[prev in list] [next in list] [prev in thread] [next in thread]
List: postfix-users
Subject: Re: bounced posts go to spam
From: Dominic Raferd <dominic () timedicer ! co ! uk>
Date: 2018-07-31 16:58:17
Message-ID: CAF9Mo3K12AwCwi6r_mMEEW5oD48CsrwuuuspHORAQ-gmRK7M7Q () mail ! gmail ! com
[Download RAW message or body]
On Tue, 31 Jul 2018 at 16:52, Sonic <sonicsmith@gmail.com> wrote:
> > Apparently, mail.example.org and ASPMX.L.GOOGLE.com enforce DMARC
> > in different ways.
> >
> > Regardless, if the DMARC policy does not authorize host Y to send
> > mail on behalf of domain $myorigin, then you need to fix the DMARC
> > policy so that those bounces sent by host Y aren't violating DMARC,
> > or you need to somehow route those bounces from host Y through a
> > host that is DMARC-authorized.
>
> All normal mail gets delivered just fine. The domain in question
> (example.com) has an SPF record including the server's (outside) IP
> address (and proper A and PTR records), and OpenDKIM signs all regular
> email.
> Examining the headers of all normal (non-NDR) post receipts show they
> pass both SPF, and DKIM tests and therefore DMARC as well. Plus the
> majority of sent posts are to the Google servers (with no issues).
> It's only the bounces/NDR's that have an issue.
>
Maybe this piece of magic (suggested by Wietse a while ago) might help - it's
a way to overcome double_bounce_sender having @$myhostname auto-added:
canonical_maps =
inline:{$double_bounce_sender@$myhostname=double-bounce@$mydomain}
[...]
[Attachment #3 (text/html)]
<div dir="ltr"><div class="gmail_default" style="font-size:small"><br></div><br><div \
class="gmail_quote"><div dir="ltr">On Tue, 31 Jul 2018 at 16:52, Sonic <<a \
href="mailto:sonicsmith@gmail.com" target="_blank">sonicsmith@gmail.com</a>> \
wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px \
0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">> Apparently, <a \
href="http://mail.example.org" rel="noreferrer" target="_blank">mail.example.org</a> \
and <a href="http://ASPMX.L.GOOGLE.com" rel="noreferrer" \
target="_blank">ASPMX.L.GOOGLE.com</a> enforce DMARC<br> > in different ways.<br>
><br>
> Regardless, if the DMARC policy does not authorize host Y to send<br>
> mail on behalf of domain $myorigin, then you need to fix the DMARC<br>
> policy so that those bounces sent by host Y aren't violating DMARC,<br>
> or you need to somehow route those bounces from host Y through a<br>
> host that is DMARC-authorized.<br>
<br>
All normal mail gets delivered just fine. The domain in question<br>
(<a href="http://example.com" rel="noreferrer" target="_blank">example.com</a>) has \
an SPF record including the server's (outside) IP<br> address (and proper A and \
PTR records), and OpenDKIM signs all regular<br> email.<br>
Examining the headers of all normal (non-NDR) post receipts show they<br>
pass both SPF, and DKIM tests and therefore DMARC as well. Plus the<br>
majority of sent posts are to the Google servers (with no issues).<br>
It's only the bounces/NDR's that have an \
issue.<br></blockquote><div><br></div><div class="gmail_default" \
style="font-size:small">Maybe this piece of magic (suggested by Wietse a while ago) \
might help - i<span style="background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">t's \
a way to overcome double_bounce_sender having @$myhostname \
auto-added</span>:</div><div class="gmail_default" \
style="font-size:small"><br></div><div class="gmail_default" \
style="font-size:small">canonical_maps = \
inline:{$double_bounce_sender@$myhostname=double-bounce@$mydomain}
<span style="background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">[...]</span></div><div \
class="gmail_default" style="font-size:small"><span \
style="background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline"><br></span></div></div></div>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic