[Mimedefang] Yahoo! DMARC and smfi_chngfrom was Yahoo DMARC

Kevin A. McGrail KMcGrail at PCCC.com
Mon Apr 14 16:27:58 EDT 2014 

On 4/14/2014 12:50 PM, Joe Quinn wrote:
> We are having issues with Yahoo's DMARC policy unsubscribing a very 
> large number of members for Mailman lists we host.
>
> Does anyone have a quick piece of code that we can use which bounces 
> their message and inserts a nice description of why?
> We are already matching on Yahoo senders to /mailman.\.*/

Continuing the thread, for those who don't know, Yahoo! is breaking all 
kinds of legit mailing lists 
(http://www.pcworld.com/article/2141120/yahoo-email-antispoofing-policy-breaks-mailing-lists.html) 
and today we found out the hard way with mailing lists unsubscribing 
people with default mailman thresholds.  So here's what we are thinking 
with a block to change the sender and send a notification to the 
original sender but I can't get the change_sender to work right (see below):

#YAHOO DMARC RESOLUTION
     foreach $recip (@Recipients) {
       # BLOCK IF FROM YAHOO BECAUSE THEY SET DMARC TOO STRICTLY
       # 
http://www.pcworld.com/article/2141120/yahoo-email-antispoofing-policy-breaks-mailing-lists.html

       # If Sender is Yahoo and recipient is a mailing list - NOTE Only 
Yahoo.com rejects as of 4/14 so not hitting 
|rocketmail\.com|ymail\.com|yahoo\.com\.au|yahoo\.ca|yahoo\.co\.uk
       if ($Sender =~ /kevin_mcgrail\@yahoo\.com>?$/i and
           ($recip =~ m/\@mailman\./i or
      .. More checks specific to us...
          )) {
         my ($container, $parser, $original, $report2, 
$yahoo_reject_notice, $sender);

         # NOTIFY SENDER AND REWRITE THE SENDER TO A DO-NOT-REPLY ADDRESS
         md_syslog('warning', "Modifying Yahoo! message to mailing list 
due to DMARC - $recip - $Sender - $Subject");
         $yahoo_reject_notice = "Your email to $recip was rejected. At 
this time, Yahoo! email addresses cannot be used to send to our mailing 
lists due to a change Yahoo! implemented where they recommend your email 
is identified as a forgery.  We recommend you consider a free Google 
account available at http://www.gmail.com/. For more technical 
information, please see: 
http://www.pcworld.com/article/2141120/yahoo-email-antispoofing-policy-breaks-mailing-lists.html

In order to permit your email through to the mailing list, your from 
address has been rewritten to a do-not-reply address.  You will need to 
monitor the list for replies and this will likely require moderation to 
allow.

Sincerely,

Kevin A. McGrail
President, PCCC";


         # SAVE NOTIFY SETTINGS
         my ($save_NotifyNoPreamble, $save_NotifySenderSubject, 
$save_DaemonAddress);
         $save_NotifySenderSubject = $NotifySenderSubject;
         $save_NotifySenderSubject = $NotifySenderSubject;
         $save_DaemonAddress = $DaemonAddress;

         #CUSTOMIZE NOTIFICATION PARAMS
         $sender = 'do-not-reply at pccc.com';
         $DaemonAddress = 'do-not-reply at pccc.com';
         $NotifyNoPreamble = 1;
         $NotifySenderSubject = "Important Mailing List Notification 
re:[$Subject]";

         #SEND NOTIFICATION
         action_notify_sender("$yahoo_reject_notice\n");
         #CHANGE SENDER
         change_sender($sender);

         # RESTORE NOTIFY SETTINGS
         $NotifySenderSubject = $save_NotifySenderSubject;
         $NotifySenderSubject = $save_NotifySenderSubject;
         $DaemonAddress = $save_DaemonAddress;
       }
     }
     #END YAHOO DEMARC




However, we are seeing an issue with the change_sender(); function.

Specifically, here's a test from my Yahoo! account to an autism mailing 
list. Even though smfi_chgfrom appears to have worked, when the email is 
parsed by mailman, it does not appear to reflect the changed sender.  
Any thoughts appreciated...



Apr 14 16:22:32 intel1 sendmail[26075]: s3EKMToA026075: Connection: 
38.124.232.6 (mailman.peregrinehw.com) 25 <- 98.138.229.24 33133 C:1 R:1
Apr 14 16:22:33 intel1 sendmail[26075]: s3EKMToA026075: 
from=<kevin_mcgrail at yahoo.com>, size=2710, class=0, nrcpts=1, 
msgid=<1397506777.77106.YahooMailNeo at web141604.mail.bf1.yahoo.com>, 
proto=ESMTP, daemon=MTA, relay=nm31.bullet.mail.ne1.yahoo.com 
[98.138.229.24]
Apr 14 16:22:33 intel1 mimedefang.pl[13624]: s3EKMToA026075: sm_load_avg: 1
Apr 14 16:22:33 intel1 mimedefang.pl[13624]: s3EKMToA026075: Running 
SPAM Checks - spam_assassin_check_with_spamc
Apr 14 16:22:37 intel1 mimedefang.pl[13624]: s3EKMToA026075: Running 
SPAM Checks - spam_assassin_check_with_spamc done
Apr 14 16:22:37 intel1 mimedefang.pl[13624]: s3EKMToA026075: SA-DEBUG: 
(mailman) - <POAC-NoVA at mailman.poac-nova.org> - No, hits=-1.1 
required=7.0^Itests=AWL,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FROM, 
^I      KAM_RPTR_PASSED,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2, ^I      
SPF_PASS,T_RP_MATCHES_RCVD
Apr 14 16:22:37 intel1 mimedefang.pl[13624]: s3EKMToA026075: Modifying 
Yahoo! message to mailing list due to DMARC - 
<POAC-NoVA at mailman.poac-nova.org> - <kevin_mcgrail at yahoo.com> - This is 
a test #8
Apr 14 16:22:37 intel1 mimedefang.pl[13624]: s3EKMToA026075: 
MDLOG,s3EKMToA026075,mail_in,,,<kevin_mcgrail at yahoo.com>,<poac-nova at mailman.poac-nova.org>,This 
is a test #8
Apr 14 16:22:37 intel1 sendmail[26115]: s3EKMbQT026115: 
from=raptorreview13 at pccc.com, size=1078, class=-60, nrcpts=1, 
msgid=<201404141622.s3EKMToA026075 at intel1.peregrinehw.com>, 
relay=defang at localhost
Apr 14 16:22:37 intel1 mimedefang.pl[13624]: s3EKMToA026075: filter:  
notify_sender=1
Apr 14 16:22:37 intel1 sendmail[26075]: s3EKMToA026075: Milter change 
(add): header: X-KAM-Reverse: Passed - Reverse DNS of 
nm31.bullet.mail.ne1.yahoo.com/98.138.229.24
Apr 14 16:22:37 intel1 sendmail[26075]: s3EKMToA026075: Milter change 
(add): header: X-Spam-Status: No, hits=-1.1 
required=7.0\ttests=AWL,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FROM,\n\t 
KAM_RPTR_PASSED,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,\n\t 
SPF_PASS,T_RP_MATCHES_RCVD
Apr 14 16:22:37 intel1 sendmail[26075]: s3EKMToA026075: Milter change 
(add): header: X-Spam-Level:
Apr 14 16:22:37 intel1 sendmail[26075]: s3EKMToA026075: Milter chgfrom: 
do-not-reply at pccc.com
Apr 14 16:22:37 intel1 mimedefang[26077]: s3EKMToA026075: Filter time is 
4287ms
Apr 14 16:22:37 intel1 sendmail[26075]: s3EKMToA026075: Milter add: 
header: X-Scanned-By: MIMEDefang 2.72 on 38.124.232.6
Apr 14 16:22:37 intel1 sendmail[26116]: s3EKMToA026075: 
to="|/htdocs/mailman.peregrinehw.com/mail/mailman post poac-nova", 
ctladdr=<POAC-NoVA at mailman.poac-nova.org> (8/0), delay=00:00:05, 
xdelay=00:00:00, mailer=prog, pri=33380, dsn=2.0.0, stat=Sent

Which leads to...

Apr 14 16:22:32 intel1 sendmail[26075]: s3EKMToA026075: Connection: 
38.124.232.6 (mailman.peregrinehw.com) 25 <- 98.138.229.24 33133 C:1 R:1
Apr 14 16:22:33 intel1 sendmail[26075]: s3EKMToA026075: 
from=<kevin_mcgrail at yahoo.com>, size=2710, class=0, nrcpts=1, 
msgid=<1397506777.77106.YahooMailNeo at web141604.mail.bf1.yahoo.com>, 
proto=ESMTP, daemon=MTA, relay=nm31.bullet.mail.ne1.yahoo.com 
[98.138.229.24]
Apr 14 16:22:33 intel1 mimedefang.pl[13624]: s3EKMToA026075: sm_load_avg: 1
Apr 14 16:22:33 intel1 mimedefang.pl[13624]: s3EKMToA026075: Running 
SPAM Checks - spam_assassin_check_with_spamc
Apr 14 16:22:37 intel1 mimedefang.pl[13624]: s3EKMToA026075: Running 
SPAM Checks - spam_assassin_check_with_spamc done
Apr 14 16:22:37 intel1 mimedefang.pl[13624]: s3EKMToA026075: SA-DEBUG: 
(mailman) - <POAC-NoVA at mailman.poac-nova.org> - No, hits=-1.1 
required=7.0^Itests=AWL,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FROM, 
^I      KAM_RPTR_PASSED,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2, ^I      
SPF_PASS,T_RP_MATCHES_RCVD
Apr 14 16:22:37 intel1 mimedefang.pl[13624]: s3EKMToA026075: Modifying 
Yahoo! message to mailing list due to DMARC - 
<POAC-NoVA at mailman.poac-nova.org> - <kevin_mcgrail at yahoo.com> - This is 
a test #8
Apr 14 16:22:37 intel1 mimedefang.pl[13624]: s3EKMToA026075: 
MDLOG,s3EKMToA026075,mail_in,,,<kevin_mcgrail at yahoo.com>,<poac-nova at mailman.poac-nova.org>,This 
is a test #8
Apr 14 16:22:37 intel1 sendmail[26115]: s3EKMbQT026115: 
from=raptorreview13 at pccc.com, size=1078, class=-60, nrcpts=1, 
msgid=<201404141622.s3EKMToA026075 at intel1.peregrinehw.com>, 
relay=defang at localhost
Apr 14 16:22:37 intel1 mimedefang.pl[13624]: s3EKMToA026075: filter:  
notify_sender=1
Apr 14 16:22:37 intel1 sendmail[26075]: s3EKMToA026075: Milter change 
(add): header: X-KAM-Reverse: Passed - Reverse DNS of 
nm31.bullet.mail.ne1.yahoo.com/98.138.229.24
Apr 14 16:22:37 intel1 sendmail[26075]: s3EKMToA026075: Milter change 
(add): header: X-Spam-Status: No, hits=-1.1 
required=7.0\ttests=AWL,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FROM,\n\t 
KAM_RPTR_PASSED,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,\n\t 
SPF_PASS,T_RP_MATCHES_RCVD
Apr 14 16:22:37 intel1 sendmail[26075]: s3EKMToA026075: Milter change 
(add): header: X-Spam-Level:
Apr 14 16:22:37 intel1 sendmail[26075]: s3EKMToA026075: Milter chgfrom: 
do-not-reply at pccc.com
Apr 14 16:22:37 intel1 mimedefang[26077]: s3EKMToA026075: Filter time is 
4287ms
Apr 14 16:22:37 intel1 sendmail[26075]: s3EKMToA026075: Milter add: 
header: X-Scanned-By: MIMEDefang 2.72 on 38.124.232.6
Apr 14 16:22:37 intel1 sendmail[26116]: s3EKMToA026075: 
to="|/htdocs/mailman.peregrinehw.com/mail/mailman post poac-nova", 
ctladdr=<POAC-NoVA at mailman.poac-nova.org> (8/0), delay=00:00:05, 
xdelay=00:00:00, mailer=prog, pri=33380, dsn=2.0.0, stat=Sent
Apr 14 16:23:33 intel1 sendmail[26616]: s3EKNXCo026616: 
from=<raptorreview13 at pccc.com>, size=1348, class=-60, nrcpts=1, 
msgid=<201404141622.s3EKMToA026075 at intel1.peregrinehw.com>, proto=ESMTP, 
daemon=MTA, relay=localhost.localdomain [127.0.0.1]

More information about the MIMEDefang mailing list