On Sun, 6 Jan 2019 15:47:01 -0700 Grant Taylor via Mailman-Users <mailman-users@python.org> wrote:
Hi Jim,
On 1/4/19 3:40 AM, Jim Ziobro wrote:
Setting up mailing lists in a separate domain has a nice administrative appeal.
We used to run irix whose sendmail sent every message from host.domain and every A record had to have an adjacent MX record for e-mail to even work. That way lies madness.
I did a little more research to see how popular that method might be. I got a list of 1922 US universities and 457 have a host "lists...." and 191 have a host "list..." in their DNS. I surveyed a few and ran across: Mailman, Lyris, Sympa, Listserv, Majordomo, and Google groups. Many universities outsource their Email to Outlook which has it own Group capability.
Our university has lyris @ lists.uw, googlegoups, and has recently bought into lookout'365! as well. While we run our own mailman instances.
We have "lists" in our little niche. It's the web front-end, our list traffic comes from @domain.
So 500 out of 2000 universities having "list(s)" in DNS doesn't really mean all that much.
I think it should be somewhat easy to test the SMTP envelope sender to see if it's subscribed to a list that is the SMTP envelope recipient. If the sender is not a subscriber the MTA can reject the message.
Rather trivial with postfix but a) we have bona fide subscribers posting rom their gmail instead of subscribed From: -- I want those to get moderated instead of bounced, b) it is of course subject to spoofing, and c) how much of a problem is it IRL?
In our -- admittedly very lightly loaded -- domains, it's RBL and fail2ban that seem to provide best bang for the buck.
-- Dmitri Maziuk <dmaziuk@bmrb.wisc.edu>