Mailman 2.1.12 and issues with TLS 1.2 and DMARC
Hello
I wonder if you can help.
My organisation represents and supports GPs across most of London. We have elected representatives and we use Mailman mailing lists to provide listservers to elected representatives.
We currently use version 2.1.12 (http://lists.lmc.org.uk/mailman/admin) but I am aware of changes with TLS and DMARC are starting to effect our messages to listserver members. An example is doctors.org email addresses do not accept our listserver messages because the DMARC settings in their systems sees the ‘sender’ is sending mail out purporting to be from the email address of the person posting the entry on the listserver, which they regard as spoofing.
We send emails to NHS mail addresses which currently reach their destination but I am aware that NHS mail is going to move to Exchange Online next month.
I am looking at ways to future proof our listservers as they are such an important part of our communication strategy.
Are you able to assist in providing me with guidance on the steps I should be taking?
Many thanks in advance.
Best wishes.
Jonathan
Jonathan Ashby Head of Communications and ICT Londonwide LMCs and Londonwide Enterprise Ltd Direct dial: 020 3818 6228 Mobile: 07768 109601 Fax: 020 7383 7442 Email: jonathan.ashby@lmc.org.uk<mailto:jonathan.ashby@lmc.org.uk> Web: www.lmc.org.uk<http://www.lmc.org.uk/> Twitter: @LondonwideLMCs<http://www.twitter.com/LondonwideLMCs>
Visit www.lmc.org.uk/coronavirus-covid-19<http://www.lmc.org.uk/coronavirus-covid-19> for the latest official resources and guidance on covid-19.
Remember that you can use WhatsApp and FaceTime for online consultations as well as the usual online tools.
Think of the environment - do you really need to print this email?
This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please accept our apologies and notify the sender.
The registered and office address for Londonwide Local Medical Committees Limited is: Tavistock House South, Tavistock Square, London WC1H 9LG. Registered in England No: 6391298.
Londonwide Enterprise Limited is a wholly owned subsidiary of Londonwide Local Medical Committees Limited. Londonwide Enterprise Limited is registered at: Tavistock House South, Tavistock Square, London WC1H 9LG. Registered in England No. 6990874. Londonwide Enterprise Limited is registered as a Company Limited by Shares. VAT no: 130 1454 66.
Londonwide Local Medical Committees Limited and Londonwide Enterprise Limited do not provide legal or financial advice and thereby excludes all liability howsoever arising in circumstances where any individual, person or entity has suffered any loss or damage arising from the use of information provided by Londonwide Local Medical Committees Limited and Londonwide Enterprise Limited in circumstances where professional legal or financial advice ought reasonably to have been obtained.
Londonwide Local Medical Committees Limited and Londonwide Enterprise Limited provide guidance and support to GPs and practice teams in the Londonwide area. Additionally Londonwide Local Medical Committees Limited provides representation to GPs and practice teams in the Londonwide area. Londonwide Local Medical Committees Limited and Londonwide Enterprise Limited strongly advises individuals or practices to obtain independent legal or financial advice.
This email has been scanned by the Symantec Email Security.cloud service. For more information please visit http://www.symanteccloud.com
On 6/16/20 4:36 AM, Jonathan Ashby wrote:
Hello
I wonder if you can help.
My organisation represents and supports GPs across most of London. We have elected representatives and we use Mailman mailing lists to provide listservers to elected representatives.
We currently use version 2.1.12 (http://lists.lmc.org.uk/mailman/admin) but I am aware of changes with TLS and DMARC are starting to effect our messages to listserver members. An example is doctors.org email addresses do not accept our listserver messages because the DMARC settings in their systems sees the ‘sender’ is sending mail out purporting to be from the email address of the person posting the entry on the listserver, which they regard as spoofing.
We send emails to NHS mail addresses which currently reach their destination but I am aware that NHS mail is going to move to Exchange Online next month.
I am looking at ways to future proof our listservers as they are such an important part of our communication strategy.
I suggest at a minimum you upgrade your Mailman to a version that provides good DMARC mitigation support. That would be 2.1.18+, but the latest is 2.1.33, and 2.1.34 will be released very soon. If you are gouing to upgrade from source, there's no reason not to upgrade to the latest release or even the head of the branch at <https://code.launchpad.net/~mailman-coders/mailman/2.1>.
If you need specific help/advice on upgrading, we can help with that too if we know how your current Mailman was installed.
Regarding TLS, Mailman 2.1.23+ can do SASL authentication and STARTTLS security when connecting to the outgoing MTA. This is only really meaningful if the outgoing MTA is not on the local Mailman machine. For a local MTA, TLS delivery to recipients is configured in the MTA, not in Mailman.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
participants (2)
-
Jonathan Ashby
-
Mark Sapiro