#49787: Mailing list messages not delivered, subscriptions disabled due to Yahoo Mail now requiring DMARC ----------------------------+--------------------- Reporter: ryandesign@… | Owner: admin@… Type: defect | Status: new Priority: High | Milestone: Component: server/hosting | Version: Keywords: | Port: ----------------------------+--------------------- At 2:29 PM Central time today we received 42 mailing list subscription disabled bounces. They said things like: {{{ 552 l8Eq1r00M0drVCp018ErwH Message fails DMARC verification. }}} {{{ 554 5.7.9 Message not accepted for policy reasons. See https://help.yahoo.com/kb/postmaster/SLN7253.html }}} {{{ 550 5.7.1 The messages violates the DMARC policy of yahoo.com (d8c59a45 -921e-11e5-a822-db253d9e0b64) }}} {{{ 550 5.2.0 l8Eq1r05C0bG8YH018Er6K Message rejected due to DMARC. Please see http://postmaster.comcast.net/smtp-error-codes.php#DM000001 }}} {{{ 550 5.7.0 (COL004-MC6F14) Unfortunately, messages from (17.151.62.25) on behalf of (yahoo.com) could not be delivered due to domain owner policy restrictions. }}} It sounds like Yahoo's mail server now requires messages to be sent in compliance with [https://dmarc.org/ DMARC], and our mailing lists do not do this. The effect is that when a Yahoo Mail user who has subscribed to one of our lists sends a message to the list, it gets sent by our list to the other subscribers. For those subscribers using a mail service that checks DMARC, their mail servers reject the message because the DMARC verification fails because the message was actually sent by our server not by a Yahoo Mail server. This causes the subscriber's mail server to send a bounce back to our mailing list server, and after a few of those, our mailing list server disables the subscriber's subscription. [https://help.yahoo.com/kb/postmaster/SLN7253.html Yahoo's own page on this problem] suggests we "Follow industry standards" and:
change your sending behavior by adding the mailing lists’ address to the "From:" line, rather than the sender’s address. Also, enter the actual user/sender address into the "Reply-To:" line."
I do not believe we should do this, because this contradicts RFC2822 which states:
When the "Reply-To:" field is present, it indicates the mailbox(es) to which the author of the message suggests that replies be sent.
Our mailing list is not the author of the message, so our mailing list may not change the Reply-To line. See also [https://woozle.org/~neale/papers /reply-to-still-harmful.html “Reply-To” Munging Still Considered Harmful. Really.] The [https://dmarc.org/wiki/FAQ#I_operate_a_mailing_list_and_I_want_to_interopera... DMARC FAQ] has an entry about what list operators should do, but there are several choices and I don't know which, if any, are appropriate. -- Ticket URL: <https://trac.macports.org/ticket/49787> MacPorts <https://www.macports.org/> Ports system for OS X