DMARC - gmail.com or is it yahoo.com

David Macek david.macek.0@gmail.com
Tue Nov 29 17:50:00 GMT 2016 

On 29. 11. 2016 15:24, cyg Simple wrote:
> I find this excerpt from cygwin-help a bit confusing.  Notice the
> "yahoo.com" in the "Remote host said:" message.  What's really going on
> here?  Why is yahoo.com doing the authentication for a gmail.com address?
> 
> <excerpt>
> Received: (qmail 130602 invoked for bounce); 17 Nov 2016 10:26:04 -0000
> Date: 17 Nov 2016 10:26:04 -0000
> From: MAILER-DAEMON@sourceware.org
> To: cygwin-return-205832-@cygwin.com
> Subject: failure notice
> 
> Hi. This is the qmail-send program at sourceware.org.
> I'm afraid I wasn't able to deliver your message to the following addresses.
> This is a permanent error; I've given up. Sorry it didn't work out.
> 
> <cygsimple@gmail.com>:
> User and password not set, continuing without authentication.
> <cygsimple@gmail.com> 173.194.202.27 failed after I sent the message.
> Remote host said: 550-5.7.1 Unauthenticated email from yahoo.com is not
> accepted due to domain's
> 550-5.7.1 DMARC policy. Please contact the administrator of yahoo.com
> domain if
> 550-5.7.1 this was a legitimate mail. Please visit
> 550-5.7.1  https://support.google.com/mail/answer/2451690 to learn about the
> 550 5.7.1 DMARC initiative. e69si30940847pfk.231 - gsmtp
> </excerpt>
> 

Reading and understanding email bounces is notoriously hard.

I got the same email, just with my email address instead of yours. The problem is not related to the recipient's address, but to the sender's address. A quick query to <cygwin-get.205832@cygwin.com> got me the original message that bounced. Its headers follow.

> Date: Wed, 16 Nov 2016 04:25:22 -0500
> From: Ian Lambert <ian.lambert_42@yahoo.com>
> To: cygwin@cygwin.com,Marco Atzeri <marco.atzeri@gmail.com>
> Subject: Re: Resend: pdfseparate does nothing for me?
> Message-ID: <8C630CDB-03CD-4388-B8AC-7C2A033BEF67@yahoo.com>
> MIME-Version: 1.0
> Content-Type: text/plain; charset=utf-8
> Content-Transfer-Encoding: quoted-printable

What happens is that ezmlm (the mailing list software) broadcasts this message (after adding a bunch of links at the bottom) to everyone subscribed, but with the sender unchanged. Yahoo has got a DMARC policy set up that is supposed to ensure that only Yahoo servers can send messages marked as "from ...@yahoo.com". As you can see, Google is enforcing the policy and correctly rejecting the message as fake (it really wasn't sent by Yahoo, but by Sourceware). This is only going to happen more and more often as email providers up the battle against spam.

The best solution is to change the way ezmlm re-sends the messages, I bet there's a big discussion about it somewhere on the Internet.

-- 
David Macek

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3834 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://cygwin.com/pipermail/cygwin/attachments/20161129/5323cca4/attachment.p7s>

More information about the Cygwin mailing list