From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.taht.net (mail.taht.net [IPv6:2a01:7e00::f03c:91ff:feae:7028]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by lists.bufferbloat.net (Postfix) with ESMTPS id 7288B3B29F for ; Tue, 4 Oct 2016 12:09:03 -0400 (EDT) Received: from dair-2506.local (c-73-231-152-246.hsd1.ca.comcast.net [73.231.152.246]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.taht.net (Postfix) with ESMTPSA id A7D541F4AB; Tue, 4 Oct 2016 16:09:01 +0000 (UTC) To: Neil Shepperd , cake@lists.bufferbloat.net References: <06273A79-CAEB-4981-9BEE-22939D333D66@gmail.com> <30DC0151-C918-4664-A1FE-9179E08DE833@gmail.com> <874m4xbyt4.fsf@toke.dk> <50625ff6-5baf-6c4b-6e1b-55d55a37c199@taht.net> From: =?UTF-8?Q?Dave_T=c3=a4ht?= Message-ID: Date: Tue, 4 Oct 2016 09:09:00 -0700 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:45.0) Gecko/20100101 Thunderbird/45.3.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit Subject: Re: [Cake] cake for net-next 4.8 X-BeenThere: cake@lists.bufferbloat.net X-Mailman-Version: 2.1.20 Precedence: list List-Id: Cake - FQ_codel the next generation List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 04 Oct 2016 16:09:03 -0000 On 10/3/16 2:17 PM, Neil Shepperd wrote: > Gmail spam team got back to me; they have apparently "fixed the > problem", which I guess means messages here should stop being marked as > spam soon. Because gmail's spam filters are top secret business, I > couldn't tell you anything else :) It is great to have friends (in places high and low). Thank you! That said, I almost, but not quite, got the dkim stuff working the other day - not that I can intuit that was the source of the problem! > > On Fri, 30 Sep 2016 at 17:10 Dave Täht > wrote: > > > > On 9/30/16 1:37 PM, Neil Shepperd wrote: > > Disabling ipv6 (at least in the mail server, in outgoing direction) is > > probably the easiest option... > > It looks like the simplest thing I could do to allow inbound while > stopping outbound ipv6 would be to: > > /etc/postfix/main.cf : > smtp_bind_address6 = ::1 > > > > I see on most messages here DKIM-Signature headers apparently from > > gmail: "v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com > > > ; s=20120113;". These signatures are failing because > > of the added message footer. No sign of a DKIM-Signature > > for lists.bufferbloat.net > . You'd need to > > set that up in the list MTA. > > Honestly my "email-fu" has declined considerably in recent years. > Despite the apparent simplicity of this idea, my brain just crashed > multiple times on setting it up with postfix + mailman 2. > > And thank you for poking so deeply into this, I was A) really annoyed by > the bloat-list-as-spam thing and B) clueless. > > > On Fri, 30 Sep 2016 at 15:42 Dave Täht > > >> wrote: > > > > > > > > On 9/30/16 1:02 AM, Toke Høiland-Jørgensen wrote: > > > Neil Shepperd >> > > writes: > > > > > >> I think I have now accumulated enough spam/nonspam > classified emails > > >> to make a statistically signification observation: it seems > like all > > >> emails classified as spam from these lists were send from ipv6: > > >> > > >> SPF: PASS with IP 2600:3c03:0:0:f03c:91ff:fe61:86ce > > >> > > >> All emails from bufferbloat.net > lists > > are failing DKIM (because of the > > >> mailing list footer breaking the DKIM signature) which > might be worth > > >> fixing, and failing DMARC because all mailing lists fails DMARC > > >> (however google does not have a strict DMARC policy so that > shouldn't > > >> matter, I hope). > > >> > > >> By the way, it's not just you, either. I have emails from > others on > > >> these lists in my spam folder. > > >> > > >> The distinguishing factor seems to be whether the email was > sent from > > >> the lists.bufferbloat.net > ipv6 > > address. Unless this address > > >> corresponds to some kind of tunnel broker possibly also used by > > >> spammers, I can only assume this is some kind of bug (after > all, it > > >> was spf validated so the address shouldn't matter at that > point?). > > > > > > Indeed, gmail requires extra measures for IPv6: > > > https://support.google.com/mail/answer/81126 (scroll down to > > "Additional > > > guidelines for IPv6"). > > > > > > Fixing DKIM might be worthwhile :) > > > > But it passes the spf check?? And the reverse lookup is correct. > > > > How about I just disable ipv6? > > > > Have no idea why dkim doesn't work. > > > > > > > > -Toke > > > _______________________________________________ > > > Cake mailing list > > > Cake@lists.bufferbloat.net > > > > > > https://lists.bufferbloat.net/listinfo/cake > > > > > _______________________________________________ > > Cake mailing list > > Cake@lists.bufferbloat.net > > > > https://lists.bufferbloat.net/listinfo/cake > > >