Filtering Reply to list with informative rejection message
We already have settings under General for stripping the original Reply-To and reply goes to list is set as Poster.
We have experienced a case where nominations were solicited from the list members, and there was a response with confidential information which went to the list rather than the poster.
There is a possibility management will want to block all replys to the mailing list. One could work around it by making a fresh email to the list.
The Spam Filter rule to Reject based on finding "^In-Reply-To:" works well, but the simple rejection is not going to be understood by our users:
Message rejected by filter rule match
We can customize that in the source, but it would impact all lists.
Holding for moderation isn't an option because we have enough volume and email outside of office hours that this wouldn't be workable.
I see a way to send a custom message to non-members of a list. That won't fit.
I see a way to send a custom message to moderate members, which we don't want either.
Is there another option I have not covered or I have misunderstood something here?
On 04/04/2016 10:36 AM, francis picabia wrote:
We already have settings under General for stripping the original Reply-To and reply goes to list is set as Poster.
This is arguably wrong. reply_goes_to_list = Poster means only don't add anything to Reply-To:. Normally, this means mail from the list looks like mail directly received with the same To:, From: and Reply-To: as sent. But, you have first_strip_reply_to = Yes which means when I post to your list
From: <my_never_read_web_mail@example.com> Reply-To: <my_preferred_address@example.com>
your list will strip my Reply-To: and a 'reply' will go to <my_never_read_web_mail@example.com> which is not what I want.
Reply-To: munging is generally not good for exactly the reason in your next paragraph (but first_strip_reply_to didn't cause that), but generally, first_strip_reply_to should only be Yes if reply_goes_to_list = This list or Explicit address.
We have experienced a case where nominations were solicited from the list members, and there was a response with confidential information which went to the list rather than the poster.
So how did this happen? Was it a 'reply-all' or a 'reply-list' or a broken MUA generating the reply.
Was the From: munged for DMARC?
Normally if reply_goes_to_list = Poster, a 'reply' will not go to the list unless something is broken, but there are multiple ways in which a user can intentionally or otherwise reply to the list.
There is a possibility management will want to block all replys to the mailing list. One could work around it by making a fresh email to the list.
And exactly how would management do this?
The Spam Filter rule to Reject based on finding "^In-Reply-To:" works well, but the simple rejection is not going to be understood by our users:
Plus, it precludes my replying to an off-list message with Cc: to the list and it doesn't stop replies from users with MUAs that don't insert In-Reply-To:.
Message rejected by filter rule match
We can customize that in the source, but it would impact all lists.
You could also modify the source to use the custom message only for this list, but what I would be inclined to do is implement a custom handler (see <http://wiki.list.org/x/4030615>) for this list only to do a more sophisticated analysis of the message and supply a nice reason when rejecting. See the MyHandler.py example attached to the wiki article for a start.
... Is there another option I have not covered or I have misunderstood something here?
There is the custom handler I describe above, but there is a deeper issue. I'm guessing that it was a manager that sent the confidential info to the list, and she wants to be protected from herself in the future. No matter what you do, she will find a way to do the unintended.
If people want to reply to the list, they will figure out ways to do this, these ways will become habit, and ultimately be followed when the reply shouldn't go to the list.
This situation is exactly why Mailman developers are strongly biased against reply_goes_to_list = This list, but that doesn't help with the person who says "but I always reply-all, it's habit, your list has to protect me from my mistake".
Other things you might try are setting include_list_post_header = No so no MUA offers 'reply-list'.
I might have other ideas if I knew exactly what caused the reply to go to the list
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
francis picabia writes:
We have experienced a case where nominations were solicited from the list members, and there was a response with confidential information which went to the list rather than the poster.
There is no way to have an unmoderated list which prevents "confidential" information from going to the list. The only way to prevent certain information from going to the list is to restrict posting to those who don't have the information. (This is why secret organizations use "cell" organization. You can't reveal what you don't know.)
There is a possibility management will want to block all replys to the mailing list. One could work around it by making a fresh email to the list.
The requirement is not clear. Does management want to block such fresh emails as well? Or is the idea that fresh emails be the ordinary way to reply to list, hoping that people will be reminded not to post confidential information?
The Spam Filter rule to Reject based on finding "^In-Reply-To:" works well, but the simple rejection is not going to be understood by our users:
Message rejected by filter rule match
Systems based on rejecting user input do *not* work well in the long run in my experience. Users get annoyed and avoid doing work they *should* do, or develop (inefficient) habits that result in unintended posts anyway.
Is there another option I have not covered or I have misunderstood something here?
The other option is to put the responsibility on the individuals soliciting confidential information. Create a fully personalized list with Reply-To set to the mailbox intended to receive confidential information. If the senders themselves are typically not authorized to see the information, create a separate mailbox (account) for use by those authorized to solicit confidential information.
I can't be sure that any of the above addresses your (or your management's) needs. But without a better idea of what they're trying to accomplish and why, it's hard give good advice.
participants (3)
-
francis picabia -
Mark Sapiro -
Stephen J. Turnbull