Stephen J. Turnbull wrote: > I think the missing DKIM signature may be important. One > interpretation of "SPOOFED_UNAUTH" is "I think it's spoofed because I > can't authenticate it". In question 9 above, if you send mail via (a) > SPF *could* authenticate it, and via (c) that's pretty good > authentication, but DKIM is best and Mailcow may insist on it.
First of all, thank you very much for your support! :-) To answer question 9, I will describe my setup: I've been using mailcow as my mail server for a while now, and recently mailman. Both run on the same host under Docker; I followed these instructions: https://docs.mailcow.email/third_party/mailman3/third_party-mailman3/ So the way how mailman is integrated ist described here: https://docs.mailcow.email/third_party/mailman3/third_party-mailman3/#add-mailman-integration lists.domain2.online: Domain under which the mailman mailing lists run. my.mailserver.de (1.2.3.4): Mail server running with mailcow. [email protected]: My email address is a member of the list [email protected] If I now set the test list as a non-anonymous list, I can send an email from [email protected] to [email protected]. It will then arrive at [email protected] via the list and look like this: (Sorry for posting the whole email, but I don't want to miss anything important) X-Mozilla-Status: 0001 X-Mozilla-Status2: 00000000 Return-Path: <[email protected]> Received: from mailin20.aul.t-online.de ([10.223.144.60]) by ehead25a10.aul.t-online.de with LMTP id sOxpMb8Tw2ietwAA1CIAZQ (envelope-from <[email protected]>); Thu, 11 Sep 2025 20:23:59 +0200 Received: from my.mailserver.de ([1.2.3.4]) by mailin20.mgt.mul.t-online.de with (TLSv1.3:TLS_AES_256_GCM_SHA384 encrypted) esmtp id 1uwlxc-1DSY6r0; Thu, 11 Sep 2025 20:23:56 +0200 Received: from [172.29.199.3] (unknown [172.22.1.1]) by my.mailserver.de (Postcow) with ESMTP id A3C01160026; Thu, 11 Sep 2025 20:23:55 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lists.domain2.online; s=dkim; t=1757615035; h=from:subject:date:message-id:to:mime-version:content-type: content-transfer-encoding:content-language:list-id:list-help: list-owner:list-unsubscribe:list-subscribe:list-post; bh=uGrXLBOr+HJaZrAyNMN5fih9l4O/kF9HR9kjIHSATUM=; b=cr11tdmompC0lUHRTHmPwXmVN47+coABsWjCCr7xP5hylpkyA1X9gWGb0icHxVchbCe0+J PkEp6of1uJgVqtOvk4B+nQBaW3NkfmeiBuXQJ/vGEOpoAqffTvl6hSq8MtdovARdoGTpCW SH0Utk9waVXNu89PkB+ZfdC6yaRVr26KKkLWriw0eB6j2llXZS72wZMp/IKA8pTW2IoR8j BUaNVqlGUtSFQO8VUXuSHDRpzxz6HpLidbnuygq1jKqK4MOVX7CIcHgz56+KwNDhyfDGph 1UR27gMpy55g5biI2VsdecgxpFApAAffMKENBul/i7hc0FtaL4OvFkJpOMi1Bw== X-Original-To: [email protected] Received: from mailout05.t-online.de (mailout05.t-online.de [194.25.134.82]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by my.mailserver.de (Postcow) with ESMTPS id BDF16160026 for <[email protected]>; Thu, 11 Sep 2025 20:23:53 +0200 (CEST) ARC-Seal: i=1; s=dkim; d=lists.domain2.online; t=1757615033; a=rsa-sha256; cv=none; b=GPjHqy/UO/namwi50u6Hx7nkMxJn1O3SmvGH7qhrWA0qHNHYOjsfEqMK8IXI/BpGBlFY2w jM5ugK9l9dOtMlK6PeIHiLY4PMKIEJ9DOUwWynhB69o+YMqgK1060XzCXX7/N9y72wYAwI j+hf5YVnXdP3NxzioTb+9uuUls56kOyhXwNievuAcL78jvYQYZy8x/BwtY593kpwG+tWc5 axazfDr58xm+O8YleR06OfbXZk2faS1xjj/vLiOyqjoNc2GrTMhUXZKDDryhs+56DnIXuL I4N4hvYUtKse6OEWjLx537aNl6tYuXWZ/+dn8YLE7UdMX6xtSDbjWNCIKCxSgA== ARC-Authentication-Results: i=1; my.mailserver.de; dkim=none; dmarc=pass (policy=none) header.from=t-online.de; spf=pass (my.mailserver.de: domain of [email protected] designates 194.25.134.82 as permitted sender) [email protected] ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=lists.domain2.online; s=dkim; t=1757615033; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Si6KpMIgU2cSdhN7oYV2hWnUh/PTv49n+b9Q23p38LI=; b=ENhqizYrOpISbjaf2MKl6C4dMbldPoj1THa2iG4WHH9dCk2Hpb6puB8MyhecAbj4La3Lao AlFmG+k+bT+2Tcew64ILFVZ1wPWYAq8fBQnOAE/0dhGdN9HzWzds+gDW8Hm5YLmybmug3u WRNnb0E8CzB0Ctlq4/RgdZgRMMEOW8utXNuPq7RKroZARl2g34b63ozXHERWo22h7a/T5T DVarQraTXoNrbDZ6Xgr76tWprn4dQzRImdUyMIys8T+RmkmNeQgDPFv3Fs+XYLxcZqJbWF tUBRv8J/XdQRYcaWWoVzlUFOX9fBzGp2+hTiHkSWMBtd+XDQWQwXlDd+7oXMMw== Received: from fwd79.aul.t-online.de (fwd79.aul.t-online.de [10.223.144.105]) by mailout05.t-online.de (Postfix) with SMTP id 97BA383E for <[email protected]>; Thu, 11 Sep 2025 20:23:53 +0200 (CEST) Received: from [192.168.42.95] ([79.248.15.117]) by fwd79.t-online.de with (TLSv1.3:TLS_AES_256_GCM_SHA384 encrypted) esmtp id 1uwlxZ-202QnA0; Thu, 11 Sep 2025 20:23:53 +0200 Message-ID: <[email protected]> Date: Thu, 11 Sep 2025 20:23:53 +0200 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Content-Language: de-DE To: [email protected] From: Matthias <[email protected]> X-Last-TLS-Session-Version: TLSv1.3 Message-ID-Hash: QHTK754PQY25N6BZSBXO3Y6K4WAESCPF X-Message-ID-Hash: QHTK754PQY25N6BZSBXO3Y6K4WAESCPF X-MailFrom: [email protected] X-Mailman-Rule-Hits: member-moderation X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; emergency X-Mailman-Version: 3.3.10 Precedence: list Subject: =?utf-8?q?=5BTestliste=5D_Mail_von_t-online?= List-Id: Testliste <testliste.lists.domain2.online> Archived-At: <https://lists.domain2.online/hyperkitty/list/[email protected]/message/QHTK754PQY25N6BZSBXO3Y6K4WAESCPF/> List-Archive: <https://lists.domain2.online/hyperkitty/list/[email protected]/> List-Help: <mailto:[email protected]?subject=help> List-Owner: <mailto:[email protected]> List-Post: NO List-Subscribe: <mailto:[email protected]> List-Unsubscribe: <mailto:[email protected]> Content-Type: text/plain; charset="utf-8"; format="flowed" Content-Transfer-Encoding: base64 X-Last-TLS-Session-Version: None X-Spamd-Result: default: False [-0.15 / 15.00]; BAYES_HAM(-5.44)[99.86%]; FORGED_W_BAD_POLICY(3.00)[]; SUBJ_EXCESS_QP(1.20)[]; MIME_BASE64_TEXT_BOGUS(1.00)[]; MAILLIST(-0.20)[mailman]; RCVD_NO_TLS_LAST(0.10)[]; FISHY_TLD(0.10)[lists.domain2.online]; ARC_REJECT(0.10)[signature check failed: fail, {[1] = sig:lists.domain2.online:reject}]; MIME_BASE64_TEXT(0.10)[]; MIME_GOOD(-0.10)[text/plain]; HAS_LIST_UNSUB(-0.01)[]; BCC(0.00)[]; MIME_TRACE(0.00)[0:+]; RCPT_MAILCOW_DOMAIN(0.00)[brunsche.de,domain2.online]; FORGED_SENDER(0.00)[[email protected],[email protected]]; RCPT_COUNT_ONE(0.00)[1]; DKIM_SIGNED(0.00)[lists.domain2.online:s=dkim]; FREEMAIL_ENVRCPT(0.00)[t-online.de]; FREEMAIL_FROM(0.00)[t-online.de]; FROM_NEQ_ENVFROM(0.00)[[email protected],[email protected]]; FROM_HAS_DN(0.00)[]; RCVD_COUNT_THREE(0.00)[3]; TO_DN_NONE(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[[email protected]]; FORGED_RECIPIENTS_MAILLIST(0.00)[]; FORGED_SENDER_MAILLIST(0.00)[] X-Rspamd-Queue-Id: A3C01160026 X-TOI-VIRUSSCAN: unchecked X-TOI-EXPURGATEID: 149288::1757615036-7DFF9602-F04AED1F/0/0 CLEAN NORMAL X-TOI-MSGID: 33a39598-248e-49ce-8014-5b8d700dc8b7 X-ENVELOPE-TO: <[email protected]> Authentication-Results: mailin20.aul.t-online.de; dkim=pass (2048-bit key; secure) header.d=lists.domain2.online [email protected] header.a=rsa-sha256 header.s=dkim header.b=cr11tdmo; dkim-atps=neutral So there are DKIM signatures from d=lists.domain2.online attached, and the authentication results from t-online.de also say: dkim=pass Everything's OK with this email, right? Or is something wrong here? It would be great if you could take a look at it, so I don't miss anything. Thanks very much, Matthias (I'll continue with the other questions later...) _______________________________________________ Mailman-users mailing list -- [email protected] To unsubscribe send an email to [email protected] https://lists.mailman3.org/mailman3/lists/mailman-users.mailman3.org/ Archived at: https://lists.mailman3.org/archives/list/[email protected]/message/ONKCSGYBPU6GW7EMTS7EGPNHESO2QS4N/ This message sent to [email protected]
