Anonymous emails with the sender information
Dear All
Is there a way to use the anonymous emails feature but retain the sender information in the name and reply to fields ?
To get around spam protection systems I want all emails to come from the list email address but that list members reply to the poster.
Many thanks in advance
Nigel
Nigel Woodley wrote:
Is there a way to use the anonymous emails feature but retain the sender information in the name and reply to fields ?
No. The anonymous list feature is designed to remove all information that could identify the sender.
To get around spam protection systems I want all emails to come from the list email address but that list members reply to the poster.
All list posts are sent with the envelope from and the Sender: header equal to the LISTNAME-bounces@... address. I'm sure it depends on the spam filter, but whitelisting this address may work.
If you need to modify the From: header and perhaps put the original From: in a Reply-To:, you can do that with a custom handler. See <http://wiki.list.org/x/l4A9>.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
Dear Mark
Many thanks for the reply which is much appreciated.
The spam problem I have is because we have many members from different organisations linked by a private network.
Emails sent from these organisations are sent out to other members however when they are received by other organisations on the private network they are rejected because they have not been delivered internally on the private network.
I do not have access to change the configuration files unfortunately so custom handlers will not work for me.
It is a real shame that mailman does not allow you the option of setting up anonymous mode with separate options for the email address name and reply to fields.
Are there any other possibilities ?
Many thanks in advance
Nigel -----Original Message----- From: Mark Sapiro [mailto:mark@msapiro.net] Sent: 12 June 2011 06:37 To: Nigel.Woodley@lufty.co.uk; mailman-users@python.org Subject: Re: [Mailman-Users] Anonymous emails with the sender information
Nigel Woodley wrote:
Is there a way to use the anonymous emails feature but retain the sender information in the name and reply to fields ?
No. The anonymous list feature is designed to remove all information that could identify the sender.
To get around spam protection systems I want all emails to come from the list email address but that list members reply to the poster.
All list posts are sent with the envelope from and the Sender: header equal to the LISTNAME-bounces@... address. I'm sure it depends on the spam filter, but whitelisting this address may work.
If you need to modify the From: header and perhaps put the original From: in a Reply-To:, you can do that with a custom handler. See <http://wiki.list.org/x/l4A9>.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
On 6/12/2011 3:03 AM, Nigel Woodley wrote:
I don't understand. Either the Mailman server is on the private network or not. If other servers on the network are looking at where mail originates in order to determine whether or not to accept the mail, I would expect them to be looking at the IP address of the sending server or possibly things like the domain of the envelope sender or Received: headers in the message. The last thing I would expect them to look at is the From: header of the message. And, even if they are looking at From:, you seem to say that the original sender whose address is in From: is also on the private network.
What you seem to want is not anonymizing, but rather just From: address munging plus perhaps putting the original From: address in Reply-To: in order to accommodate your specific network configuration. Aside from the fact that I am skeptical that this will accomplish your goal, this is not something that anyone else is asking for. Others have asked for the ability to mung the From: address while preserving the identity but not the email address of the poster, but these requests are generally motivated by a desire to prevent replies going to the poster, which is apparently not what you want.
I suggest you figure out exactly what criteria these private network servers are using to reject mail, and if it is in fact based on the From: address, you try to convince the admins of these servers that making accept/reject decisions based on something so easily and often spoofed in spam as the From: address is not an effective anti-spam measure.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
On Sun, 12 Jun 2011, Mark Sapiro wrote:
The way I understood it was that the systems that are interconnected via the private network expect all traffic that comes from Email addresses hosted on the private network to come *via* the private network and not from outside. This interpretation is based on the assumption that Mailman is *not* on the private network.
Sounds like they should just whitelist the Mailman server's IP address IMHO.
Geoff.
Hi Geoff and Mark
Your understanding is correct and unfortunately the mailman server has to be external.
Also unfortunately it is not possible to whitelist the mailman server on the email servers within the private networks.
Any other ideas ?
Many thanks in advance
Nigel -----Original Message----- From: mailman-users-bounces+nigel.woodley=lufty.co.uk@python.org [mailto:mailman-users-bounces+nigel.woodley=lufty.co.uk@python.org] On Behalf Of Geoff Shang Sent: 12 June 2011 19:36 To: mailman-users@python.org Subject: Re: [Mailman-Users] Anonymous emails with the sender information
On Sun, 12 Jun 2011, Mark Sapiro wrote:
The way I understood it was that the systems that are interconnected via the private network expect all traffic that comes from Email addresses hosted on the private network to come *via* the private network and not from outside. This interpretation is based on the assumption that Mailman is *not* on the private network.
Sounds like they should just whitelist the Mailman server's IP address IMHO.
Geoff.
Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/nigel.woodley%40lufty.c o.uk
On 6/12/2011 11:52 AM, Nigel Woodley wrote:
OK. I understand the problem now.
When you say "it is not possible to whitelist the mailman server", do you mean not technically possible or not possible because actual spam is also relayed via this server (maybe it's also the gateway to the internet).
Assuming you mean the latter, perhaps it would be possible to whitelist the LISTNAME-bounces@mailman_domain envelope sender.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
Hi Mark
The problem is that the private network is made up of 50+ large organisations and the policy is that all emails between these organisations are routed securely over the private network therefore no whitelisting is allowed and indeed even if it was it would be very difficult to get 50 large organisations to agree a change of anti-spam rules.
I really appreciate all your help but I guess it should be a new feature put on the wish list for the next version of mailman.
I understand other mailman type products offer this functionality for the very reason that I have outlined.
Kind regards
Nigel -----Original Message----- From: Mark Sapiro [mailto:mark@msapiro.net] Sent: 12 June 2011 20:05 To: Nigel.Woodley@lufty.co.uk Cc: mailman-users@python.org Subject: Re: [Mailman-Users] Anonymous emails with the sender information
On 6/12/2011 11:52 AM, Nigel Woodley wrote:
OK. I understand the problem now.
When you say "it is not possible to whitelist the mailman server", do you mean not technically possible or not possible because actual spam is also relayed via this server (maybe it's also the gateway to the internet).
Assuming you mean the latter, perhaps it would be possible to whitelist the LISTNAME-bounces@mailman_domain envelope sender.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
Nigel Woodley writes:
I understand other mailman type products offer this functionality for the very reason that I have outlined.
What you are saying implies that an explicitly untrusted host is allowed to inject content into a secure network based on the most easily forged identification on the Internet. This seems unlikely to be true to me, and if true, I would say the security policy is broken.
Are you sure you understand the actual rules for mail distribution on this network? I have to suspect that even if you got what you say you want, you still would not be able to distribute posts via a Mailman based on that host.
There are better methods for identification like DKIM (though they still have technical problems w.r.t. mailing lists). Perhaps such a protocol is in use on your network and you need not munge headers at all (in fact, you can not munge DKIM-signed headers without breaking DKIM).
HTH
On 6/12/2011 11:35 AM, Geoff Shang wrote:
(Sorry for the immediately preceding 'content free' reply)
Thank you for the above Geoff. That actually does make sense to me.
Sounds like they should just whitelist the Mailman server's IP address IMHO.
I agree.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
Nigel Woodley wrote:
Is there a way to use the anonymous emails feature but retain the sender information in the name and reply to fields ?
No. The anonymous list feature is designed to remove all information that could identify the sender.
To get around spam protection systems I want all emails to come from the list email address but that list members reply to the poster.
All list posts are sent with the envelope from and the Sender: header equal to the LISTNAME-bounces@... address. I'm sure it depends on the spam filter, but whitelisting this address may work.
If you need to modify the From: header and perhaps put the original From: in a Reply-To:, you can do that with a custom handler. See <http://wiki.list.org/x/l4A9>.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
Dear Mark
Many thanks for the reply which is much appreciated.
The spam problem I have is because we have many members from different organisations linked by a private network.
Emails sent from these organisations are sent out to other members however when they are received by other organisations on the private network they are rejected because they have not been delivered internally on the private network.
I do not have access to change the configuration files unfortunately so custom handlers will not work for me.
It is a real shame that mailman does not allow you the option of setting up anonymous mode with separate options for the email address name and reply to fields.
Are there any other possibilities ?
Many thanks in advance
Nigel -----Original Message----- From: Mark Sapiro [mailto:mark@msapiro.net] Sent: 12 June 2011 06:37 To: Nigel.Woodley@lufty.co.uk; mailman-users@python.org Subject: Re: [Mailman-Users] Anonymous emails with the sender information
Nigel Woodley wrote:
Is there a way to use the anonymous emails feature but retain the sender information in the name and reply to fields ?
No. The anonymous list feature is designed to remove all information that could identify the sender.
To get around spam protection systems I want all emails to come from the list email address but that list members reply to the poster.
All list posts are sent with the envelope from and the Sender: header equal to the LISTNAME-bounces@... address. I'm sure it depends on the spam filter, but whitelisting this address may work.
If you need to modify the From: header and perhaps put the original From: in a Reply-To:, you can do that with a custom handler. See <http://wiki.list.org/x/l4A9>.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
On 6/12/2011 3:03 AM, Nigel Woodley wrote:
I don't understand. Either the Mailman server is on the private network or not. If other servers on the network are looking at where mail originates in order to determine whether or not to accept the mail, I would expect them to be looking at the IP address of the sending server or possibly things like the domain of the envelope sender or Received: headers in the message. The last thing I would expect them to look at is the From: header of the message. And, even if they are looking at From:, you seem to say that the original sender whose address is in From: is also on the private network.
What you seem to want is not anonymizing, but rather just From: address munging plus perhaps putting the original From: address in Reply-To: in order to accommodate your specific network configuration. Aside from the fact that I am skeptical that this will accomplish your goal, this is not something that anyone else is asking for. Others have asked for the ability to mung the From: address while preserving the identity but not the email address of the poster, but these requests are generally motivated by a desire to prevent replies going to the poster, which is apparently not what you want.
I suggest you figure out exactly what criteria these private network servers are using to reject mail, and if it is in fact based on the From: address, you try to convince the admins of these servers that making accept/reject decisions based on something so easily and often spoofed in spam as the From: address is not an effective anti-spam measure.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
On Sun, 12 Jun 2011, Mark Sapiro wrote:
The way I understood it was that the systems that are interconnected via the private network expect all traffic that comes from Email addresses hosted on the private network to come *via* the private network and not from outside. This interpretation is based on the assumption that Mailman is *not* on the private network.
Sounds like they should just whitelist the Mailman server's IP address IMHO.
Geoff.
Hi Geoff and Mark
Your understanding is correct and unfortunately the mailman server has to be external.
Also unfortunately it is not possible to whitelist the mailman server on the email servers within the private networks.
Any other ideas ?
Many thanks in advance
Nigel -----Original Message----- From: mailman-users-bounces+nigel.woodley=lufty.co.uk@python.org [mailto:mailman-users-bounces+nigel.woodley=lufty.co.uk@python.org] On Behalf Of Geoff Shang Sent: 12 June 2011 19:36 To: mailman-users@python.org Subject: Re: [Mailman-Users] Anonymous emails with the sender information
On Sun, 12 Jun 2011, Mark Sapiro wrote:
The way I understood it was that the systems that are interconnected via the private network expect all traffic that comes from Email addresses hosted on the private network to come *via* the private network and not from outside. This interpretation is based on the assumption that Mailman is *not* on the private network.
Sounds like they should just whitelist the Mailman server's IP address IMHO.
Geoff.
Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/nigel.woodley%40lufty.c o.uk
On 6/12/2011 11:52 AM, Nigel Woodley wrote:
OK. I understand the problem now.
When you say "it is not possible to whitelist the mailman server", do you mean not technically possible or not possible because actual spam is also relayed via this server (maybe it's also the gateway to the internet).
Assuming you mean the latter, perhaps it would be possible to whitelist the LISTNAME-bounces@mailman_domain envelope sender.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
Hi Mark
The problem is that the private network is made up of 50+ large organisations and the policy is that all emails between these organisations are routed securely over the private network therefore no whitelisting is allowed and indeed even if it was it would be very difficult to get 50 large organisations to agree a change of anti-spam rules.
I really appreciate all your help but I guess it should be a new feature put on the wish list for the next version of mailman.
I understand other mailman type products offer this functionality for the very reason that I have outlined.
Kind regards
Nigel -----Original Message----- From: Mark Sapiro [mailto:mark@msapiro.net] Sent: 12 June 2011 20:05 To: Nigel.Woodley@lufty.co.uk Cc: mailman-users@python.org Subject: Re: [Mailman-Users] Anonymous emails with the sender information
On 6/12/2011 11:52 AM, Nigel Woodley wrote:
OK. I understand the problem now.
When you say "it is not possible to whitelist the mailman server", do you mean not technically possible or not possible because actual spam is also relayed via this server (maybe it's also the gateway to the internet).
Assuming you mean the latter, perhaps it would be possible to whitelist the LISTNAME-bounces@mailman_domain envelope sender.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
Nigel Woodley writes:
I understand other mailman type products offer this functionality for the very reason that I have outlined.
What you are saying implies that an explicitly untrusted host is allowed to inject content into a secure network based on the most easily forged identification on the Internet. This seems unlikely to be true to me, and if true, I would say the security policy is broken.
Are you sure you understand the actual rules for mail distribution on this network? I have to suspect that even if you got what you say you want, you still would not be able to distribute posts via a Mailman based on that host.
There are better methods for identification like DKIM (though they still have technical problems w.r.t. mailing lists). Perhaps such a protocol is in use on your network and you need not munge headers at all (in fact, you can not munge DKIM-signed headers without breaking DKIM).
HTH
On 6/12/2011 11:35 AM, Geoff Shang wrote:
(Sorry for the immediately preceding 'content free' reply)
Thank you for the above Geoff. That actually does make sense to me.
Sounds like they should just whitelist the Mailman server's IP address IMHO.
I agree.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
participants (4)
-
Geoff Shang -
Mark Sapiro -
Nigel Woodley -
Stephen J. Turnbull