Mailman-Users May 2008

mailman-users@python.org

93 participants
122 discussions

Add "sender's name/email" to BODY of mail as header?

by Mal

I want all mails sent to the list to come from the list's email address... But, in this case, if the user forgets to sign their name at the bottom of their mail body, effectively the mail to the list is anonymous...! Is there a way to add the user name (or email address) to the top of each mail so that the mails have the name of the sender, while the mail itself comes from the list address? I have looked high and low for an answer, but noone seems to have the solution. Thank you! Mal

8 months, 1 week

Setting MIME as default for new Non-Digest subscribers

by Steve Reiter

Hi - I have searched FAQ and archives to find an answer. Hoping you can help. I have a new list (with previously imported addresses) for announcements only, and wish these announcements to be received immediately. I set the defaults to allow non-digest and to not allow digest. I wish to send out announcements in html, and so wish to make the default for new subscribers be MIME. While I see a setting under Digest Options (MIME_is_Default_Digest), I don't see any equivalent option under Non-Digest Options... and new subscribers continue to come in as plain text. QUESTIONS: In order to avoid having to manually change this option for each existing subscriber, is there a way to force all existing subscribers to receive MIME in Non-Digest mode? If not, is there a way to force all NEW subscribers to be enrolled with MIME as their default? Also, is there a way to "lock" the MIME switch on, so that users who try to change their option to plain text will be prevented from doing so? Thanks - Steve

10 years, 2 months

Changing the received time on an outgoing authorized email message?

by Paul Key

When authorizing a moderated list posting is it possible to change the date/time on the outgoing authorized list message to the time it was approved instead of the message showing the time it was first received by mailman? Thanks Paul

11 years, 1 month

not really an umbrella?

by Gruver, Sandi

Mailman 2.1.5 on RedHat Linux - How can I set up a new list that sends to multiple existing lists - but only sends one message to each person - even if the person is a member of multiple lists? a. LSOFT calls this a "superlist" b. Can "Mailman" do this? c. In this case, we have a system newsletter that will be sent to multiple lists. I'd like people to receive the message only once, even if they are on more than one of the lists included in the mailing. Thank you, Sandi Gruver Unix system administrator Center for Information Services Bellevue, WA 98004 phone 425.803.9753 fax 425.803.9652

11 years, 8 months

Mailman/Qmail/Plesk Problem

by Douglas G. Phillips

OK, I've got another problem with Qmail/Plesk/Mailman (same customer, rebuilt server). Plesk is 7.5.4 reloaded. Mail delivered fails with "need GID 110 got 101" error. I set up the brute-force wrapper to deliver with GID 110, and set the permissions correctly for it to work. Now, I'm getting the following (broken up into multiple lines for courtesy): qmail: 1157518628.995172 delivery 726: success: group_mismatch_error._Mailman_expected_the_mail_wrapper_script_to_be/ executed_as_one_of_the_following_groups:/[mail,_nobody,_mailman],/ but_the_system's_mail_server_executed_the_mail_script_as_group:_"popuser"./ Try_tweaking_the_mail_server_to_run_the_script_as_one_of_these_groups:/ [mail,_nobody,_mailman],/or_re-run_configure_providing_the_ command_line_option:/'--with-mail-gid=popuser'./Failed_to_start_ /usr/lib/mailman/mail/mailman./did_0+0+1/ I'm about ready to pull my hair out. I even added the popuser user to the mailman group in /etc/passwd. So, that being said, are there any ideas out there? I have been messing with this for a week, and have not come up with anything else to do. -- Douglas G. Phillips Simple Business Solutions ---------------------------------------------------------------- This message was sent using IMP, the Internet Messaging Program.

12 years, 3 months

server load..

by Khalil Abbas

hi guys, I posted this message a couple of days ago but didn't get any satisfying answers.. neither did I find a good answer in the Faq cause it's too "technical" .. so here's my message again: hi mailman guys .. my question is, I have a 100,000+ subscribers mailing list, and hosting it with godaddy.com (Celeron 2000, 2 GBs RAM) .. but they only allow 100,000 emails per day for each dedicated server, so I have to buy a new server now, and it's a bit expensive.. I found another cheap service, $30/month dedicated servers and they offer unlimited emails per day.. but its characteristics are a bit low: AMD, 512 MB RAM .. my question is, will mailman with such a huge list which is also rapidly growing work on such server? knowing that I only send 1 email newsletter a day to the list and none of the users can send to the list but me.. another question, is it easy to install mailman manually? cause in godaddy's control panel it's ready to install with 1 click.. but with the new cheap service I have to install it myself.. and is there a ready-to-install script that does everything automatically like that in the control panels? Thanks for everything mates .. _________________________________________________________________ Give to a good cause with every e-mail. Join the i’m Initiative from Microsoft. http://im.live.com/Messenger/IM/Join/Default.aspx?souce=EML_WL_ GoodCause

13 years, 4 months

Major problems with privacy and mailman lists and harvesters

by Steve Murphy

Hello! I'm quite concerned about what I'm seeing in mailman installations, and the amount of spam I've been getting because I participate in mailman based lists! I'm not talking about halting spam that gets submitted to the list for mailing. I'm not talking about spambots automatically joining the lists and submitting spam. What I'm concerned about is the fact that email harvesters are being given so much information. I've noticed in the mailman-users archives, that if I view info by thread (using the mailman archives as an example,) which site is 2.1.10 based, that all email addresses are present, but with a simple obfuscation. (the "@" has been changed to " at ".) I can't help but to think that this simple obfuscation is a joke. Any harvester written in the past number of years would be smart enough to capture such accurately. When viewing the developer's archives, I note that when a message is displayed singly, it is common to see [EMAIL PROTECTED]. This is much nicer, but I notice that in both archives, a button is provided at the bottom of the letter, that submits a form, and gets back both a "Found" page, with a mailto: url, and a redirect to a mailto... so, an anonymous user can easily get/harvest email addresses by simply analyzing the html form. The gzip'd archives by month for both lists both show all email addresses, with the " at " obfuscation. It seems inconsistent, funny even, that display by thread will show individual messages with [EMAIL REMOVED], but the gzip'd archives of the same message reveal, really, everything. And worse... If I really wanted to collect up-to-date juicy email addresses, I'd simply subscribe to all the mailman lists I possibly could, and route all the incoming messages to harvesters. In **This** case, the harvest is bountiful, as most messages arrive totally unfiltered, from headers galore bearing bounteous harvests of email addresses (for example, the From header), to the user sigs at the ends, with reply quotation headers mentioning the source addresses in between. Within MINUTES of my first posting on asterisk-users, I was getting spam on an email address that was brand-new. Since then, the spam volume on that email addr just keeps growing. I keep wondering, which way did they get my email addr? But, it doesn't matter. I can't help to think that 'targeted' spam mailers both spider the archives and subscribe to the lists.The bigger the list's subscription, hotter an item it is. So, please, can we apply the [EMAIL PROTECTED] tech to the archives, and the outgoing messages, and drop this silly notion that the " at " obfuscation is useful? Really, it's totally transparent. NO OBFUSCATION is safe in mailman. There's simply too much Can we drop the buttons from the archives whose HTML says: <FORM METHOD="POST" ACTION="/cgi-bin/Nomailto.pl"> <INPUT TYPE="HIDDEN" NAME="user" VALUE="barb"> <INPUT TYPE="HIDDEN" NAME="host" VALUE="nleaudiox.com"> <INPUT TYPE="HIDDEN" NAME="subject" VALUE="Re: [Mailman-Developers] Important Mailman 2.1.9 to 2.1.10 upgrade note."> <INPUT TYPE="HIDDEN" NAME="msgid" VALUE="480E15F1.50200(a)nleaudio.com"> Reply via email to<br> <INPUT TYPE="SUBMIT" VALUE=" Bob [EMAIL PROTECTED] "> </FORM> from which spam harvesters can almost instantly be updated to harvest "barb(a)nleaudiox.com" (modified from the orig to save the innocent author from a deluge of spam, at least on **my** account), without even submitting the form! We need to rethink how we can adequately keep emails out of spammers hands. And, yes, it's kinda unhandy not read a message and not be able to fire an email off to the author directly. But to make it easy for list subscribers, is to make it easy for spammers, who probably have already joined the list, and are delighted to get email addresses, any which way they can. Most discussion on mailing lists do not require any address other than the the mailing list itself. To take a discussion "offline", I propose a few ideas: 1. the mailing list allows the users to specify a phone-number, an irc channel and identity that they can be reached by, or some other method to contact the author, that is NOT an email address. This info is kept private, and the button at the bottom of the archived letters could give you this info. The person wanting to privately discuss the letter could then call the user or contact them via irc/jabber/whatever, and either discuss the matter there and then, or the author could voluntarily give the other party his email address at that time. Or file a list message, and ask the author to contact him, and give out a phone number, whatever. I thought about integrating spamgourmet throw-away email addresses, but really, that wouldn't help. Spammers could simply request, get the throw-away, spam it, and toss it. The user himself is the only one who can usefully hand out throw-away addresses. If you think mailman doesn't have to worry about this sort of thing, keep in mind that mailman has swiftly become probably the top mailing list software on the web. That spammers would not be interested in mining mailing lists for their tens of thousands of valid addresses is foolhardy thinking. That thinking the options that mailman provides now is adequate to keep spammers from harvesting email addrs, is just plain wrong. That datamining and de-obfuscation are NOT being done specifically for mailman lists is wishful thinking. Mailman needs to pay attention to the fact that spammers would **love** to use their mailing list installations to ship spam for them, AND ALSO that spammers will want to harvest email addresses from the web interface AND the mailings themselves. We need to lock down mailman, or at least make it an option! Simply put, in messages sent to users, the only email that should be found anywhere in a recieved message, is the recipient's. In the archived messages, absolutely no email addresses at all. Not even obfuscated. If we follow this pattern, the spammers will not be able to use mailman lists for any useful purpose. They'll have to hack the web sites to get the lists. murf -- Steve Murphy Software Developer Digium

13 years, 4 months

Mailing list with no archive

by Laura Creighton

A mailing list that I am subscribed to, for reasons of privacy, has decided to not archive its messages. I think this is an extremely silly idea, but right now out of my control. My problem is that periodically I think I remember something useful having been posted there, and want to search the non-existant archives -- because I forget they do not exist. The first erroneous piece of information I get is 'this archive is only searchable by list members'. So I try to log in to read the list, and despite typing my correct password, things fail with 'Authorization Failed' rather than letting me discover that there were no archives to be found. So you assume you haven't reset your password for this mailing list to one of the several you are in the habit of using, and ask for a password reminder -- to find out that all of this has been a complete waste of time because your problem is that there is no archive, not that you mistyped your password. So -- is this just a bug -- should I report it -- or is this list misconfigured? I can ask the list maintainer to change things if there is a way we can avoid this. Thanks very much, Laura Creighton

13 years, 4 months

re-install postfix?

by Dov Oxenberg

Good morning, Until Wednesday night my Server was running like a champ then suddenly, mysteriously, Postfix broke for no apparent reason. It is failing to start reporting "no local interface found for..." and citing some IP address which is invalid for my system. I have not been able to get anywhere since Wednesday night and am now considering uninstalling Postfix and then reinstalling. I realize this is a Postfix issue, but I wanted to ask what are the consequences of uninstalling Postfix, then reinstalling as it relates to Mailman - do I need to do anything with my existing Mailman installation, will I need to reinstall, etc. Thanks! Dov

13 years, 4 months

Triggers for when lists are changed?

by Kelly Jones

I run nightly cron jobs to fix/update various Mailman lists. I don't know Python, so I write Perl scripts that call the Python scripts in /usr/local/mailman/bin/ This works OK, but I'd really like to run these Perl scripts whenever a list is changed, not just once a day. In other words, I'd like Mailman 'triggers'. Examples: "whenever list foo's membership changes, run foo-member-change.pl" "whenever list bar's config changes, run bar-config-change.pl" "whenver anything changes on any list, run list-cleanup.pl" Can Mailman do that? If not, I'd like to request it as a feature. I realize I can have a daemon watch the config.pck timestamps, but that seems ugly. -- We're just a Bunch Of Regular Guys, a collective group that's trying to understand and assimilate technology. We feel that resistance to new ideas and technology is unwise and ultimately futile.

13 years, 4 months