sender to google. Thanks & Regards, Jason On 05/05/2017, Florian Weimer <fweimer@redhat.com> wrote: > On 05/01/2017 12:18 PM, Florian Weimer wrote: >> On 04/28/2017 08:11 AM, Florian Weimer wrote: >>> On 04/26/2017 01:05 AM, Jason Vas Dias wrote: >>>> Is this google's problem or your email sender's or my gmail settings ? >>>> ( I can't see anything in Gmail settings about 'authorized senders' >>>> or anything. >>>> Having a problem with your gmail sending account / or are >>>> authentications >>>> for it sometimes transiently timing out ? >>> >>> Google and Gmail (and Yahoo and others) broke mailing lists. There >>> should be a vast amount of information available out there under the >>> topic of DMARC and mailing lists. I don't know if the version of >>> ezmlm used on sourceware.org supports the usual workarounds for the >>> breakage. >> >> There may have been a misconfiguration which prevented the broken DMARC >> workaround from being applied to the libc-help list. > > Jason, would you please send another message to the libc-help list? > > Thanks, > Florian > ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: Broken DMARC workaround for glibc mailing lists 2017-05-05 10:32 ` Florian Weimer @ 2017-05-08 5:34 ` Christopher Faylor 2017-05-08 6:15 ` Christopher Faylor 2017-05-08 6:44 ` Florian Weimer via overseers 0 siblings, 2 replies; 10+ messages in thread From: Christopher Faylor @ 2017-05-08 5:34 UTC (permalink / raw) To: Florian Weimer, overseers On Fri, May 05, 2017 at 12:32:38PM +0200, Florian Weimer wrote: >The most recent message didn't have rewriting applied. I assume that >gmail.com has strict DMARC policies and would ordinarily trigger >rewriting. However, I don't see this happening on other sourceware.org >lists, either. Maybe we'd need a test posting from google.com. I think this may be a bug in the patched ezmlm that we're using. It may be looking at "gmail.com": _dmarc.gmail.com. 300 IN TXT "v=DMARC1; p=none; rua=mailto:mailauth-reports@google.com" rather than google.com (which handles gmail's mx): _dmarc.google.com. 183 IN TXT "v=DMARC1; p=reject; rua=mailto:mailauth-reports@google.com" It should be easy to fix. I'll look at it tomorrow. cgf ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: Broken DMARC workaround for glibc mailing lists 2017-05-08 5:34 ` Christopher Faylor @ 2017-05-08 6:15 ` Christopher Faylor 2017-05-08 6:44 ` Florian Weimer via overseers 1 sibling, 0 replies; 10+ messages in thread From: Christopher Faylor @ 2017-05-08 6:15 UTC (permalink / raw) To: Florian Weimer, overseers On Mon, May 08, 2017 at 01:34:52AM -0400, Christopher Faylor wrote: >On Fri, May 05, 2017 at 12:32:38PM +0200, Florian Weimer wrote: >>The most recent message didn't have rewriting applied. I assume that >>gmail.com has strict DMARC policies and would ordinarily trigger >>rewriting. However, I don't see this happening on other sourceware.org >>lists, either. Maybe we'd need a test posting from google.com. > >I think this may be a bug in the patched ezmlm that we're using. It >may be looking at "gmail.com": > >_dmarc.gmail.com. 300 IN TXT "v=DMARC1; p=none; rua=mailto:mailauth-reports@google.com" > >rather than google.com (which handles gmail's mx): > >_dmarc.google.com. 183 IN TXT "v=DMARC1; p=reject; rua=mailto:mailauth-reports@google.com" > >It should be easy to fix. I'll look at it tomorrow. I looked at it tonight and instituted a temporary fix (that will probably be around until someone complains that it isn't quite right). cgf ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: Broken DMARC workaround for glibc mailing lists 2017-05-08 5:34 ` Christopher Faylor 2017-05-08 6:15 ` Christopher Faylor @ 2017-05-08 6:44 ` Florian Weimer via overseers 2017-05-08 14:22 ` Christopher Faylor 1 sibling, 1 reply; 10+ messages in thread From: Florian Weimer via overseers @ 2017-05-08 6:44 UTC (permalink / raw) To: overseers On 05/08/2017 07:34 AM, Christopher Faylor wrote: > On Fri, May 05, 2017 at 12:32:38PM +0200, Florian Weimer wrote: >> The most recent message didn't have rewriting applied. I assume that >> gmail.com has strict DMARC policies and would ordinarily trigger >> rewriting. However, I don't see this happening on other sourceware.org >> lists, either. Maybe we'd need a test posting from google.com. > > I think this may be a bug in the patched ezmlm that we're using. It > may be looking at "gmail.com": > > _dmarc.gmail.com. 300 IN TXT "v=DMARC1; p=none; rua=mailto:mailauth-reports@google.com" > > rather than google.com (which handles gmail's mx): > > _dmarc.google.com. 183 IN TXT "v=DMARC1; p=reject; rua=mailto:mailauth-reports@google.com" > > It should be easy to fix. I'll look at it tomorrow. Huh. This is not what I expected. I think this means that gmail.com does not have a strict DMARC policy after all. So I was wrong to expect rewriting for it. (Just to be clear: it would be wrong to apply the google.com DMARC policy to gmail.com because the MX host location does not matter for this policy.) Thanks, Florian ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: Broken DMARC workaround for glibc mailing lists 2017-05-08 6:44 ` Florian Weimer via overseers @ 2017-05-08 14:22 ` Christopher Faylor 0 siblings, 0 replies; 10+ messages in thread From: Christopher Faylor @ 2017-05-08 14:22 UTC (permalink / raw) To: overseers On Mon, May 08, 2017 at 08:44:34AM +0200, Florian Weimer via overseers wrote: >On 05/08/2017 07:34 AM, Christopher Faylor wrote: >> On Fri, May 05, 2017 at 12:32:38PM +0200, Florian Weimer wrote: >>> The most recent message didn't have rewriting applied. I assume that >>> gmail.com has strict DMARC policies and would ordinarily trigger >>> rewriting. However, I don't see this happening on other sourceware.org >>> lists, either. Maybe we'd need a test posting from google.com. >> >> I think this may be a bug in the patched ezmlm that we're using. It >> may be looking at "gmail.com": >> >> _dmarc.gmail.com. 300 IN TXT "v=DMARC1; p=none; rua=mailto:mailauth-reports@google.com" >> >> rather than google.com (which handles gmail's mx): >> >> _dmarc.google.com. 183 IN TXT "v=DMARC1; p=reject; rua=mailto:mailauth-reports@google.com" >> >> It should be easy to fix. I'll look at it tomorrow. > >Huh. This is not what I expected. I think this means that gmail.com >does not have a strict DMARC policy after all. So I was wrong to expect >rewriting for it. > >(Just to be clear: it would be wrong to apply the google.com DMARC >policy to gmail.com because the MX host location does not matter for >this policy.) Yeah, I realized that as I was drifting off to sleep last night. Email I sent to test-list from gmail to gmail worked so I should have realized that meant that gmail didn't enforce and that this wassn't an issue. ^ permalink raw reply [flat|nested] 10+ messages in thread
end of thread, other threads:[~2017-05-08 14:22 UTC | newest] Thread overview: 10+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2017-04-28 16:29 Broken DMARC workaround for glibc mailing lists Florian Weimer 2017-04-30 2:32 ` Christopher Faylor 2017-04-30 15:41 ` Christopher Faylor [not found] ` <20170430053402.GA6286@ednor.casa.cgf.cx> 2017-05-01 10:18 ` Florian Weimer 2017-05-02 14:07 ` Christopher Faylor 2017-05-05 10:32 ` Florian Weimer 2017-05-08 5:34 ` Christopher Faylor 2017-05-08 6:15 ` Christopher Faylor 2017-05-08 6:44 ` Florian Weimer via overseers 2017-05-08 14:22 ` Christopher Faylor
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).