> Date: Friday, June 15, 2018 14:55:21 -0700 > From: Akemi Yagi <amyagi at gmail.com> > > On Fri, Jun 15, 2018 at 9:57 AM, Gianluca Cecchi > <gianluca.cecchi at gmail.com> wrote: >> >> Il Ven 15 Giu 2018, 18:45 Larry Martell <larry.martell at gmail.com> >> ha scritto: >> >>> On Fri, Jun 15, 2018 at 12:41 PM rj coleman >>> <rjcdevelop at gmail.com> wrote: >>> >>> > Am I the only one who just received this email from this group? >>> > Which came with my password in the email in plain text? > >>> > > Your membership in the mailing list CentOS has been disabled >>> > > due to excessive bounces The last bounce received from you >>> > > was dated 15-Jun-2018. You will not get any more messages >>> > > from this list until you re-enable your membership. You will >>> > > receive 3 more reminders like this before your membership in >>> > > the list is deleted. >>> > > >>> I got it as well. >>> >> Mee too > > I also received the "has been disabled" notification. It looks like > users with gmail addresses are affected. > > CentOS admins are looking into this issue (I believe). > > AkemiI believe this is a DMARC issue. Yahoo, among other places, has set their dmarc records to p=reject: dig +short txt _dmarc.yahoo.com "v=DMARC1; p=reject; pct=100; rua=mailto:dmarc_y_rua at yahoo.com;" So, if your mail hosting provider enforces dmarc,(gmail does) and you get mail from a list that doesn't rewrite the headers, and people from places like yahoo post to the list, you'll likely get some form of warning about being being kicked off the mailing list every now and then. The frequency depends on how often people from p=reject places post, and what the settings are for bounce handling of the mailing list in question. I believe that the current version of mailman can be configured to do the necessary header rewrites. Some lists I'm on only do the rewrites for headers of posts coming from p=reject sites (much less annoying than having them all rewritten).
On Fri, Jun 15, 2018 at 3:18 PM, Richard <lists-centos at listmail.innovate.net> wrote:> >> Date: Friday, June 15, 2018 14:55:21 -0700 >> From: Akemi Yagi <amyagi at gmail.com>>> I also received the "has been disabled" notification. It looks like >> users with gmail addresses are affected. >> >> CentOS admins are looking into this issue (I believe). >> >> Akemi > > I believe this is a DMARC issue. Yahoo, among other places, has set > their dmarc records to p=reject: > > dig +short txt _dmarc.yahoo.com > "v=DMARC1; p=reject; pct=100; rua=mailto:dmarc_y_rua at yahoo.com;" > > So, if your mail hosting provider enforces dmarc,(gmail does) and you > get mail from a list that doesn't rewrite the headers, and people > from places like yahoo post to the list, you'll likely get some form > of warning about being being kicked off the mailing list every now > and then. The frequency depends on how often people from p=reject > places post, and what the settings are for bounce handling of the > mailing list in question. > > I believe that the current version of mailman can be configured to do > the necessary header rewrites. Some lists I'm on only do the rewrites > for headers of posts coming from p=reject sites (much less annoying > than having them all rewritten).I was thinking the same except I do not have enough knowledge in this area. In gmail's header I often see DMARK "Fail" Akemi
On 06/15/2018 05:18 PM, Richard wrote:> >> Date: Friday, June 15, 2018 14:55:21 -0700 >> From: Akemi Yagi <amyagi at gmail.com> >> >> On Fri, Jun 15, 2018 at 9:57 AM, Gianluca Cecchi >> <gianluca.cecchi at gmail.com> wrote: >>> >>> Il Ven 15 Giu 2018, 18:45 Larry Martell <larry.martell at gmail.com> >>> ha scritto: >>> >>>> On Fri, Jun 15, 2018 at 12:41 PM rj coleman >>>> <rjcdevelop at gmail.com> wrote: >>>> >>>>> Am I the only one who just received this email from this group? >>>>> Which came with my password in the email in plain text? >> >>>>>> Your membership in the mailing list CentOS has been disabled >>>>>> due to excessive bounces The last bounce received from you >>>>>> was dated 15-Jun-2018. You will not get any more messages >>>>>> from this list until you re-enable your membership. You will >>>>>> receive 3 more reminders like this before your membership in >>>>>> the list is deleted. >>>>>> >>>> I got it as well. >>>> >>> Mee too >> >> I also received the "has been disabled" notification. It looks like >> users with gmail addresses are affected. >> >> CentOS admins are looking into this issue (I believe). >> >> Akemi > > I believe this is a DMARC issue. Yahoo, among other places, has set > their dmarc records to p=reject: > > dig +short txt _dmarc.yahoo.com > "v=DMARC1; p=reject; pct=100; rua=mailto:dmarc_y_rua at yahoo.com;" > > So, if your mail hosting provider enforces dmarc,(gmail does) and you > get mail from a list that doesn't rewrite the headers, and people > from places like yahoo post to the list, you'll likely get some form > of warning about being being kicked off the mailing list every now > and then. The frequency depends on how often people from p=reject > places post, and what the settings are for bounce handling of the > mailing list in question. > > I believe that the current version of mailman can be configured to do > the necessary header rewrites. Some lists I'm on only do the rewrites > for headers of posts coming from p=reject sites (much less annoying > than having them all rewritten).This is indeed what happened. An email from yahoo.com.uk caused gmail to reject all the mails sent by that user because of the yahoo DMARC settings. We have now set the mailing list to rewrite headers. That also has set the From: of the email to the Mailing list and not the Original Author. The author is moved to the CC: block and you can still easily see who sent it and my email client (thunderbird) still does things the same way (reply to list sends to the list, reply sends to the original author). This should prevent the yahoo/gmail (or other dmarc) issues from happening again. For others running mailings lists on CentOS with this issue, Red Hat has back ported the 'dmarc_moderation_action' into the current version of mailman that is used in RHEL and CentOS. You can follow the instructions here for Mailman 2 (for version 2.1.18) even though the version in CentOS is mailman-2.1.15-26.el7_4.1 we will be watching the list for the next few days to see if this change is working as expected. If it id not working for other email clients please let us know. Great job by Brian Stinson to figure all this out :) Thanks, Johnny Hughes -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: OpenPGP digital signature URL: <http://lists.centos.org/pipermail/centos/attachments/20180616/2ed3e871/attachment-0001.sig>
Am 16.06.2018 um 12:25 schrieb Johnny Hughes via CentOS <centos at centos.org>:> We have now set the mailing list to rewrite headers. That also has set > the From: of the email to the Mailing list and not the Original Author. > The author is moved to the CC: block and you can still easily see who > sent it and my email client (thunderbird) still does things the same way > (reply to list sends to the list, reply sends to the original author).It seems that it moved to Reply-To: instead to CC: ?! -- LF
> Date: Saturday, June 16, 2018 05:25:05 -0500 > From: Johnny Hughes via CentOS <centos at centos.org> > > On 06/15/2018 05:18 PM, Richard wrote: >> >> >> I believe this is a DMARC issue. Yahoo, among other places, has set >> their dmarc records to p=reject: >> >> dig +short txt _dmarc.yahoo.com >> "v=DMARC1; p=reject; pct=100; rua=mailto:dmarc_y_rua at yahoo.com;" >> >> So, if your mail hosting provider enforces dmarc,(gmail does) and >> you get mail from a list that doesn't rewrite the headers, and >> people from places like yahoo post to the list, you'll likely get >> some form of warning about being being kicked off the mailing list >> every now and then. The frequency depends on how often people from >> p=reject places post, and what the settings are for bounce >> handling of the mailing list in question. >> >> I believe that the current version of mailman can be configured to >> do the necessary header rewrites. Some lists I'm on only do the >> rewrites for headers of posts coming from p=reject sites (much >> less annoying than having them all rewritten). > > This is indeed what happened. An email from yahoo.com.uk caused > gmail to reject all the mails sent by that user because of the > yahoo DMARC settings. > > We have now set the mailing list to rewrite headers. That also has > set the From: of the email to the Mailing list and not the Original > Author. The author is moved to the CC: block and you can still > easily see who sent it and my email client (thunderbird) still does > things the same way (reply to list sends to the list, reply sends > to the original author). > > This should prevent the yahoo/gmail (or other dmarc) issues from > happening again. > > For others running mailings lists on CentOS with this issue, Red > Hat has back ported the 'dmarc_moderation_action' into the current > version of mailman that is used in RHEL and CentOS. You can follow > the instructions here for Mailman 2 (for version 2.1.18) even > though the version in CentOS is mailman-2.1.15-26.el7_4.1 > > we will be watching the list for the next few days to see if this > change is working as expected. If it id not working for other > email clients please let us know. > > Great job by Brian Stinson to figure all this out :) > > Thanks, > Johnny Hughes >Thank you - one less list I'll get kicked off of regularly. One note, I am seeing the author in the Reply-To: in the message headers, not in the visible Cc: as you indicate: From: Johnny Hughes via CentOS <centos at centos.org> Reply-To: Johnny Hughes <johnny at centos.org>, CentOS mailing list <centos at centos.org> so to see the address of the sender I have to either poke through the headers or initiate a reply. I don't think that this is email client specific.
I'm petty sure I messed up attributions, so am deleting them.>> I believe this is a DMARC issue. Yahoo, among other places, has set >> their dmarc records to p=reject:>> So, if your mail hosting provider enforces dmarc,(gmail does) and you >> get mail from a list that doesn't rewrite the headers, and people >> from places like yahoo post to the list, you'll likely get some form >> of warning about being being kicked off the mailing list every now >> and then. The frequency depends on how often people from p=reject >> places post, and what the settings are for bounce handling of the >> mailing list in question.> This is indeed what happened. An email from yahoo.com.uk caused gmail > to reject all the mails sent by that user because of the yahoo DMARC > settings.Say it isn't so: *An* e-mail, just *one* from yahoo.com.uk caused every gmail user to have his account disabled. I'd heard of the DMARC thing with mailing lists before, but had not known it enabled single e-mails of mass destruction.> We have now set the mailing list to rewrite headers. That also has set > the From: of the email to the Mailing list and not the Original Author. > The author is moved to the CC: block and you can still easily see who > sent it and my email client (thunderbird) still does things the same way > (reply to list sends to the list, reply sends to the original author).I'm truly amazed that rewwriting headers is not the default. -- Michael hennebry at web.cs.ndsu.NoDak.edu "Sorry but your password must contain an uppercase letter, a number, a haiku, a gang sign, a heiroglyph, and the blood of a virgin." -- someeecards