Bounce on users lists

Michael Scherer mscherer at redhat.com
Thu Jan 15 17:31:35 UTC 2015


Hi,

Itamar, by the proxy of Brian, did asked me to look on the bounce issue
we have on the users lists. So after a few hours of careful log reading,
here is my finding.

The bounce situation
---------------------

We (ml admin) get on a regular basis people who get unsubscribed and
message about bounce. People being unsubscribed automatically is
bad(tm), and bounces are annoying. 


Investigation
-------------

A first look show that our mails are bounced as they are marked as spam
by Google. Google doc on the matter do not give much, some people point
to using dkim, spf, etc. But spf is not for us, but for the sender, and
dkim is not ml friendly, afaik, and requires upstream support if I
understood well.

Not all mails are bounced, which is good. That mean the ip is not
problematic. 

So I took a few hours to look on every bounce and roughly, there is 2
groups.

Group 1
--------

First group is that all mail from the same poster on the users list have
bounced at Google. Out of the 16 mail he sent, 16 have been rejected by
Google. I have no idea why, I suspect the spf policy, but it did looked
ok. None of the mail of answer had a issue, so that's likely not a
content problem.  

However, the ip address of the sender is in the SORBS blacklist, so
that's likely what trigger Google spam filter.

Not much we can do, besides contacting him, which I will do.

Group 2
--------
Roughly, that's mail in this thread :
http://lists.ovirt.org/pipermail/users/2015-January/030494.html

and the mails from Sandro :
http://lists.ovirt.org/pipermail/users/2015-January/030420.html
http://lists.ovirt.org/pipermail/users/2015-January/030423.html

Common point, use of goo.gl and ur1.ca. It turn out that both domain are
flagged as URI spam, since that's used by spammer to hide their link. So
I suspect that Gmail started to "learn" about them as spam, as the rest
of the world did :
http://multirbl.valli.org/lookup/ur1.ca.html
http://multirbl.valli.org/lookup/goo.gl.html

Again, not much we can do, besides asking to people to not use these
services ( which is not gonna work I think ).


Conclusion
-----------

If the core issue is "people are kicked out due to bounce", we can look
at raising the threshold on mailman ( as proposed by Brian ), while at
the same time trying to reduce the number of bounce ( ie, a root cause
investigation on each bounce when we see issue ). 

First part is easy ( I think ), second is not hard but we need to have
someone to look at log on a regular basis so that's taking some time. 

As a side note, our spamassasin setup was blacklisted from the DNS BL we
used ( due to our use of the dns of linode.com :
http://uribl.com/refused.shtml ), thus reducing his efficiency. I did
fixed that by setting a local cache, following the page I gave. If
anything weird happen, please tell us :)


Anyone has a opinion or a idea ?
-- 
Michael Scherer
Open Source and Standards, Sysadmin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part
URL: <http://lists.ovirt.org/pipermail/infra/attachments/20150115/bcb89082/attachment.sig>


More information about the Infra mailing list