On 4/23/11 10:41 , "Alex Brooks" <askoorb+na...@gmail.com> wrote:
>On Fri, Apr 22, 2011 at 9:44 PM, Franck Martin <fmar...@linkedin.com> >wrote: >> What is the DKIM check result for those messages? > >Non existent, it's SPF only. My point. > >This is what GMail sees: > >Received: from s0.nanog.org (s0.nanog.org [207.75.116.162]) > by mx.google.com with ESMTPS id >h1si7255610ibn.43.2011.04.22.13.42.53 > (version=TLSv1/SSLv3 cipher=OTHER); > Fri, 22 Apr 2011 13:42:53 -0700 (PDT) >Received-SPF: pass (google.com: best guess record for domain of >nanog-bounces+askoorb+nanog=gmail....@nanog.org designates >207.75.116.162 as permitted sender) client-ip=207.75.116.162; >Authentication-Results: mx.google.com; spf=pass (google.com: best >guess record for domain of >nanog-bounces+askoorb+nanog=gmail....@nanog.org designates >207.75.116.162 as permitted sender) >smtp.mail=nanog-bounces+askoorb+nanog=gmail....@nanog.org > >> >> May be time to get nanog mailing list DKIM aware? >> >> On 4/22/11 13:24 , "Bill Blackford" <bblackf...@gmail.com> wrote: >> >>>I've recently observed gmail dropping messages or not forwarding all >>>messages/posts from the nanog list. This is rather annoying. >>> >>>Has anyone else experienced this? Does anyone have any insight as to >>>why? > >Yes, for example, the message I'm replying to had this at the top of it: > >"Due to a filter you created, this message was not sent to Spam. Edit >Filters" >"Warning: This message may not be from whom it claims to be. Beware of >following any links in it or of providing the sender with any personal >information. Learn more" > >So GMail thinks it's a phishing message :-/ Because from: may be from a domain which is known to DKIM sign everything.... (like gmail). > >Quite a lot of my Nanog messages are marked as spam, which is why I >created a filter to not send any messages with a list ID header with >nanog.nanog.org in it to spam at all. > >The only way for Nanog to get round this would be for the mail >administrator to follow *every* step at >https://mail.google.com/support/bin/answer.py?answer=81126 which >basically is: >- Explicit SPF with hard fail. >- Signing with DKIM or DomainKeys. >- Useing a consistent IP address to send bulk mail. >- Keeping valid reverse DNS records for the IP address(es) from which >mail is sent, pointing to the sending domain. >- Use the same address in the 'From:' header on every bulk mail that is >sent. >- Using the "Precedence: bulk" header. >- Up-to-date contact information in the WHOIS record, and on abuse.net. > >But the list administrator would have to do all of that faff. No, it is mailman, just upgrade mailman. Recent versions are more DKIM aware... More info: http://tools.ietf.org/html/draft-ietf-dkim-mailinglists-06
