Closed Bug 995330 Opened 10 years ago Closed 10 years ago

Mailing lists are breaking due to dumb Yahoo DMARC implementation

Categories

(Infrastructure & Operations :: Infrastructure: Mail, task)

Product:
Infrastructure & Operations
Component:
Infrastructure: Mail
Platform:
All
Other
Type:
task
Priority:
Not set
Severity:
major

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: gerv, Assigned: limed)

References

Details

A load of people on mozilla.governance just had mail disabled due to excessive bounces. They were getting bounces because their email providers were rejecting all email from Yahoo. They were rejecting all email from Yahoo because Yahoo, dumbly, told them to:

http://thehackernews.com/2014/04/yahoos-new-dmarc-policy-destroys-every.html

We need to, ASAP:

* Reconfigure every list to seriously raise the bounce_score_threshold (in the Bounce Processing section). This should buy us some time.

* Find all subscribers using yahoo.com email addresses and email them to suggest they resubscribe to the list using a different email address if they want to post.

* Tell Yahoo they are being, er, "silly".

Gerv
(To fix this, I had to go through the subscriber list by hand and reenable the mail of 40-50 people - everyone for whom I got an "email disabled" notification. I've also unsubscribed my 3 Yahoo users and am emailing them to explain.)

Gerv
Assignee: server-ops → infra
Component: Server Operations → Infrastructure: Mail
Product: mozilla.org → Infrastructure & Operations
QA Contact: shyam → limed
Downgrading so oncall doesn't get paged
Severity: major → normal
This bug got downgraded, but it needs to be addressed immediately before more mailing lists start imploding. limed: are you on the case?

Gerv
I'm on vacation, but I saw this bugmail go by.  This was set high enough to page for a reason, we're actively losing subscribers because of this.

FWIW, Yahoo's new policy is unfortunately correct IMO.  We need to teach Mailman how to deal with it correctly. Mailman added DMARC re-sending compatibility in 2.1.16.  We're running 2.1.15.  So we need to upgrade mailman to deal with this.

http://yahoo.tumblr.com/post/82426971544/an-update-on-our-dmarc-policy-to-protect-our-users

http://yahoomail.tumblr.com/post/82426900353/yahoo-dmarc-policy-change-what-should-senders-do
Severity: normal → major
Assignee: infra → limed
Since we run a custom package for mailman we will need to rebuild it with our patches and what not, that will take a bit of time for me to build and deploy out.

For now I can work on getting the bounce_score_threshold to a higher value
* Reconfigure every list to seriously raise the bounce_score_threshold (in the Bounce Processing section). This should buy us some time.

Can be done with all lists, I believe that all lists default to 5.0 what should this be set to? I can double it pretty easily
Set it to 50. All it means is that people whose email addresses die won't get the boot. As a short term measure, that's absolutely fine as far as I know.

Gerv
Bounce threshold has been set to 50, I can reset this once we have the new package is built
Update on this, I'm waiting on mailman 2.1.18 to be released which contains support for DMARC. 2.1.18 is in rc3 at the moment and will be released on May 1st so lets wait till then before I roll out the updates
We updated to mailman 2.1.18 the details on how to deal with dmarc is here[1]

[1]: http://wiki.list.org/display/DEV/DMARC
Status: NEW → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
Did we reduce the bounce_score_threshold back to the original value?

Gerv
(In reply to Gervase Markham [:gerv] from comment #11)
> Did we reduce the bounce_score_threshold back to the original value?
> 
> Gerv

Yes I did
See Also: → 1061306
You need to log in before you can comment on or make changes to this bug.