On 2025-09-28 10:23:59 -0400 (-0400), Tom Smyth wrote: [...]
Are there other hosts? How is this not a bigger issue for Mailman users? Maybe most are big institutions that have their own SMTP relays and dedicated staff to keep deliverability/reputation high?
Or maybe a lot of people are using DMARC mitigation so that the 'from' address is always the list address? I am curious how well that works. I'll start a separate thread on that. [...]
Taking the Mailman deployment I help manage for the OpenDev Collaboratory as an example: We use an MTA on our Mailman server to send messages directly to subscriber addresses with no other relay in between. We use a mix of approaches to DMARC-related breakage depending on the particular list:
Some lists are configured to avoid making any changes to messages they relay in order to preserve DKIM signature validity
Some lists conditionally apply DMARC mitigations if a few of the people posting are from domains that make it a problem
Some lists unconditionally apply DMARC mitigations if there's a diversity of domains for posting addresses and more simple approaches fail to maintain deliverability
Some lists don't disable subscribers for frequent bounces in order to prevent a thread involving someone with problematic DKIM signatures from wrecking things
We have not set up any DKIM signing or ARC sealing on the server, and use only the most minimal SPF records ("v=spf1 a ?all").
Maintaining reputation of the server is some work, but not insurmountable. The biggest challenge is from Mailman itself actually, because moderator notifications and messages to the list owner addresses include message bodies which are often spam, and if the moderators use a massmail provider and can't or don't configure it to prevent classifying these then they can end up causing the provider to flag our server as a spam source or auto-reporting it to blocklists. Because of this we frequently end up disabling notifications or blackholing the addresses themselves.
I'll note that we manage with a small number of volunteer admins whose time is spread across hundreds of other servers for various services in the collaboratory, only one of which is running Mailman. As for the scale of our deployment, we host maybe a hundred lists across half a dozen or so domains (one Mailman instance configured for multi-domain operation) supporting a variety of open source projects and nonprofit/volunteer organizations. The largest lists have thousands of subscribers that see at most a few dozen posts in a day, but most of them only have subscriber counts in the tens or hundreds and are far less busy.
Jeremy Stanley