We have members who are not part of the "predefined" list of mail servers that require "via group.io" address modification.? Is there a way to either force it for all members (similar to Yahoo) or at least for those who are having issues?? I see 2 places where this is necessary: the user's server has an SPF record associated with it which does not include groups.io or the user's server does not allow internal email addresses originated externally.? In both cases, it is extremely important to be able to "turn on" the "via groups.io" functionality.

--
Help: /static/help
More Help: /g/GroupManagersForum/wiki
Even More Help: Search button at the top of Messages list

开云体育

It would be very unusual if it did. And wrong, given that Groups.io's servers are not in any way under the control of the member's email service.

That is correct regarding SPFs and that is why a server doing SPF checking is going to consider an email "from" domain X is invalid because it came from groups.io servers. My example has nothing to do with DMARC but shows how "spoofing" that an email is directly from someone is, in fact, a red flag to proper email handling.? Other mail lists do not do this type of spoofing and are therefore not blocked.

The only services that should be having that kind of issue are those that have elected to use a "reject" policy in their DMARC records. Those services are incompatible with traditional mailing lists, but Groups.io (and Y!Groups and some others) have adapted to that. Most other lists I'm on simply don't support users of those services as members.

There are servers that do not use DMARC records but still block email for internal domains that appear to originate from outside.? DMARC is a relatively recent addition to email processing and most private/enterprise servers do not rely on DMARC for protection.? Your statement "Most other lists I'm on simply don't support users of those services as members" is myopic at best. I found a number of examples in this forum of major services not allowing that type of spoofing and I am a member of a number of other list providers (beyond Y!Groups but including Y!Groups) who alter the "from" address so SPAM filtering algorithms that are based on sender domains do not block list messages.? By altering the "from" address to show the message was originated via the group (which it is) ensures proper delivery under all cases by allowing users to unblock groups.io at a level available to users (as most users cannot alter corporate or ISV rules regarding rogue email generation from outside).

No, only in the case of a reject policy in their DMARC record, I think, and that's handled.

Again, this statement is, at best, myopic and stating "if your email provider does this type of blocking and is not using DMARC, we won't support you." tells the millions of users out there that are using those type of services "Too, bad; we are going to remove a level of protection by spoofing your email address to appear to be generated from our servers instead of yours."? Worse, this is not explained anywhere in groups.io information on what would cause bouncing that was not occurring in groups that get transferred and we are stuck with the transfer and a large number of users who no longer can use the service.

If their rule were that simple their users couldn't participate in mailing lists at all - at least not lists that have fellow users. That is, if both Alice and Bob use 's service, they'd not be able to see each other's posts.

The only services that should be having that kind of issue are those that have elected to use a "reject" policy in their DMARC records. Those services are incompatible with traditional mailing lists, but Groups.io (and Y!Groups and some others) have adapted to that. Most other lists I'm on simply don't support users of those services as members.

As Dave indicated, there are many organizations? that have this rule and have had no problem with mail lists -because- the email is properly denoted as having originated via the list, not from that organization.? This type of policy predates DMARC usage and most lists that predate DMARC alter the from address to indicate the message is from the list, not directly from the individual.? This simple indicator resolves SPF failures and internal domain blocking algorithms that have nothing to do with or predate DMARC.

You indicated getting this option in "beta".? How do I do that and how do I get my groups set up to be part of that beta?

Pete

Crickets...

Pete,

Sorry for the delayed response. My day job has kept me busier than normal lately and I've neglected a backlog of messages.

That is correct regarding SPFs and that is why a server doing SPF
checking is going to consider an email "from" domain X is invalid
because it came from groups.io servers.

This is incorrect -- Groups.io's messages pass SPF.

That's because SPF tests the envelope-From, not the header-From. During the handshake between Groups.io's server and the receiving email service Groups.io's server correctly presents its own domain during the SMTP transaction (envelope-From).

My example has nothing to do with DMARC but shows how "spoofing" that
an email is directly from someone is, in fact, a red flag to proper
email handling. Other mail lists do not do this type of spoofing and
are therefore not blocked.

Historically leaving the header-From address unmodified was typical email list behavior. Now many do replace the header From, but not all.

Yahoo Groups didn't make this change until the advent of DMARC, which was a "forcing function" for many lists.


It was not until DMARC introduced the requirement that the header-From be /aligned/ with the envelope-From that many email lists began experiencing deliverability problems, and changed their handling of the From: header field.

There are servers that do not use DMARC records but still block email
for internal domains that appear to originate from outside.

Those servers really should be using the envelope-From, not the header-From for blocking purposes, matching the implementation of SPF. At worst, an internal header-From domain arriving from outside should be a demerit in the server's spam filter.

Worse, this is not explained anywhere in groups.io information on what
would cause bouncing that was not occurring in groups that get
transferred and we are stuck with the transfer and a large number of
users who no longer can use the service.

Groups.io's practice does not cause bouncing, nor is it causing a problems for Groups.io's users. Mark is very sensitive to deliverability issues and if it were a problem he'd be on it.

You indicated getting this option in "beta". How do I do that and how
do I get my groups set up to be part of that beta?

As you may have figured out in the mean time, beta is just a group; there is no separate beta test platform. Anyone can join the group and post there. It serves as Groups.io's official "suggestion board".


Shal


--
Help: /static/help
More Help: /g/GroupManagersForum/wiki
Even More Help: Search button at the top of Messages list

This is incorrect -- Groups.io's messages pass SPF.

That's because SPF tests the envelope-From, not the header-From. During the handshake between Groups.io's server and the receiving email service Groups.io's server correctly presents its own domain during the SMTP transaction (envelope-From).

Not true. While -some- email servers use the envelope-From in SPF validation, -all- Exchange servers (most enterprise and business servers including Office 365) use the actual from address as well since this is a common form of spoofing.

Those servers really should be using the envelope-From, not the header-From for blocking purposes, matching the implementation of SPF. At worst, an internal header-From domain arriving from outside should be a demerit in the server's spam filter.

"Those servers", again, are -all- Microsoft Exchange servers blocking domain origin.? I have tested and, again like SPF, Exchange blocks both envelope-From and header-From since that, again, is a common method of spoofing.? I realize you don't like or have experience with Microsoft Exchange or its common deployment (it also does not directly implement DMARC), but it is the most used enterprise and business mail server.? As I indicated before, to deny this fact is to tell millions of potential users of groups.io "we don't want you".

Groups.io's practice does not cause bouncing, nor is it causing a problems for Groups.io's users. Mark is very sensitive to deliverability issues and if it were a problem he'd be on it.

Yes it is, I have experienced it directly, reported it here (where is the only place I am aware of reporting these issues), and have been met with statements like this that ignore a large set of users who may not know why they are being blocked.? I am savvy enough to recognize what is going on, why it is happening, and to report what the root cause is.? That is what I have done with this post.

As you may have figured out in the mean time, beta is just a group; there is no separate beta test platform. Anyone can join the group and post there. It serves as Groups.io's official "suggestion board".

Like you, I have a day job which does not include debugging other people's products.? No, I had not "figured out" "beta is just a group".? I guess maybe this should all be reported over there since no action has occurred on this group other than your statements that it is a non-issue.? BTW, Yahoo has always supported having groups show the From as being the group, not the user so it would pass server tests that the from is not improperly originating from a non-domain-owned mail server.? I also make this statement based on experience with Y! groups.

I guess I need to open this over on the beta group.? Thank you for letting me know where to go with this issue.

On Mon, May 14, 2018 at 05:21 am, Pete AE5PL wrote:

no action has occurred on this group

This group is other users of the site and no one from Groups.io monitors it. We have no official capacity and can only attempt to figure out why people are having difficulties.

It seems to me that if it were a problem with Exchange servers that all members using any of the MS email services - Outlook, MSN, etc. - would have problems and that's not happening. Unless MS isn't using their own product.

Duane
--
Help: /static/help
GMF's Wiki: /g/GroupManagersForum/wiki
Search button at the top of Messages list
A few site FAQs: /static/pricing#frequently-asked-questions

Why don't you simply report this as a bug to [email protected],?attaching sufficient documentation to back it up.
I reiterate the claim, previously stated, that Mark is sensitive to bugs and typically jumps right on them.

BTW your complant about fixing others' bugs reminds me of how long so many people put up with yahoo's crappy stuff and Microsoft's in many cases.
I did a lot of that as Microsoft's first commercial customer (for Basic on the 8080) in the early 1970's when they were working out of a single room at Altair's offices in AZ.??
Use of groups.io is strictly on a voluntary basis.?
If I felt that groups.io didn't perform up to my expectations and I was paying for the service, as I am, I would be looking elsewhere.
--
Bob Bellizzi

The Corneal Dystrophy Foundation

As?Shal suggested, I have moved this to the beta group and Mark is already involved in the conversation. I consider a "bug" as being something that is not working as designed so I did not consider this a bug. Rather I consider it a feature accommodation for servers which do extended SPF validation and extended internal domain blocking without DMARC. I was unaware that the groups.io folks (I did not know who Mark was until he responded in the beta group).do not monitor this group and question why I was automatically added to it as a group owner if it is not. Live and learn...

On Mon, May 14, 2018 at 07:35 pm, Pete AE5PL wrote:

question why I was automatically added to it as a group owner

As far as we know, no one has ever been automatically added to this group. If that were happening, there should be a lot more than 853 members. It is shown as a recommendation for getting help at /static/help#questions-and-bug-reports though

Duane
--
Help: /static/help
GMF's Wiki: /g/GroupManagersForum/wiki
Search button at the top of Messages list
A few site FAQs: /static/pricing#frequently-asked-questions

--
Help: /static/help
More Help: /g/GroupManagersForum/wiki
Even More Help: Search button at the top of Messages list