Just noticed a couple more in my Spam today from Francesc Peñalvez. It
looks like SPF is neutral and DMARC is failing:
ARC-Authentication-Results: i=1; mx.google.com;
spf=neutral (google.com: 2604:8d00:0:1::4 is neither permitted
nor denied by best guess record for domain of
owner-postfix-us...@postfix.org)
smtp.mailfrom=owner-postfix-us...@postfix.org;
dmarc=fail (p=REJECT sp=REJECT dis=QUARANTINE)
header.from=almogavers.net
Return-Path: <owner-postfix-us...@postfix.org>
...
Received-SPF: neutral (google.com: 2604:8d00:0:1::4 is neither permitted
nor denied by best guess record for domain of
owner-postfix-us...@postfix.org) client-ip=2604:8d00:0:1::4;
Authentication-Results: mx.google.com;
spf=neutral (google.com: 2604:8d00:0:1::4 is neither permitted
nor denied by best guess record for domain of
owner-postfix-us...@postfix.org)
smtp.mailfrom=owner-postfix-us...@postfix.org;
dmarc=fail (p=REJECT sp=REJECT dis=QUARANTINE)
header.from=almogavers.net
So a couple things here:
postfix.org seems to need an SPF record so it gets an SPF=pass result
instead of neutral.
DKIM signing would help.
The big issue is that the envelope sender is rewritten to postfix.org
which causes it to fail DMARC based on the From: header's policy. For
this you would need to rewrite the From: header as well.
Alternatively, if you were to ARC-sign the message it would probably
work as well, at least for google. Personally I prefer to bypass ARC
all together by modifying the From: header and envelope sender and
re-signing with DKIM, only because I suspect that there are servers that
will enforce the DMARC policy but don't recognize ARC.
Peter
On 23/03/20 11:14 am, Peter wrote:
On 23/03/20 11:09 am, Viktor Dukhovni wrote:
On Mon, Mar 23, 2020 at 11:03:43AM +1300, Peter wrote:
On 23/03/20 10:55 am, Viktor Dukhovni wrote:
ARC signing might be helpful, but I don't think we need to do anything
at all. With just one user having issues, the problem is most likely
upstream.
It's not just one user. I regularly have to pluck messages from my Spam
folder coming from this list from several different users. The one user
is just an example of the issue.
Is there any evidence that the reason the posts land in the spam folder
is related to way the list is managed, and not the content of the
messages being misclassified your mailbox provider?
What is in the "Authentication-Results" header of the messages that
are misclassified?
I recently cleaned out my Spam so I'll need to wait a day or two for
more to land there, then I'll get back to you on this with some samples.
Peter
