Home page logo

nanog logo nanog mailing list archives

Re: gmail dropping mesages
From: Franck Martin <fmartin () linkedin com>
Date: Fri, 22 Apr 2011 23:01:01 +0000

On 4/23/11 10:41 , "Alex Brooks" <askoorb+nanog () gmail com> wrote:

On Fri, Apr 22, 2011 at 9:44 PM, Franck Martin <fmartin () linkedin com>
What is the DKIM check result for those messages?

Non existent, it's SPF only.

My point.

This is what GMail sees:

Received: from s0.nanog.org (s0.nanog.org [])
       by mx.google.com with ESMTPS id
       (version=TLSv1/SSLv3 cipher=OTHER);
       Fri, 22 Apr 2011 13:42:53 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of
nanog-bounces+askoorb+nanog=gmail.com () nanog org designates as permitted sender) client-ip=;
Authentication-Results: mx.google.com; spf=pass (google.com: best
guess record for domain of
nanog-bounces+askoorb+nanog=gmail.com () nanog org designates as permitted sender)
smtp.mail=nanog-bounces+askoorb+nanog=gmail.com () nanog org

May be time to get nanog mailing list DKIM aware?

On 4/22/11 13:24 , "Bill Blackford" <bblackford () gmail com> wrote:

I've recently observed gmail dropping messages or not forwarding all
messages/posts  from the nanog list. This is rather annoying.

Has anyone else experienced this? Does anyone have any insight as to

Yes,  for example, the message I'm replying to had this at the top of it:

"Due to a filter you created, this message was not sent to Spam. Edit
"Warning: This message may not be from whom it claims to be. Beware of
following any links in it or of providing the sender with any personal
information.  Learn more"

So GMail thinks it's a phishing message :-/

Because from: may be from a domain which is known to DKIM sign
everything.... (like gmail).

Quite a lot of my Nanog messages are marked as spam, which is why I
created a filter to not send any messages with a list ID header with
nanog.nanog.org in it to spam at all.

The only way for Nanog to get round this would be for the mail
administrator to follow *every* step at
https://mail.google.com/support/bin/answer.py?answer=81126  which
basically is:
- Explicit SPF with hard fail.
- Signing with DKIM or DomainKeys.
- Useing a consistent IP address to send bulk mail.
- Keeping valid reverse DNS records for the IP address(es) from which
mail is sent, pointing to the sending domain.
- Use the same address in the 'From:' header on every bulk mail that is
- Using the "Precedence: bulk" header.
- Up-to-date contact information in the WHOIS record, and on abuse.net.

But the list administrator would have to do all of that faff.

No, it is mailman, just upgrade mailman. Recent versions are more DKIM

More info: http://tools.ietf.org/html/draft-ietf-dkim-mailinglists-06

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]