On 9/14/20 11:03 AM, email@example.com wrote:
Someone started talking about the risk of having their names and email addresses archived in a publicly accessible mailing list. So I thought I'd ask. In short, the proposal provided for completely removing such data, to protect privacy. See here for more: https://mailarchive.ietf.org/arch/msg/dmarc/fEi0-1NFP-rkrx70Ne1t7fPzldA (There are more threads there mentioning Mailman, in case your ears are burning.)
As an additional bonus, that would also "solve" any DMARC problem.
Is there a FAQ entry for this?
I don't think there is a FAQ on it, but it is a configuration option.
In Mailman 2.1 set General Options -> anonymous_list to Yes in the web admin UI. In MM3 Postorius set Settings -> Alter Messages -> Anonymous list to Yes.
The descriptions say this removes From: Sender: and Reply-To: headers and this is true, It also replaces From: and Reply-To: with the list address. Both MM2.1 and MM3 also remove X-Originating-Email:
Mailman 2.1 is more aggressive. It also removes all Received: and X-Envelope-From: headers and replaces Message-ID:. Additionally, it remove all headers that don't match patterns in the mm_cfg.py/Defaults.py setting ANONYMOUS_LIST_KEEP_HEADERS. By default, this removes all X-* headers except X-Mailman-*, X-Content-Filtered-By:, X-Topics:, X-Ack:, X-Beenthere:, X-List-Administrivia: and X-Spam-*.