Issues sending to gmail and yahoo e-mails

Has anyone experienced recent issues with Mailman3 not being able to send to gmail and yahoo e-mail addresses. I am trying to figure out if Google has our server blocked or not. When I send a manual e-mail from the server, the my yahoo e-mail gets delivered, but the gmail one does not. Here is the message I get in the logs when trying to send to the gmail address from the command line, but I do not get anything when it tries to send from Mailman.
2025-09-09T18:57:09.344493-05:00 lstprdls01 postfix/smtp[3544622]: BE67F1C09AF: to=<jmjk@gmail.com>, relay=gmail-smtp-in.l.google.com[173.194.194.26]:25, delay=0.55, delays=0.01/0/0.27/0.27, dsn=5.7.26, status=bounced (host gmail-smtp-in.l.google.com[173.194.194.26] said: 550-5.7.26 Your email has been blocked because the sender is unauthenticated. 550-5.7.26 Gmail requires all senders to authenticate with either SPF or DKIM. 550-5.7.26 550-5.7.26 Authentication results: 550-5.7.26 DKIM = did not pass 550-5.7.26 SPF [lstprdls01.xxx.xxx.edu] with ip: [xxx.xxx.10.33] = did not pass 550-5.7.26 550-5.7.26 For instructions on setting up authentication, go to 550 5.7.26 https://support.google.com/mail/answer/81126#authentication 8926c6da1cb9f-50d8f268ab7si36484097173.142 - gsmtp (in reply to end of DATA command))
I added DMARC mitigation to this list with "Replace From: with list address" and "DMARC Mitigate unconditinally - Yes" The DMARC Address I have in there is ^.*@gmail\.com$
Do I have to do anything else? Restart any services or anything?

Mailgun and sendgrid are email delivery services, if you forward everything through those, it will ensure much greater success rates.
Otherwise,
"DKIM = did not pass". SPF... Make sure both SPF and DKIM are configured properly. Those are more at the layer of postfix/exim rather that in mailman.

Thank you for the reply. Are there a good set of instructions for setting up SPF and DKIM?

SPF is a DNS record, as are DKIM records, there's numerous guides out there to create/configure both. It'll partly depend on your mail system and how it routes mail through what MTA, etc.
I am not affiliated with any of these blogs:
"How to Set Up an SPF Record in 5 Simple Steps" - https://www.validity.com/blog/how-to-build-your-spf-record-in-5-simple-steps...
Cloudflare has a nice explanation of DKIM records - https://www.cloudflare.com/learning/dns/dns-records/dns-dkim-record/
These instructions should still work for doing the DKIM setup on a Postfix mailer - https://easydmarc.com/blog/how-to-configure-dkim-opendkim-with-postfix/
If you use a third party sender and not an on-prem Postfix or such then the configuration gets more difficult, complex, or custom.
Thomas
On 2025-09-09 20:56, jkoral@luc.edu wrote:
Thank you for the reply. Are there a good set of instructions for setting up SPF and DKIM?
Mailman-users mailing list --mailman-users@mailman3.org To unsubscribe send an email tomailman-users-leave@mailman3.org https://lists.mailman3.org/mailman3/lists/mailman-users.mailman3.org/ Archived at:https://lists.mailman3.org/archives/list/mailman-users@mailman3.org/message/...
This message sent toteward@thomas-ward.net

I misspoke on DKIM records. They're DNS records for specifying the public key, but they're cryptographic keys used to sign and verify message integrity, and they do require more work than SPF.
Note *also* that for Google mail recipients, and you are sending from your own systems, you need to make sure the **Forward DNS, the Reverse DNS, and the hostname your mail server identifies as** should match, otherwise Google may flag your mail server as misconfigured and reject even with SPF and DKIM records set up.
Thomas
On 2025-09-09 21:03, Thomas Ward via Mailman-users wrote:
SPF is a DNS record, as are DKIM records, there's numerous guides out there to create/configure both. It'll partly depend on your mail system and how it routes mail through what MTA, etc.
I am not affiliated with any of these blogs:
"How to Set Up an SPF Record in 5 Simple Steps" - https://www.validity.com/blog/how-to-build-your-spf-record-in-5-simple-steps...
Cloudflare has a nice explanation of DKIM records - https://www.cloudflare.com/learning/dns/dns-records/dns-dkim-record/
These instructions should still work for doing the DKIM setup on a Postfix mailer - https://easydmarc.com/blog/how-to-configure-dkim-opendkim-with-postfix/
If you use a third party sender and not an on-prem Postfix or such then the configuration gets more difficult, complex, or custom.
Thomas
On 2025-09-09 20:56, jkoral@luc.edu wrote:
Thank you for the reply. Are there a good set of instructions for setting up SPF and DKIM?
Mailman-users mailing list --mailman-users@mailman3.org To unsubscribe send an email tomailman-users-leave@mailman3.org https://lists.mailman3.org/mailman3/lists/mailman-users.mailman3.org/ Archived at:https://lists.mailman3.org/archives/list/mailman-users@mailman3.org/message/...
This message sent toteward@thomas-ward.net
Mailman-users mailing list -- mailman-users@mailman3.org To unsubscribe send an email to mailman-users-leave@mailman3.org https://lists.mailman3.org/mailman3/lists/mailman-users.mailman3.org/ Archived at: https://lists.mailman3.org/archives/list/mailman-users@mailman3.org/message/...
This message sent to teward@thomas-ward.net

OK, we successfully set this up on our mail domain and are able to send to gmail now, but we ran into another issue. After making those changes, when I create a new thread, instead of the e-mail coming from the list e-mail, it is now coming from my personal work e-mail. Can this be changed?

On 9/10/25 14:59, jkoral@luc.edu wrote:
OK, we successfully set this up on our mail domain and are able to send to gmail now, but we ran into another issue. After making those changes, when I create a new thread, instead of the e-mail coming from the list e-mail, it is now coming from my personal work e-mail. Can this be changed?
You said in a prior post
I added DMARC mitigation to this list with "Replace From: with list address" and "DMARC Mitigate unconditinally - Yes" The DMARC Address I have in there is ^.*@gmail\.com$
Setting DMARC Addresses to ^.*@gmail\.com$ does no harm but is redundant as DMARC Mitigate unconditinally = Yes applies the DMARC mitigation action to all mail.
How are you starting a new thread? Is this in HyperKitty? In any case, with those settings all mail from the list should be From: the list address.
If that is not the case, I don't know why it would happen. If you posted by email, perhaps you are looking at a message received directly rather than from the list.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan

Mark, I removed that DMARC because you are correct, it was redundant, but now the issue with the FROM address is a problem. Could this be a setting someone that you know of? When I start a new thread either through e-mail or hyperkitty, it seems to do the same thing. Any thoughts?
Joe

Is your SMTP server Google Mail or some kind of authenticated-SMTP situation where your system sending mail is authenticating as a specific user or such? If so, then it's likely those systems are enforcing a send "FROM" address of the authenticated mail user/client.
Thomas
On 2025-09-11 11:03, jkoral@luc.edu wrote:
Mark, I removed that DMARC because you are correct, it was redundant, but now the issue with the FROM address is a problem. Could this be a setting someone that you know of? When I start a new thread either through e-mail or hyperkitty, it seems to do the same thing. Any thoughts?
Joe
Mailman-users mailing list --mailman-users@mailman3.org To unsubscribe send an email tomailman-users-leave@mailman3.org https://lists.mailman3.org/mailman3/lists/mailman-users.mailman3.org/ Archived at:https://lists.mailman3.org/archives/list/mailman-users@mailman3.org/message/...
This message sent toteward@thomas-ward.net

jkoral@luc.edu writes:
I removed that DMARC because you are correct, it was redundant, but now the issue with the FROM address is a problem.
What do you mean be "Removed DMARC"? If you only removed the "DMARC Addresses" setting, but left "DMARC Mitigation = Replace From: with list address" and "DMARC Mitigate unconditionally = Yes", then it's as Thomas mentioned. Most likely your outgoing SMTP gateway is enforcing "From = address of authenticated user" (Google won't even allow you to use a verified alternative from SMTP, you can only use those when using their web client). You probably need to find a different SMTP gateway. (Sorry, can't help; I used my employer's network until I retired, and now I run my own server on a Linode -- which has its own issues, not recommended for the faint of heart or if you need highly reliable outgoing email).
If you removed all your DMARC settings, then I recommend you put them back. Mitigation because that's what puts the list address in there (and that is *all it does*, no other side effects as far as I know). Mitigate unconditionally because that's what you want, the list address in From for all recipients. And Addresses because if you ever change your DMARC settings, it's very likely that not having gmail.com in Addresses will cause lots of bounces for gmail posters. While it has no effect (good or bad) if Mitigate unconditionally = Yes.
When I start a new thread either through e-mail or hyperkitty, it seems to do the same thing.
Since (a) email to Mailman must be sent so that posts will be distributed to the list and (b) normal processing will archive the email as desired, HyperKitty just sends email. It does not try to archive the email directly. So yes, they're going to do the same thing. The only difference is that HyperKitty will use the preferred email of the logged-in user, while (if you know how to do it) you can set the From to whatever you want in email.
-- GNU Mailman consultant (installation, migration, customization) Sirius Open Source https://www.siriusopensource.com/ Software systems consulting in Europe, North America, and Japan

OK, so we are dealing with two servers. The old server is still setup to forward the addresses to the new server with a different domain. I would like to make the new server lists instead of listservnew. I am assuming I can just create the domain lists.luc.edu on the new server, but how would I move all the lists to that new domain?

On 9/11/25 15:22, jkoral@luc.edu wrote:
OK, so we are dealing with two servers. The old server is still setup to forward the addresses to the new server with a different domain. I would like to make the new server lists instead of listservnew. I am assuming I can just create the domain lists.luc.edu on the new server, but how would I move all the lists to that new domain?
Please don't hijack threads, even ones you started. I.e. when posting a new question which is unrelated to the existing thread, post a new message with a relevant subject, not a reply to an unrelated message.
You move the lists by moving the mailman and mailmanweb databases.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
participants (5)
-
jkoral@luc.edu
-
Mark Sapiro
-
Sam Darwin
-
Stephen J. Turnbull
-
Thomas Ward