From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id 38D93138CCF for ; Mon, 11 May 2015 13:27:36 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 74B0BE087D; Mon, 11 May 2015 13:27:30 +0000 (UTC) Received: from cerbere.nerot.eu (cerbere.nerot.eu [91.121.38.221]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 645E4E0850 for ; Mon, 11 May 2015 13:27:29 +0000 (UTC) Received: from polochon.roussi.nerot.eu (ANice-652-1-171-118.w83-197.abo.wanadoo.fr [83.197.138.118]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by cerbere.nerot.eu (Postfix) with ESMTPSA id 873D52008A for ; Mon, 11 May 2015 15:27:25 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=nerot.com; s=mydkim; t=1431350848; bh=o5WA08mzpxDk2UeIEyBb4Y8pXUfO4Y+DcTPfAgFeKmw=; h=Date:From:To:Subject:References:In-Reply-To; b=fA2a0xqJWjyUV3SoXtF/AToPIWBDjqeFFZFV8L/Hry1GWkbg8GJo3/2GZgfXz5f5N r3MUQIwwuhHjDkJ9kPSQP/thHKbxuTzKDNzOp41Hyz7N+XlIaIy8mEvqryXUisd0uj C9nY65RtmJRqUz1m4+sQRWObyr97p9JBojRDAuaU= Message-ID: <5550AE30.4060706@nerot.com> Date: Mon, 11 May 2015 15:27:12 +0200 From: =?UTF-8?B?Q2hhcmxlcyBOw6lyb3Q=?= User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.6.0 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org MIME-Version: 1.0 To: gentoo-dev@lists.gentoo.org Subject: Re: [gentoo-dev] Anti-spam changes: proposal to drop spammy mail References: In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Archives-Salt: f897bbff-8818-4516-97a3-31c9e95337f4 X-Archives-Hash: 6dad70c9d59c4193b13833ad4734997a Hello, Lot of thing are done for fighting spam : dnssec, dane, spf, dkim, dmarc... All of this for "trusting real sender". Some of them break smtp built in fonctionnality : spf break forwarding [= 1]. If you beleive in spf (gentoo.org have an spf dns entry) , two ways need to be looked at : - fixing real sender with SRS [1]. - stop forwarding mail and do POP (gmail can do it) or IMAP from your favorite (web)mail client. Dmarc dns entry with report activated can help you understand why google blacklist you. [1] http://www.openspf.org/SRS Regards, Charles N=C3=A9rot Le 11/05/2015 06:26, Robin H. Johnson a =C3=A9crit : > TL;DR: As of May 17, @gentoo.org will drop incoming spammy mail instead= of > delivering it. Speak now or hold your peace. > > Hi all, > > As past long-standing practice, @Gentoo.org system-level mail handling = for > incoming mail was officially to tag everything, and delete nothing. > > All deletion decisions were left to developers, via procmail/sieve/etc.= > > This was a good early policy, as Gentoo was a much more reliable host t= han > email providers a decade ago. This isn't true anymore, with the meteori= c rise > and success of gmail. > > A LOT of developers forward their mail now, to systems that refuse/temp= orarily > blacklist the forwarding system because there is a lot of spam. Gmail i= s > particularly strict in this regard, throttling mail to any recipient fr= om the > forwarding source. > > This is particularly acute, because more than 40% of the outgoing mail = goes to > Google (the 25% of destinations below is heavily represented because th= e very > active devs send their mail to google). > > This unfortunate combination means that ~40% of mail sits in a backlog = for a > long time, and the active devs that use Gmail don't get their mail in a= timely > fashion. > > Unless there are any major objections, as of May 17th, Infra will start= > dropping mail that scores more than 10.0 points in Spamassassin. > > If that is successful, I propose to drop the score point by 1 point eve= ry month > until it hits a score of 5.0 (so by mid-October, it will be dropping ma= il that > scores more than 5.0). > > Stats on how mail is handled: > ----------------------------- > ~260 active devs > ~180 .forward files > > This breaks down to: > ~70 procmail users > ~10 sieve users > 2 users with both forward and procmail > 1 maildrop user > ~100 devs that send mail outside of @gentoo.org (in their .forward) > > I didn't analyze the procmail/sieve/maildrop accounts further. > > I did break down the other forwarding destinations by domain: > ~50 devs that forward directly to @gmail or @googlemail addresses > ~10 devs that have their own domain hosted at gmail/googlemail > ~40 devs with some other provider. > 0 devs with yahoo, hotmail or msn domains as destinations :-). > > As a result, about 25% of dev mail destinations are actually Google. > > Amavis stats: > ------------- > Here are the amavis summary stats for @gentoo.org incoming mail that wa= s > scanned for content (this happens before exploding to aliases and multi= ple > recipients, so is a lot lower than you might otherwise expect). > > "SPAMMY" in this case is >=3D 5.5. > 26 May 3 Blocked INFECTED > 1609 May 3 Passed CLEAN > 1564 May 3 Passed SPAMMY > 35 May 4 Blocked INFECTED > 4129 May 4 Passed CLEAN > 2304 May 4 Passed SPAMMY > 2 May 4 Passed UNCHECKED > 42 May 5 Blocked INFECTED > 4458 May 5 Passed CLEAN > 3183 May 5 Passed SPAMMY > 4 May 5 Passed UNCHECKED > 43 May 6 Blocked INFECTED > 10 May 6 Blocked MTA-BLOCKED > 5027 May 6 Passed CLEAN > 3443 May 6 Passed SPAMMY > 47 May 7 Blocked INFECTED > 2 May 7 Blocked MTA-BLOCKED > 4657 May 7 Passed CLEAN > 3119 May 7 Passed SPAMMY > 2 May 7 Passed UNCHECKED > 35 May 8 Blocked INFECTED > 5025 May 8 Passed CLEAN > 2936 May 8 Passed SPAMMY > 21 May 9 Blocked INFECTED > 2497 May 9 Passed CLEAN > 1765 May 9 Passed SPAMMY > 16 May 10 Blocked INFECTED > 2059 May 10 Passed CLEAN > 2033 May 10 Passed SPAMMY > > Score analysis of 1 week of incoming mail to amavis: > ---------------------------------------------------- > ~51k unique mails were scored, with a rough breakdown as follows: > > ~17k < 0.0 > ~13k 0.0 - 5.0 > ~7k 5.0 - 10.0 > ~5k 10.0 - 20.0 > ~5k 20.0 - 30.0 > ~3k > 30.0 >