[Mailman-Users] Postings being discarded due to DKIM failures?

Robert Heller heller at deepsoft.com
Fri May 16 02:38:03 CEST 2014 

At Thu, 15 May 2014 17:14:38 -0700 Mark Sapiro <mark at msapiro.net> wrote:

> 
> On 05/15/2014 08:43 AM, Robert Heller wrote:
> > A list member recently tried to post a message to a list and the message was 
> > discarded for no *appearent* reason.  The only clue is that for some reason 
> > the message is failing the DKIM check (DKIM=fail).  I am using Mailman 2.1.16 
> > on CentOS 5 (python-2.4.3-56.el5, httpd-2.2.3-85.el5.centos, 
> > dkim-milter-2.8.3-8.el5).  Is there some way to get Mailman to log why it is 
> > discarding messages?
> 
> 
> I assume you've seen the vette log entry saying the message was
> discarded, but it doesn't say why.
> 
> Essentially all discards are because the message met some condition for
> which the action is Discard. These are all in the list's web admin
> interface. The most common one is Content filtering with a filter_action
> of discard and a message whose top level Content-Type: is either in
> filter_mime_types or not in pass_mime_types. This could be, e.g., a
> multipart/related message with multipart/alternative and multipart/mixed
> as the only multipart types in pass_mime_types or a text/html message
> without text/html in pass_mime_types. It is a common misconception that
> convert_html_to_plaintext will handle the latter, but you have to accept
> the HTML before you can convert it.
> 
> Other places to look for Discard actions are:
> 
> Privacy options...
>     Sender filters
>         member_moderation_action
>         dmarc_moderation_action (Mailman 2.1.18 and up)
>         discard_these_nonmembers
>         generic_nonmember_action
>     Spam filters
>         header_filter_rules
> 
> If you want to see the reason and the message, change the action from
> Discard to Hold.

It wasn't any of these. I believe I have figured out what happened. The poster
did something 'bad': instead of creating a fresh message he located an old
message with a return address of the list and did a reply and then edited
*some* of the headers: only some of the  'visible' ones and did not delete the 
'hidden' ones,  which confused the list server. 

I discovered this when saw dkim log messages suggesting that the server the 
message came from might be pretending to be my server and then when I looked 
at the headers of another message from this poster that had headers it should 
not have had.

> 

-- 
Robert Heller             -- 978-544-6933 / heller at deepsoft.com
Deepwoods Software        -- http://www.deepsoft.com/
()  ascii ribbon campaign -- against html e-mail
/\  www.asciiribbon.org   -- against proprietary attachments

More information about the Mailman-Users mailing list