[asterisk-dev] Mailing List Future
Henning Westerholt
hw at gilawa.com
Fri Jan 5 01:55:25 CST 2024
Hello,
thanks, Joshua, for setting up the new list, it was really easy to subscribe, no issues.
It seems to be more successful in getting through the spam filter at least in my experiences.
About the from header, nowadays you usually need to set the From to the mailing list address, otherwise google and other will reject the email because of DMARC. We have been through the same issues recently on kamailio mailing lists for example.
The groups.io was chosen probably because it's not necessary to maintain an own mail server anymore. You can (even in outlook) create a mail filter with a few clicks on the sender address or some other header parts.
Regarding the SPF issues mentioned from Paul, if there is an error in their SPF record it should be probably addressed to the groups.io guys. From a first look it seems to include the sender IPs: https://mxtoolbox.com/SuperTool.aspx?action=spf%3agroups.io&run=toolpage
Here is an extract from mail headers for a new list message which clearly shows the correct IP (included in the SPF record) and also DMARC pass from an O365 account:
Authentication-Results: spf=pass (sender IP is 66.175.222.108)
smtp.mailfrom=groups.io; dkim=pass (signature was verified)
header.d=groups.io;dmarc=bestguesspass action=none
header.from=groups.io;compauth=pass reason=109
Received-SPF: Pass (protection.outlook.com: domain of groups.io designates
66.175.222.108 as permitted sender) receiver=protection.outlook.com;
client-ip=66.175.222.108; helo=mail02.groups.io; pr=C
Received: from mail02.groups.io (66.175.222.108) by
AMS1EPF00000041.mail.protection.outlook.com (10.167.16.38) with Microsoft
SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
15.20.7159.9 via Frontend Transport; Thu, 4 Jan 2024 13:29:35 +0000
DKIM-Signature: a=rsa-sha256; bh=TlCBy1aFBIBg3CEsdRMY19Y//1l4cNiTTHVF0l8wrOw=;
c=relaxed/simple; d=groups.io;
So maybe you can elaborate what you think the issue is with the SPF and/or DMARC from group.io.
Cheers,
Henning
> -----Original Message-----
> From: asterisk-dev <asterisk-dev-bounces at lists.digium.com> On Behalf Of
> Paul Kudla
> Sent: Freitag, 5. Januar 2024 08:18
> To: asterisk-dev at lists.digium.com
> Subject: Re: [asterisk-dev] Mailing List Future
>
>
> Again sorry to be a pain
>
> I am an ISP and see stuff like this all day long
>
> people are not going to read email headers etc etc etc
>
> email is very simplistic
>
> the from address (not the reply address) needs to reflect the sender and
> nothing else.
>
> mscv, sendgrid etc are perfect email list companies that show as spam because
> they play with the from address in the headers, not to mention microsoft
> exchange adding a great big long string in the from address to aid in message
> bounce backs, also the dkim signature is also based on the from domain etc
> which is why those are bouncing?
>
> take google for example
>
> they want an spf record or dkim record now a days or it is spam and will
> probably reject (see example below)
>
> I went through this with a customer in december
>
> again know this is techy but just trying to help.
>
> we are a few days in and hitting all the basic email issues.
>
> can groups.io (the new wiki system) be configured to interface to a external
> email server (inbound and out?) - might be easier ?
>
> ___________________________________________________________________
> ______
>
> mail18 12-23 17:40:43 {postfix.out} [30103] (1860520863) Dec 23
> 17:40:43 mail18 postfix/smtp[30103]: 44FEC315F6F:
> to=<mdcroteau at gmail.com>, relay=alt1
>
> .gmail-smtp-in.l.google.com[142.250.128.27]:25, delay=2172,
> delays=2171/0.03/0.96/0.21, dsn=4.0.0,
>
> status=deferred (host alt1.gmail-smtp-in.l.google.com[142.250.128.27]
> said: 450-5.7.26 This mail has been
>
> blocked because the sender is unauthenticated. 450-5.7.26 Gmail requires all
> senders to authenticate with
>
> either SPF or DKIM. 450-5.7.26 450-5.7.26 Authentication results:
> 450-5.7.26 DKIM = did not pass
>
> 450-5.7.26 SPF [diamond-cladpower.com] with ip: [65.39.148.18] = did not
> pass 450-5.7.26 450-5.7.26 For
>
> instructions on setting up authentication, go to 450 5.7.26
>
> https://support.google.com/mail/answer/81126#authentication
>
> dp35-20020a0566381ca300b0046ce28c905esi2970974jab.17 - gsmtp (in
> reply to end of DATA command))
>
> ___________________________________________________________________
> ______
>
>
> groups.io does have an spf record but also seems to be attached to zendesk ??
>
> # dig txt groups.io
>
> ; <<>> DiG 9.16.12 <<>> txt groups.io
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29021 ;; flags: qr rd ra;
> QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
>
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 512
> ;; QUESTION SECTION:
> ;groups.io. IN TXT
>
> ;; ANSWER SECTION:
> groups.io. 397 IN TXT
> "google-site-verification=cIdgZ-
> hBu3RiSGae0xG2qUDmQY5hS3dsg6qUGxAZjaE"
> groups.io. 397 IN TXT "v=spf1
> ip4:66.175.222.12 ip4:66.175.222.108 ip4:45.79.227.220 ip4:45.79.224.9
> ip4:45.79.224.7 ip4:192.53.124.123 ip4:173.255.243.56
> ip4:192.53.124.254 include:mail.zendesk.com include:smtp.zendesk.com
> ~all"
>
> ;; Query time: 18 msec
> ;; SERVER: 8.8.8.8#53(8.8.8.8)
> ;; WHEN: Fri Jan 05 02:08:59 EST 2024
> ;; MSG SIZE rcvd: 337
>
>
>
>
>
> Have A Happy Friday !!!
>
> Thanks - Paul Kudla (Manager SCOM.CA Internet Services Inc.)
>
>
> Scom.ca Internet Services <http://www.scom.ca>
> 004-1009 Byron Street South
> Whitby, Ontario - Canada
> L1N 4S3
>
> Toronto 416.642.7266
> Main 1.866.411.7266
> Fax 1.888.892.7266
> Email paul at scom.ca
>
> On 1/4/2024 10:04 AM, Jaco Kroon wrote:
> > Hi,
> >
> > Just looking into this in more detail:
> >
> > Return-path:<bounce+123194+7+8112995+12921448 at groups.io>
> >
> > So yea, that's VERP based.
> >
> > From: "Joshua Colp via groups.io"<jcolp=sangoma.com at groups.io>
> >
> > And that's a very basic form of SRS ...
> >
> > And these headers are present too:
> >
> > List-Subscribe:<mailto:asterisk-dev+subscribe at groups.io>
> > List-Help:<mailto:asterisk-dev+help at groups.io>
> > Sender:asterisk-dev at groups.io
> > List-Id: <asterisk-dev.groups.io>
> >
> >
> > So yea ... for filtering properly you need to handle groups.io specially. It's a
> pain but perfectly do-able.
> >
> > Kind regards,
> > Jaco
> >
> > On 2024/01/04 14:34, Joshua C. Colp wrote:
> >> On Thu, Jan 4, 2024 at 8:28 AM Paul Kudla <paul at scom.ca> wrote:
> >>
> >>
> >> ok
> >>
> >> i will post examples if/when this happens then for better
> >> clarificastion
> >> unless groups.io <http://groups.io> is uniqe to asterisk ?
> >>
> >> being an isp mailing lists / open systems are the first to get
> >> hacked !
> >>
> >>
> >> The groups.io <http://groups.io> platform is not unique to Asterisk,
> >> there are numerous groups hosted on it. Directly adding members to
> >> groups requires a paying plan, otherwise adding an email address
> >> requires someone signing up themselves.
> >>
> >> --
> >> Joshua C. Colp
> >> Director of Engineering | Asterisk Project Lead Sangoma Technologies
> >> Check us out at www.sangoma.com <http://www.sangoma.com> and
> >> www.asterisk.org <http://www.asterisk.org>
> >>
> >
> > --
> > This message has been scanned for viruses and
> > dangerous content by *MailScanner* <http://www.mailscanner.info/>, and
> is
> > believed to be clean.
> >
>
> --
> ___________________________________________________________________
> __
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
>
> asterisk-dev mailing list
> To UNSUBSCRIBE or update options visit:
> http://lists.digium.com/mailman/listinfo/asterisk-dev
More information about the asterisk-dev
mailing list