[kwlug-disc] mutt-compatible mail client

Bob Jonkman bjonkman at sobac.com
Mon May 12 00:17:21 EDT 2014


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

An error mesage declared:
> SMTP session failed: 554 Transaction failed :  Cannot send message 
> due to possible abuse;

What SMTP server are you sending through? If you're sending as
paul_nijjar at yahoo.ca and the message doesn't originate from server
declared valid by yahoo.ca's SPF record then it'll get rejected during
the SMTP handshake (at the "MAIL FROM" command).

Funny thing, though -- I can't find a TXT record with SPF data for
yahoo.ca or any of its MX servers (eg. mta5.am0.yahoodns.net)...

Even if the SMTP server you're sending through is valid, if your
message already contains a DKIM signature (such as might happen in a
reply to a mailing list) then if that DKIM signature doesn't match the
existing headers then your message will be rejected after the DATA
portion. This is very likely to happen, since your "From" header is
going to be different from the mailing list's "From".

And even if the DKIM signature you send is valid, if the mailing list
changes the message's "From" header to the list address then it no
longer matches your "From" header, again invalidating the DKIM signature.

Remind me again why DKIM is such a good idea?



unsolicited wrote:
> (1) Yahoo is not doing anything unreasonable (?) in tightening up 
> 'security' / trying to reduce spam - the issue is the regimen
> itself breaking long time working (various) mail list mechanisms?

Yahoo *is* being unreasonable. The DMARC protocol has only been
released as draft documents[1,2], one of which, coincidentally,
expired on Friday. From the document itself: "It is inappropriate to
use Internet-Drafts as reference material or to cite them other than
as 'work in progress'."  Even more than that, it was very much
premature of Yahoo to *implement* a draft, especially when the draft
states "Reasons not to implement DMARC (yet) [...] Going through
mailing lists."[3] Also, the draft cites mailing lists as a reason to
apply a Policy Override, which Yahoo has not done. So yes, Yahoo is
doing something unreasonable.

- --Bob.


[1] http://tools.ietf.org/html/draft-crocker-dmarc-bcp-03
[2] http://tools.ietf.org/html/draft-kucherawy-dmarc-base-04
[3] http://tools.ietf.org/html/draft-crocker-dmarc-bcp-03#page-8



On 14-05-11 06:53 AM, Paul Nijjar wrote:
> On Sun, May 11, 2014 at 06:42:37AM -0400, Paul Nijjar wrote:
>> On Sun, May 11, 2014 at 03:24:57AM -0400, Bob Jonkman wrote:
>>> 
>>> William Park wrote:
>>>> Well, if it was working, then what's changed?
>>> 
>>> Yahoo changed.  They recently started enforcing DMARC, which,
>>> to quote, Breaks! Every! Mailing! List! In! The! World!
>>> 
>>> http://www.theregister.co.uk/2014/04/08/yahoo_breaks_every_mailing_list_in_the_world_says_email_guru/
>>>
>>>
>>>
>>> 
I see Paul is using a Yahoo e-mail address, so he might be affected.
>> 
> Actually, maybe this is not exactly the problem. My messages are
> not being sent out to the mailing list and then being rejected;
> they are being rejected as soon as I try to send them. In
> particular, I get this rejection:
> 
> SMTP session failed: 554 Transaction failed :  Cannot send message 
> due to possible abuse; please visit 
> http://postmaster.yahoo.com/abuse_smtp.html
> 
> Do you think that the suggested URL gives me any useful
> information? Well, maybe, once you jump through hoops. The best I
> found was this page, which does not list the text of my error:
> 
> https://help.yahoo.com/kb/mail/smtp-error-codes-sln23996.html
> 
> but does have the helpful text "Yahoo is unable to disclose
> specific information regarding our filtering practices." with other
> 554 errors.
> 
> - Paul, who is not making his argument for keeping a yahoo account 
> any stronger
> 
> 
> _______________________________________________ kwlug-disc mailing 
> list kwlug-disc at kwlug.org 
> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
> 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Ensure confidentiality, authenticity, non-repudiability
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAlNwS08ACgkQuRKJsNLM5eouagCgw1Ie+jjmfKOm3+0S3vUyW5dX
8kYAoKcPpjp2MN2rjZnNj0fzEROOII7M
=azfN
-----END PGP SIGNATURE-----





More information about the kwlug-disc mailing list