Hello all,
I'm a Mailman administrator for the lists at http://numenta.org/lists. Recently, we had DMARC problems with Google servers, and my provider (EMWD) gave me the following actions to take:
http://clientarea.emwd.com/knowledgebase/60/DMARC-and-Mailman.html
We ended up moving the lists to a VPS with the new settings.
Many of our users are upset that I've removed the subject_prefix from the list emails, but I'm afraid that putting them back in might cause the same problems, given the advice from EMWD in the link above:
"2. Turn off Content filtering, and Reply-To: header munging and remove subject_prefix, msg_header and msg_footer so Mailman doesn't make message modifications that break Yahoo's DKIM signature."
Is it safe to add back the subject_prefix to my lists?
Thank you,
Matt Taylor OS Community Flag-Bearer Numenta
Matthew Taylor writes:
Is it safe to add back the subject_prefix to my lists?
No.
You can do it, but DKIM will break for the DMARC p=reject senders I know of (ie, AOL and Yahoo!). Then you will need to do something else to mitigate the problem, such as use the dmarc_moderation_action option in the most recent Mailman release to get yahoo.com and/or aol.com addresses out of the From header. (This is effective because DMARC triggers on the From address.)
This has two disadvantages. First, it becomes hard to reply to such messages. We do tweak the Reply-To header (which usually does NOT affect DKIM, but could in theory), but it's not possible to get even a majority of MUAs to DTRT. Many users are going to lose on either Reply-To-Author or Reply-To-All. Depending on how users use the list, this may or may not be a big problem.
Second, since it only happens to AOL and Yahoo! posters, they often complain that they're being discriminated against.
Matthew Taylor wrote:
Many of our users are upset that I've removed the subject_prefix from the list emails, but I'm afraid that putting them back in might cause the same problems, given the advice from EMWD in the link above:
"2. Turn off Content filtering, and Reply-To: header munging and remove subject_prefix, msg_header and msg_footer so Mailman doesn't make message modifications that break Yahoo's DKIM signature."
Shouldn't there be an "or" between 1. and 2? I would have thought if you've followed the advice in 1. then 2. shouldn't be necessary. That's what we've done, and it's working ok.
Peter Shute
On 09/09/2014 07:04 PM, Peter Shute wrote:
Shouldn't there be an "or" between 1. and 2? I would have thought if you've followed the advice in 1. then 2. shouldn't be necessary. That's what we've done, and it's working ok.
Regarding http://clientarea.emwd.com/knowledgebase/60/DMARC-and-Mailman.html:
That's correct. If you apply any of the DMARC mitigations (from_is_list or dmarc_moderation_action) available in the 2.1.18 Mailman release, you don't need to do any of the things in item 2 at the above link.
-- Mark Sapiro mark@msapiro.net The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
Shouldn't there be an "or" between 1. and 2? I would have thought if you've followed the advice in 1. then 2. shouldn't be necessary. That's what we've done, and it's working ok.
Regarding <http://clientarea.emwd.com/knowledgebase/60/DMARC-and- Mailman.html>:
That's correct. If you apply any of the DMARC mitigations (from_is_list or dmarc_moderation_action) available in the 2.1.18 Mailman release, you don't need to do any of the things in item 2 at the above link.
-- Mark Sapiro mark@msapiro.net The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
Thank you for pointing that out. I have made the correction. Sorry for the confusion.
Brian Carpenter EMWD.com
Providing Cloud Services and more for over 15 years.
T: 336.755.0685 E: brian@emwd.com www.emwd.com
On Tue, Sep 9, 2014 at 7:32 PM, Mark Sapiro mark@msapiro.net wrote:
On 09/09/2014 07:04 PM, Peter Shute wrote:
Shouldn't there be an "or" between 1. and 2? I would have thought if you've followed the advice in 1. then 2. shouldn't be necessary. That's what we've done, and it's working ok.
Regarding http://clientarea.emwd.com/knowledgebase/60/DMARC-and-Mailman.html:
That's correct. If you apply any of the DMARC mitigations (from_is_list or dmarc_moderation_action) available in the 2.1.18 Mailman release, you don't need to do any of the things in item 2 at the above link.
So if I go with option #1, I can add back the subject_prefix value?
Matt Taylor OS Community Flag-Bearer Numenta
On 09/09/2014 08:45 PM, Matthew Taylor wrote:
So if I go with option #1, I can add back the subject_prefix value?
Yes.
-- Mark Sapiro mark@msapiro.net The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
That's great. Thanks for all the help!
Matt Taylor OS Community Flag-Bearer Numenta
On Tue, Sep 9, 2014 at 8:47 PM, Mark Sapiro mark@msapiro.net wrote:
On 09/09/2014 08:45 PM, Matthew Taylor wrote:
So if I go with option #1, I can add back the subject_prefix value?
Yes.
-- Mark Sapiro mark@msapiro.net The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
participants (5)
-
Brian Carpenter
-
Mark Sapiro
-
Matthew Taylor
-
Peter Shute
-
Stephen J. Turnbull