[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: (ET) from line and anti-spoofing systems



Speaking with my postmaster hat on, this is a very good thing.

SPF and DKIM would eliminate spamming overnight if everybody would
just stop whining and implement them.  It literally takes about 15
minutes, start to finish, to set up SPF if you're an internetworking
expert with a solid knowledge of DNS and SMTP (although if you don't
know anything, it might take you a whole day).  DKIM comes as a "flip
the switch and it's on" option in all decent modern mail servers,
including the free ones, so anyone can do it - although it's actually
pretty complex on the inside.

Thank you, Ken, both for running the list and for keeping the
technology current.  I look forward to the day when SPF and DKIM are
in use by all legitimate sites, and criminal spam ceases to exist.

--Charlie

On Tue, Jun 24, 2014 at 2:55 PM, Ken Olum <kdo cosmos phy tufts edu> wrote:
> Hi, Elec-trak subscribers.  I've just installed a new version of mailman
> (the software that manages the Elec-trak list) that avoids problems with
> messages being rejected because they come from cosmos.phy.tufts.edu
> rather than the original sender's domain.  This caused 75 people's
> subscriptions to be suspended last week.  The problem is that, according
> to yahoo, for example, messages that say they come from yahoo in the
> from line should only be sent by yahoo's mail servers and not by
> cosmos.phy.tufts.edu.  The result of this is that postings from users at
> such domains will now have the from line modified to say that they come
> from the list itself.  This look somewhat strange, but the reply to line
> will also be modified, so that if you reply to the sender only, the
> message will go where you expect.  If you say reply to all, the message
> will go to the list as usual.
>
> Technical details:
>
> There is a system called DMARC, which stands for "Domain-based Message
> Authentication, Reporting & Conformance".  It enables a site, in this
> case Yahoo, to say that messages which have from addresses at that site
> should only be delivered by a specific set of authorized sending hosts
> specifed using SPF.  If not, the receiving site is supposed to reject
> (or quarantine) the arriving message.  This is a superficially good
> idea, because it prevents spoofing.
>
> The problem is that it breaks mailing lists.  If a user at yahoo sends
> mail to elec-trak cosmos phy tufts edu, the from line says it comes from
> ...@yahoo.com.  If cosmos.phy.tufts.edu then forwards the mail to a site
> that obeys DMARC requests, then it's not coming (directly) from a
> yahoo-authorized sender, so the receiving site rejects it, and then
> mailman declares that the receiver's mail is bouncing and stops sending
> messages to them.
>
> This is fixed now as follows.  If mailman receives a message for the
> Elec-trak list from a site that uses DMARC, it will modify the from line
> so that it has the address of the list, rather than the address of the
> sender.  This prevents it from getting rejected.  The personal name in
> the from line will be the actual sender's personal name plus "via
> Elec-trak".  Replies will be directed by the "reply-to" header to go to
> the original sender, unless you say "reply to all".  This is somewhat
> ugly, because it looks strange in your catalog of messages, but it's
> best we can do at the moment.
>
>                                         Ken
>
> _______________________________________________
> Elec-trak mailing list
> Elec-trak cosmos phy tufts edu
> https://cosmos.phy.tufts.edu/mailman/listinfo/elec-trak