FAQ

On Fri, November 7, 2014 12:10, Bob Marcan wrote:
Hi.
Your mails to centos mailing list are constantly marked as spam by
gmail.com.
Marking it nospam is annoying and had no effect on gmail filtering.
I can filter it into the proper folder, but this will only fix my problem.
Can you do anything in that matter?

Best regards, Bob

I do not think that I have any influence over this issue, other than to change
email providers and that, for various security reasons, is not going to
happen. Nor, for similar reasons, is it feasible for me to have a second
email address just for the Centos mailing list since I would be unable to use
it from my workplace. I do understand your frustration and I am appreciative
of the effort that you took to contact me about it. I wish I had some
solution for you that was available to me.


The reason that my emails from the CentOS list are marked as spam by Google is
that our domain employs DKIM and SPF for outgoing SMTP traffic. The CentOS
mailing list manager is the stock Mailman package provided with CentOS. That
version mangles the originator's mail headers and body, thus invalidating the
DKIM signature. It then sends the message out as originating under the
original sender's domain but from an unauthorised SMTP server address, thus
triggering the SPF failure.


The reasons that this has become an issue is that Google, Yahoo, AOL and I
believe Microsoft, began enforcing DMARC to varying degrees beginning last
April. Google at least forwards my messages on with a warning. I believe that
Yahoo simply blocks all my CentOS list traffic.


We have set SPF to a policy of ~all, which is a soft failure. That permits
delivery, providing the recipient MX agrees as is the case with Google. It is
not permissible for us to authorise an alien IP address as a legitimate source
of our SMTP traffic so we cannot eliminate the SPF failure. We can do nothing
about the DKIM invalidation since it is Mailman that is changing the headers
and appending text to the body after it is signed by our servers.


There is a patch for Mailman to resolve the SPF issue and the DKIM issue with
respect to headers, but it has not made it into the RedHat distribution. The
body mangling issue is in the hands of the mailing list owner.


I have raised an issue on this:


https://bugzilla.redhat.com/show_bug.cgi?id95359


I also tried building the new Mailman package for CentOS-6. The problem is
that the Mailman project does not follow the FHS. Restructuring the source
files to properly package on CentOS is simply beyond my limited skills and
time. I suspect that the effort involved is why the issue has not made much
progress inside RH either.


I am replying to the list as well so that anyone else having the same problem
with my traffic is apprised of the cause.


With regrets,


--
*** E-Mail is NOT a SECURE channel ***
James B. Byrne mailto:ByrneJB at Harte-Lyne.ca
Harte & Lyne Limited http://www.harte-lyne.ca
9 Brockley Drive vox: +1 905 561 1241
Hamilton, Ontario fax: +1 905 561 0757
Canada L8E 3C3

Search Discussions

  • Always Learning at Nov 8, 2014 at 10:02 pm

    On Fri, 2014-11-07 at 13:01 -0500, James B. Byrne wrote:


    The reason that my emails from the CentOS list are marked as spam by Google is
    that our domain employs DKIM and SPF for outgoing SMTP traffic. The CentOS
    mailing list manager is the stock Mailman package provided with CentOS. That
    version mangles the originator's mail headers and body, thus invalidating the
    DKIM signature. It then sends the message out as originating under the
    original sender's domain but from an unauthorised SMTP server address, thus
    triggering the SPF failure.

    If I understand the problem correctly your emails sent out by the Centos
    mailing list (using Mailman) are considered by Google et al to be spam.
    The fundamental reason you believe is be your site's usage of DKIM.


    Why can't your site get a cheap VPS anywhere in the world and route
    outgoing emails, without DKIM, through the VPS ? Cost in EU is less
    than GBP 80 per annum (circa EUR 96 p.a.) It is easy to achieve using
    Exim.




    --
    Regards,


    Paul.
    England, EU.
  • Valeri Galtsev at Nov 8, 2014 at 11:42 pm

    On Sat, November 8, 2014 4:02 pm, Always Learning wrote:
    On Fri, 2014-11-07 at 13:01 -0500, James B. Byrne wrote:

    The reason that my emails from the CentOS list are marked as spam by
    Google is
    that our domain employs DKIM and SPF for outgoing SMTP traffic. The
    CentOS
    mailing list manager is the stock Mailman package provided with CentOS.
    That
    version mangles the originator's mail headers and body, thus
    invalidating the
    DKIM signature. It then sends the message out as originating under the
    original sender's domain but from an unauthorised SMTP server address,
    thus
    triggering the SPF failure.
    If I understand the problem correctly your emails sent out by the Centos
    mailing list (using Mailman) are considered by Google et al to be spam.
    The fundamental reason you believe is be your site's usage of DKIM.

    Why can't your site get a cheap VPS anywhere in the world and route
    outgoing emails, without DKIM, through the VPS ? Cost in EU is less
    than GBP 80 per annum (circa EUR 96 p.a.) It is easy to achieve using
    Exim.

    But logically that will defeat the whole reason of using DKIM, won't it?


    Valeri


    ++++++++++++++++++++++++++++++++++++++++
    Valeri Galtsev
    Sr System Administrator
    Department of Astronomy and Astrophysics
    Kavli Institute for Cosmological Physics
    University of Chicago
    Phone: 773-702-4247
    ++++++++++++++++++++++++++++++++++++++++
  • Les Mikesell at Nov 9, 2014 at 12:03 am

    On Sat, Nov 8, 2014 at 5:42 PM, Valeri Galtsev wrote:
    Why can't your site get a cheap VPS anywhere in the world and route
    outgoing emails, without DKIM, through the VPS ? Cost in EU is less
    than GBP 80 per annum (circa EUR 96 p.a.) It is easy to achieve using
    Exim.
    But logically that will defeat the whole reason of using DKIM, won't it?

    Yes, but when the purpose of DKIM is to break lists that forward on
    your behalf, that is a good thing. But an even easier solution is to
    use a free email service like gmail/yahoo/hotmail for your mail list
    activity.


    --
        Les Mikesell
            lesmikesell at gmail.com
  • Always Learning at Nov 9, 2014 at 2:20 am

    On Sat, 2014-11-08 at 17:42 -0600, Valeri Galtsev wrote:

    On Sat, November 8, 2014 4:02 pm, Always Learning wrote:
    On Fri, 2014-11-07 at 13:01 -0500, James B. Byrne wrote:

    The reason that my emails from the CentOS list are marked as spam by
    Google is
    that our domain employs DKIM and SPF for outgoing SMTP traffic. The
    CentOS
    mailing list manager is the stock Mailman package provided with CentOS.
    That
    version mangles the originator's mail headers and body, thus
    invalidating the
    DKIM signature. It then sends the message out as originating under the
    original sender's domain but from an unauthorised SMTP server address,
    thus
    triggering the SPF failure.
    If I understand the problem correctly your emails sent out by the Centos
    mailing list (using Mailman) are considered by Google et al to be spam.
    The fundamental reason you believe is be your site's usage of DKIM.

    Why can't your site get a cheap VPS anywhere in the world and route
    outgoing emails, without DKIM, through the VPS ? Cost in EU is less
    than GBP 80 per annum (circa EUR 96 p.a.) It is easy to achieve using
    Exim.
    But logically that will defeat the whole reason of using DKIM, won't it?

    But .... is not his problem that when he sends an email to this mailing
    list, Google - when it gets its metaphorical hands on the output from
    this mailing list, whilst delivering it to some recipients - declares
    his email as spam ?


    Everyone knows that when dealing with large organisations (especially
    North American ones and their global imitators), one can waste enormous
    amounts to time pleading with them to do simple and reasonable things
    properly.


    He needs a solution. I proposed what I thought was a relatively quick
    and cheap solution.


    Another solution is for the mailing list to delete all previous headers
    on receipt of incoming emails - perhaps that might work ?


    --
    Regards,


    Paul.
    England, EU.
  • Keith Keller at Nov 9, 2014 at 1:58 am

    On 2014-11-08, Always Learning wrote:
    If I understand the problem correctly your emails sent out by the Centos
    mailing list (using Mailman) are considered by Google et al to be spam.
    The fundamental reason you believe is be your site's usage of DKIM.

    The fundamental reason is because Mailman is rewriting the headers in an
    incompatible way. It is not his site's usage of DKIM. This is a known
    issue with Mailman. (I used to have a good link explaining the issue,
    but can't find it now; if I find it later I'll post it.)

    Why can't your site get a cheap VPS anywhere in the world and route
    outgoing emails, without DKIM, through the VPS ?

    It'd be a lot easier just to drop DKIM, but that's a bit pointless.


    --keith




    --
    kkeller at wombat.san-francisco.ca.us
  • Stephen Harris at Nov 9, 2014 at 2:35 am

    On Sat, Nov 08, 2014 at 05:58:53PM -0800, Keith Keller wrote:
    The fundamental reason is because Mailman is rewriting the headers in an
    incompatible way. It is not his site's usage of DKIM. This is a known
    issue with Mailman. (I used to have a good link explaining the issue,
    but can't find it now; if I find it later I'll post it.)

    So we have a 20-year old piece of technology ("mailman") and a modern
    proposal ("DKIM")... and somehow it's mailman's fault. Uh huh.


    Note; it's not just mailman that has problems, it's _any_ mail forwarder.
    Going back 27 years to my first Unix account, I could create a file called
    ".forward" that would forward my mail to another address. This is BROKEN
    by DKIM.


    Basically DKIM is incompatible with how internet email works.


    But here's the thing... I think DKIM has a potential future; we need to
    _change_ how the internet works. So mailman will need to be rewritten;
    mail forwarders will need to change. And so on.


    I use DKIM on my domain but I specifically set it to "fail safe" (deliver
    it anyway) because I _know_ the internet, today, isn't compatible. I get
    email reports so I can see if spammers _are_ sending as me.


    The problem is with domains like yahoo.com who have a "fail deny"
    policy. Any yahoo.com sender gets so much mail rejected that many
    mail lists auto-block yahoo senders these days.


    The problem, ultimately, is with senders with a "reject" policy published.
    DKIM is not compatible with internet email today, and so mail from those
    senders _will_ be rejected.


    --


    rgds
    Stephen
  • Valeri Galtsev at Nov 9, 2014 at 5:06 am

    On Sat, November 8, 2014 8:35 pm, Stephen Harris wrote:
    On Sat, Nov 08, 2014 at 05:58:53PM -0800, Keith Keller wrote:
    The fundamental reason is because Mailman is rewriting the headers in an
    incompatible way. It is not his site's usage of DKIM. This is a known
    issue with Mailman. (I used to have a good link explaining the issue,
    but can't find it now; if I find it later I'll post it.)
    So we have a 20-year old piece of technology ("mailman") and a modern
    proposal ("DKIM")... and somehow it's mailman's fault. Uh huh.

    Note; it's not just mailman that has problems, it's _any_ mail forwarder.
    Going back 27 years to my first Unix account, I could create a file called
    ".forward" that would forward my mail to another address. This is BROKEN
    by DKIM.

    Any constructive suggestion how to deal with e-mail of people who moved
    on? Forwarding is a a solution. What is suggested instead (in the realm of
    DKIM)?


    Valeri

    Basically DKIM is incompatible with how internet email works.

    But here's the thing... I think DKIM has a potential future; we need to
    _change_ how the internet works. So mailman will need to be rewritten;
    mail forwarders will need to change. And so on.

    I use DKIM on my domain but I specifically set it to "fail safe" (deliver
    it anyway) because I _know_ the internet, today, isn't compatible. I get
    email reports so I can see if spammers _are_ sending as me.

    The problem is with domains like yahoo.com who have a "fail deny"
    policy. Any yahoo.com sender gets so much mail rejected that many
    mail lists auto-block yahoo senders these days.

    The problem, ultimately, is with senders with a "reject" policy published.
    DKIM is not compatible with internet email today, and so mail from those
    senders _will_ be rejected.

    --

    rgds
    Stephen
    _______________________________________________
    CentOS mailing list
    CentOS at centos.org
    http://lists.centos.org/mailman/listinfo/centos



    ++++++++++++++++++++++++++++++++++++++++
    Valeri Galtsev
    Sr System Administrator
    Department of Astronomy and Astrophysics
    Kavli Institute for Cosmological Physics
    University of Chicago
    Phone: 773-702-4247
    ++++++++++++++++++++++++++++++++++++++++
  • Keith Keller at Nov 9, 2014 at 5:59 am

    On 2014-11-09, Stephen Harris wrote:
    On Sat, Nov 08, 2014 at 05:58:53PM -0800, Keith Keller wrote:
    The fundamental reason is because Mailman is rewriting the headers in an
    incompatible way. It is not his site's usage of DKIM. This is a known
    issue with Mailman. (I used to have a good link explaining the issue,
    but can't find it now; if I find it later I'll post it.)
    So we have a 20-year old piece of technology ("mailman") and a modern
    proposal ("DKIM")... and somehow it's mailman's fault. Uh huh.

    Mailman is by my reckoning only about 15 years old, and DKIM has been
    around for about a decade. So I'm not really convinced by your argument
    here.


    Plus, it's not like the Mailman folks themselves are blaming DKIM.
    Here's a page they wrote up.


    http://wiki.list.org/display/DEV/DKIM


    "Make no mistake though, DKIM cannot be ignored"


    I haven't looked very hard, but I haven't found anything authoritative
    on Mailman vs. DKIM more recent than 2012 (which itself means they've
    been thinking about it for a long time; the wiki doc talks about another
    document written in 2009).

    The problem, ultimately, is with senders with a "reject" policy published.
    DKIM is not compatible with internet email today, and so mail from those
    senders _will_ be rejected.

    Well, someone's gotta be first, because there's no way we'll get
    everyone agree to switch over on a given date. If Yahoo and Google are
    doing it they're forcing the issue sooner rather than later. I'm not
    sure that's a bad thing.


    --keith


    --
    kkeller at wombat.san-francisco.ca.us
  • Les Mikesell at Nov 9, 2014 at 8:48 pm

    On Sat, Nov 8, 2014 at 11:59 PM, Keith Keller wrote:
    On 2014-11-09, Stephen Harris wrote:
    On Sat, Nov 08, 2014 at 05:58:53PM -0800, Keith Keller wrote:
    The fundamental reason is because Mailman is rewriting the headers in an
    incompatible way. It is not his site's usage of DKIM. This is a known
    issue with Mailman. (I used to have a good link explaining the issue,
    but can't find it now; if I find it later I'll post it.)
    So we have a 20-year old piece of technology ("mailman") and a modern
    proposal ("DKIM")... and somehow it's mailman's fault. Uh huh.
    Mailman is by my reckoning only about 15 years old, and DKIM has been
    around for about a decade. So I'm not really convinced by your argument
    here.

    Isn't this a philosophical question about who the author really is?
    That is, does it belong to the original sender or is is something
    made up by the list that deserves to be signed as though they made it
    up?


    --
       Les Mikesell
          lesmikesell at gmail.com
  • James B. Byrne at Nov 10, 2014 at 3:17 pm

    On Sat, November 8, 2014 21:35, Stephen Harris wrote:
    On Sat, Nov 08, 2014 at 05:58:53PM -0800, Keith Keller wrote:
    The fundamental reason is because Mailman is rewriting the headers in an
    incompatible way. It is not his site's usage of DKIM. This is a known
    issue with Mailman. (I used to have a good link explaining the issue,
    but can't find it now; if I find it later I'll post it.)
    So we have a 20-year old piece of technology ("mailman") and a modern
    proposal ("DKIM")... and somehow it's mailman's fault. Uh huh.

    Note; it's not just mailman that has problems, it's _any_ mail forwarder.
    Going back 27 years to my first Unix account, I could create a file called
    ".forward" that would forward my mail to another address. This is BROKEN
    by DKIM.

    Basically DKIM is incompatible with how internet email works.

    But here's the thing... I think DKIM has a potential future; we need to
    _change_ how the internet works. So mailman will need to be rewritten;
    mail forwarders will need to change. And so on.

    Mailman already has been updated to ameliorate the situation. The patches are
    applied to the main trunk and the version has been updated. However, CentOS
    is, as we all know and love, a decidedly conservative collection of software.
    In my opinion it is unlikely that we will see any changes to Mailman's
    behaviour in 6 and possibly not until 8, although I think it probable that
    Mailman will be updated for this in 7 at some point.


    For the nonce we set SPF policy to softfail and our DKIM policy is quarantine.
    Thus Google is doing the right thing by flagging my messages through
    CentOS.org as suspect but forwarding them on for delivery nonetheless. So long
    as the MX treatment of my messages is consistent and still permits delivery
    then Google places the disposition in the hands of the recipient.


    Yahoo on the other hand does not. If there is an SPF failure then the messages
    are discarded. I am not sure what effect, if any, DKIM has on Yahoo.


    To handle Yahoo subscribers to any ML that we run internally we arbitrarily
    subscribe those addresses to the digest versions.




    --
    *** E-Mail is NOT a SECURE channel ***
    James B. Byrne mailto:ByrneJB at Harte-Lyne.ca
    Harte & Lyne Limited http://www.harte-lyne.ca
    9 Brockley Drive vox: +1 905 561 1241
    Hamilton, Ontario fax: +1 905 561 0757
    Canada L8E 3C3
  • James B. Byrne at Nov 10, 2014 at 3:53 pm

    On Sun, November 9, 2014 00:06, Valeri Galtsev wrote:
    On Sat, November 8, 2014 8:35 pm, Stephen Harris wrote:
    On Sat, Nov 08, 2014 at 05:58:53PM -0800, Keith Keller wrote:
    The fundamental reason is because Mailman is rewriting the headers in an
    incompatible way. It is not his site's usage of DKIM. This is a known
    issue with Mailman. (I used to have a good link explaining the issue,
    but can't find it now; if I find it later I'll post it.)
    So we have a 20-year old piece of technology ("mailman") and a modern
    proposal ("DKIM")... and somehow it's mailman's fault. Uh huh.

    Note; it's not just mailman that has problems, it's _any_ mail forwarder.
    Going back 27 years to my first Unix account, I could create a file called
    ".forward" that would forward my mail to another address. This is BROKEN
    by DKIM.
    Any constructive suggestion how to deal with e-mail of people who moved
    on? Forwarding is a a solution. What is suggested instead (in the realm of
    DKIM)?

    Valeri

    If you want to read intelligent people throwing tantrums search at the IETF
    mailing list archives for DKIM, DMARC and SPF; and read; and weep.


    The problem that DMARC, DKIM, and SPF seek to solve is intractable. So long
    as the cost of email is borne by the recipients and there are no sensible
    restrictions of the volume of traffic a single source can generate then
    unwanted email is going to be created and transmitted. All of this
    jiggery-pokery respecting message signing and sender policy frameworks just
    shows how intractable it is.


    DMARC is. . ., well I do not know what benefit one obtains by discovering that
    some IP address on mainland China is again purporting to belong to our domain
    and sending out email. What news! Next someone will tell me that not
    everything on the Internet is factual!!


    In our case we believe a more pressing problem has to do with authenticated
    connections between mail servers and the whole sorry mess that is CA driven
    PKI. The certs and signatures for PKI have to be moved into DNS RRs so that
    the current system of privately owned CAs just goes away. It is totally
    flawed as it assumes, and requires, a strict hierarchy for identification.
    That vision simply does not describe the Internet. Anything that will work
    for identification on the Internet ultimately will have to resemble DNS.


    For SMTP the mail server that connects should always use STARTTLS and have its
    IP address reverse checked against its A RR to locate an associated RR
    something like SSHFP. That then is used to verify its identity and the
    validity of its certificate. No match no traffic. That will not solve SPAM
    and UCEM but that is not the point. It will guarantee that our traffic is
    moving along verifiable routes and that, for us, is very important.


    That also, as a side effect, would hide email headers (meta data) on all point
    to point connections. Our observations with respect to our own servers are
    that for correspondents running their own mail servers all, or virtually all,
    of those connections presently are point to point.


    As for the poor sots that have handed over their email service management to
    Google and the the like. Well those people have nothing to hide. Which is a
    good thing for them. Because everything they transmit is open to inspection
    by third parties, trusted or not. And kept forever, whether they wish it or
    not.




    --
    *** E-Mail is NOT a SECURE channel ***
    James B. Byrne mailto:ByrneJB at Harte-Lyne.ca
    Harte & Lyne Limited http://www.harte-lyne.ca
    9 Brockley Drive vox: +1 905 561 1241
    Hamilton, Ontario fax: +1 905 561 0757
    Canada L8E 3C3
  • Valeri Galtsev at Nov 10, 2014 at 5:01 pm

    On Mon, November 10, 2014 9:53 am, James B. Byrne wrote:
    On Sun, November 9, 2014 00:06, Valeri Galtsev wrote:
    On Sat, November 8, 2014 8:35 pm, Stephen Harris wrote:
    On Sat, Nov 08, 2014 at 05:58:53PM -0800, Keith Keller wrote:
    The fundamental reason is because Mailman is rewriting the headers in
    an
    incompatible way. It is not his site's usage of DKIM. This is a
    known
    issue with Mailman. (I used to have a good link explaining the issue,
    but can't find it now; if I find it later I'll post it.)
    So we have a 20-year old piece of technology ("mailman") and a modern
    proposal ("DKIM")... and somehow it's mailman's fault. Uh huh.

    Note; it's not just mailman that has problems, it's _any_ mail
    forwarder.
    Going back 27 years to my first Unix account, I could create a file
    called
    ".forward" that would forward my mail to another address. This is
    BROKEN
    by DKIM.
    Any constructive suggestion how to deal with e-mail of people who moved
    on? Forwarding is a a solution. What is suggested instead (in the realm
    of
    DKIM)?

    Valeri
    If you want to read intelligent people throwing tantrums search at the
    IETF
    mailing list archives for DKIM, DMARC and SPF; and read; and weep.

    The problem that DMARC, DKIM, and SPF seek to solve is intractable. So
    long
    as the cost of email is borne by the recipients and there are no sensible
    restrictions of the volume of traffic a single source can generate then
    unwanted email is going to be created and transmitted. All of this
    jiggery-pokery respecting message signing and sender policy frameworks
    just
    shows how intractable it is.

    DMARC is. . ., well I do not know what benefit one obtains by discovering
    that
    some IP address on mainland China is again purporting to belong to our
    domain
    and sending out email. What news! Next someone will tell me that not
    everything on the Internet is factual!!

    In our case we believe a more pressing problem has to do with
    authenticated
    connections between mail servers and the whole sorry mess that is CA
    driven
    PKI. The certs and signatures for PKI have to be moved into DNS RRs so
    that
    the current system of privately owned CAs just goes away. It is totally
    flawed as it assumes, and requires, a strict hierarchy for identification.
    That vision simply does not describe the Internet. Anything that will
    work
    for identification on the Internet ultimately will have to resemble DNS.

    For SMTP the mail server that connects should always use STARTTLS and have
    its
    IP address reverse checked against its A RR to locate an associated RR
    something like SSHFP. That then is used to verify its identity and the
    validity of its certificate. No match no traffic. That will not solve
    SPAM
    and UCEM but that is not the point. It will guarantee that our traffic is
    moving along verifiable routes and that, for us, is very important.

    That also, as a side effect, would hide email headers (meta data) on all
    point
    to point connections. Our observations with respect to our own servers
    are
    that for correspondents running their own mail servers all, or virtually
    all,
    of those connections presently are point to point.

    As for the poor sots that have handed over their email service management
    to
    Google and the the like. Well those people have nothing to hide. Which is
    a
    good thing for them. Because everything they transmit is open to
    inspection
    by third parties, trusted or not. And kept forever, whether they wish it
    or
    not.

    James, thanks a lot for nice write-up!


    As far as google and the likes are concerned... even though I'm not using
    any of them, my messages are too filed there through the ones who use them
    (even when it is not straightforward, e.g. when they forward to their ...
    account). Sigh.


    Valeri


    ++++++++++++++++++++++++++++++++++++++++
    Valeri Galtsev
    Sr System Administrator
    Department of Astronomy and Astrophysics
    Kavli Institute for Cosmological Physics
    University of Chicago
    Phone: 773-702-4247
    ++++++++++++++++++++++++++++++++++++++++
  • Les Mikesell at Nov 10, 2014 at 6:56 pm

    On Mon, Nov 10, 2014 at 9:53 AM, James B. Byrne wrote:

    As for the poor sots that have handed over their email service management to
    Google and the the like. Well those people have nothing to hide. Which is a
    good thing for them. Because everything they transmit is open to inspection
    by third parties, trusted or not. And kept forever, whether they wish it or
    not.

    Well, yeah... If I wanted to keep secrets, I wouldn't be sending
    them over the internet at all. You don't really trust your software
    or other third parties that much, do you?


    --
        Les Mikesell
           lesmikesell at gmail.com
  • SilverTip257 at Nov 10, 2014 at 6:39 pm
    On Fri, Nov 7, 2014 at 1:01 PM, James B. Byrne wrote:

    On Fri, November 7, 2014 12:10, Bob Marcan wrote:
    Hi.
    Your mails to centos mailing list are constantly marked as spam by
    gmail.com.
    Marking it nospam is annoying and had no effect on gmail filtering.
    I can filter it into the proper folder, but this will only fix my problem.
    Can you do anything in that matter?

    Best regards, Bob

    If Bob already has a Gmail filter set up to tag CentOS list mail, it's
    simple to modify that filter to "do not mark as spam".


    That's a workaround that Bob can control and use to alleviate the situation
    until the "fixed" Mailman packages reach maturity.




    --
    ---~~.~~---
    Mike
    // SilverTip257 //
  • Les Mikesell at Nov 10, 2014 at 7:42 pm

    On Mon, Nov 10, 2014 at 12:39 PM, SilverTip257 wrote:
    On Fri, Nov 7, 2014 at 1:01 PM, James B. Byrne wrote:

    On Fri, November 7, 2014 12:10, Bob Marcan wrote:
    Hi.
    Your mails to centos mailing list are constantly marked as spam by
    gmail.com.
    Marking it nospam is annoying and had no effect on gmail filtering.
    I can filter it into the proper folder, but this will only fix my problem.
    Can you do anything in that matter?

    Best regards, Bob
    If Bob already has a Gmail filter set up to tag CentOS list mail, it's
    simple to modify that filter to "do not mark as spam".

    That's a workaround that Bob can control and use to alleviate the situation
    until the "fixed" Mailman packages reach maturity.

    At least in theory, if you add a sender to your gmail contacts list it
    is supposed to try to avoid marking subsequent messages from that
    sender as spam.


    --
        Les Mikesell
          lesmikesell at gmail.com
  • James B. Byrne at Nov 11, 2014 at 2:18 pm

    On Mon, November 10, 2014 13:56, Les Mikesell wrote:
    Well, yeah... If I wanted to keep secrets, I wouldn't be sending them
    over the internet at all. You don't really trust your software or other
    third parties that much, do you?


    Read my signature.


    The point is that it is not what I trust. It is what my correspondents do
    with their mail irrespective of trust. And that is totally out of my control.
      Nonetheless, we must take whatever steps we can to protect whatever residual
    confidentiality there is.


    --
    *** E-Mail is NOT a SECURE channel ***
    James B. Byrne mailto:ByrneJB at Harte-Lyne.ca
    Harte & Lyne Limited http://www.harte-lyne.ca
    9 Brockley Drive vox: +1 905 561 1241
    Hamilton, Ontario fax: +1 905 561 0757
    Canada L8E 3C3
  • Les Mikesell at Nov 11, 2014 at 5:10 pm

    On Tue, Nov 11, 2014 at 8:18 AM, James B. Byrne wrote:
    On Mon, November 10, 2014 13:56, Les Mikesell wrote:
    Well, yeah... If I wanted to keep secrets, I wouldn't be sending them
    over the internet at all. You don't really trust your software or other
    third parties that much, do you?

    Read my signature.

    Hmmm, gmail conveniently collapses previously-seen content into an
    ellipse so that didn't jump out out me before.

    The point is that it is not what I trust. It is what my correspondents do
    with their mail irrespective of trust. And that is totally out of my control.
    Nonetheless, we must take whatever steps we can to protect whatever residual
    confidentiality there is.

    I don't get your point about gmail then. If you don't expect internet
    email to be secure in any case then you won't send secrets over it and
    it won't matter who archives, forwards, or searches it. This is all
    pretty obvious for public mail lists anyway and there's not that much
    point in trying to mix them with even business-level security. I
    prefer to have a completely separate account for list use although
    some companies might be so restrictive as to not let you use even web
    access to it from work machines.


    --
        Les Mikesell
          lesmikesell at gmail.com
  • Valeri Galtsev at Nov 11, 2014 at 6:41 pm

    On Tue, November 11, 2014 11:10 am, Les Mikesell wrote:
    On Tue, Nov 11, 2014 at 8:18 AM, James B. Byrne wrote:
    On Mon, November 10, 2014 13:56, Les Mikesell wrote:
    Well, yeah... If I wanted to keep secrets, I wouldn't be sending
    them
    over the internet at all. You don't really trust your software or
    other
    third parties that much, do you?

    Read my signature.
    Hmmm, gmail conveniently collapses previously-seen content into an
    ellipse so that didn't jump out out me before.
    The point is that it is not what I trust. It is what my correspondents
    do
    with their mail irrespective of trust. And that is totally out of my
    control.
    Nonetheless, we must take whatever steps we can to protect whatever
    residual
    confidentiality there is.
    I don't get your point about gmail then. If you don't expect internet
    email to be secure in any case then you won't send secrets over it and
    it won't matter who archives, forwards, or searches it. This is all
    pretty obvious for public mail lists anyway and there's not that much
    point in trying to mix them with even business-level security. I
    prefer to have a completely separate account for list use although
    some companies might be so restrictive as to not let you use even web
    access to it from work machines.

    Indeed, e-mail is not a secure channel of communication (as everyone of us
    repeats for decades). That is because there are _bad_guys_ doing bad thing
    (sniffing packets)... Now we come to the point that some company collects
    information. In general doing virtually the same thing. And we should feel
    no disrespect to that company, right? I feel it is unfair to the first
    category of guys (the bad ones sniffing network traffic).


    Do you not have any problem with that? Because I do ;-(


    But alas, it is the majority that rules (sort of "democracy" as opposed to
    "constitutional republic").


    Valeri


    ++++++++++++++++++++++++++++++++++++++++
    Valeri Galtsev
    Sr System Administrator
    Department of Astronomy and Astrophysics
    Kavli Institute for Cosmological Physics
    University of Chicago
    Phone: 773-702-4247
    ++++++++++++++++++++++++++++++++++++++++
  • Les Mikesell at Nov 11, 2014 at 7:30 pm

    On Tue, Nov 11, 2014 at 12:41 PM, Valeri Galtsev wrote:

    Indeed, e-mail is not a secure channel of communication (as everyone of us
    repeats for decades). That is because there are _bad_guys_ doing bad thing
    (sniffing packets)... Now we come to the point that some company collects
    information. In general doing virtually the same thing. And we should feel
    no disrespect to that company, right? I feel it is unfair to the first
    category of guys (the bad ones sniffing network traffic).

    Do you not have any problem with that? Because I do ;-(

    I don't - for a couple of reasons. First, google doesn't charge for
    the service so I'll use it for what it is: a good place to
    collaborate, and ignore the fact that it might be a bad place to keep
    secrets. And public mailing lists are pretty clearly about open
    collaboration. Second, your, and the recipient's ISPs are going to be
    as bad or worse about allowing government spying. They don't really
    have any choice about that if they want to exist so I don't have a
    real problem with that either, except that they charge us all extra
    for the capability.

    But alas, it is the majority that rules (sort of "democracy" as opposed to
    "constitutional republic").

    Ummm, at this point is it much more a matter of corporate ownership
    than anything else. If you don't like the government, you have to buy
    a better one.


    --
        Les Mikesell
          lesmikesell at gmail.com
  • Valeri Galtsev at Nov 11, 2014 at 7:35 pm

    On Tue, November 11, 2014 1:30 pm, Les Mikesell wrote:
    On Tue, Nov 11, 2014 at 12:41 PM, Valeri Galtsev
    wrote:
    Indeed, e-mail is not a secure channel of communication (as everyone of
    us
    repeats for decades). That is because there are _bad_guys_ doing bad
    thing
    (sniffing packets)... Now we come to the point that some company
    collects
    information. In general doing virtually the same thing. And we should
    feel
    no disrespect to that company, right? I feel it is unfair to the first
    category of guys (the bad ones sniffing network traffic).

    Do you not have any problem with that? Because I do ;-(
    I don't - for a couple of reasons. First, google doesn't charge for
    the service so I'll use it for what it is: a good place to
    collaborate, and ignore the fact that it might be a bad place to keep
    secrets. And public mailing lists are pretty clearly about open
    collaboration. Second, your, and the recipient's ISPs are going to be
    as bad or worse about allowing government spying. They don't really
    have any choice about that if they want to exist so I don't have a
    real problem with that either, except that they charge us all extra
    for the capability.
    But alas, it is the majority that rules (sort of "democracy" as opposed
    to
    "constitutional republic").

    No, I meant it with respect to google, "metaforically speaking", not
    meaning actual government of one sort of another. So, you are in the
    majority as far as google or other "free" services are concerned, I
    figure, and I'm not - in our internet "democracy" that is.


    Valeri

    Ummm, at this point is it much more a matter of corporate ownership
    than anything else. If you don't like the government, you have to buy
    a better one.



    ++++++++++++++++++++++++++++++++++++++++
    Valeri Galtsev
    Sr System Administrator
    Department of Astronomy and Astrophysics
    Kavli Institute for Cosmological Physics
    University of Chicago
    Phone: 773-702-4247
    ++++++++++++++++++++++++++++++++++++++++

Related Discussions

Discussion Navigation
viewthread | post
Discussion Overview
groupcentos @
categoriescentos
postedNov 7, '14 at 6:01p
activeNov 11, '14 at 7:35p
posts21
users7
websitecentos.org
irc#centos

People

Translate

site design / logo © 2021 Grokbase