<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<p>Hi<br>
</p>
<p>Your DMARC errors are not a mailing list problem. They are a
problem of your own settings as the servers are just doing what
*you* told them to do. Sadly your SPF is misconfigured and while
your DKIM configuration is correct it includes the typical
mistakes of people that don't account for mailing list behaviour.<br>
</p>
<p>--- SPF ---</p>
<p>Your SPF-Record (just allowing your own mx, not the list server):<br>
"v=spf1 mx ~all"</p>
<p>You send the e-mail to the lists servers and they forward it but
your SPF doesn't allow for that you receive an error. There are 2
ways to fix your SPF:</p>
<p>1) You include the list's SPF record into your own like so
("v=spf1 mx include:lists.torproject.org ~all"). This will keep
your messages out of the recepient's spam folders.<br>
</p>
<p>2) End your SPF with a neutral catch-all. Spam filters do not
really make a difference between "~all" and "?all" and probably
most of your messages will be marked as spam but DMARC will stop
sending error messages as the checks will not fail anymore.</p>
<p>--- DKIM ---</p>
<p>Your DKIM configurations includes the following headers:
"from:subject:date:message-id:to:mime-version:content-type".</p>
<p>Like almost all lists this one also adds a prefix to the headers
to allow for simple mail sorting scripts. While almost all DKIM
daemons recognize this problem you will still receive a DMARC
error as your signature will not verify (probably somthing like
"dkim failed [...] looks forwarded [...]").<br>
</p>
<p>To fix this you have 2 options as well:<br>
</p>
<p>1) You have to exclude the subject from your DKIM signature or it
will fail. Some DKIM implementations allow for settings on a
per-domain basis so you can just exclude it for the mailing lists
you are on.<br>
</p>
<p>2) You can exclude lists.torproject.org recipients from DKIM
completely so your list messages will not be signed.<br>
</p>
<p>Heiko</p>
<p>PS: Please check your competence before acusing others of having
none. At least the SPF problem should be detectable by any
admin.........<br>
</p>
<br>
<br>
Am 07.01.2018 um 11:55 schrieb Valentin Brandl:<br>
<blockquote type="cite"
cite="mid:20180107105539.hv3oezqldksfgflq@neo">
<pre wrap="">Hi,
when sending a mail to this mailinglist, I receive various DMARC reports
from different mail providers, both private and big ones like google or
mail.ru.
This doesn't happen on other mailinglists.
Also my mailserver flags mails from this list as spam with makes me
think, others might have the same problem.
I think it is a problem when rewriting some mail headers. It makes the
list a pain to use. Maybe anyone knows how to fix this.
I'll append the DMARC report I received from google.
</pre>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
tor-mirrors mailing list
<a class="moz-txt-link-abbreviated" href="mailto:tor-mirrors@lists.torproject.org">tor-mirrors@lists.torproject.org</a>
<a class="moz-txt-link-freetext" href="https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-mirrors">https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-mirrors</a>
</pre>
</blockquote>
<br>
</body>
</html>