From aba at westmont.edu Tue Apr 1 21:30:55 2014 From: aba at westmont.edu (Anne Anderson) Date: Tue, 1 Apr 2014 12:30:55 -0700 Subject: [Mailman-Users] Automatic entry into aliases file Message-ID: Hello - We just moved Mailman to a new server and the version we're now using is 2.1.14. I'm sorry I don't remember what the old version was, but it was pretty old... we had not upgraded for years (oops). Anyway, with our old Mailman, whenever I created a new list it would automatically put a nice stanza into my aliases file that looked like this: # STANZA START: academicsenate # CREATED: Fri Sep 5 14:31:10 2008 academicsenate: "|/usr/lib/mailman/mail/mailman post academicsenate" academicsenate-admin: "|/usr/lib/mailman/mail/mailman admin academicsenate" academicsenate-bounces: "|/usr/lib/mailman/mail/mailman bounces academicsenate" academicsenate-confirm: "|/usr/lib/mailman/mail/mailman confirm academicsenate" academicsenate-join: "|/usr/lib/mailman/mail/mailman join academicsenate" academicsenate-leave: "|/usr/lib/mailman/mail/mailman leave academicsenate" academicsenate-owner: "|/usr/lib/mailman/mail/mailman owner academicsenate" academicsenate-request: "|/usr/lib/mailman/mail/mailman request academicsenate" academicsenate-subscribe: "|/usr/lib/mailman/mail/mailman subscribe academicsenate" academicsenate-unsubscribe: "|/usr/lib/mailman/mail/mailman unsubscribe academicsenate" # STANZA END: academicsenate It would place it in the file in the correct alphabetical order, and it would run newaliases when it was finished. I have to confess I got rather spoiled, never having to put in the aliases entries. But with this new version, when I create a new list I get a message showing me the format of the aliases entry and telling me I have to put this into the aliases file myself. It seems strange to me that Mailman would have this nice automatic entry feature, and then would somehow go back to making us do it by hand again. I must be missing something. Is there a configuration that I can tweak that will enable automatic entry into the aliases file? We are running on Ubuntu precise (12.04.4 LTS) Thanks for any help you can give me! Anne Anne Anderson Web Application Developer / Database Manager Information Technology Westmont College From mark at msapiro.net Tue Apr 1 22:54:46 2014 From: mark at msapiro.net (Mark Sapiro) Date: Tue, 01 Apr 2014 13:54:46 -0700 Subject: [Mailman-Users] Automatic entry into aliases file In-Reply-To: References: Message-ID: <533B2796.3030007@msapiro.net> On 04/01/2014 12:30 PM, Anne Anderson wrote: > > But with this new version, when I create a new list I get a message showing > me the format of the aliases entry and telling me I have to put this into > the aliases file myself. > > It seems strange to me that Mailman would have this nice automatic entry > feature, and then would somehow go back to making us do it by hand again. > > I must be missing something. Is there a configuration that I can tweak > that will enable automatic entry into the aliases file? You need MTA = 'Postfix' in mm_cfg.py and possibly other configuration changes in Postfix. I'm not very familiar with how the Ubuntu Package sets this up, but it should all be documented somewhere - just be sure to NOT configure postfix-to-mailman. We do NOT recommend following the instructions under Postfix in the Configuration section at See . -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From her at adm.ku.dk Thu Apr 3 13:16:56 2014 From: her at adm.ku.dk (Henrik Rasmussen) Date: Thu, 3 Apr 2014 11:16:56 +0000 Subject: [Mailman-Users] Moderator page similar to the admin page Message-ID: <6DCC3E5DA06FE346B4DE4876C4F2713DB1AAD622@P1KITMBX05WC03.unicph.domain> I am running Mailman version 2.1.12. How to I present a moderator-page similar to the /admin/ page, containing a list of Maillists to moderate? Or does moderators only have the option of entering the URL as mentioned at https://mail.python.org/pipermail/mailman-users/2004-December/041411.html Yours faithfully Henrik Rasmussen From mark at msapiro.net Thu Apr 3 16:41:50 2014 From: mark at msapiro.net (Mark Sapiro) Date: Thu, 03 Apr 2014 07:41:50 -0700 Subject: [Mailman-Users] Moderator page similar to the admin page In-Reply-To: <6DCC3E5DA06FE346B4DE4876C4F2713DB1AAD622@P1KITMBX05WC03.unicph.domain> References: <6DCC3E5DA06FE346B4DE4876C4F2713DB1AAD622@P1KITMBX05WC03.unicph.domain> Message-ID: <533D732E.8080803@msapiro.net> On 04/03/2014 04:16 AM, Henrik Rasmussen wrote: > > How to I present a moderator-page similar to the /admin/ page, containing a list of Maillists to moderate? Or does moderators only have the option of entering the URL as mentioned at https://mail.python.org/pipermail/mailman-users/2004-December/041411.html You would have to modify Mailman/Cgi/admindb.py to add an overview function similar to the admin_overview function in Mailman/Cgi/admin.py. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From adamsca at gmail.com Fri Apr 4 23:29:47 2014 From: adamsca at gmail.com (Christopher Adams) Date: Fri, 4 Apr 2014 14:29:47 -0700 Subject: [Mailman-Users] subscribed address that forwards to secondary address can't be identified Message-ID: Hello all, This is not necessarily a Mailman question, but I thought someone administering Mailman may have come across this before. A person is receiving mail through a list. The address that they are currently using (@gmail.com) is not subscribed to the list. I assume that means a subscribed address is forwarding to the gmail account. The gmail account people don't have any idea what they could have been subscribed as. I thought maybe the Mailman or MTA logs would show the susbscribed address forwarding to the gmail address. However, I can't find anything, so can't identify which address is the culprit. Does anyone have an idea how to get to the bottom of this? -- Christopher Adams adamsca at gmail.com From mike at writestarr.com Fri Apr 4 23:51:49 2014 From: mike at writestarr.com (Mike Starr) Date: Fri, 04 Apr 2014 16:51:49 -0500 Subject: [Mailman-Users] subscribed address that forwards to secondary address can't be identified In-Reply-To: References: Message-ID: <533F2975.1040207@writestarr.com> Does it arrive as a forward? If so, it might be possible to view the entire message header and trace it that way. Web-based email being what it is, I don't know how much or little gmail retains of the message headers of forwards or whether gmail allows those message headers to be inspected. If the gmail web interface doesn't permit viewing the message headers, gmail may allow the message to be saved as text and I'm guessing that would typically include the full message headers. Best Regards, Mike -- Mike Starr, Writer Technical Writer - Online Help Developer - WordPress Websites Graphic Designer - Desktop Publisher - Custom Microsoft Word templates (262) 694-1028 - mike at writestarr.com - http://www.writestarr.com President - Working Writers of Wisconsin http://www.workingwriters.org/ On 4/4/2014 4:29 PM, Christopher Adams wrote: > Hello all, > > This is not necessarily a Mailman question, but I thought someone > administering Mailman may have come across this before. > > A person is receiving mail through a list. The address that they are > currently using (@gmail.com) is not subscribed to the list. I assume that > means a subscribed address is forwarding to the gmail account. The gmail > account people don't have any idea what they could have been subscribed as. > I thought maybe the Mailman or MTA logs would show the susbscribed address > forwarding to the gmail address. However, I can't find anything, so can't > identify which address is the culprit. > > Does anyone have an idea how to get to the bottom of this? > > From bsfinkel at att.net Sat Apr 5 00:09:30 2014 From: bsfinkel at att.net (Barry S. Finkel) Date: Fri, 04 Apr 2014 17:09:30 -0500 Subject: [Mailman-Users] subscribed address that forwards to secondary address can't be identified In-Reply-To: References: Message-ID: <533F2D9A.1060701@att.net> On 4/4/2014 4:29 PM, Christopher Adams wrote: > Hello all, > > This is not necessarily a Mailman question, but I thought someone > administering Mailman may have come across this before. > > A person is receiving mail through a list. The address that they are > currently using (@gmail.com) is not subscribed to the list. I assume that > means a subscribed address is forwarding to the gmail account. The gmail > account people don't have any idea what they could have been subscribed as. > I thought maybe the Mailman or MTA logs would show the susbscribed address > forwarding to the gmail address. However, I can't find anything, so can't > identify which address is the culprit. > > Does anyone have an idea how to get to the bottom of this? Get a copy of the mail as received and look at the RFC 5322 mail headers. Those headers should give the entire mail path, and one of the "Received" lines may have a "for user at example.com" piece. --Barry Finkel From mark at msapiro.net Fri Apr 4 23:44:44 2014 From: mark at msapiro.net (Mark Sapiro) Date: Fri, 04 Apr 2014 14:44:44 -0700 Subject: [Mailman-Users] subscribed address that forwards to secondary address can't be identified In-Reply-To: References: Message-ID: <533F27CC.4010901@msapiro.net> On 04/04/2014 02:29 PM, Christopher Adams wrote: > > A person is receiving mail through a list. The address that they are > currently using (@gmail.com) is not subscribed to the list. I assume that > means a subscribed address is forwarding to the gmail account. The gmail > account people don't have any idea what they could have been subscribed as. > I thought maybe the Mailman or MTA logs would show the susbscribed address > forwarding to the gmail address. However, I can't find anything, so can't > identify which address is the culprit. > > Does anyone have an idea how to get to the bottom of this? The first step is to examine the Received: headers of the post as received by the gmail user. This may tell you exactly what address Mailman sent to. If not, it will tell you what MX server the message went to from the Mailman server which will help narrow the possibilities. There's no way that Mailman or probably even your local MTA can know that any particular address they send to ultimately forwards to gmail. If all else fails, and you have the ability, you can enable Mailman's VERP. Then each message from Mailman will have the envelope from and Sender: and Errors-To: headers with the address LISTNAME-bounces-user=example.com at your.domain where user at example.com is the address sent to. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From sherwindu at att.net Sat Apr 5 04:46:34 2014 From: sherwindu at att.net (sherwin) Date: Fri, 04 Apr 2014 21:46:34 -0500 Subject: [Mailman-Users] Cannot log in to Ibiblio Message-ID: <533F6E8A.4090502@att.net> Suddenly, I cannot log into Ibiblio as an administrator. I get the following error message: Bug in Mailman version 2.1.12 We're sorry, we hit a bug! Please inform the webmaster for this site of this problem. Printing of traceback and other system information has been explicitly inhibited, but the webmaster can find this information in the Mailman error logs. When I try and log into: http://lists.ibiblio.org/mailman/admin/midfex How can I resolve this problem? Sherwin Dubren Midfex Administrator on the Ibiblio forums From mark at msapiro.net Sat Apr 5 05:12:33 2014 From: mark at msapiro.net (Mark Sapiro) Date: Fri, 04 Apr 2014 20:12:33 -0700 Subject: [Mailman-Users] Cannot log in to Ibiblio In-Reply-To: <533F6E8A.4090502@att.net> References: <533F6E8A.4090502@att.net> Message-ID: <533F74A1.1030205@msapiro.net> On 04/04/2014 07:46 PM, sherwin wrote: > Suddenly, I cannot log into Ibiblio as an administrator. > > I get the following error message: > > > Bug in Mailman version 2.1.12 > > > We're sorry, we hit a bug! > > Please inform the webmaster for this site of this problem. Printing of > traceback and other system information has been explicitly inhibited, > but the webmaster can find this information in the Mailman error logs. > > When I try and log into: http://lists.ibiblio.org/mailman/admin/midfex > > How can I resolve this problem? Contact the administrators of the server at lists.ibiblio.org and inform them of the issue. They will need to get the detailed exception and traceback information from Mailman's 'error' log and diagnose the problem. If they need help, they can post that information here and we will try to help. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From stephen at xemacs.org Sat Apr 5 08:14:44 2014 From: stephen at xemacs.org (Stephen J. Turnbull) Date: Sat, 05 Apr 2014 15:14:44 +0900 Subject: [Mailman-Users] subscribed address that forwards to secondary address can't be identified In-Reply-To: References: Message-ID: <874n28l2uj.fsf@uwakimon.sk.tsukuba.ac.jp> Christopher Adams writes: > A person is receiving mail through a list. The address that they are > currently using (@gmail.com) is not subscribed to the list. Change your list to personalize the message, specifically to add a link to the user's personal options page in the footer. Of course you can't always do that, depending on the purpose of the list, but that's one possible way to investigate (and solve, if the person wants to unsubscribe themselves!) the issue. From wcook at mycoachonline.com Sat Apr 5 14:26:26 2014 From: wcook at mycoachonline.com (Wayne Cook) Date: Sat, 5 Apr 2014 07:26:26 -0500 Subject: [Mailman-Users] subscribed address that forwards to secondary address can't be identified In-Reply-To: References: Message-ID: <9B734DC8-C4A8-4A3A-8989-88C7DCF2F618@mycoachonline.com> This isn't the best solution for sure, but I start disecting and searching list members till I find something that's close...it usually works for that instance. If I have jan.murphy at somewhere.us.mail.com, I'll find all my "jan", "murphy", 'Somewhere" and usually I find the culprit. If I fail there, I send the person an email and ask if there is an old email that could be forwarding to the new email. w Wayne Cook wcook at mycoachonline.com http://www.mycoachonline.com/ ------------------- I've flown faster than the speed of sound, stared down a shark while standing on the ocean floor and launched men into space. Care to join me tomorrow? On Apr 4, 2014, at 4:29 PM, Christopher Adams wrote: Hello all, This is not necessarily a Mailman question, but I thought someone administering Mailman may have come across this before. A person is receiving mail through a list. The address that they are currently using (@gmail.com) is not subscribed to the list. I assume that means a subscribed address is forwarding to the gmail account. The gmail account people don't have any idea what they could have been subscribed as. I thought maybe the Mailman or MTA logs would show the susbscribed address forwarding to the gmail address. However, I can't find anything, so can't identify which address is the culprit. Does anyone have an idea how to get to the bottom of this? -- Christopher Adams adamsca at gmail.com ------------------------------------------------------ Mailman-Users mailing list Mailman-Users at python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/wcook%40mycoachonline.com From Richard at Damon-Family.org Sat Apr 5 15:54:47 2014 From: Richard at Damon-Family.org (Richard Damon) Date: Sat, 05 Apr 2014 09:54:47 -0400 Subject: [Mailman-Users] subscribed address that forwards to secondary address can't be identified In-Reply-To: References: Message-ID: <53400B27.1060307@Damon-Family.org> On 4/4/14, 5:29 PM, Christopher Adams wrote: > Hello all, > > This is not necessarily a Mailman question, but I thought someone > administering Mailman may have come across this before. > > A person is receiving mail through a list. The address that they are > currently using (@gmail.com) is not subscribed to the list. I assume that > means a subscribed address is forwarding to the gmail account. The gmail > account people don't have any idea what they could have been subscribed as. > I thought maybe the Mailman or MTA logs would show the susbscribed address > forwarding to the gmail address. However, I can't find anything, so can't > identify which address is the culprit. > > Does anyone have an idea how to get to the bottom of this? > One tool to do this is the monthly password reminders (if enabled). This will send an email to every user, giving them the email address they are subscribed with and their password (I wish there was a way to make the monthly messages NOT have the password, but when sent as a password reminder include the password). Otherwise, it is a matter of just looking through the list of subscribers trying to find out what address might be theirs. Sometimes asking them for as many of their previous email addresses that they can remember to look for things like can give you leads. -- Richard Damon From fmouse at fmp.com Sat Apr 5 18:48:36 2014 From: fmouse at fmp.com (Lindsay Haisley) Date: Sat, 05 Apr 2014 11:48:36 -0500 Subject: [Mailman-Users] subscribed address that forwards to secondary address can't be identified In-Reply-To: <533F27CC.4010901@msapiro.net> References: <533F27CC.4010901@msapiro.net> Message-ID: <1396716516.55909.118.camel@pudina.fmp.com> VERP will nail the problem quickly. I have relatively small lists on my server and leave VERP turned on. This also helps eliminate complaining AOL subscribers since AOL often doesn't redact VERPed addresses in their TOS notifications. On Fri, 2014-04-04 at 14:44 -0700, Mark Sapiro wrote: > If all else fails, and you have the ability, you can enable Mailman's > VERP. Then each message from Mailman will have the envelope from and > Sender: and Errors-To: headers with the address > LISTNAME-bounces-user=example.com at your.domain where > user at example.com is > the address sent to. > > -- Lindsay Haisley | "Everything works if you let it" FMP Computer Services | 512-259-1190 | --- The Roadie http://www.fmp.com | From jon.1234 at hotmail.co.uk Mon Apr 7 20:18:08 2014 From: jon.1234 at hotmail.co.uk (Jon 1234) Date: Mon, 7 Apr 2014 19:18:08 +0100 Subject: [Mailman-Users] Reconfiguring Mailman with different with-cgi-gid In-Reply-To: <52B09211.1040008@msapiro.net> References: , , <52AFDC5D.7000704@msapiro.net>, , <52B09211.1040008@msapiro.net> Message-ID: > Date: Tue, 17 Dec 2013 10:04:01 -0800 > From: mark at msapiro.net > To: mailman-users at python.org > Subject: Re: [Mailman-Users] Reconfiguring Mailman with different with-cgi-gid > > On 12/17/2013 06:36 AM, Jon 1234 wrote: > > > > Just to check, is this the correct process? mailmanctl stop -- configure (with options as in previous emails) -- make install -- mailmanctl start. I'm note sure whether it's necessary to 'make install' again. > > > Yes it is necessary to make install as this is what updates the > mailman/cgi-bin/* wrappers which is what needs to be done. > Sorry to resurrect this. 1. When I tried to run configure, I realised the configure file wasn't there. I downloaded the same version - 2.1.15 - and used the file from there. Was this the right place to get the configure file? 2. It looked like the new configure options would have worked. Does that look right?checking for --with-username... [my username]checking for user name "[my username]"... okaychecking for --with-groupname... userschecking for group name "users"... okaychecking permissions on /[my path]/mailman... okay 3. Configuration stopped because a file was missing. Each time I uploaded the missing file from the recent download, the next attempt stopped for another file. I gave up as obviously I was barking up the wrong tree. I assume I used to have these files so what went wrong? Here they are:config.status: error: cannot find input file: misc/paths.py.inconfig.status: error: cannot find input file: Mailman/Defaults.py.inAlso.... install-sh, src/, misc/, Mailman/Defaults.py.in... 4. *IF* the answer is to install from scratch then move across the archive, could or should I use the latest version 2.1.17? Thanks in anticipation. If you require further information please let me know. Best wishes Jon From adamsca at gmail.com Mon Apr 7 21:24:58 2014 From: adamsca at gmail.com (Christopher Adams) Date: Mon, 7 Apr 2014 12:24:58 -0700 Subject: [Mailman-Users] subscribed address that forwards to secondary address can't be identified In-Reply-To: <1396716516.55909.118.camel@pudina.fmp.com> References: <533F27CC.4010901@msapiro.net> <1396716516.55909.118.camel@pudina.fmp.com> Message-ID: Thank you all for your suggestions. I have set up VERP via Mailman in mm_cfg.py. I logged in to the list admin and followed guidelines about enabling Personalization. I referred to this: http://wiki.list.org/pages/viewpage.action?pageId=4030545 I may be missing something, but I don't see anything under 'Non-digest options' for enabling Personalization. Does it just refer to custom headers, footers, etc? It seems that you can do that anyways without the setting allowing Personalization in mm_cfg.py. Also, when enabling something in mm_cfg.py, the guidelines say to use 1=true/yes, but then I see it looking something like the following. Maybe this is part of the problem. I would appreciate some clarification. Thank you. VERP_PERSONALIZED_DELIVERIES = Yes OWNERS_CAN_ENABLE_PERSONALIZATION = Yes On Sat, Apr 5, 2014 at 9:48 AM, Lindsay Haisley wrote: > VERP will nail the problem quickly. I have relatively small lists on my > server and leave VERP turned on. This also helps eliminate complaining > AOL subscribers since AOL often doesn't redact VERPed addresses in their > TOS notifications. > > On Fri, 2014-04-04 at 14:44 -0700, Mark Sapiro wrote: > > If all else fails, and you have the ability, you can enable Mailman's > > VERP. Then each message from Mailman will have the envelope from and > > Sender: and Errors-To: headers with the address > > LISTNAME-bounces-user=example.com at your.domain where > > user at example.com is > > the address sent to. > > > > > -- > Lindsay Haisley | "Everything works if you let it" > FMP Computer Services | > 512-259-1190 | --- The Roadie > http://www.fmp.com | > > ------------------------------------------------------ > Mailman-Users mailing list Mailman-Users at python.org > https://mail.python.org/mailman/listinfo/mailman-users > Mailman FAQ: http://wiki.list.org/x/AgA3 > Security Policy: http://wiki.list.org/x/QIA9 > Searchable Archives: > http://www.mail-archive.com/mailman-users%40python.org/ > Unsubscribe: > https://mail.python.org/mailman/options/mailman-users/adamsca%40gmail.com > -- Christopher Adams adamsca at gmail.com From adamsca at gmail.com Mon Apr 7 21:45:05 2014 From: adamsca at gmail.com (Christopher Adams) Date: Mon, 7 Apr 2014 12:45:05 -0700 Subject: [Mailman-Users] subscribed address that forwards to secondary address can't be identified In-Reply-To: References: <533F27CC.4010901@msapiro.net> <1396716516.55909.118.camel@pudina.fmp.com> Message-ID: Ok, I think I have what I need. I checked the mail logs and see that the header is showing the list name and the subscriber address. Now, I need to see what happens when I set a forward and send a message. On Mon, Apr 7, 2014 at 12:24 PM, Christopher Adams wrote: > Thank you all for your suggestions. I have set up VERP via Mailman in > mm_cfg.py. I logged in to the list admin and followed guidelines about > enabling Personalization. I referred to this: > > http://wiki.list.org/pages/viewpage.action?pageId=4030545 > > I may be missing something, but I don't see anything under 'Non-digest > options' for enabling Personalization. Does it just refer to custom > headers, footers, etc? It seems that you can do that anyways without the > setting allowing Personalization in mm_cfg.py. Also, when enabling > something in mm_cfg.py, the guidelines say to use 1=true/yes, but then I > see it looking something like the following. Maybe this is part of the > problem. I would appreciate some clarification. Thank you. > > VERP_PERSONALIZED_DELIVERIES = Yes > > OWNERS_CAN_ENABLE_PERSONALIZATION = Yes > > > > > On Sat, Apr 5, 2014 at 9:48 AM, Lindsay Haisley wrote: > >> VERP will nail the problem quickly. I have relatively small lists on my >> server and leave VERP turned on. This also helps eliminate complaining >> AOL subscribers since AOL often doesn't redact VERPed addresses in their >> TOS notifications. >> >> On Fri, 2014-04-04 at 14:44 -0700, Mark Sapiro wrote: >> > If all else fails, and you have the ability, you can enable Mailman's >> > VERP. Then each message from Mailman will have the envelope from and >> > Sender: and Errors-To: headers with the address >> > LISTNAME-bounces-user=example.com at your.domain where >> > user at example.com is >> > the address sent to. >> > >> > >> -- >> Lindsay Haisley | "Everything works if you let it" >> FMP Computer Services | >> 512-259-1190 | --- The Roadie >> http://www.fmp.com | >> >> ------------------------------------------------------ >> Mailman-Users mailing list Mailman-Users at python.org >> https://mail.python.org/mailman/listinfo/mailman-users >> Mailman FAQ: http://wiki.list.org/x/AgA3 >> Security Policy: http://wiki.list.org/x/QIA9 >> Searchable Archives: >> http://www.mail-archive.com/mailman-users%40python.org/ >> Unsubscribe: >> https://mail.python.org/mailman/options/mailman-users/adamsca%40gmail.com >> > > > > -- > Christopher Adams > adamsca at gmail.com > -- Christopher Adams adamsca at gmail.com From harrison at utm.edu Tue Apr 8 00:05:03 2014 From: harrison at utm.edu (Bruce Harrison) Date: Mon, 7 Apr 2014 22:05:03 +0000 Subject: [Mailman-Users] sendmail and mailman mail0-wrapper Message-ID: Installing a new version of mailman on a new virtual machine (debian 4.6.3-14), and Mailman is complaining of a group mismatch error on the mail-wrapper. System is executing as mail and mailman wants it executed as mailman group. Looked for the smrsh config in sendmail, but this version on Debian seems not to use that. Also can't get sendmail to accept remote connections. Localhost works fine. Telnet to port 25 on host works fine. Remote telnet gets "554 mailman2.xxx.xxx ESMTP not accepting messages Looked at various pages on the web for sendmail and mailman, but not finding much. I'm convinced it's a setting in sendmail,but... no idea what it is. Any sendmail experts out there? Bruce Harrison UT Martin From mark at msapiro.net Tue Apr 8 05:08:13 2014 From: mark at msapiro.net (Mark Sapiro) Date: Mon, 07 Apr 2014 20:08:13 -0700 Subject: [Mailman-Users] subscribed address that forwards to secondary address can't be identified In-Reply-To: References: <533F27CC.4010901@msapiro.net> <1396716516.55909.118.camel@pudina.fmp.com> Message-ID: <5343681D.4070507@msapiro.net> On 04/07/2014 12:24 PM, Christopher Adams wrote: > > I may be missing something, but I don't see anything under 'Non-digest > options' for enabling Personalization. Does it just refer to custom > headers, footers, etc? It seems that you can do that anyways without the > setting allowing Personalization in mm_cfg.py. Also, when enabling > something in mm_cfg.py, the guidelines say to use 1=true/yes, but then I > see it looking something like the following. Maybe this is part of the > problem. I would appreciate some clarification. Thank you. > > VERP_PERSONALIZED_DELIVERIES = Yes > > OWNERS_CAN_ENABLE_PERSONALIZATION = Yes If you have set OWNERS_CAN_ENABLE_PERSONALIZATION = Yes in mm_cfg.py, the second setting under Non-digest options should be Should Mailman personalize each non-digest delivery? This is often useful for announce-only lists, but read the details section for a discussion of important performance issues. (Details for personalize) No Yes Full Personalization These additional replacements for msg_header and msg_footer are only available if personalize is Yes or Full user_address - The address of the user, coerced to lower case. user_delivered_to - The case-preserved address that the user is subscribed with. user_password - The user's password. user_name - The user's full name. user_optionsurl - The url to the user's option page. Read the Details link for more. Yes/No things in mm_cfg.py can be set to Yes or No as these are defined appropriately in Defaults.py as are On and Off. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From mark at msapiro.net Tue Apr 8 06:08:00 2014 From: mark at msapiro.net (Mark Sapiro) Date: Mon, 07 Apr 2014 21:08:00 -0700 Subject: [Mailman-Users] Reconfiguring Mailman with different with-cgi-gid In-Reply-To: References: , , <52AFDC5D.7000704@msapiro.net>, , <52B09211.1040008@msapiro.net> Message-ID: <53437620.3070504@msapiro.net> On 04/07/2014 11:18 AM, Jon 1234 wrote: > 4. *IF* the answer is to install from scratch then move across the archive, could or should I use the latest version 2.1.17? > Thanks in anticipation. If you require further information please let me know. Download the 2.1.17 tarball, unpack it and run configure, make and sudo make install in the unpack directory which must not be the installation directory. Install it over your existing installation, and everything should be fine, you shouldn't have to move anything. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From phanh at canby.k12.or.us Tue Apr 8 22:58:44 2014 From: phanh at canby.k12.or.us (Hung Phan) Date: Tue, 8 Apr 2014 13:58:44 -0700 Subject: [Mailman-Users] Prevent user subscription based on word pattern Message-ID: Can we add email address into the Ban List based on word pattern? We have a particular email address that we want to prevent from re-subscribe. However, we would like to prevent any emails that have "sexy" pattern in. Yes, we have an email subscribed to our lists and as soon as a message send out. The senders will receive replies soliciting meetup encounter. If we want to prevent any emails that contain the word "sexy", will this works? *sexy* Thank you, From mark at msapiro.net Tue Apr 8 23:10:29 2014 From: mark at msapiro.net (Mark Sapiro) Date: Tue, 08 Apr 2014 14:10:29 -0700 Subject: [Mailman-Users] Prevent user subscription based on word pattern In-Reply-To: References: Message-ID: <534465C5.9000601@msapiro.net> On 04/08/2014 01:58 PM, Hung Phan wrote: > Can we add email address into the Ban List based on word pattern? Yes. You may put any valid Python regular expression beginning with ^ in the ban list. It will be matched case-insensitively. > If we want to prevent any emails that contain the word "sexy", will this > works? > *sexy* No. Regular expressions are not the same as globs. What you would need in that case is ^.*sexy.* or simply ^.*sexy since you don't care what comes after sexy. See All this assumes that what you mean by 'prevent any emails that contain the word "sexy"' is prevent any addresses containing the word "sexy" from subscribing to the list. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From vancleef at lostwells.net Tue Apr 8 23:56:01 2014 From: vancleef at lostwells.net (Hank van Cleef) Date: Tue, 8 Apr 2014 15:56:01 -0600 (MDT) Subject: [Mailman-Users] sendmail and mailman mail0-wrapper In-Reply-To: Message-ID: <201404082156.s38Lu16w025099@joanne.lostwells.net> The esteemed Bruce Harrison has said: > > > Installing a new version of mailman on a new virtual machine (debian 4.6.3-14), and Mailman is complaining of a group mismatch error on the mail-wrapper. System is executing as mail and mailman wants it executed as mailman group. > > Looked for the smrsh config in sendmail, but this version on Debian seems not to use that. > Also can't get sendmail to accept remote connections. Localhost works fine. > Telnet to port 25 on host works fine. Remote telnet gets "554 mailman2.xxx.xxx ESMTP not accepting messages > > Looked at various pages on the web for sendmail and mailman, but not finding much. > > I'm convinced it's a setting in sendmail,but... no idea what it is. > > Any sendmail experts out there? > I'll respond to this because I don't see any other responses on the Mailman mail list, and I use sendmail with Mailman on a Solaris 10 system. I've used sendmail ever since there was a sendmail, but would hardly call myself an "expert." I use sendmail because the Solaris distributions have a good implementation as a part of the general distribution. First off, let me say that MTA's in general are supported using MTA-specific resources. Also, and more importantly, you have to have whatever MTA you are using already set up to send and receive mail from MUA clients before thinking about integrating Mailman as an additional MUA. I don't know what's available for sendmail on Debian, what the quality of any prepackaged distribution is (or isn't). I do know that smrsh is part of the sendmail package, so if you don't have it somewhere on your system, you probably haven't got a good sendmail to work with. In that case. It's open source, so you can compile your own, which I'd recommend unless you've got a known-good distribution available. For sendmail support, the distribution website has a lot of information, and there is a big README included in the package. Most administrators who do sendmail have a copy of the O'Reilly "Sendmail" book, commonly called the "Bat Book." You'll need that. There is also a comp.mail/sendmail Usenet group, which is reasonably active. If you are limited to prepackaged distributions, I'd strongly suggest using Postfix on a Debian system. Hank From stephen at xemacs.org Wed Apr 9 03:03:24 2014 From: stephen at xemacs.org (Stephen J. Turnbull) Date: Wed, 09 Apr 2014 10:03:24 +0900 Subject: [Mailman-Users] sendmail and mailman mail0-wrapper In-Reply-To: <201404082156.s38Lu16w025099@joanne.lostwells.net> References: <201404082156.s38Lu16w025099@joanne.lostwells.net> Message-ID: <8761mjjov7.fsf@uwakimon.sk.tsukuba.ac.jp> Hank van Cleef writes: > The esteemed Bruce Harrison has said: > > Looked for the smrsh config in sendmail, but this version on > > Debian seems not to use that. Check what was installed with dpkg --listfiles sendmail. Also look for a sendmail-smrsh package (or some such name) in aptitude (or whatever frontend to dpkg you prefer), and install if appropriate. > > Also can't get sendmail to accept remote connections. Localhost > > works fine. Telnet to port 25 on host works fine. Remote telnet > > gets "554 mailman2.xxx.xxx ESMTP not accepting messages Sounds like Sendmail has not been configured to handle (remote) mail on your system yet. Have you tried "dpkg-reconfigure sendmail"? (Once again, adjust package naming as appropriate.) As you suspect, at this point what you have are Sendmail issues and there surely is an active mailing list or newsgroup for Sendmail. Ask there. Also check the Debian manuals; there's probably something about configuring MTAs. From shdwdrgn at sourpuss.net Thu Apr 10 00:32:55 2014 From: shdwdrgn at sourpuss.net (Jeff Taylor) Date: Wed, 09 Apr 2014 16:32:55 -0600 Subject: [Mailman-Users] Cannot start after ubuntu upgrade Message-ID: <5345CA97.9060506@sourpuss.net> I just upgraded an old ubuntu machine from oneiric to precise, and now I cannot get mailman to run. Something starts up long enough to set a pid file, but then it simply dies. There is nothing being added to either syslog or any of the mailman log files. I tried reinstalling mailman, and made sure there were no other packages that needed to finish installing after the upgrade, but I can't seem to find anything wrong. I've been searching google for a way to increase logging verbosity, but again came up empty. What can I do to determine why mailman is dying? Currently installed: 1:2.1.14-3ubuntu0.1 Previous version: 1:2.1.14-1ubuntu2 From shdwdrgn at sourpuss.net Thu Apr 10 03:52:21 2014 From: shdwdrgn at sourpuss.net (Jeff Taylor) Date: Wed, 09 Apr 2014 19:52:21 -0600 Subject: [Mailman-Users] Cannot start after ubuntu upgrade In-Reply-To: <5345CA97.9060506@sourpuss.net> References: <5345CA97.9060506@sourpuss.net> Message-ID: <5345F955.7020303@sourpuss.net> I finally figured it out... I am running a patched version that slices the queue between multiple machines. After upgrading the machine, I reapplied the patch to Switchboard.py, but I forgot to make changes in mailmanctl. All good now, and that patch has been running great for the last couple years. Thanks! On 04/09/2014 04:32 PM, Jeff Taylor wrote: > I just upgraded an old ubuntu machine from oneiric to precise, and now > I cannot get mailman to run. Something starts up long enough to set a > pid file, but then it simply dies. There is nothing being added to > either syslog or any of the mailman log files. I tried reinstalling > mailman, and made sure there were no other packages that needed to > finish installing after the upgrade, but I can't seem to find anything > wrong. I've been searching google for a way to increase logging > verbosity, but again came up empty. > > What can I do to determine why mailman is dying? > > Currently installed: 1:2.1.14-3ubuntu0.1 > Previous version: 1:2.1.14-1ubuntu2 > > ------------------------------------------------------ > Mailman-Users mailing list Mailman-Users at python.org > https://mail.python.org/mailman/listinfo/mailman-users > Mailman FAQ: http://wiki.list.org/x/AgA3 > Security Policy: http://wiki.list.org/x/QIA9 > Searchable Archives: > http://www.mail-archive.com/mailman-users%40python.org/ > Unsubscribe: > https://mail.python.org/mailman/options/mailman-users/shdwdrgn%40sourpuss.net From six at burina.net Thu Apr 10 15:09:41 2014 From: six at burina.net (=?UTF-8?B?U2luacWhYSBCdXJpbmE=?=) Date: Thu, 10 Apr 2014 15:09:41 +0200 Subject: [Mailman-Users] DMARC issues Message-ID: <53469815.9000202@burina.net> Hello! I believe there's no need to elaborate on the problems recently introduced by Yahoo, changing their DMARC DNS record and rendering many mailman lists unusable for Yahoo mail users. I see the solution to this problem in changing the From: field to mailing list's address, but keeping the poster's name or address in the description part of the same field. For example: From: "List Name on behalf of Poster Name" or From: "Poster Name via List Name" or From: "Poster Name" or From: "Poster Name [poster at add.re.ss]" I'm using Mailman 2.1.13, and can not upgrade to 2.1.16 on a live system. I was forced to turn on anonymous_list as the urgent remedy, byt the full anonymization is not really how it should be. Could someone please help me achieve this using the above version, by some changes in the code? Thank you! -- Pozdrav / Regards, Sini?a Burina From brennan at columbia.edu Thu Apr 10 16:25:54 2014 From: brennan at columbia.edu (Joseph Brennan) Date: Thu, 10 Apr 2014 10:25:54 -0400 Subject: [Mailman-Users] DMARC issues In-Reply-To: <53469815.9000202@burina.net> References: <53469815.9000202@burina.net> Message-ID: <81F450683064ADF40ACA5B2B@sodor.cc.columbia.edu> They're breaking RFC 822 / 5322. The "From:" field specifies the author(s) of the message, that is, the mailbox(es) of the person(s) or system(s) responsible for the writing of the message. [...] In all cases, the "From:" field SHOULD NOT contain any mailbox that does not belong to the author(s) of the message. I don't think we should compound that by changing the From line. Joseph Brennan Columbia University Information Technology From six at burina.net Thu Apr 10 17:04:12 2014 From: six at burina.net (=?UTF-8?B?U2luacWhYSBCdXJpbmE=?=) Date: Thu, 10 Apr 2014 17:04:12 +0200 Subject: [Mailman-Users] DMARC issues In-Reply-To: <81F450683064ADF40ACA5B2B@sodor.cc.columbia.edu> References: <53469815.9000202@burina.net> <81F450683064ADF40ACA5B2B@sodor.cc.columbia.edu> Message-ID: <5346B2EC.2050800@burina.net> On 10/04/14 16:25, Joseph Brennan wrote: > They're breaking RFC 822 / 5322. > > The "From:" field specifies the author(s) of the message, > that is, the mailbox(es) of the person(s) or system(s) responsible > for the writing of the message. [...] > In all cases, the "From:" field SHOULD NOT contain any mailbox that > does not belong to the author(s) of the message. > > I don't think we should compound that by changing the From line. Well, anonymous_list option does that too, completely hiding the original poster's information. The approach I proposed would do the same, only in slightly subtler manner. :) -- Pozdrav / Regards, Sini?a Burina From fmouse at fmp.com Thu Apr 10 17:18:33 2014 From: fmouse at fmp.com (Lindsay Haisley) Date: Thu, 10 Apr 2014 10:18:33 -0500 Subject: [Mailman-Users] DMARC issues In-Reply-To: <81F450683064ADF40ACA5B2B@sodor.cc.columbia.edu> References: <53469815.9000202@burina.net> <81F450683064ADF40ACA5B2B@sodor.cc.columbia.edu> Message-ID: <1397143113.46749.59.camel@pudina.fmp.com> I hate to say it, but the days of the kinder, gentler internet when everyone played strictly by the RFCs are passing as operational control of internet services comes increasingly under the control of fewer, bigger players who can do as they wish. This isn't to say that Mailman should break RFCs too, but there are few options. SPF inherently breaks mailing lists, which is why heretofore it's been used mostly as an advisory protocol rather than as a determinant of whether an email gets delivered, or not. I understand that SPF is one of the components of DMARC protocols. This is the first I've heard of this issue, but it doesn't surprise me at all. On Thu, 2014-04-10 at 10:25 -0400, Joseph Brennan wrote: > They're breaking RFC 822 / 5322. > > The "From:" field specifies the author(s) of the message, > that is, the mailbox(es) of the person(s) or system(s) responsible > for the writing of the message. [...] > In all cases, the "From:" field SHOULD NOT contain any mailbox that > does not belong to the author(s) of the message. > > I don't think we should compound that by changing the From line. > > > Joseph Brennan > Columbia University Information Technology > > > > ------------------------------------------------------ > Mailman-Users mailing list Mailman-Users at python.org > https://mail.python.org/mailman/listinfo/mailman-users > Mailman FAQ: http://wiki.list.org/x/AgA3 > Security Policy: http://wiki.list.org/x/QIA9 > Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ > Unsubscribe: https://mail.python.org/mailman/options/mailman-users/fmouse%40fmp.com -- Lindsay Haisley | "Everything works if you let it" FMP Computer Services | 512-259-1190 | --- The Roadie http://www.fmp.com | From brennan at columbia.edu Thu Apr 10 17:27:24 2014 From: brennan at columbia.edu (Joseph Brennan) Date: Thu, 10 Apr 2014 11:27:24 -0400 Subject: [Mailman-Users] DMARC issues In-Reply-To: <1397143113.46749.59.camel@pudina.fmp.com> References: <53469815.9000202@burina.net> <81F450683064ADF40ACA5B2B@sodor.cc.columbia.edu> <1397143113.46749.59.camel@pudina.fmp.com> Message-ID: <0513D536552B05844061D4FA@sodor.cc.columbia.edu> Lindsay Haisley wrote: > SPF inherently breaks mailing lists No, it doesn't. SPF checks the envelope sender, and when the list host is, say, lists.example.com, the envelope sender is something like listname-bounces at lists.example.com, and that can pass SPF. Mailman, Listserv, etc, all write their envelope sender that way. Joseph Brennan Columbia University Information Technology From barry at list.org Thu Apr 10 17:36:16 2014 From: barry at list.org (Barry Warsaw) Date: Thu, 10 Apr 2014 11:36:16 -0400 Subject: [Mailman-Users] DMARC issues In-Reply-To: <53469815.9000202@burina.net> References: <53469815.9000202@burina.net> Message-ID: <20140410113616.719b3192@anarchist.localdomain> On Apr 10, 2014, at 03:09 PM, Sini?a Burina wrote: >I believe there's no need to elaborate on the problems recently introduced by >Yahoo, changing their DMARC DNS record and rendering many mailman lists >unusable for Yahoo mail users. It *is* a shame that these anti-spam defenses knowingly break mailing lists. I say "knowingly" but not "maliciously" because their specs usually describe the adverse affects on mailing lists, along with some mitigation approaches (which may not have a positive effect on list usability ). The spec authors are not hostile to mailing lists and would rather not break them, but there does seem to be a fundamental conflict between mailing lists and anti-spam approaches. That said, DMARC was discussed in great detail last year on the -developers list, so if you want all the gory details, check out those archives. Mark will probably follow up in more detail, but MM2.1 implemented a feature in 2.1.16 called "from_is_list" which is a ternary option for addressing the effects of DMARC. It has to be enabled by the site admin, and then list admins can opt-in. It's disabled by default for backward compatibility reasons. From Defaults.py: # The following is a three way setting. # 0 -> Do not rewrite the From: or wrap the message. # 1 -> Rewrite the From: header of posts replacing the posters address with # that of the list. Also see REMOVE_DKIM_HEADERS above. # 2 -> Do not modify the From: of the message, but wrap the message in an outer # message From the list address. DEFAULT_FROM_IS_LIST = 0 So as you can see, two approaches are available, From: rewriting or outer message wrapping. Both are suboptimal for usability, but it seems like we have no other viable option. This is not yet implemented in MM3 because I don't really like having to do it. We might have no choice though. -Barry From six at burina.net Thu Apr 10 17:39:34 2014 From: six at burina.net (=?UTF-8?B?U2luacWhYSBCdXJpbmE=?=) Date: Thu, 10 Apr 2014 17:39:34 +0200 Subject: [Mailman-Users] DMARC issues In-Reply-To: <1397143113.46749.59.camel@pudina.fmp.com> References: <53469815.9000202@burina.net> <81F450683064ADF40ACA5B2B@sodor.cc.columbia.edu> <1397143113.46749.59.camel@pudina.fmp.com> Message-ID: <5346BB36.8000804@burina.net> On 10/04/14 17:18, Lindsay Haisley wrote: > This is the first I've heard of this issue, but it doesn't surprise me > at all. Basically, Yahoo insists that their own mail servers are the only ones that can originate the message with @yahoo.com domain in the From header. Not Return-Path, Not the envelope sender, but exactly the From header in the message itself. If this practice gets adopted by more organizations, I don't know how else could this problem be solved. -- Pozdrav / Regards, Sini?a Burina From adam-mailman at amyl.org.uk Thu Apr 10 18:04:52 2014 From: adam-mailman at amyl.org.uk (Adam McGreggor) Date: Thu, 10 Apr 2014 17:04:52 +0100 Subject: [Mailman-Users] DMARC issues In-Reply-To: <1397143113.46749.59.camel@pudina.fmp.com> References: <53469815.9000202@burina.net> <81F450683064ADF40ACA5B2B@sodor.cc.columbia.edu> <1397143113.46749.59.camel@pudina.fmp.com> Message-ID: <20140410160452.GN10820@hendricks.amyl.org.uk> On Thu, Apr 10, 2014 at 10:18:33AM -0500, Lindsay Haisley wrote: > I hate to say it, but the days of the kinder, gentler internet when > everyone played strictly by the RFCs are passing as operational control > of internet services comes increasingly under the control of fewer, > bigger players who can do as they wish. +1. -- If all else fails, immortality can always be assured by spectacular error. -- Galbraith From jimpop at gmail.com Thu Apr 10 18:53:57 2014 From: jimpop at gmail.com (Jim Popovitch) Date: Thu, 10 Apr 2014 12:53:57 -0400 Subject: [Mailman-Users] DMARC issues In-Reply-To: <20140410160452.GN10820@hendricks.amyl.org.uk> References: <53469815.9000202@burina.net> <81F450683064ADF40ACA5B2B@sodor.cc.columbia.edu> <1397143113.46749.59.camel@pudina.fmp.com> <20140410160452.GN10820@hendricks.amyl.org.uk> Message-ID: On Thu, Apr 10, 2014 at 12:04 PM, Adam McGreggor wrote: > On Thu, Apr 10, 2014 at 10:18:33AM -0500, Lindsay Haisley wrote: >> I hate to say it, but the days of the kinder, gentler internet when >> everyone played strictly by the RFCs are passing as operational control >> of internet services comes increasingly under the control of fewer, >> bigger players who can do as they wish. > > +1. Further to that point: The behemoths doing this also offer competitive (revenue based!) offerings to the services they are impacting. -Jim P. From stephen at xemacs.org Thu Apr 10 19:57:48 2014 From: stephen at xemacs.org (Stephen J. Turnbull) Date: Fri, 11 Apr 2014 02:57:48 +0900 Subject: [Mailman-Users] DMARC issues In-Reply-To: <5346BB36.8000804@burina.net> References: <53469815.9000202@burina.net> <81F450683064ADF40ACA5B2B@sodor.cc.columbia.edu> <1397143113.46749.59.camel@pudina.fmp.com> <5346BB36.8000804@burina.net> Message-ID: <87ioqhhxsz.fsf@uwakimon.sk.tsukuba.ac.jp> Sini?a Burina writes: > Basically, Yahoo insists that their own mail servers are the only > ones that can originate the message with @yahoo.com domain in the > From header. Not Return-Path, Not the envelope sender, but exactly > the From header in the message itself. If this practice gets > adopted by more organizations, I don't know how else could this > problem be solved. If yahoo wants to give their users an excuse to use a different address and stop advertising yahoo, I have no problem with that. :-) The straightforward thing for Mailman to do is to wrap mail from yahoo addresses in a multipart/mixed with a text part explaining that Yahoo is "knowingly interfering with" the mail service of their users, and the mail itself in a message/rfc822 part. As far as I know, no component of DMARC allows digging into a message and trying to DMARC the MIME parts. Or just bounce them with a message stating that Yahoo no longer permits its users to post to mailing lists, so please use a different posting address. I realize that most sites can't do that, but mine can (and will if I get any complaints about this policy -- my subscribers are sympathetic). Steve From six at burina.net Thu Apr 10 20:34:26 2014 From: six at burina.net (=?UTF-8?B?U2luacWhYSBCdXJpbmE=?=) Date: Thu, 10 Apr 2014 20:34:26 +0200 Subject: [Mailman-Users] DMARC issues In-Reply-To: <87ioqhhxsz.fsf@uwakimon.sk.tsukuba.ac.jp> References: <53469815.9000202@burina.net> <81F450683064ADF40ACA5B2B@sodor.cc.columbia.edu> <1397143113.46749.59.camel@pudina.fmp.com> <5346BB36.8000804@burina.net> <87ioqhhxsz.fsf@uwakimon.sk.tsukuba.ac.jp> Message-ID: <5346E432.2080707@burina.net> On 10/04/14 19:57, Stephen J. Turnbull wrote: > Or just bounce them with a message stating that Yahoo no longer > permits its users to post to mailing lists, so please use a different > posting address. I realize that most sites can't do that, but mine > can (and will if I get any complaints about this policy -- my > subscribers are sympathetic). And that's exactly what I'm going to do. :) -- Pozdrav / Regards, Sini?a Burina From jimpop at gmail.com Thu Apr 10 21:35:12 2014 From: jimpop at gmail.com (Jim Popovitch) Date: Thu, 10 Apr 2014 15:35:12 -0400 Subject: [Mailman-Users] DMARC issues In-Reply-To: <5346E432.2080707@burina.net> References: <53469815.9000202@burina.net> <81F450683064ADF40ACA5B2B@sodor.cc.columbia.edu> <1397143113.46749.59.camel@pudina.fmp.com> <5346BB36.8000804@burina.net> <87ioqhhxsz.fsf@uwakimon.sk.tsukuba.ac.jp> <5346E432.2080707@burina.net> Message-ID: On Thu, Apr 10, 2014 at 2:34 PM, Sini?a Burina wrote: > On 10/04/14 19:57, Stephen J. Turnbull wrote: > >> Or just bounce them with a message stating that Yahoo no longer >> permits its users to post to mailing lists, so please use a different >> posting address. I realize that most sites can't do that, but mine >> can (and will if I get any complaints about this policy -- my >> subscribers are sympathetic). > > And that's exactly what I'm going to do. :) Here's a tried and tested patch just awaiting more use: https://code.launchpad.net/~jimpop/mailman/dmarc-reject -Jim P. From barry at list.org Thu Apr 10 22:41:34 2014 From: barry at list.org (Barry Warsaw) Date: Thu, 10 Apr 2014 16:41:34 -0400 Subject: [Mailman-Users] DMARC issues In-Reply-To: <87ioqhhxsz.fsf@uwakimon.sk.tsukuba.ac.jp> References: <53469815.9000202@burina.net> <81F450683064ADF40ACA5B2B@sodor.cc.columbia.edu> <1397143113.46749.59.camel@pudina.fmp.com> <5346BB36.8000804@burina.net> <87ioqhhxsz.fsf@uwakimon.sk.tsukuba.ac.jp> Message-ID: <20140410164134.1cda7b85@anarchist> On Apr 11, 2014, at 02:57 AM, Stephen J. Turnbull wrote: >The straightforward thing for Mailman to do is to wrap mail from yahoo >addresses in a multipart/mixed with a text part explaining that Yahoo >is "knowingly interfering with" the mail service of their users, and >the mail itself in a message/rfc822 part. As far as I know, no >component of DMARC allows digging into a message and trying to DMARC >the MIME parts. That's what I mean by "we can fix it if we make the user experience horrible". See all the complaints about the MIME-proper way we add footers in some cases. -Barry From mark at msapiro.net Fri Apr 11 02:25:16 2014 From: mark at msapiro.net (Mark Sapiro) Date: Thu, 10 Apr 2014 17:25:16 -0700 Subject: [Mailman-Users] DMARC issues In-Reply-To: <81F450683064ADF40ACA5B2B@sodor.cc.columbia.edu> References: <53469815.9000202@burina.net> <81F450683064ADF40ACA5B2B@sodor.cc.columbia.edu> Message-ID: <5347366C.5000303@msapiro.net> On 04/10/2014 07:25 AM, Joseph Brennan wrote: > > They're breaking RFC 822 / 5322. > > The "From:" field specifies the author(s) of the message, > that is, the mailbox(es) of the person(s) or system(s) responsible > for the writing of the message. [...] > In all cases, the "From:" field SHOULD NOT contain any mailbox that > does not belong to the author(s) of the message. > > I don't think we should compound that by changing the From line. Several others have made relevant replies while I was on the plane to Montreal, registering for PyCon, attending the opening reception ... Anyway, I wanted to say I agree completely with the above even though the DMARC community does not. That's why I implemented the option in 2.1.16 to wrap the original post as a message/rfc822 part attached to a new message from the list. Unfortunately, when I actually turned this on in response to Yahoo's change in DMARC policy, I got complaints from users of Apple iOS iThings that their mail clients do not deal well with this message, so I reluctantly went the non-compliant mung the From: way. Yesterday I wrote a brief FAQ on this which is at . -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From mark at msapiro.net Fri Apr 11 02:30:51 2014 From: mark at msapiro.net (Mark Sapiro) Date: Thu, 10 Apr 2014 17:30:51 -0700 Subject: [Mailman-Users] DMARC and Mail Lists open space at Pycon Message-ID: <534737BB.9090902@msapiro.net> I have tentatively scheduled an open space for Friday, 11 April at 18:00 in room 523B at Pycon to talk about DMARC and mail lists. All available interested parties are invited. If the time doesn't work, we can reschedule. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From gaa at ulticom.com Fri Apr 11 02:35:05 2014 From: gaa at ulticom.com (mail.ulticom.com) Date: Thu, 10 Apr 2014 20:35:05 -0400 Subject: [Mailman-Users] DMARC issues In-Reply-To: <5347366C.5000303@msapiro.net> References: <53469815.9000202@burina.net> <81F450683064ADF40ACA5B2B@sodor.cc.columbia.edu> <5347366C.5000303@msapiro.net> Message-ID: <04E38717-F4C4-4C37-A816-8D26CB01BDA4@ulticom.com> > On Apr 10, 2014, at 20:25, Mark Sapiro wrote: > >> On 04/10/2014 07:25 AM, Joseph Brennan wrote: >> >> They're breaking RFC 822 / 5322. >> >> The "From:" field specifies the author(s) of the message, >> that is, the mailbox(es) of the person(s) or system(s) responsible >> for the writing of the message. [...] >> In all cases, the "From:" field SHOULD NOT contain any mailbox that >> does not belong to the author(s) of the message. >> >> I don't think we should compound that by changing the From line. > > > Several others have made relevant replies while I was on the plane to > Montreal, registering for PyCon, attending the opening reception ... > > Anyway, I wanted to say I agree completely with the above even though > the DMARC community does not. That's why I implemented the option in > 2.1.16 to wrap the original post as a message/rfc822 part attached to a > new message from the list. > > Unfortunately, when I actually turned this on in response to Yahoo's > change in DMARC policy, I got complaints from users of Apple iOS iThings > that their mail clients do not deal well with this message, so I > reluctantly went the non-compliant mung the From: way. > > Yesterday I wrote a brief FAQ on this which is at > . > > -- > Mark Sapiro The highway is for gamblers, > San Francisco Bay Area, California better use your sense - B. Dylan > ------------------------------------------------------ At least as of iOS 7 it can show messages inside messages. That's how I view email forwarded from Exchange. Now if only bottom posting was easier on an iPhone. Fat fingered from my iPhone -- miscorrections happen. From mark at msapiro.net Fri Apr 11 03:19:59 2014 From: mark at msapiro.net (Mark Sapiro) Date: Thu, 10 Apr 2014 18:19:59 -0700 Subject: [Mailman-Users] DMARC issues In-Reply-To: <53469815.9000202@burina.net> References: <53469815.9000202@burina.net> Message-ID: <5347433F.5050105@msapiro.net> On 04/10/2014 06:09 AM, Sini?a Burina wrote: > > I see the solution to this problem in changing the From: field to mailing list's address, but > keeping the poster's name or address in the description part of the same field. For example: ... > I'm using Mailman 2.1.13, and can not upgrade to 2.1.16 on a live system. > I was forced to turn on anonymous_list as the urgent remedy, byt the full anonymization is not > really how it should be. > > Could someone please help me achieve this using the above version, by some changes in the code? I'm not sure why you can't upgrade if you can patch the code, but in any case, I can't point you at a single patch to do it my way because there are several. You could do it by applying all of the following patches in order. http://bazaar.launchpad.net/~mailman-coders/mailman/2.1/diff/1402 http://bazaar.launchpad.net/~mailman-coders/mailman/2.1/diff/1404 http://bazaar.launchpad.net/~mailman-coders/mailman/2.1/diff/1415 http://bazaar.launchpad.net/~mailman-coders/mailman/2.1/diff/1417 http://bazaar.launchpad.net/~mailman-coders/mailman/2.1/diff/1418 http://bazaar.launchpad.net/~mailman-coders/mailman/2.1/diff/1419 http://bazaar.launchpad.net/~mailman-coders/mailman/2.1/diff/1446 http://bazaar.launchpad.net/~mailman-coders/mailman/2.1/diff/1450 http://bazaar.launchpad.net/~mailman-coders/mailman/2.1/diff/1453 http://bazaar.launchpad.net/~mailman-coders/mailman/2.1/diff/1454 http://bazaar.launchpad.net/~mailman-coders/mailman/2.1/diff/1455 (1415, 1417 and 1418 are i18n only) -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From mark at msapiro.net Fri Apr 11 04:26:46 2014 From: mark at msapiro.net (Mark Sapiro) Date: Thu, 10 Apr 2014 19:26:46 -0700 Subject: [Mailman-Users] DMARC issues In-Reply-To: <04E38717-F4C4-4C37-A816-8D26CB01BDA4@ulticom.com> References: <53469815.9000202@burina.net> <81F450683064ADF40ACA5B2B@sodor.cc.columbia.edu> <5347366C.5000303@msapiro.net> <04E38717-F4C4-4C37-A816-8D26CB01BDA4@ulticom.com> Message-ID: <534752E6.7040002@msapiro.net> On 04/10/2014 05:35 PM, mail.ulticom.com wrote: > > At least as of iOS 7 it can show messages inside messages. Thanks for the tip. I'll check with my users and see what they're using. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From stephen at xemacs.org Fri Apr 11 06:21:44 2014 From: stephen at xemacs.org (Stephen J. Turnbull) Date: Fri, 11 Apr 2014 13:21:44 +0900 Subject: [Mailman-Users] DMARC issues In-Reply-To: <5347366C.5000303@msapiro.net> References: <53469815.9000202@burina.net> <81F450683064ADF40ACA5B2B@sodor.cc.columbia.edu> <5347366C.5000303@msapiro.net> Message-ID: <87eh14ijhj.fsf@uwakimon.sk.tsukuba.ac.jp> Mark Sapiro writes: > Unfortunately, when I actually turned this on in response to > Yahoo's change in DMARC policy, I got complaints from users of > Apple iOS iThings that their mail clients do not deal well with > this message, The iOS 6 mail client was just plain unusable, and in very limited experience the iOS 7.1 client is not a lot better. Neither can stay synched with the state of Gmail on my PC. It's easier to use Gmail from Safari (even though Safari has trouble displaying those pages correctly), and I'm going to try the Gmail iPhone client later today (I normally don't process mail from my iPhone 4S/iOS 7.1). I can't speak for those who don't use Gmail, of course, but I find it hard to be sympathetic with people who complain that the very limited clients provided by Apple are, well, *very* limited. > so I reluctantly went the non-compliant mung the From: way. That's a shame. I really think putting the blame on Yahoo! and the DMARC advocates (Yahoo! clearly being a leader in that crowd), where it belongs, and the discomfort on Yahoo! users, is a better idea. From six at burina.net Fri Apr 11 09:03:54 2014 From: six at burina.net (=?UTF-8?B?U2luacWhYSBCdXJpbmE=?=) Date: Fri, 11 Apr 2014 09:03:54 +0200 Subject: [Mailman-Users] DMARC issues In-Reply-To: <5347433F.5050105@msapiro.net> References: <53469815.9000202@burina.net> <5347433F.5050105@msapiro.net> Message-ID: <534793DA.1070203@burina.net> On 11/04/14 03:19, Mark Sapiro wrote: > I'm not sure why you can't upgrade if you can patch the code, but in any > case, I can't point you at a single patch to do it my way because there > are several. You could do it by applying all of the following patches in > order. Thank you very much, Mark! -- Pozdrav / Regards, Sini?a Burina From rsk at gsp.org Fri Apr 11 12:13:58 2014 From: rsk at gsp.org (Rich Kulawiec) Date: Fri, 11 Apr 2014 06:13:58 -0400 Subject: [Mailman-Users] DMARC issues In-Reply-To: <20140410113616.719b3192@anarchist.localdomain> References: <53469815.9000202@burina.net> <20140410113616.719b3192@anarchist.localdomain> Message-ID: <20140411101358.GA14218@gsp.org> (my apologies to anyone who reads NANOG, this is mostly a repeat of what I said there) On Thu, Apr 10, 2014 at 11:36:16AM -0400, Barry Warsaw wrote: > It *is* a shame that these anti-spam defenses knowingly break mailing lists. It's a shame that this is being pushed as an anti-spam defense when in fact (a) it has little-to-no anti-spam value and (b) measures that have much higher anti-spam value with few adverse effects are not being used. Nearly all (at least 99% and likely quite a bit more) of the spam [as observed by my numerous spamtraps] that purports to originate from Yahoo really *does* originate from Yahoo. All that I have to do to verify that is to look at the originating host -- that is, it's not necessary to check DMARC or anything else. There are several reasons for this. First, Yahoo has done an absolutely miserable job of outbound abuse control. For over a decade. Second, they've done a correspondingly miserable job of handling abuse reports, so even when one of their victims is kind and generous enough to do their work for them and tell them that they have a problem...they don't pay attention and they don't take any action. (Or they fire back a clueless boilerplate denial that it was their user on their host on their network...even though it was all three.) Also for over a decade. Third, why would any spammer forge a @yahoo.com address when it's easy enough to buy hijacked accounts by the bucketful -- or to use any of the usual exploits to go get some? Fourth, at least some spammers seem to have caught on that Yahoo isn't *worth* forging: it's a toxic cesspool because the people running it have allowed it to be become one. So let's not pretend that this has anything to do with stopping spam. If Yahoo actually wanted to do something about spam, they could have done that years and years ago simply by *paying attention* to what was going on inside their own operation. This is just (a) propaganda, so that they claim to be "doing something" and (b) a clumsy attempt to coerce people into using *their* mailing lists, which are just as horribly run as the rest of their mail system. ---rsk From mark at msapiro.net Fri Apr 11 13:21:49 2014 From: mark at msapiro.net (Mark Sapiro) Date: Fri, 11 Apr 2014 04:21:49 -0700 Subject: [Mailman-Users] DMARC and Mail Lists open space at Pycon In-Reply-To: <534737BB.9090902@msapiro.net> References: <534737BB.9090902@msapiro.net> Message-ID: <5347D04D.2010706@msapiro.net> On 04/10/2014 05:30 PM, Mark Sapiro wrote: > I have tentatively scheduled an open space for Friday, 11 April at 18:00 > in room 523B at Pycon to talk about DMARC and mail lists. All available > interested parties are invited. If the time doesn't work, we can reschedule. I will need to reschedule this. Check the open space board. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From mark at msapiro.net Fri Apr 11 14:25:58 2014 From: mark at msapiro.net (Mark Sapiro) Date: Fri, 11 Apr 2014 08:25:58 -0400 Subject: [Mailman-Users] DMARC and Mail Lists open space at Pycon In-Reply-To: <5347D04D.2010706@msapiro.net> References: <534737BB.9090902@msapiro.net> <5347D04D.2010706@msapiro.net> Message-ID: On April 11, 2014 7:21:49 AM EDT, Mark Sapiro wrote: >On 04/10/2014 05:30 PM, Mark Sapiro wrote: >> I have tentatively scheduled an open space for Friday, 11 April at >18:00 >> in room 523B at Pycon to talk about DMARC and mail lists. All >available >> interested parties are invited. If the time doesn't work, we can >reschedule. > > >I will need to reschedule this. Check the open space board. Tentatively rescheduled to 17:00 EDT (21:00 GMT) on Friday, 11 Apr in room 525. I will attempt to post realtime summaries on #mailman. -- Mark Sapiro Sent from my Android phone with K-9 Mail. [Unpaid endorsement] From mark at msapiro.net Fri Apr 11 21:18:13 2014 From: mark at msapiro.net (Mark Sapiro) Date: Fri, 11 Apr 2014 12:18:13 -0700 Subject: [Mailman-Users] DMARC and Mail Lists open space at Pycon In-Reply-To: References: <534737BB.9090902@msapiro.net> <5347D04D.2010706@msapiro.net> Message-ID: <53483FF5.6040908@msapiro.net> On 04/11/2014 05:25 AM, Mark Sapiro wrote: > > Tentatively rescheduled to 17:00 EDT (21:00 GMT) on Friday, 11 Apr in room 525. > > I will attempt to post realtime summaries on #mailman. Due to various scheduling issues, this will be rescheduled for Saturday evening (Montreal time). Details to follow. Please email me if you're thinking of attending. So far I know it's me, Florian Fuchs, and Barry Warsaw, but we need DMARC folks too. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From sylvain at opensource-expert.com Fri Apr 11 17:54:01 2014 From: sylvain at opensource-expert.com (Sylvain Viart) Date: Fri, 11 Apr 2014 17:54:01 +0200 Subject: [Mailman-Users] handler to auto detach attachment and link it to a website? In-Reply-To: <53368652.90207@opensource-expert.com> References: <53368652.90207@opensource-expert.com> Message-ID: <53481019.2000209@opensource-expert.com> Hi, > Le 28/03/2014 16:58, Mark Sapiro a ?crit : > > As it says in that post, scrub_nondigest is an all or nothing feature. > > I may code the behavior I've described for my need : > > Detaching attachment, storing, linking back into the original mail. 4.67. How do I implement a custom handler in Mailman Following instruction here, I've started to develop my custom handler, as Scrubber is scrubbing too "strong" for my purpose. Development question, is there a way to test the handler against a mail content, outside of the full mailman context? Something like: $ python -some-useful-switch-here MyHandler.py < mymail_withheader.txt Is it more appropriate to post such question to mailman-developers list? I've found: http://pythonhosted.org/mailman/src/mailman/docs/DEVELOP.html Regards, Sylvain. From mark at msapiro.net Fri Apr 11 23:06:54 2014 From: mark at msapiro.net (Mark Sapiro) Date: Fri, 11 Apr 2014 14:06:54 -0700 Subject: [Mailman-Users] handler to auto detach attachment and link it to a website? In-Reply-To: <53481019.2000209@opensource-expert.com> References: <53368652.90207@opensource-expert.com> <53481019.2000209@opensource-expert.com> Message-ID: <5348596E.6070703@msapiro.net> On 04/11/2014 08:54 AM, Sylvain Viart wrote: > > 4.67. How do I implement a custom handler in Mailman > > > > Following instruction here, I've started to develop my custom handler, > as Scrubber is scrubbing too "strong" for my purpose. > > Development question, is there a way to test the handler against a mail > content, outside of the full mailman context? > > Something like: > > $ python -some-useful-switch-here MyHandler.py < mymail_withheader.txt withlist is the tool for this. When I get a chance, I will update the above FAQ with a skeleton framework, but in short you need a withlist script that imports your handler, reads your message and builds a Mailman.Message.Message object and calls your handler's process function. > Is it more appropriate to post such question to mailman-developers list? Either is OK. > I've found: http://pythonhosted.org/mailman/src/mailman/docs/DEVELOP.html That's for Mailman 3 and isn't relevant to Mailman 2.1.x. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From stephen at xemacs.org Fri Apr 11 23:41:20 2014 From: stephen at xemacs.org (Stephen J. Turnbull) Date: Sat, 12 Apr 2014 06:41:20 +0900 Subject: [Mailman-Users] handler to auto detach attachment and link it to a website? In-Reply-To: <53481019.2000209@opensource-expert.com> References: <53368652.90207@opensource-expert.com> <53481019.2000209@opensource-expert.com> Message-ID: <87y4zbh7cv.fsf@uwakimon.sk.tsukuba.ac.jp> Sylvain Viart writes: > Development question, is there a way to test the handler against a mail > content, outside of the full mailman context? I forget the exact incantation, but I have a test list, and just test for the test list at the top of the Handler, and return success immediately. > Something like: > > $ python -some-useful-switch-here MyHandler.py < mymail_withheader.txt It's not going to be that easy because the handlers receive both the message itself and a message information object, and creation of the object is non-trivial. For hints I'd look at the testing code. > Is it more appropriate to post such question to mailman-developers list? Not as far as I'm concerned, "create a custom Handler" is commonly offered as a solution here, so we should be willing to support it here. From pshute at nuw.org.au Sat Apr 12 03:28:43 2014 From: pshute at nuw.org.au (Peter Shute) Date: Sat, 12 Apr 2014 11:28:43 +1000 Subject: [Mailman-Users] DMARC issues In-Reply-To: <53469815.9000202@burina.net> References: <53469815.9000202@burina.net> Message-ID: I hadn't heard of this till now. Could somebody please confirm if my understanding of the issue is correct? This is what I'm thinking will happen, please correct where I'm wrong: - A list member sends an email to the list from a yahoo address - The list sends that email out to all the list members - The recipients' mail servers will (might?) check with yahoo what to do with the email, and will be advised to reject it - The list will receive a bounce for every email address whose mail server follows that advice - Those recipients whose mail server follows the advice will not receive the message - The list will increment the bounce score for all those affected receipients, but only once per day - The increment will be 1 because this is a hard bounce - If the score reaches the bounce_score_threshold before the bounce_info_stale_after number of days has passed since the most recent bounce, then the member's subscription is disabled. If that's correct then my understanding is that: - If a list has at least one active yahoo member then pretty soon everyone's subscription will be disabled (not unsubscribed?). - If a list receives vey few messages from yahoo addresses then the only effect will be that their messages don't get through, and that they might still get through to some people. I'm a moderator for a cpanel list, but don't have access to any of the settings. Can someone tell me what the default settings are for bounce_score_threshold and bounce_info_stale_after? I'm assuming ours might still be whatever the defaults are. Am I right in thinking that if we make these values high enough, we'll see no accounts disabled, and the only side effects will be more bounces and yahoo mail won't get through? Would this be an acceptable solution for a list with only 1000 members and low traffic, assuming we warn the yahoo members to use a different address? Peter Shute Sini?a Burina wrote: I believe there's no need to elaborate on the problems recently introduced by Yahoo, changing their DMARC DNS record and rendering many mailman lists unusable for Yahoo mail users. From mark at msapiro.net Sat Apr 12 03:53:09 2014 From: mark at msapiro.net (Mark Sapiro) Date: Fri, 11 Apr 2014 18:53:09 -0700 Subject: [Mailman-Users] DMARC issues In-Reply-To: References: <53469815.9000202@burina.net> Message-ID: <53489C85.3060002@msapiro.net> On 04/11/2014 06:28 PM, Peter Shute wrote: > I hadn't heard of this till now. Could somebody please confirm if my understanding of the issue is correct? > > This is what I'm thinking will happen, please correct where I'm wrong: > - A list member sends an email to the list from a yahoo address > - The list sends that email out to all the list members > - The recipients' mail servers will (might?) check with yahoo what to do with the email, and will be advised to reject it > - The list will receive a bounce for every email address whose mail server follows that advice > - Those recipients whose mail server follows the advice will not receive the message > - The list will increment the bounce score for all those affected receipients, but only once per day > - The increment will be 1 because this is a hard bounce > - If the score reaches the bounce_score_threshold before the bounce_info_stale_after number of days has passed since the most recent bounce, then the member's subscription is disabled. Correct. > If that's correct then my understanding is that: > - If a list has at least one active yahoo member then pretty soon everyone's subscription will be disabled (not unsubscribed?). Everyone whose ISP honors Yahoo's DMARC reject policy. And they will eventually be unsubscribed after (bounce_you_are_disabled_warnings) * (bounce_you_are_disabled_warnings_interval) days. > - If a list receives vey few messages from yahoo addresses then the only effect will be that their messages don't get through, and that they might still get through to some people. Maybe. Yahoo requests and receives reports of rejected mail. This is only speculation, but if Yahoo sees that your server is sending what it considers to be bogus mail purporting to be From: its domain, it could decide to reject all mail from your server. > I'm a moderator for a cpanel list, but don't have access to any of the settings. Can someone tell me what the default settings are for bounce_score_threshold and bounce_info_stale_after? I'm assuming ours might still be whatever the defaults are. The list admin can see these values on the list's web admin Bounce processing page, but defaults are: bounce_score_threshold = 5.0 bounce_info_stale_after = 7 bounce_you_are_disabled_warnings = 3 = 7 > Am I right in thinking that if we make these values high enough, we'll see no accounts disabled, and the only side effects will be more bounces and yahoo mail won't get through? Would this be an acceptable solution for a list with only 1000 members and low traffic, assuming we warn the yahoo members to use a different address? Just turn off bounce processing for the list. See the FAQ at . Also consider what I speculate above in the paragraph starting with "Maybe." Additional reading at , and and other articles linked from those. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From fmouse at fmp.com Sat Apr 12 04:01:36 2014 From: fmouse at fmp.com (Mitra IMAP) Date: Fri, 11 Apr 2014 21:01:36 -0500 Subject: [Mailman-Users] DMARC issues In-Reply-To: References: <53469815.9000202@burina.net> Message-ID: Our observation here has been that only Yahoo addresses, and those of other services which also uses the DMARC algorithm generate bounces. Because the From: address contains yahoo.com, and the IP address of the list server does not reverse resolve to a yahoo.com server, the list email is refused by Yahoo. The list of refusing servers includes Yahoo, Comcast, AT&T, Hotmail and a number of others. Lindsay Haisley (512) 259-1190 (land line) (512) 496-7118 (mobile) Sent from my iPhone On Apr 11, 2014, at 8:28 PM, Peter Shute wrote: > I hadn't heard of this till now. Could somebody please confirm if my understanding of the issue is correct? > > This is what I'm thinking will happen, please correct where I'm wrong: > - A list member sends an email to the list from a yahoo address > - The list sends that email out to all the list members > - The recipients' mail servers will (might?) check with yahoo what to do with the email, and will be advised to reject it > - The list will receive a bounce for every email address whose mail server follows that advice > - Those recipients whose mail server follows the advice will not receive the message > - The list will increment the bounce score for all those affected receipients, but only once per day > - The increment will be 1 because this is a hard bounce > - If the score reaches the bounce_score_threshold before the bounce_info_stale_after number of days has passed since the most recent bounce, then the member's subscription is disabled. > > If that's correct then my understanding is that: > - If a list has at least one active yahoo member then pretty soon everyone's subscription will be disabled (not unsubscribed?). > - If a list receives vey few messages from yahoo addresses then the only effect will be that their messages don't get through, and that they might still get through to some people. > > I'm a moderator for a cpanel list, but don't have access to any of the settings. Can someone tell me what the default settings are for bounce_score_threshold and bounce_info_stale_after? I'm assuming ours might still be whatever the defaults are. > > Am I right in thinking that if we make these values high enough, we'll see no accounts disabled, and the only side effects will be more bounces and yahoo mail won't get through? Would this be an acceptable solution for a list with only 1000 members and low traffic, assuming we warn the yahoo members to use a different address? > > Peter Shute > > Sini?a Burina wrote: > I believe there's no need to elaborate on the problems recently introduced by Yahoo, changing their > DMARC DNS record and rendering many mailman lists unusable for Yahoo mail users. > ------------------------------------------------------ > Mailman-Users mailing list Mailman-Users at python.org > https://mail.python.org/mailman/listinfo/mailman-users > Mailman FAQ: http://wiki.list.org/x/AgA3 > Security Policy: http://wiki.list.org/x/QIA9 > Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ > Unsubscribe: https://mail.python.org/mailman/options/mailman-users/fmouse%40fmp.com From pshute at nuw.org.au Sat Apr 12 11:59:10 2014 From: pshute at nuw.org.au (Peter Shute) Date: Sat, 12 Apr 2014 19:59:10 +1000 Subject: [Mailman-Users] DMARC issues In-Reply-To: <53489C85.3060002@msapiro.net> References: <53469815.9000202@burina.net> <53489C85.3060002@msapiro.net> Message-ID: <9F5A0AEB-0C33-4870-A92D-2FFD088AFD31@nuw.org.au> > On 12 Apr 2014, at 11:53 am, "Mark Sapiro" wrote: > > Maybe. Yahoo requests and receives reports of rejected mail. This is > only speculation, but if Yahoo sees that your server is sending what it > considers to be bogus mail purporting to be From: its domain, it could > decide to reject all mail from your server. That's a very disturbing thought, even more so it they're contributing to blocklists that are used elsewhere. > The list admin can see these values on the list's web admin Bounce > processing page, but defaults are: > > bounce_score_threshold = 5.0 > bounce_info_stale_after = 7 > bounce_you_are_disabled_warnings = 3 = 7 Thanks for those. Is the last one a typo? Otherwise, what does =3=7 mean? With these settings, and address will have to bounce on 5 days, with no breaks of 7 days or more before being disabled? After they're disabled, they get a warning email every bounce_you_are_disabled_warnings_interval days, correct? What's the default for that, please? And then after bounce_you_are_disabled_warnings of these, they're actually unsubscribed? >> Am I right in thinking that if we make these values high enough, we'll see no accounts disabled, and the only side effects will be more bounces and yahoo mail won't get through? Would this be an acceptable solution for a list with only 1000 members and low traffic, assuming we warn the yahoo members to use a different address? > > > Just turn off bounce processing for the list. See the FAQ at > . That should work for us for now, but won't we have a growing load of bounces as time goes by? I was thinking it might be better to get rid of those addresses that are permanently bouncing every message, even if we take longer to do it than before. > Additional reading at , > and > > and other articles linked from those. From the threadable article: ?He recommends that all list administrators immediately stop delivering to Yahoo addresses to limit damage, and encourage members to move to a more friendly provider." How would not delivering to yahoo addresses help? I thought the problem was with delivering yahoo email to others. And I'm wondering about asking people to move off yahoo. We might have to do that, but what happens if they go to the trouble of getting a gmail account, and then google starts doing the same thing? They're not going to be happy. Peter Shute From mark at msapiro.net Sat Apr 12 13:28:34 2014 From: mark at msapiro.net (Mark Sapiro) Date: Sat, 12 Apr 2014 04:28:34 -0700 Subject: [Mailman-Users] DMARC issues In-Reply-To: <9F5A0AEB-0C33-4870-A92D-2FFD088AFD31@nuw.org.au> References: <53469815.9000202@burina.net> <53489C85.3060002@msapiro.net> <9F5A0AEB-0C33-4870-A92D-2FFD088AFD31@nuw.org.au> Message-ID: <53492362.6010203@msapiro.net> On 04/12/2014 02:59 AM, Peter Shute wrote: >> On 12 Apr 2014, at 11:53 am, "Mark Sapiro" wrote: >> bounce_you_are_disabled_warnings = 3 = 7 > > Thanks for those. Is the last one a typo? Otherwise, what does =3=7 mean? It was supposed to say bounce_you_are_disabled_warnings = 3 bounce_you_are_disabled_warnings_interval = 7 > With these settings, and address will have to bounce on 5 days, with no breaks of 7 days or more before being disabled? Correct. > After they're disabled, they get a warning email every bounce_you_are_disabled_warnings_interval days, correct? What's the default for that, please? 7 days, the bit that got dropped above. > And then after bounce_you_are_disabled_warnings of these, they're actually unsubscribed? Yes. >>> Am I right in thinking that if we make these values high enough, we'll see no accounts disabled, and the only side effects will be more bounces and yahoo mail won't get through? Would this be an acceptable solution for a list with only 1000 members and low traffic, assuming we warn the yahoo members to use a different address? >> >> >> Just turn off bounce processing for the list. See the FAQ at >> . > > That should work for us for now, but won't we have a growing load of bounces as time goes by? I was thinking it might be better to get rid of those addresses that are permanently bouncing every message, even if we take longer to do it than before. Yes, those are the tradeoffs you need to consider. >> Additional reading at , >> and >> >> and other articles linked from those. > > From the threadable article: > ?He recommends that all list administrators immediately stop delivering to Yahoo addresses to limit damage, and encourage members to move to a more friendly provider." > > How would not delivering to yahoo addresses help? I thought the problem was with delivering yahoo email to others. See Jim P's post in this thread at and the branch linked therefrom, although you probably don't have the access required to install it. Jim P's approach is to reject any post From: a domain with a DMARC policy of reject. To accept a post and then not deliver it to some because you know it won't be accepted is arguably wrong, and also, you can't know except by experience which recipient domains will reject the post for DMARC policy. I've seen the following: aol.com att.net comcast.net compuserve.com hotmail.com msn.com netscape.net pacbell.net sbcglobal.net yahoo.com and a buisiness domain hosted by Yahoo. > And I'm wondering about asking people to move off yahoo. We might have to do that, but what happens if they go to the trouble of getting a gmail account, and then google starts doing the same thing? They're not going to be happy. It remains to be seen if DMARC becomes more widely adopted or dies, See Rich K's post in this thread at . So far, Gmail/Googlemail is not honoring DMARC policy. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From mark at msapiro.net Sat Apr 12 18:01:27 2014 From: mark at msapiro.net (Mark Sapiro) Date: Sat, 12 Apr 2014 12:01:27 -0400 Subject: [Mailman-Users] DMARC and Mail Lists open space at Pycon In-Reply-To: <53483FF5.6040908@msapiro.net> References: <534737BB.9090902@msapiro.net> <5347D04D.2010706@msapiro.net> <53483FF5.6040908@msapiro.net> Message-ID: <08575ddd-3c13-4700-b0d0-afbc866956ae@email.android.com> On April 11, 2014 3:18:13 PM EDT, Mark Sapiro wrote: >On 04/11/2014 05:25 AM, Mark Sapiro wrote: >> >> Tentatively rescheduled to 17:00 EDT (21:00 GMT) on Friday, 11 Apr in >room 525. >> >> I will attempt to post realtime summaries on #mailman. > > >Due to various scheduling issues, this will be rescheduled for Saturday >evening (Montreal time). Details to follow. > >Please email me if you're thinking of attending. So far I know it's me, >Florian Fuchs, and Barry Warsaw, but we need DMARC folks too. We are currently scheduled for 19:00 EDT (23:00 GMT), today, 12 Apr in room 525. It looks like it may just be Barry, Florian and me making dinner plans, but if you're interested and here please come. -- Mark Sapiro Sent from my Android phone with K-9 Mail. [Unpaid endorsement] From pshute at nuw.org.au Sun Apr 13 00:15:42 2014 From: pshute at nuw.org.au (Peter Shute) Date: Sun, 13 Apr 2014 08:15:42 +1000 Subject: [Mailman-Users] DMARC issues In-Reply-To: <53492362.6010203@msapiro.net> References: <53469815.9000202@burina.net> <53489C85.3060002@msapiro.net> <9F5A0AEB-0C33-4870-A92D-2FFD088AFD31@nuw.org.au> <53492362.6010203@msapiro.net> Message-ID: <3A29F9EF-6AE5-4AC2-B627-2E1F0C920CA5@nuw.org.au> > On 12 Apr 2014, at 9:28 pm, "Mark Sapiro" wrote: > >>> Additional reading at , >>> and >>> >>> and other articles linked from those. >> >> From the threadable article: >> ?He recommends that all list administrators immediately stop delivering to Yahoo addresses to limit damage, and encourage members to move to a more friendly provider." >> >> How would not delivering to yahoo addresses help? I thought the problem was with delivering yahoo email to others. > > > See Jim P's post in this thread at > > and the branch linked therefrom, although you probably don't have the > access required to install it. > > Jim P's approach is to reject any post From: a domain with a DMARC > policy of reject. > > To accept a post and then not deliver it to some because you know it > won't be accepted is arguably wrong, and also, you can't know except by > experience which recipient domains will reject the post for DMARC > policy. I've seen the following: But note that the part of the threadable article I quoted talks about not *delivering* to yahoo addresses. I would thought that shouldn't be a problem. Peter Shute From jimpop at gmail.com Sun Apr 13 00:20:27 2014 From: jimpop at gmail.com (Jim Popovitch) Date: Sat, 12 Apr 2014 18:20:27 -0400 Subject: [Mailman-Users] DMARC issues In-Reply-To: <3A29F9EF-6AE5-4AC2-B627-2E1F0C920CA5@nuw.org.au> References: <53469815.9000202@burina.net> <53489C85.3060002@msapiro.net> <9F5A0AEB-0C33-4870-A92D-2FFD088AFD31@nuw.org.au> <53492362.6010203@msapiro.net> <3A29F9EF-6AE5-4AC2-B627-2E1F0C920CA5@nuw.org.au> Message-ID: On Sat, Apr 12, 2014 at 6:15 PM, Peter Shute wrote: >> On 12 Apr 2014, at 9:28 pm, "Mark Sapiro" wrote: >> >>>> Additional reading at , >>>> and >>>> >>>> and other articles linked from those. >>> >>> From the threadable article: >>> "He recommends that all list administrators immediately stop delivering to Yahoo addresses to limit damage, and encourage members to move to a more friendly provider." >>> >>> How would not delivering to yahoo addresses help? I thought the problem was with delivering yahoo email to others. >> >> >> See Jim P's post in this thread at >> >> and the branch linked therefrom, although you probably don't have the >> access required to install it. >> >> Jim P's approach is to reject any post From: a domain with a DMARC >> policy of reject. >> >> To accept a post and then not deliver it to some because you know it >> won't be accepted is arguably wrong, and also, you can't know except by >> experience which recipient domains will reject the post for DMARC >> policy. I've seen the following: > > But note that the part of the threadable article I quoted talks about not *delivering* to yahoo addresses. I would thought that shouldn't be a problem. The recent yahoo change means that you (as a mailinglist operator) will have difficulties (and possibly eventually face blacklisting) by delivering, via your list, email that originates from a yahoo.com (and a few other) email address. Assuming you are doing SPF/DKIM/etc, you should have no problems delivering non-yahoo domain emails to yahoo. -Jim P. From pshute at nuw.org.au Sun Apr 13 02:17:56 2014 From: pshute at nuw.org.au (Peter Shute) Date: Sun, 13 Apr 2014 10:17:56 +1000 Subject: [Mailman-Users] DMARC issues In-Reply-To: References: <53469815.9000202@burina.net> <53489C85.3060002@msapiro.net> <9F5A0AEB-0C33-4870-A92D-2FFD088AFD31@nuw.org.au> <53492362.6010203@msapiro.net> <3A29F9EF-6AE5-4AC2-B627-2E1F0C920CA5@nuw.org.au> Message-ID: > On 13 Apr 2014, at 8:20 am, "Jim Popovitch" wrote: > >> But note that the part of the threadable article I quoted talks about not *delivering* to yahoo addresses. I would thought that shouldn't be a problem. > > The recent yahoo change means that you (as a mailinglist operator) > will have difficulties (and possibly eventually face blacklisting) by > delivering, via your list, email that originates from a yahoo.com (and > a few other) email address. Assuming you are doing SPF/DKIM/etc, you > should have no problems delivering non-yahoo domain emails to yahoo. I don't know if we are doing SPF/DKIM ( or what they are). It's just a cpanel implementation of mailman. Are you suggesting we *could* have problems if we deliver non yahoo emails to our yahoo subscribers too? Apologies for all these questions. I'm just trying to get my head around what this all means for our list. Peter Shute From jimpop at gmail.com Sun Apr 13 02:28:12 2014 From: jimpop at gmail.com (Jim Popovitch) Date: Sat, 12 Apr 2014 20:28:12 -0400 Subject: [Mailman-Users] DMARC issues In-Reply-To: References: <53469815.9000202@burina.net> <53489C85.3060002@msapiro.net> <9F5A0AEB-0C33-4870-A92D-2FFD088AFD31@nuw.org.au> <53492362.6010203@msapiro.net> <3A29F9EF-6AE5-4AC2-B627-2E1F0C920CA5@nuw.org.au> Message-ID: On Sat, Apr 12, 2014 at 8:17 PM, Peter Shute wrote: >> On 13 Apr 2014, at 8:20 am, "Jim Popovitch" wrote: >> >>> But note that the part of the threadable article I quoted talks about not *delivering* to yahoo addresses. I would thought that shouldn't be a problem. >> >> The recent yahoo change means that you (as a mailinglist operator) >> will have difficulties (and possibly eventually face blacklisting) by >> delivering, via your list, email that originates from a yahoo.com (and >> a few other) email address. Assuming you are doing SPF/DKIM/etc, you >> should have no problems delivering non-yahoo domain emails to yahoo. > > I don't know if we are doing SPF/DKIM ( or what they are). It's just a cpanel implementation of mailman. Are you suggesting we *could* have problems if we deliver non yahoo emails to our yahoo subscribers too? No. You will be OK if you deliver non-yahoo email to yahoo (assuming that yahoo accepts email from you). You *may* get into long term trouble (blacklisting) *IF* you deliver yahoo email to any other company/person that checks yahoo's DMARC record. Yahoo's recent change (DMARC p=reject) stipulates for everyone else to outright reject yahoo email from anyone other than yahoo. This has the potential for others to report your mailinglist as doing something malicious. -Jim P. From stephen at xemacs.org Sun Apr 13 08:14:29 2014 From: stephen at xemacs.org (Stephen J. Turnbull) Date: Sun, 13 Apr 2014 15:14:29 +0900 Subject: [Mailman-Users] DMARC issues In-Reply-To: References: <53469815.9000202@burina.net> <53489C85.3060002@msapiro.net> <9F5A0AEB-0C33-4870-A92D-2FFD088AFD31@nuw.org.au> <53492362.6010203@msapiro.net> <3A29F9EF-6AE5-4AC2-B627-2E1F0C920CA5@nuw.org.au> Message-ID: <87lhv9hi2i.fsf@uwakimon.sk.tsukuba.ac.jp> Peter Shute writes: > I don't know if we are doing SPF/DKIM ( or what they are). You should ask the people responsible for your mailserver. SPF and DKIM in themselves are good things because they prevent rejections of mail that you send directly to another domain that implements them, and because it's evidence to reasonable people that you follow best practice. If you/they are not doing it, you/they should. How they work: SPF and DKIM are separate protocols that provide a certain degree of authentication for the *hosts* that transmit mail claiming to originate in a domain. The protocols work (more or less) by publishing a list of IP addresses that are allowed to send mail from the domain. Since it's information attached to a domain, you get that list from the domain's name server. There's a bit of crypto technology involved so that receivers can trust the information. The problem is that the only IP address that you can trust at all is the direction connection from the host you receive the message from. In other words, although Internet mail is designed as a "store and forward" system where messages are passed from host to host until they reach their destination (where they user's mailbox is), effectively these protocols allow only one hop, or authentication fails. In the case of DMARC (a "super" protocol that specifies how to use this information), a domain is allowed to *demand* that you reject the mail if authentication fails. That means that mailing lists (which necessarily involve at least two hops in most cases of interest) *always* fail authentication at *every* destination conforming to DMARC. Yahoo! is lighting up a cigar in an elevator filled with pregnant women. :-( Fortunately, I suspect that they are about to bring down the wrath of Olympus upon themselves as their users start losing mail and being refused service on mailing lists, etc. This is a snafu on the order of Microsoft's backward compatibility break with Office '97 or so. Regards, Steve From p at sys4.de Sat Apr 12 22:06:22 2014 From: p at sys4.de (Patrick Ben Koetter) Date: Sat, 12 Apr 2014 22:06:22 +0200 Subject: [Mailman-Users] [Mailman-Developers] DMARC and Mail Lists open space at Pycon In-Reply-To: <08575ddd-3c13-4700-b0d0-afbc866956ae@email.android.com> References: <534737BB.9090902@msapiro.net> <5347D04D.2010706@msapiro.net> <53483FF5.6040908@msapiro.net> <08575ddd-3c13-4700-b0d0-afbc866956ae@email.android.com> Message-ID: <20140412200622.GA16033@sys4.de> * Mark Sapiro : > On April 11, 2014 3:18:13 PM EDT, Mark Sapiro wrote: > >On 04/11/2014 05:25 AM, Mark Sapiro wrote: > >> > >> Tentatively rescheduled to 17:00 EDT (21:00 GMT) on Friday, 11 Apr in > >room 525. > >> > >> I will attempt to post realtime summaries on #mailman. > > > > > >Due to various scheduling issues, this will be rescheduled for Saturday > >evening (Montreal time). Details to follow. > > > >Please email me if you're thinking of attending. So far I know it's me, > >Florian Fuchs, and Barry Warsaw, but we need DMARC folks too. > > We are currently scheduled for 19:00 EDT (23:00 GMT), today, 12 Apr in room 525. > > It looks like it may just be Barry, Florian and me making dinner plans, but if you're interested and here please come. Yikes! That's 1:00 a.m. my time. Can't guarantee I will still be up then. p at rick -- [*] sys4 AG https://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein From mark at msapiro.net Sun Apr 13 17:55:05 2014 From: mark at msapiro.net (Mark Sapiro) Date: Sun, 13 Apr 2014 08:55:05 -0700 Subject: [Mailman-Users] handler to auto detach attachment and link it to a website? In-Reply-To: <5348596E.6070703@msapiro.net> References: <53368652.90207@opensource-expert.com> <53481019.2000209@opensource-expert.com> <5348596E.6070703@msapiro.net> Message-ID: <534AB359.6090205@msapiro.net> On 04/11/2014 02:06 PM, Mark Sapiro wrote: >> >> Development question, is there a way to test the handler against a mail >> content, outside of the full mailman context? >> >> Something like: >> >> $ python -some-useful-switch-here MyHandler.py < mymail_withheader.txt > > > withlist is the tool for this. When I get a chance, I will update the > above FAQ with a skeleton framework, but in short you need a withlist > script that imports your handler, reads your message and builds a > Mailman.Message.Message object and calls your handler's process function. I have created a test script at (mirrored at ) which can be used to unit test your handler against a test list and message and optional metadata. I also updated the FAQ at to point to this script. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From fmouse at fmp.com Sun Apr 13 20:55:16 2014 From: fmouse at fmp.com (Mitra IMAP) Date: Sun, 13 Apr 2014 13:55:16 -0500 Subject: [Mailman-Users] DMARC issues Message-ID: <5755B73B-74E0-4D4D-AF36-4145AAB8A076@fmp.com> My native paranoia has caused me to take note of the fact that what can only be described as a naked power grab by a collection of corporate Internet giants, with blatant disregard for the principles of net neutrality, has occurred while the attention of the national tech media is focused on the Heartbleed bug. Lindsay Haisley (512) 259-1190 (land line) (512) 496-7118 (mobile) Sent from my iPhone From mrl at psfc.mit.edu Sun Apr 13 21:48:38 2014 From: mrl at psfc.mit.edu (Mark London) Date: Sun, 13 Apr 2014 15:48:38 -0400 Subject: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, "Service Unavailable". Message-ID: <534AEA16.8040303@psfc.mit.edu> Hi - Starting this week, I've discovered that emails sent from yahoo members on my mailing lists, are not getting delivered to other yahoo addresses on my mailing list, including the person who sent the message. My SMTP logs show that the message is getting rejected (see below). I'm positive that the reason this is happening, is because I have my mailing list configured to preserve the original email address, in the From: line, while putting the mailing list address in the Reply-To: If I specify that the mailing list address should also be in the From: address, the messages get delivered. I'm almost positive that Yahoo thinks that the message is spam, and rejecting it. This is based on the fact that the same yahoo posts, when sent to Gmail members, are getting delivered to the Gmail user's Spam folder. Gmail displays that the reason it's doing this, is that it can't verify that post is actually coming from yahoo. This is a bit absurd, IMHO. But at least the message is getting delivered! In the case of yahoo, they simply reject the message! Apr 13 15:30:05 mail1 sendmail[6367]: s3DJU4jS006361: to=, delay=00:00:00, xdelay=00:00:00, mailer=esmtp, pri=208395, relay=mta5.am0.yahoodns.net. [98.138.112.38], dsn=5.0.0, stat=Service unavailable I would like to know if anyone else is seeing this behavior. I've tried 2 different mailing list servers, and I see the same behavior. Thanks. - Mark From jimpop at gmail.com Sun Apr 13 21:57:08 2014 From: jimpop at gmail.com (Jim Popovitch) Date: Sun, 13 Apr 2014 15:57:08 -0400 Subject: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, "Service Unavailable". In-Reply-To: <534AEA16.8040303@psfc.mit.edu> References: <534AEA16.8040303@psfc.mit.edu> Message-ID: On Sun, Apr 13, 2014 at 3:48 PM, Mark London wrote: > Hi - Starting this week, I've discovered that emails sent from yahoo members > on my mailing lists, are not getting delivered to other yahoo addresses on > my mailing list, including the person who sent the message. My SMTP logs > show that the message is getting rejected (see below). I'm positive that > the reason this is happening, is because I have my mailing list configured > to preserve the original email address, in the From: line, while putting the > mailing list address in the Reply-To: If I specify that the mailing list > address should also be in the From: address, the messages get delivered. > > I'm almost positive that Yahoo thinks that the message is spam, and > rejecting it. This is based on the fact that the same yahoo posts, when > sent to Gmail members, are getting delivered to the Gmail user's Spam > folder. Gmail displays that the reason it's doing this, is that it can't > verify that post is actually coming from yahoo. This is a bit absurd, IMHO. > But at least the message is getting delivered! In the case of yahoo, they > simply reject the message! > > Apr 13 15:30:05 mail1 sendmail[6367]: s3DJU4jS006361: > to=, delay=00:00:00, xdelay=00:00:00, mailer=esmtp, > pri=208395, relay=mta5.am0.yahoodns.net. [98.138.112.38], dsn=5.0.0, > stat=Service unavailable > > I would like to know if anyone else is seeing this behavior. I've tried 2 > different mailing list servers, and I see the same behavior. Thanks. - Mark LOL, do you live under a rock? :-) The whole Internet is in a rage this week about this: https://www.google.com/#q=yahoo+dmarc -Jim P. From Richard at Damon-Family.org Sun Apr 13 22:01:39 2014 From: Richard at Damon-Family.org (Richard Damon) Date: Sun, 13 Apr 2014 16:01:39 -0400 Subject: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, "Service Unavailable". In-Reply-To: <534AEA16.8040303@psfc.mit.edu> References: <534AEA16.8040303@psfc.mit.edu> Message-ID: <534AED23.7010808@Damon-Family.org> On 4/13/14, 3:48 PM, Mark London wrote: > Hi - Starting this week, I've discovered that emails sent from yahoo > members on my mailing lists, are not getting delivered to other yahoo > addresses on my mailing list, including the person who sent the > message. My SMTP logs show that the message is getting rejected (see > below). I'm positive that the reason this is happening, is because I > have my mailing list configured to preserve the original email > address, in the From: line, while putting the mailing list address in > the Reply-To: If I specify that the mailing list address should also > be in the From: address, the messages get delivered. > > I'm almost positive that Yahoo thinks that the message is spam, and > rejecting it. This is based on the fact that the same yahoo posts, > when sent to Gmail members, are getting delivered to the Gmail user's > Spam folder. Gmail displays that the reason it's doing this, is that > it can't verify that post is actually coming from yahoo. This is a > bit absurd, IMHO. But at least the message is getting delivered! In > the case of yahoo, they simply reject the message! > > Apr 13 15:30:05 mail1 sendmail[6367]: s3DJU4jS006361: > to=, delay=00:00:00, xdelay=00:00:00, > mailer=esmtp, pri=208395, relay=mta5.am0.yahoodns.net. > [98.138.112.38], dsn=5.0.0, stat=Service unavailable > > I would like to know if anyone else is seeing this behavior. I've > tried 2 different mailing list servers, and I see the same behavior. > Thanks. - Mark You obviously haven't been reading much about mailinglists recently. (Browse that last week of the archives) Short version: Yahoo changed their DMARC settings to ask servers that receive a message with a yahoo.com email address in the from line to reject it if it isn't properly signed by yahoo, which all messages they send will be. If you list modifies the message, in particularly either the subject line or body, then the signature won't match and the message is supposed to not be delivered. Basically, Yahoo has said that it users are not supposed to use any mailinglist configured in the manner that they are often configured in. Read the archives for a list of possible options. -- Richard Damon From jimpop at gmail.com Sun Apr 13 22:09:32 2014 From: jimpop at gmail.com (Jim Popovitch) Date: Sun, 13 Apr 2014 16:09:32 -0400 Subject: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, "Service Unavailable". In-Reply-To: <534AED23.7010808@Damon-Family.org> References: <534AEA16.8040303@psfc.mit.edu> <534AED23.7010808@Damon-Family.org> Message-ID: On Sun, Apr 13, 2014 at 4:01 PM, Richard Damon wrote: > If you list modifies the message, in particularly either the subject > line or body, then the signature won't match and the message is supposed > to not be delivered. It's worse than just modification of the message/headers. DMARC works off of SPF as well. -Jim P. From mrl at psfc.mit.edu Sun Apr 13 22:47:05 2014 From: mrl at psfc.mit.edu (Mark London) Date: Sun, 13 Apr 2014 16:47:05 -0400 Subject: [Mailman-Users] Best solution to fix the yahoo problem? In-Reply-To: References: Message-ID: <534AF7C9.7000607@psfc.mit.edu> Thanks for the replies to my other post, and sorry that I didn't search the archives first, before posting. In any event, I'm a unclear about the best solution (if there is one). Is there a solution, that will only modify messages from domains that are like yahoo? I.e., only yahoo posts will be modified so that they will get delivered, but all the other other posts, will look like they presently do? As a hack fix, could I simply modify my mailman code, so that @yahoo.com is changed to @yahooblah.com, in the From address? - Mark From mrl at psfc.mit.edu Sun Apr 13 22:47:13 2014 From: mrl at psfc.mit.edu (Mark London) Date: Sun, 13 Apr 2014 16:47:13 -0400 Subject: [Mailman-Users] Best solution to fix the yahoo problem? In-Reply-To: References: Message-ID: <534AF7D1.9060704@psfc.mit.edu> Thanks for the replies to my other post, and sorry that I didn't search the archives first, before posting. In any event, I'm a unclear about the best solution (if there is one). Is there a solution, that will only modify messages from domains that are like yahoo? I.e., only yahoo posts will be modified so that they will get delivered, but all the other other posts, will look like they presently do? As a hack fix, could I simply modify my mailman code, so that @yahoo.com is changed to @yahooblah.com, in the From address? - Mark From al-black at telus.net Sun Apr 13 22:34:26 2014 From: al-black at telus.net (Al Black) Date: Sun, 13 Apr 2014 14:34:26 -0600 Subject: [Mailman-Users] quick question Message-ID: Hi gang, I'm getting a little tired of going through the mail logs just to get an idea of "how are the damn dmarc bounces" doing today. Has anybody written a little script to sort through and count the bounces? Ideally, it would mail me the results, though part of me thinks it would be more ideal to mail to results to me and yahoo abuse. thanks, al From brennan at columbia.edu Sun Apr 13 22:59:10 2014 From: brennan at columbia.edu (Joseph Brennan) Date: Sun, 13 Apr 2014 16:59:10 -0400 Subject: [Mailman-Users] Best solution to fix the yahoo problem? In-Reply-To: <534AF7D1.9060704@psfc.mit.edu> References: <534AF7D1.9060704@psfc.mit.edu> Message-ID: > In any event, I'm a unclear about the best solution (if there is one). My inclination is to refuse postings from addresses @yahoo.com, since accepting them will interfere with everyone's use of our list system. The only issue for me is precisely how to implement it. Joseph Brennan Columbia University I T From brennan at columbia.edu Sun Apr 13 22:54:50 2014 From: brennan at columbia.edu (Joseph Brennan) Date: Sun, 13 Apr 2014 16:54:50 -0400 Subject: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, "Service Unavailable". In-Reply-To: References: <534AEA16.8040303@psfc.mit.edu> <534AED23.7010808@Damon-Family.org> Message-ID: Jim Popovitch wrote: > DMARC works off of SPF as well. Not really. SPF does not check the "From:" header line, and that's where the troubles begin with DMARC. Joseph Brennan Columbia University IT From bsfinkel at att.net Sun Apr 13 23:30:33 2014 From: bsfinkel at att.net (Barry S. Finkel) Date: Sun, 13 Apr 2014 16:30:33 -0500 Subject: [Mailman-Users] quick question In-Reply-To: References: Message-ID: <534B01F9.4080303@att.net> On 4/13/2014 3:34 PM, Al Black wrote: > Hi gang, > > I'm getting a little tired of going through the mail logs just to get an idea of "how are the damn dmarc bounces" doing today. > > Has anybody written a little script to sort through and count the bounces? Ideally, it would mail me the results, though part of me thinks it would be more ideal to mail to results to me and yahoo abuse. > > thanks, > al Mark Sapiro has a script that lists the bounce scores for a list. When I was running a Mailman server, I ran the report every morning to see, for each list, any subscriber with a non-zero bounce score. Check the archives for a link to the script. --Barry Finkel From mark at msapiro.net Sun Apr 13 23:33:19 2014 From: mark at msapiro.net (Mark Sapiro) Date: Sun, 13 Apr 2014 14:33:19 -0700 Subject: [Mailman-Users] Best solution to fix the yahoo problem? In-Reply-To: References: <534AF7D1.9060704@psfc.mit.edu> Message-ID: <534B029F.3080903@msapiro.net> On 04/13/2014 01:59 PM, Joseph Brennan wrote: > > >> In any event, I'm a unclear about the best solution (if there is one). Mailman 2.1.16 and up already has the ability to either mung the From: header or wrap the original post in an outer message From: the list. There is a minor bug in that this is also applied to posts to LIST-owner, but that is fixed for 2.1.18. The major problem is it requires site configuration action to make this option available to list owners. See the thread starting at for lots of info. See the post at for links to the patches. > My inclination is to refuse postings from addresses @yahoo.com, since > accepting them will interfere with everyone's use of our list system. > > The only issue for me is precisely how to implement it. Jim P's branch mentioned in his post at is a general implementation for posts From: any domain with a reject DMARC policy. We are talking about this at PyCon now. At sprints starting tomorrow, we will be working on enhancing the current options by merging at least ideas from Jim P's branch, and making the switches available to list owners by default, all with an eye to releasing this in 2.1.18 in weeks. Also see the FAQ at . -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From mark at msapiro.net Sun Apr 13 23:39:17 2014 From: mark at msapiro.net (Mark Sapiro) Date: Sun, 13 Apr 2014 14:39:17 -0700 Subject: [Mailman-Users] quick question In-Reply-To: References: Message-ID: <534B0405.9070409@msapiro.net> On 04/13/2014 01:34 PM, Al Black wrote: > > Has anybody written a little script to sort through and count the bounces? Ideally, it would mail me the results, though part of me thinks it would be more ideal to mail to results to me and yahoo abuse. Yahoo is presumably already getting reports. Their DMARC policy requests them. It's a bit frightening to think what they might do with that information. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From pshute at nuw.org.au Sun Apr 13 23:55:05 2014 From: pshute at nuw.org.au (Peter Shute) Date: Mon, 14 Apr 2014 07:55:05 +1000 Subject: [Mailman-Users] DMARC issues In-Reply-To: <5755B73B-74E0-4D4D-AF36-4145AAB8A076@fmp.com> References: <5755B73B-74E0-4D4D-AF36-4145AAB8A076@fmp.com> Message-ID: Mitra IMAP wrote: > My native paranoia has caused me to take note of the fact > that what can only be described as a naked power grab by a > collection of corporate Internet giants, with blatant > disregard for the principles of net neutrality, has occurred > while the attention of the national tech media is focused on > the Heartbleed bug. I wonder how much the media would make of it anyway. While there are thousands of mailing lists in operation, web forums and social media seem to be the preferred equivalent these days. Many people on mailing lists even seem confused about what they're on, perhaps because those run via google and yahoo have a web interface too. Peter Shute From jimpop at gmail.com Mon Apr 14 00:03:59 2014 From: jimpop at gmail.com (Jim Popovitch) Date: Sun, 13 Apr 2014 18:03:59 -0400 Subject: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, "Service Unavailable". In-Reply-To: References: <534AEA16.8040303@psfc.mit.edu> <534AED23.7010808@Damon-Family.org> Message-ID: On Sun, Apr 13, 2014 at 4:54 PM, Joseph Brennan wrote: > > Jim Popovitch wrote: > >> DMARC works off of SPF as well. > > > Not really. DMARC checks alignment of *both* DKIM and SPF, if either is broken DMARC fails. > SPF does not check the "From:" header line, and that's where the > troubles begin with DMARC. SPF checks sending IPs (of which your IPs won't match Yahoo's, thus breaking DMARC) Either an SPF failure or a DKIM failure will cause a DMARC rejection if p=reject. -Jim P. From mark at msapiro.net Mon Apr 14 00:17:50 2014 From: mark at msapiro.net (Mark Sapiro) Date: Sun, 13 Apr 2014 15:17:50 -0700 Subject: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, "Service Unavailable". In-Reply-To: References: <534AEA16.8040303@psfc.mit.edu> <534AED23.7010808@Damon-Family.org> Message-ID: <534B0D0E.7000003@msapiro.net> On 04/13/2014 03:03 PM, Jim Popovitch wrote: > > DMARC checks alignment of *both* DKIM and SPF, if either is broken DMARC fails. > >> SPF does not check the "From:" header line, and that's where the >> troubles begin with DMARC. > > SPF checks sending IPs (of which your IPs won't match Yahoo's, thus > breaking DMARC) > > Either an SPF failure or a DKIM failure will cause a DMARC rejection > if p=reject. I'm not sure that's correct. I've been testing this so many ways, I'm not sure what I'm seeing, but I think a reject requires BOTH DKIM and SPF to be absent or fail. If either passes, no DMARC reject occurs. There are weird issues though. It seems I can't post from my gmail address to my yahoo group. I get a non-delivery notice from gmail. I'm not sure why. The yahoo group exists and my gmail address is a member with posting privileges. I'll follow up more after dinner break. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From khbkhb at gmail.com Mon Apr 14 00:25:02 2014 From: khbkhb at gmail.com (Keith Bierman) Date: Sun, 13 Apr 2014 16:25:02 -0600 Subject: [Mailman-Users] DMARC issues In-Reply-To: References: <5755B73B-74E0-4D4D-AF36-4145AAB8A076@fmp.com> Message-ID: Many sage responses elided... so back to the naive and foolish questions... For an "announce only" list (viz. only very special people may post, and those people aren't from yahoo accounts) will this DMARC issue be easily avoided by not allowing any posts from yahoo members (they can read from others, correct?) From pshute at nuw.org.au Mon Apr 14 00:22:00 2014 From: pshute at nuw.org.au (Peter Shute) Date: Mon, 14 Apr 2014 08:22:00 +1000 Subject: [Mailman-Users] DMARC victim example? Message-ID: We just had a list member disabled. Is this likely to be caused by the DMARC problem? Here's the header from the attachment in the bounce action notification email: (expanded from ): host gmail-smtp-in.l.google.com[2607:f8b0:400e:c03::1b] said: 550-5.7.1 [2400:8900::f03c:91ff:fedb:b1ff 12] Our system has detected that 550-5.7.1 this message is likely unsolicited mail. To reduce the amount of spam 550-5.7.1 sent to Gmail, this message has been blocked. Please visit 550-5.7.1 http://support.google.com/mail/bin/answer.py?hl=en&answer=188131 for 550 5.7.1 more information. cb4si7487232pbc.409 - gsmtp (in reply to end of DATA command) I had a look back through a month or so of these notifications, and don't see any others mentioning spam. I'd expect the occasional list message to be detected as spam, but not for 5 days in a row. But we must have dozens of gmail members, and this is the only one to get disabled. Makes me think this might not be related to DMARC. We don't get many disabled like this, maybe one a week, and I rarely look at the reasons given. We've reenabled him for now, so we'll see if it happens again. We've moderated all the yahoo members. Peter Shute From Richard at Damon-Family.org Mon Apr 14 01:23:58 2014 From: Richard at Damon-Family.org (Richard Damon) Date: Sun, 13 Apr 2014 19:23:58 -0400 Subject: [Mailman-Users] DMARC victim example? In-Reply-To: References: Message-ID: <534B1C8E.8050104@Damon-Family.org> On 4/13/14, 6:22 PM, Peter Shute wrote: > We just had a list member disabled. Is this likely to be caused by the DMARC problem? Here's the header from the attachment in the bounce action notification email: > > (expanded from ): host > gmail-smtp-in.l.google.com[2607:f8b0:400e:c03::1b] said: 550-5.7.1 > [2400:8900::f03c:91ff:fedb:b1ff 12] Our system has detected that > 550-5.7.1 this message is likely unsolicited mail. To reduce the amount of > spam 550-5.7.1 sent to Gmail, this message has been blocked. Please visit > 550-5.7.1 http://support.google.com/mail/bin/answer.py?hl=en&answer=188131 > for 550 5.7.1 more information. cb4si7487232pbc.409 - gsmtp (in reply to > end of DATA command) > > I had a look back through a month or so of these notifications, and don't see any others mentioning spam. I'd expect the occasional list message to be detected as spam, but not for 5 days in a row. > > But we must have dozens of gmail members, and this is the only one to get disabled. Makes me think this might not be related to DMARC. > > We don't get many disabled like this, maybe one a week, and I rarely look at the reasons given. > > We've reenabled him for now, so we'll see if it happens again. We've moderated all the yahoo members. > > Peter Shute My guess on how this works is that when you deliver to Gmail, one message will actually have many recipients, and you will get just a single rejection, which will be charged to the first person on the list by mailman. How they are grouped is likely a function of the full subscriber database, so some might get hit by a few, then someone (un)subscribes, changing who will be charged with the "problem" Whoever is "first" in the list of messages going to Gmail, is much less apt to be moved, so the most likely to get kicked off. -- Richard Damon From Richard at Damon-Family.org Mon Apr 14 01:27:26 2014 From: Richard at Damon-Family.org (Richard Damon) Date: Sun, 13 Apr 2014 19:27:26 -0400 Subject: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, "Service Unavailable". In-Reply-To: <534B0D0E.7000003@msapiro.net> References: <534AEA16.8040303@psfc.mit.edu> <534AED23.7010808@Damon-Family.org> <534B0D0E.7000003@msapiro.net> Message-ID: <534B1D5E.6060305@Damon-Family.org> On 4/13/14, 6:17 PM, Mark Sapiro wrote: > On 04/13/2014 03:03 PM, Jim Popovitch wrote: >> DMARC checks alignment of *both* DKIM and SPF, if either is broken DMARC fails. >> >>> SPF does not check the "From:" header line, and that's where the >>> troubles begin with DMARC. >> SPF checks sending IPs (of which your IPs won't match Yahoo's, thus >> breaking DMARC) >> >> Either an SPF failure or a DKIM failure will cause a DMARC rejection >> if p=reject. > > I'm not sure that's correct. I've been testing this so many ways, I'm > not sure what I'm seeing, but I think a reject requires BOTH DKIM and > SPF to be absent or fail. If either passes, no DMARC reject occurs. > > There are weird issues though. It seems I can't post from my gmail > address to my yahoo group. I get a non-delivery notice from gmail. I'm > not sure why. The yahoo group exists and my gmail address is a member > with posting privileges. > > I'll follow up more after dinner break. > When they first added the DKIM, adding SPF to my domain fixed the warnings that people got in GMail. When Yahoo upped to reject, this doesn't seem to help. I don't know if there is supposed to be a difference here, or if Yahoo changed something else in the DMARC record they changed to that would cause the SPF match on Envelope to no longer override the DKIM error. -- Richard Damon From fmouse at fmp.com Mon Apr 14 02:25:41 2014 From: fmouse at fmp.com (Lindsay Haisley) Date: Sun, 13 Apr 2014 19:25:41 -0500 Subject: [Mailman-Users] DMARC issues In-Reply-To: References: <53469815.9000202@burina.net> <81F450683064ADF40ACA5B2B@sodor.cc.columbia.edu> <1397143113.46749.59.camel@pudina.fmp.com> <5346BB36.8000804@burina.net> <87ioqhhxsz.fsf@uwakimon.sk.tsukuba.ac.jp> <5346E432.2080707@burina.net> Message-ID: <1397435141.5676.6.camel@pudina.fmp.com> On Thu, 2014-04-10 at 15:35 -0400, Jim Popovitch wrote: > Here's a tried and tested patch just awaiting more use: > > https://code.launchpad.net/~jimpop/mailman/dmarc-reject Jim, I note that what you reference here appears to be a complete branch version of Mailman. Can you briefly outline exactly what mods you've made and how they deal with the DMARC problem, as well as any other differences between your patch and the main Mailman trunk? Or refer me to a description of this within the file set. I can read the code, but maybe you could save me a bit of time. I have only a few Mailman discussion lists at FMP, most of them pro bono. After considering caving in on this and breaking the RFC regarding the proper use of the From header, I'm inclinded to favor Stephen's suggestion of bouncing messages from mail service providers enforcing DMARC rejection criteria. Does you patch set do this? > -- Lindsay Haisley | "Everything works if you let it" FMP Computer Services | 512-259-1190 | --- The Roadie http://www.fmp.com | From mark at msapiro.net Mon Apr 14 02:40:28 2014 From: mark at msapiro.net (Mark Sapiro) Date: Sun, 13 Apr 2014 17:40:28 -0700 Subject: [Mailman-Users] DMARC issues In-Reply-To: References: <5755B73B-74E0-4D4D-AF36-4145AAB8A076@fmp.com> Message-ID: <534B2E7C.5010001@msapiro.net> On 04/13/2014 03:25 PM, Keith Bierman wrote: > > For an "announce only" list (viz. only very special people may post, and > those people aren't from yahoo accounts) will this DMARC issue be easily > avoided by not allowing any posts from yahoo members (they can read from > others, correct?) Yes, that is correct for the moment as long as yahoo.com is the only domain publishing a DMARC record with a reject policy. If and when example.com follows suit, you need to disallow posts from it as well and so forth. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From mark at msapiro.net Mon Apr 14 02:44:42 2014 From: mark at msapiro.net (Mark Sapiro) Date: Sun, 13 Apr 2014 17:44:42 -0700 Subject: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, "Service Unavailable". In-Reply-To: <534B0D0E.7000003@msapiro.net> References: <534AEA16.8040303@psfc.mit.edu> <534AED23.7010808@Damon-Family.org> <534B0D0E.7000003@msapiro.net> Message-ID: <534B2F7A.8050107@msapiro.net> On 04/13/2014 03:17 PM, Mark Sapiro wrote: > > There are weird issues though. It seems I can't post from my gmail > address to my yahoo group. I get a non-delivery notice from gmail. I'm > not sure why. The yahoo group exists and my gmail address is a member > with posting privileges. My bad. I have multiple gmail accounts and I was posting from the wrong one. Another round of testing begins ... -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From jimpop at gmail.com Mon Apr 14 02:48:36 2014 From: jimpop at gmail.com (Jim Popovitch) Date: Sun, 13 Apr 2014 20:48:36 -0400 Subject: [Mailman-Users] DMARC issues In-Reply-To: <1397435141.5676.6.camel@pudina.fmp.com> References: <53469815.9000202@burina.net> <81F450683064ADF40ACA5B2B@sodor.cc.columbia.edu> <1397143113.46749.59.camel@pudina.fmp.com> <5346BB36.8000804@burina.net> <87ioqhhxsz.fsf@uwakimon.sk.tsukuba.ac.jp> <5346E432.2080707@burina.net> <1397435141.5676.6.camel@pudina.fmp.com> Message-ID: On Sun, Apr 13, 2014 at 8:25 PM, Lindsay Haisley wrote: > On Thu, 2014-04-10 at 15:35 -0400, Jim Popovitch wrote: >> Here's a tried and tested patch just awaiting more use: >> >> https://code.launchpad.net/~jimpop/mailman/dmarc-reject > > Jim, I note that what you reference here appears to be a complete branch > version of Mailman. Can you briefly outline exactly what mods you've > made and how they deal with the DMARC problem, as well as any other > differences between your patch and the main Mailman trunk? Or refer me > to a description of this within the file set. I can read the code, but > maybe you could save me a bit of time. Hi Lindsey, Launchpad is not my forte, so I'm not even sure how to push only my modifications to LP without the upstream branch changes. And yes, I'll be the first to say it's a bit confusing in it's current branch. Here's a link to review the changes between rev 1375 and 1380 (where my additions were added). http://bazaar.launchpad.net/~jimpop/mailman/dmarc-reject/revision/1375?remember=1380 > I have only a few Mailman discussion lists at FMP, most of them pro > bono. After considering caving in on this and breaking the RFC > regarding the proper use of the From header, I'm inclinded to favor > Stephen's suggestion of bouncing messages from mail service providers > enforcing DMARC rejection criteria. Does you patch set do this? Yes, specifically that. It checks for a DMARC domain record on every list post. The patch allows you do define, per list, whether to allow/disgard/reject/hold if a poster's domain has a DMARC p=reject policy published. -Jim P. From jimpop at gmail.com Mon Apr 14 02:56:09 2014 From: jimpop at gmail.com (Jim Popovitch) Date: Sun, 13 Apr 2014 20:56:09 -0400 Subject: [Mailman-Users] DMARC issues In-Reply-To: References: <53469815.9000202@burina.net> <81F450683064ADF40ACA5B2B@sodor.cc.columbia.edu> <1397143113.46749.59.camel@pudina.fmp.com> <5346BB36.8000804@burina.net> <87ioqhhxsz.fsf@uwakimon.sk.tsukuba.ac.jp> <5346E432.2080707@burina.net> <1397435141.5676.6.camel@pudina.fmp.com> Message-ID: On Sun, Apr 13, 2014 at 8:48 PM, Jim Popovitch wrote: > On Sun, Apr 13, 2014 at 8:25 PM, Lindsay Haisley wrote: >> On Thu, 2014-04-10 at 15:35 -0400, Jim Popovitch wrote: >>> Here's a tried and tested patch just awaiting more use: >>> >>> https://code.launchpad.net/~jimpop/mailman/dmarc-reject >> >> Jim, I note that what you reference here appears to be a complete branch >> version of Mailman. Can you briefly outline exactly what mods you've >> made and how they deal with the DMARC problem, as well as any other >> differences between your patch and the main Mailman trunk? Or refer me >> to a description of this within the file set. I can read the code, but >> maybe you could save me a bit of time. > > Hi Lindsey, > > Launchpad is not my forte, so I'm not even sure how to push only my > modifications to LP without the upstream branch changes. And yes, > I'll be the first to say it's a bit confusing in it's current branch. > > Here's a link to review the changes between rev 1375 and 1380 (where > my additions were added). > > http://bazaar.launchpad.net/~jimpop/mailman/dmarc-reject/revision/1375?remember=1380 It's also worth mentioning that this patch needs Python's dns.resolver (libnet-dns-perl on Debian) to function successfully. This reminds me that I need to add a README for this code, which I will do sometime in the next day or two. If you have any questions, feel free to ask. -Jim P. From pshute at nuw.org.au Mon Apr 14 03:06:24 2014 From: pshute at nuw.org.au (Peter Shute) Date: Mon, 14 Apr 2014 11:06:24 +1000 Subject: [Mailman-Users] DMARC victim example? In-Reply-To: <534B1C8E.8050104@Damon-Family.org> References: <534B1C8E.8050104@Damon-Family.org> Message-ID: Richard Damon wrote: > > We just had a list member disabled. Is this likely to be > caused by the DMARC problem? Here's the header from the > attachment in the bounce action notification email: > > > > (expanded from ): host > > gmail-smtp-in.l.google.com[2607:f8b0:400e:c03::1b] > said: 550-5.7.1 > > [2400:8900::f03c:91ff:fedb:b1ff 12] Our system has > detected that > > 550-5.7.1 this message is likely unsolicited mail. To > reduce the amount of > > spam 550-5.7.1 sent to Gmail, this message has been > blocked. Please visit > > 550-5.7.1 > http://support.google.com/mail/bin/answer.py?hl=en&answer=188131 > > for 550 5.7.1 more information. cb4si7487232pbc.409 - > gsmtp (in reply to > > end of DATA command) > > > > I had a look back through a month or so of these > notifications, and don't see any others mentioning spam. I'd > expect the occasional list message to be detected as spam, > but not for 5 days in a row. > > > > But we must have dozens of gmail members, and this is the > only one to get disabled. Makes me think this might not be > related to DMARC. > > > > We don't get many disabled like this, maybe one a week, and > I rarely look at the reasons given. > > > > We've reenabled him for now, so we'll see if it happens > again. We've moderated all the yahoo members. > > > > Peter Shute > My guess on how this works is that when you deliver to Gmail, > one message will actually have many recipients, and you will > get just a single rejection, which will be charged to the > first person on the list by mailman. How they are grouped is > likely a function of the full subscriber database, so some > might get hit by a few, then someone (un)subscribes, changing > who will be charged with the "problem" Whoever is "first" in > the list of messages going to Gmail, is much less apt to be > moved, so the most likely to get kicked off. Is that true (assuming your guess is correct) of all domains where there are multiple recipients, or just gmail? And only to spam rejections, or also to disabled mailbox rejections, etc? Doesn't seem much point disabling accounts for bouncing if you can't be sure which one it is. Peter Shute From barry at list.org Mon Apr 14 03:06:45 2014 From: barry at list.org (Barry Warsaw) Date: Sun, 13 Apr 2014 21:06:45 -0400 Subject: [Mailman-Users] DMARC issues In-Reply-To: References: <53469815.9000202@burina.net> <81F450683064ADF40ACA5B2B@sodor.cc.columbia.edu> <1397143113.46749.59.camel@pudina.fmp.com> <5346BB36.8000804@burina.net> <87ioqhhxsz.fsf@uwakimon.sk.tsukuba.ac.jp> <5346E432.2080707@burina.net> <1397435141.5676.6.camel@pudina.fmp.com> Message-ID: <20140413210645.627fd1f1@anarchist.localdomain> On Apr 13, 2014, at 08:48 PM, Jim Popovitch wrote: >Launchpad is not my forte, so I'm not even sure how to push only my >modifications to LP without the upstream branch changes. And yes, >I'll be the first to say it's a bit confusing in it's current branch. The best way to do it is to submit a merge proposal against the lp:mailman/2.1 branch (it would be against lp:mailman if it were for 3.0). Then Launchpad will create an easily displayable diff, e.g. https://code.launchpad.net/~jimpop/mailman/dmarc-reject/+merge/215591 Cheers, -Barry From jimpop at gmail.com Mon Apr 14 03:14:44 2014 From: jimpop at gmail.com (Jim Popovitch) Date: Sun, 13 Apr 2014 21:14:44 -0400 Subject: [Mailman-Users] DMARC issues In-Reply-To: <20140413210645.627fd1f1@anarchist.localdomain> References: <53469815.9000202@burina.net> <81F450683064ADF40ACA5B2B@sodor.cc.columbia.edu> <1397143113.46749.59.camel@pudina.fmp.com> <5346BB36.8000804@burina.net> <87ioqhhxsz.fsf@uwakimon.sk.tsukuba.ac.jp> <5346E432.2080707@burina.net> <1397435141.5676.6.camel@pudina.fmp.com> <20140413210645.627fd1f1@anarchist.localdomain> Message-ID: On Sun, Apr 13, 2014 at 9:06 PM, Barry Warsaw wrote: > On Apr 13, 2014, at 08:48 PM, Jim Popovitch wrote: > >>Launchpad is not my forte, so I'm not even sure how to push only my >>modifications to LP without the upstream branch changes. And yes, >>I'll be the first to say it's a bit confusing in it's current branch. > > The best way to do it is to submit a merge proposal against the lp:mailman/2.1 > branch (it would be against lp:mailman if it were for 3.0). Then Launchpad > will create an easily displayable diff, e.g. > > https://code.launchpad.net/~jimpop/mailman/dmarc-reject/+merge/215591 > Ahh, Thank you Barry, and I'll take that 3.0 hint and begin working on that patch. ;-) -Jim P. From mark at msapiro.net Mon Apr 14 03:35:09 2014 From: mark at msapiro.net (Mark Sapiro) Date: Sun, 13 Apr 2014 18:35:09 -0700 Subject: [Mailman-Users] DMARC victim example? In-Reply-To: References: Message-ID: <534B3B4D.3010800@msapiro.net> On 04/13/2014 03:22 PM, Peter Shute wrote: > We just had a list member disabled. Is this likely to be caused by the DMARC problem? Here's the header from the attachment in the bounce action notification email: > > (expanded from ): host > gmail-smtp-in.l.google.com[2607:f8b0:400e:c03::1b] said: 550-5.7.1 > [2400:8900::f03c:91ff:fedb:b1ff 12] Our system has detected that > 550-5.7.1 this message is likely unsolicited mail. To reduce the amount of > spam 550-5.7.1 sent to Gmail, this message has been blocked. Please visit > 550-5.7.1 http://support.google.com/mail/bin/answer.py?hl=en&answer=188131 > for 550 5.7.1 more information. cb4si7487232pbc.409 - gsmtp (in reply to > end of DATA command) In my experience, based on three posts on Sat, 5 Apr, From: a yahoo.com address to a list which has about 240 individual message deliveries per post, about 90 of those to about 8 domains bounced. gmail.com was not one of the domains that bounced the posts. Gmail may have changed it's behavior in the last 8 days, but this reason doesn't look like the ones I've seen. E.g.: aol.com/netscape.net/compuserve.com: 521 5.2.1 : (DMARC) This message failed DMARC Evaluation and is being refused due to provided DMARC Policy yahoo.com/sbcglobal.net: 554 5.7.9 Message not accepted for policy reasons. See http://postmaster.yahoo.com/errors/postmaster-28.html comcast.net: 550 5.2.0 mfuB1n01M0MH6DU0XfuCv5 Message rejected due to DMARC. Please see http://postmaster.comcast.net/smtp-error-codes.php#DM000001 hotmail.com/msn.com: 550 5.7.0 (BAY0-MC3-F56) Unfortunately, messages from (72.52.113.16) on behalf of (yahoo.com) could not be delivered due to domain owner policy restrictions. Bottom line: I don't think this is a DMARC bounce. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From Richard at Damon-Family.org Mon Apr 14 03:48:52 2014 From: Richard at Damon-Family.org (Richard Damon) Date: Sun, 13 Apr 2014 21:48:52 -0400 Subject: [Mailman-Users] DMARC victim example? In-Reply-To: References: <534B1C8E.8050104@Damon-Family.org> Message-ID: <534B3E84.5070900@Damon-Family.org> On 4/13/14, 9:06 PM, Peter Shute wrote: > Richard Damon wrote: > > My guess on how this works is that when you deliver to Gmail, > one message will actually have many recipients, and you will > get just a single rejection, which will be charged to the > first person on the list by mailman. How they are grouped is > likely a function of the full subscriber database, so some > might get hit by a few, then someone (un)subscribes, changing > who will be charged with the "problem" Whoever is "first" in > the list of messages going to Gmail, is much less apt to be > moved, so the most likely to get kicked off. > Is that true (assuming your guess is correct) of all domains where there are multiple recipients, or just gmail? And only to spam rejections, or also to disabled mailbox rejections, etc? > > Doesn't seem much point disabling accounts for bouncing if you can't be sure which one it is. > > Peter Shute This is based on my understanding of how email works and mailman works. When sending a large number of copies of identical emails to a single server, you want to batch it into one message with multiple recipients (this assumes you are not using VERP, which would cause the messages to not be identical). When the recipient server gets the message, it can reject the message as a whole (which is what seems to be happening here), or it can indicate that a particular recipient can not receive it (which would be more common for things like mail box full or no such address). My guess is that mailman has no code to specially handle the first case, and when it gets a single bounce notification, assigns that bounce to just one subscription, likely the first. -- Richard Damon From mark at msapiro.net Mon Apr 14 03:57:01 2014 From: mark at msapiro.net (Mark Sapiro) Date: Sun, 13 Apr 2014 18:57:01 -0700 Subject: [Mailman-Users] DMARC victim example? In-Reply-To: <534B3E84.5070900@Damon-Family.org> References: <534B1C8E.8050104@Damon-Family.org> <534B3E84.5070900@Damon-Family.org> Message-ID: <534B406D.4060405@msapiro.net> On 04/13/2014 06:48 PM, Richard Damon wrote: > > When sending a large number of copies of identical emails to a single > server, you want to batch it into one message with multiple recipients > (this assumes you are not using VERP, which would cause the messages to > not be identical). > > When the recipient server gets the message, it can reject the message as > a whole (which is what seems to be happening here), or it can indicate > that a particular recipient can not receive it (which would be more > common for things like mail box full or no such address). > > My guess is that mailman has no code to specially handle the first case, > and when it gets a single bounce notification, assigns that bounce to > just one subscription, likely the first. It depends on the exact format of the DSN, but as long as the DSN contains all the rejected addresses, it is likely that if Mailman recognizes it at all, it will recognize each bouncing address. If the DSN is RFC 3464 compliant, this will be the case. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From stephen at xemacs.org Mon Apr 14 04:03:07 2014 From: stephen at xemacs.org (Stephen J. Turnbull) Date: Mon, 14 Apr 2014 11:03:07 +0900 Subject: [Mailman-Users] Best solution to fix the yahoo problem? In-Reply-To: <534B029F.3080903@msapiro.net> References: <534AF7D1.9060704@psfc.mit.edu> <534B029F.3080903@msapiro.net> Message-ID: <87d2gkhdlw.fsf@uwakimon.sk.tsukuba.ac.jp> Mark Sapiro writes: > Mailman 2.1.16 and up already has the ability to either mung the From: > header or wrap the original post in an outer message From: the list. > > The major problem is it requires site configuration action to make this > option available to list owners. Given that the whole site is at risk, should it be an option for list owners at all? > Jim P's branch mentioned in his post at > > is a general implementation for posts From: any domain with a reject > DMARC policy. > > We are talking about this at PyCon now. Good to hear, wish I could be there! I'll try to be in #mailman off and on 00:00 UTC to 15:00 UTC. Steve From stephen at xemacs.org Mon Apr 14 04:11:40 2014 From: stephen at xemacs.org (Stephen J. Turnbull) Date: Mon, 14 Apr 2014 11:11:40 +0900 Subject: [Mailman-Users] DMARC issues In-Reply-To: References: <5755B73B-74E0-4D4D-AF36-4145AAB8A076@fmp.com> Message-ID: <87bnw4hd7n.fsf@uwakimon.sk.tsukuba.ac.jp> Keith Bierman writes: > For an "announce only" list (viz. only very special people may post, and > those people aren't from yahoo accounts) will this DMARC issue be easily > avoided by not allowing any posts from yahoo members (they can read from > others, correct?) Yes. BTW, hardly naive (the DMARC protocol is voodoo if you haven't done a fair amount of thinking about security implementation) and definitely not foolish (as Mark says, who knows what Yahoo! might do with the information they get by receiving failure notices). From barry at list.org Mon Apr 14 04:12:24 2014 From: barry at list.org (Barry Warsaw) Date: Sun, 13 Apr 2014 22:12:24 -0400 Subject: [Mailman-Users] Best solution to fix the yahoo problem? In-Reply-To: <87d2gkhdlw.fsf@uwakimon.sk.tsukuba.ac.jp> References: <534AF7D1.9060704@psfc.mit.edu> <534B029F.3080903@msapiro.net> <87d2gkhdlw.fsf@uwakimon.sk.tsukuba.ac.jp> Message-ID: <20140413221224.0cf82e16@anarchist.localdomain> On Apr 14, 2014, at 11:03 AM, Stephen J. Turnbull wrote: >Given that the whole site is at risk, should it be an option for list >owners at all? This is a good point. It may make sense for the site admin to select whether some general DMARC mitigation approach is enabled for their lists or not, and then allow the list admins to select the approach that is least unpalatable for their users. -Barry From jimpop at gmail.com Mon Apr 14 04:25:43 2014 From: jimpop at gmail.com (Jim Popovitch) Date: Sun, 13 Apr 2014 22:25:43 -0400 Subject: [Mailman-Users] Best solution to fix the yahoo problem? In-Reply-To: <20140413221224.0cf82e16@anarchist.localdomain> References: <534AF7D1.9060704@psfc.mit.edu> <534B029F.3080903@msapiro.net> <87d2gkhdlw.fsf@uwakimon.sk.tsukuba.ac.jp> <20140413221224.0cf82e16@anarchist.localdomain> Message-ID: On Sun, Apr 13, 2014 at 10:12 PM, Barry Warsaw wrote: > On Apr 14, 2014, at 11:03 AM, Stephen J. Turnbull wrote: > >>Given that the whole site is at risk, should it be an option for list >>owners at all? > > This is a good point. It may make sense for the site admin to select whether > some general DMARC mitigation approach is enabled for their lists or not, and > then allow the list admins to select the approach that is least unpalatable > for their users. I agree, very valid point. -Jim P. From mark at msapiro.net Mon Apr 14 04:47:35 2014 From: mark at msapiro.net (Mark Sapiro) Date: Sun, 13 Apr 2014 19:47:35 -0700 Subject: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, "Service Unavailable". In-Reply-To: <534B0D0E.7000003@msapiro.net> References: <534AEA16.8040303@psfc.mit.edu> <534AED23.7010808@Damon-Family.org> <534B0D0E.7000003@msapiro.net> Message-ID: <534B4C47.2000001@msapiro.net> On 04/13/2014 03:17 PM, Mark Sapiro wrote: > On 04/13/2014 03:03 PM, Jim Popovitch wrote: >> >> DMARC checks alignment of *both* DKIM and SPF, if either is broken DMARC fails. >> >>> SPF does not check the "From:" header line, and that's where the >>> troubles begin with DMARC. >> >> SPF checks sending IPs (of which your IPs won't match Yahoo's, thus >> breaking DMARC) >> >> Either an SPF failure or a DKIM failure will cause a DMARC rejection >> if p=reject. > > > I'm not sure that's correct. I've been testing this so many ways, I'm > not sure what I'm seeing, but I think a reject requires BOTH DKIM and > SPF to be absent or fail. If either passes, no DMARC reject occurs. My reading of Sec 10.2 of the current draft DMARC standard says that either a valid DKIM signature or a valid SPF test is sufficient, but only if the domains are aligned which means the DKIM signing domain or the SPF envelope sender domain must match (in strict or relaxed mode) that of the From: address. If one or more of the Authenticated Identifiers align with the RFC5322.From domain, the message is considered to pass the DMARC mechanism check. In particular, one's own SPF won't do because the domains won't align. I think I've got a good set of test results, but I'm tired and will save that summary for tomorrow. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From jimpop at gmail.com Mon Apr 14 04:55:33 2014 From: jimpop at gmail.com (Jim Popovitch) Date: Sun, 13 Apr 2014 22:55:33 -0400 Subject: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, "Service Unavailable". In-Reply-To: <534B4C47.2000001@msapiro.net> References: <534AEA16.8040303@psfc.mit.edu> <534AED23.7010808@Damon-Family.org> <534B0D0E.7000003@msapiro.net> <534B4C47.2000001@msapiro.net> Message-ID: On Sun, Apr 13, 2014 at 10:47 PM, Mark Sapiro wrote: > On 04/13/2014 03:17 PM, Mark Sapiro wrote: >> On 04/13/2014 03:03 PM, Jim Popovitch wrote: >>> >>> DMARC checks alignment of *both* DKIM and SPF, if either is broken DMARC fails. >>> >>>> SPF does not check the "From:" header line, and that's where the >>>> troubles begin with DMARC. >>> >>> SPF checks sending IPs (of which your IPs won't match Yahoo's, thus >>> breaking DMARC) >>> >>> Either an SPF failure or a DKIM failure will cause a DMARC rejection >>> if p=reject. >> >> >> I'm not sure that's correct. I've been testing this so many ways, I'm >> not sure what I'm seeing, but I think a reject requires BOTH DKIM and >> SPF to be absent or fail. If either passes, no DMARC reject occurs. > > > My reading of Sec 10.2 of the current draft DMARC standard > says that > either a valid DKIM signature or a valid SPF test is sufficient, but > only if the domains are aligned which means the DKIM signing domain or > the SPF envelope sender domain must match (in strict or relaxed mode) > that of the From: address. > > If one or more of the Authenticated Identifiers align > with the RFC5322.From domain, the message is considered to pass > the DMARC mechanism check. > > In particular, one's own SPF won't do because the domains won't align. > I (now) agree with that, it's "either" not both that passes a dmarc check. Mailman always "breaks" dkim, so I never really considered what happens if dkim passes but spf doesn't. -Jim P. From cgtyoder at alum.mit.edu Mon Apr 14 07:48:42 2014 From: cgtyoder at alum.mit.edu (Conrad G T Yoder) Date: Mon, 14 Apr 2014 01:48:42 -0400 Subject: [Mailman-Users] Accessing sub-letter search lists Message-ID: [Using Mailman 2.1.14 on a hosted service] I have a large list (7600 addresses), and when I search for a list of users of a popular domain (e.g. yahoo.com), I of course get a large result set back - sometimes more than 50 beginning with a particular letter. On those addresses with more than 50 starting with a common letter, they are of course split up, but when I click on another of the sub-letter lists, the ?Find? string disappears in the search results and I?m back to a subset of the whole list, not the searched list. Is there any way around this? Thanks much. -Conrad -- SILENCE Don?t tweet our secrets From mark at msapiro.net Mon Apr 14 13:39:22 2014 From: mark at msapiro.net (Mark Sapiro) Date: Mon, 14 Apr 2014 04:39:22 -0700 Subject: [Mailman-Users] Accessing sub-letter search lists In-Reply-To: References: Message-ID: <534BC8EA.3070805@msapiro.net> On 04/13/2014 10:48 PM, Conrad G T Yoder wrote: > > I have a large list (7600 addresses), and when I search for a list of users of a popular domain (e.g. yahoo.com), I of course get a large result set back - sometimes more than 50 beginning with a particular letter. On those addresses with more than 50 starting with a common letter, they are of course split up, but when I click on another of the sub-letter lists, the ?Find? string disappears in the search results and I?m back to a subset of the whole list, not the searched list. Is there any way around this? Thanks much. This is a bug. Thanks for the report. I'll fix it. See . In the mean time, the only work around is to set admin_member_chunksize on the General Options page large enough to include all members of the largest sublist so it isn't chunked. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From brennan at columbia.edu Mon Apr 14 15:46:57 2014 From: brennan at columbia.edu (Joseph Brennan) Date: Mon, 14 Apr 2014 09:46:57 -0400 Subject: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, "Service Unavailable". In-Reply-To: References: <534AEA16.8040303@psfc.mit.edu> <534AED23.7010808@Damon-Family.org> <534B0D0E.7000003@msapiro.net> <534B4C47.2000001@msapiro.net> Message-ID: <3B2FFFED86734AF873B08401@sodor.cc.columbia.edu> It finally occurred to me that this affects routine forwarding too. Even if you implement SRS on the envelope, the header From is left alone, as per RFC 5322. It also affects a message from any of our users who authenticates with our user and password but prefers to send with a yahoo.com From line. To sum it up, any message with a yahoo.com header From is poison unless you can deliver it locally to your own systems. This simplifies matters, since it means a milter should check for any outgoing message with /yahoo.com/ in the From. The simplest action to implement would be to bounce. I'm still pondering implementation. That some other domain might implement the same approach as yahoo is a good point. It is best to generalize a problem.* *unless you're selling updates to virus signatures! Joseph Brennan Manager, Email and Systems Applications Columbia University Information Technology From mark at msapiro.net Mon Apr 14 16:27:17 2014 From: mark at msapiro.net (Mark Sapiro) Date: Mon, 14 Apr 2014 07:27:17 -0700 Subject: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, "Service Unavailable". In-Reply-To: <3B2FFFED86734AF873B08401@sodor.cc.columbia.edu> References: <534AEA16.8040303@psfc.mit.edu> <534AED23.7010808@Damon-Family.org> <534B0D0E.7000003@msapiro.net> <534B4C47.2000001@msapiro.net> <3B2FFFED86734AF873B08401@sodor.cc.columbia.edu> Message-ID: <534BF045.50306@msapiro.net> On 04/14/2014 06:46 AM, Joseph Brennan wrote: > > It finally occurred to me that this affects routine forwarding too. Even > if you implement SRS on the envelope, the header From is left alone, as > per RFC 5322. Not necessarily. If the message is actually from Yahoo, it will be DKIM signed with d=yahoo.com, and if the forward doesn't break that sig, the message will pass DMARC. > It also affects a message from any of our users who authenticates with > our user and password but prefers to send with a yahoo.com From line. Yes, This is exactly what DMARC is trying to prevent. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From joseph.sniderman at thoroquel.org Mon Apr 14 20:33:43 2014 From: joseph.sniderman at thoroquel.org (Joe Sniderman) Date: Mon, 14 Apr 2014 14:33:43 -0400 Subject: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, "Service Unavailable". In-Reply-To: References: <534AEA16.8040303@psfc.mit.edu> <534AED23.7010808@Damon-Family.org> Message-ID: <534C2A07.1080106@thoroquel.org> On 04/13/2014 06:03 PM, Jim Popovitch wrote: > On Sun, Apr 13, 2014 at 4:54 PM, Joseph Brennan > wrote: >> >> Jim Popovitch wrote: >> >>> DMARC works off of SPF as well. >> >> >> Not really. > > DMARC checks alignment of *both* DKIM and SPF, if either is broken > DMARC fails. Nooooooo... If either one passes, DMARC passes. >> SPF does not check the "From:" header line, and that's where the >> troubles begin with DMARC. > > SPF checks sending IPs (of which your IPs won't match Yahoo's, thus > breaking DMARC) > > Either an SPF failure or a DKIM failure will cause a DMARC rejection > if p=reject. Even if that were the case, which it is not, SPF should pass - since typically the list is the envelope sender. -- Joe Sniderman From jimpop at gmail.com Mon Apr 14 20:41:40 2014 From: jimpop at gmail.com (Jim Popovitch) Date: Mon, 14 Apr 2014 14:41:40 -0400 Subject: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, "Service Unavailable". In-Reply-To: <534C2A07.1080106@thoroquel.org> References: <534AEA16.8040303@psfc.mit.edu> <534AED23.7010808@Damon-Family.org> <534C2A07.1080106@thoroquel.org> Message-ID: On Mon, Apr 14, 2014 at 2:33 PM, Joe Sniderman wrote: > On 04/13/2014 06:03 PM, Jim Popovitch wrote: >> On Sun, Apr 13, 2014 at 4:54 PM, Joseph Brennan >> wrote: >>> >>> Jim Popovitch wrote: >>> >>>> DMARC works off of SPF as well. >>> >>> >>> Not really. >> >> DMARC checks alignment of *both* DKIM and SPF, if either is broken >> DMARC fails. > > Nooooooo... If either one passes, DMARC passes. > >>> SPF does not check the "From:" header line, and that's where the >>> troubles begin with DMARC. >> >> SPF checks sending IPs (of which your IPs won't match Yahoo's, thus >> breaking DMARC) >> >> Either an SPF failure or a DKIM failure will cause a DMARC rejection >> if p=reject. > > Even if that were the case, which it is not, SPF should pass - since > typically the list is the envelope sender. Yes! (maybe start reading threads from the bottom up?) :-) -Jim P. From fmouse at fmp.com Mon Apr 14 21:16:32 2014 From: fmouse at fmp.com (Lindsay Haisley) Date: Mon, 14 Apr 2014 14:16:32 -0500 Subject: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, "Service Unavailable". In-Reply-To: References: <534AEA16.8040303@psfc.mit.edu> <534AED23.7010808@Damon-Family.org> <534C2A07.1080106@thoroquel.org> Message-ID: <1397502992.30541.9.camel@pudina.fmp.com> On Mon, 2014-04-14 at 14:41 -0400, Jim Popovitch wrote: > >>> SPF does not check the "From:" header line, and that's where the > >>> troubles begin with DMARC. > >> > >> SPF checks sending IPs (of which your IPs won't match Yahoo's, thus > >> breaking DMARC) > >> > >> Either an SPF failure or a DKIM failure will cause a DMARC rejection > >> if p=reject. > > > > Even if that were the case, which it is not, SPF should pass - since > > typically the list is the envelope sender. > > Yes! (maybe start reading threads from the bottom up?) :-) > This is confusing. I have a list using the DN autoharp.org. the envelope sender is a VERP address with the recipient address embedded, but the DN is autoharp.org, which passes SPF based on the A record for it. The From header address is, of course, that of the author as per RFC. But we lost perhaps 10% of subscribers to the list based on DMARC rejection. So what is being said here? -- Lindsay Haisley | "Everything works if you let it" FMP Computer Services | 512-259-1190 | --- The Roadie http://www.fmp.com | From jimpop at gmail.com Tue Apr 15 00:51:16 2014 From: jimpop at gmail.com (Jim Popovitch) Date: Mon, 14 Apr 2014 18:51:16 -0400 Subject: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, "Service Unavailable". In-Reply-To: <1397502992.30541.9.camel@pudina.fmp.com> References: <534AEA16.8040303@psfc.mit.edu> <534AED23.7010808@Damon-Family.org> <534C2A07.1080106@thoroquel.org> <1397502992.30541.9.camel@pudina.fmp.com> Message-ID: On Mon, Apr 14, 2014 at 3:16 PM, Lindsay Haisley wrote: > So what is being said here? When a yahoo poster sends an email to your list, that email is reflected to the rest of the other subscribers. Those other subscribers may or may not check yahoo's dmarc policy before accepting your list email. If they do reject your list message, then that equals 1 mailman bounce. After a few posts from yahoo members, the bounce scores increase and the other subscribers are unsubscribed. -Jim P. From lstone19 at stonejongleux.com Tue Apr 15 01:28:26 2014 From: lstone19 at stonejongleux.com (Larry Stone) Date: Mon, 14 Apr 2014 18:28:26 -0500 Subject: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, "Service Unavailable". In-Reply-To: References: <534AEA16.8040303@psfc.mit.edu> <534AED23.7010808@Damon-Family.org> <534C2A07.1080106@thoroquel.org> <1397502992.30541.9.camel@pudina.fmp.com> Message-ID: <6C8AF96A-7A74-4D91-909A-C3FE76E3CFD2@stonejongleux.com> On Apr 14, 2014, at 5:51 PM, Jim Popovitch wrote: > On Mon, Apr 14, 2014 at 3:16 PM, Lindsay Haisley wrote: >> So what is being said here? > > When a yahoo poster sends an email to your list, that email is > reflected to the rest of the other subscribers. Those other > subscribers may or may not check yahoo's dmarc policy before accepting > your list email. If they do reject your list message, then that > equals 1 mailman bounce. After a few posts from yahoo members, the > bounce scores increase and the other subscribers are unsubscribed. I think most of us are clear on that point. Where I?m confused (and I?m thinking that?s what Lindsay is asking about) is where you said > Yes! (maybe start reading threads from the bottom up?) :-) in response to > On Mon, Apr 14, 2014 at 2:33 PM, Joe Sniderman > wrote: >> On 04/13/2014 06:03 PM, Jim Popovitch wrote: >>> On Sun, Apr 13, 2014 at 4:54 PM, Joseph Brennan >>> wrote: >>>> >>>> Jim Popovitch wrote: >>>> >>>>> DMARC works off of SPF as well. >>>> >>>> >>>> Not really. >>> >>> DMARC checks alignment of *both* DKIM and SPF, if either is broken >>> DMARC fails. >> >> Nooooooo... If either one passes, DMARC passes. >> >>>> SPF does not check the "From:" header line, and that's where the >>>> troubles begin with DMARC. >>> >>> SPF checks sending IPs (of which your IPs won't match Yahoo's, thus >>> breaking DMARC) >>> >>> Either an SPF failure or a DKIM failure will cause a DMARC rejection >>> if p=reject. >> >> Even if that were the case, which it is not, SPF should pass - since >> typically the list is the envelope sender. To what are you saying ?Yes?? With what are you agreeing? ? Larry Stone lstone19 at stonejongleux.com http://www.stonejongleux.com/ From jimpop at gmail.com Tue Apr 15 01:54:16 2014 From: jimpop at gmail.com (Jim Popovitch) Date: Mon, 14 Apr 2014 19:54:16 -0400 Subject: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, "Service Unavailable". In-Reply-To: <6C8AF96A-7A74-4D91-909A-C3FE76E3CFD2@stonejongleux.com> References: <534AEA16.8040303@psfc.mit.edu> <534AED23.7010808@Damon-Family.org> <534C2A07.1080106@thoroquel.org> <1397502992.30541.9.camel@pudina.fmp.com> <6C8AF96A-7A74-4D91-909A-C3FE76E3CFD2@stonejongleux.com> Message-ID: On Mon, Apr 14, 2014 at 7:28 PM, Larry Stone wrote: > > On Apr 14, 2014, at 5:51 PM, Jim Popovitch wrote: > >> On Mon, Apr 14, 2014 at 3:16 PM, Lindsay Haisley wrote: >>> So what is being said here? >> >> When a yahoo poster sends an email to your list, that email is >> reflected to the rest of the other subscribers. Those other >> subscribers may or may not check yahoo's dmarc policy before accepting >> your list email. If they do reject your list message, then that >> equals 1 mailman bounce. After a few posts from yahoo members, the >> bounce scores increase and the other subscribers are unsubscribed. > > I think most of us are clear on that point. Where I?m confused (and I?m thinking that?s what Lindsay is asking about) is where you said > >> Yes! (maybe start reading threads from the bottom up?) :-) Ahh, my "Yes!" post to Joe was because earlier in the day I had stated one thing about dmarc, and then Mark corrected me, and at that time I acknowledged Mark's correction. And then along comes Joe the next day, and he replied to my incorrect statement before he read my later post. In threaded message format, the bottom post would generally be the latest post, thus my comment. Back to DMARC, one thing that wasn't clearly stated earlier, wrt DKIM+SPF, Mailman "breaking" the DKIM because of header+body modifications. Whether or not a remote dmarc validation checks the SPF record (of the From: address) is dependent on the posters dmarc aspf setting (which *may* tell receivers to honor the poster's DKIM *and* SPF record). So even passing the DKIM signed portion, unfettered, may still fail dmarc checks at a receiver, resulting in bounces (and of interest to privacy advocates, the failed dmarc check will most likely send a copy of the post onward to various other organizations listed in the dmarc rua and ruf records). The only true ways to handle dmarc messages (imho) are to reject posts where the poster's domain clearly says to not forward (i.e. p=reject)... OR... totally wrap the poster's email as an attachment and change the From: to something under control of the mailinglist that is sending the email. -Jim P. From khbkhb at gmail.com Tue Apr 15 02:55:20 2014 From: khbkhb at gmail.com (Keith Bierman) Date: Mon, 14 Apr 2014 18:55:20 -0600 Subject: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, "Service Unavailable". In-Reply-To: References: <534AEA16.8040303@psfc.mit.edu> <534AED23.7010808@Damon-Family.org> <534C2A07.1080106@thoroquel.org> <1397502992.30541.9.camel@pudina.fmp.com> <6C8AF96A-7A74-4D91-909A-C3FE76E3CFD2@stonejongleux.com> Message-ID: On Mon, Apr 14, 2014 at 5:54 PM, Jim Popovitch wrote: > The only true ways to handle dmarc messages (imho) are to reject posts > where the poster's domain clearly says to not forward (i.e. > p=reject)... OR... totally wrap the poster's email as an attachment > and change the From: to something under control of the mailinglist > that is sending the email. > > ?Well, my non-mail expert opinion for whatever it might be worth. While the process of revising the RFC should have been followed, it does seem that they are trying to solve a real problem. Mail should come from who it says it comes from, not make it trivial to pretend to be someone one isn't. So why not adopt a standard where the *sender* is always the list? The obvious downside is that "reply to poster" stops working, but do these "security" tools care if the reply-to is different from sender? if the list default is "reply to poster" set the reply to as the original sender, but "correctly" identify the message as coming from the mail server automation ... not the original sender. Other than noncompliance to the existing RFC(s), what am I missing? Keith Bierman khbkhb at gmail.com kbiermank AIM 303 997 2749 From jimpop at gmail.com Tue Apr 15 03:21:25 2014 From: jimpop at gmail.com (Jim Popovitch) Date: Mon, 14 Apr 2014 21:21:25 -0400 Subject: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, "Service Unavailable". In-Reply-To: References: <534AEA16.8040303@psfc.mit.edu> <534AED23.7010808@Damon-Family.org> <534C2A07.1080106@thoroquel.org> <1397502992.30541.9.camel@pudina.fmp.com> <6C8AF96A-7A74-4D91-909A-C3FE76E3CFD2@stonejongleux.com> Message-ID: On Mon, Apr 14, 2014 at 8:55 PM, Keith Bierman wrote: > While the process of revising the RFC should have been followed, it does > seem that they are trying to solve a real problem. Bingo! The dmarc folks (many of who are IETF participants) ignored and performed an end-run around the standards process. > Mail should come from who it says it comes from, not make it trivial > to pretend to be someone one isn't. It is. I am sending you this email via the list. It contains my words, and no way conveys the responsibility, nor does it delegate the ownership, to the list. > So why not adopt a standard where the *sender* is always the list? The > obvious downside is that "reply to poster" stops working, but do these > "security" tools care if the reply-to is different from sender? if the list > default is "reply to poster" set the reply to as the original sender, but > "correctly" identify the message as coming from the mail server automation > ... not the original sender. Reply-to is more of a client initiated setting. Mailman works off of Return-Path, and then there is also a formal RFC defined "Sender" header. Dmarc designers choose to ignore these well defined RFC email headers and, independently of any standards process, choose to focus solely on the From header. After all, RFC 5322 is only 8 years old, not the decades that the dmarc folks would like people to think. -Jim P. From mark at msapiro.net Tue Apr 15 04:16:06 2014 From: mark at msapiro.net (Mark Sapiro) Date: Mon, 14 Apr 2014 19:16:06 -0700 Subject: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, "Service Unavailable". In-Reply-To: <1397502992.30541.9.camel@pudina.fmp.com> References: <534AEA16.8040303@psfc.mit.edu> <534AED23.7010808@Damon-Family.org> <534C2A07.1080106@thoroquel.org> <1397502992.30541.9.camel@pudina.fmp.com> Message-ID: <534C9666.5080703@msapiro.net> On 04/14/2014 12:16 PM, Lindsay Haisley wrote: > This is confusing. I have a list using the DN autoharp.org. the > envelope sender is a VERP address with the recipient address embedded, > but the DN is autoharp.org, which passes SPF based on the A record for > it. The From header address is, of course, that of the author as per > RFC. > > But we lost perhaps 10% of subscribers to the list based on DMARC > rejection. Yes, your SPF is valid, but the domain of the envelope sender (autoharp.org) which is what the SPF deals with does not 'align with' (DMARC standard words) the domain of the From: (yahoo.com). Thus your SPF says your server is allowed to send mail with envelope from autoharp.org, not yahoo.com, so it doesn't count for DMARC validation of mail From: yahoo.com. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From Richard at Damon-Family.org Tue Apr 15 04:34:33 2014 From: Richard at Damon-Family.org (Richard Damon) Date: Mon, 14 Apr 2014 22:34:33 -0400 Subject: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, "Service Unavailable". In-Reply-To: References: <534AEA16.8040303@psfc.mit.edu> <534AED23.7010808@Damon-Family.org> <534C2A07.1080106@thoroquel.org> <1397502992.30541.9.camel@pudina.fmp.com> <6C8AF96A-7A74-4D91-909A-C3FE76E3CFD2@stonejongleux.com> Message-ID: <534C9AB9.9040106@Damon-Family.org> On 4/14/14, 8:55 PM, Keith Bierman wrote: > On Mon, Apr 14, 2014 at 5:54 PM, Jim Popovitch wrote: > >> The only true ways to handle dmarc messages (imho) are to reject posts >> where the poster's domain clearly says to not forward (i.e. >> p=reject)... OR... totally wrap the poster's email as an attachment >> and change the From: to something under control of the mailinglist >> that is sending the email. >> >> > ?Well, my non-mail expert opinion for whatever it might be worth. > > While the process of revising the RFC should have been followed, it does > seem that they are trying to solve a real problem. Mail should come from > who it says it comes from, not make it trivial to pretend to be someone one > isn't. > > So why not adopt a standard where the *sender* is always the list? The > obvious downside is that "reply to poster" stops working, but do these > "security" tools care if the reply-to is different from sender? if the list > default is "reply to poster" set the reply to as the original sender, but > "correctly" identify the message as coming from the mail server automation > ... not the original sender. > > Other than noncompliance to the existing RFC(s), what am I missing? > > > Keith Bierman > khbkhb at gmail.com > kbiermank AIM > 303 997 2749 > Actually, if you look in the header to a message from the list, it does say that the "sender" is the list (that is the contents of the Sender: header). The Email RFC's define what the various headers are supposed to mean. From: is the person who ORIGINATED the message (that is not the list). Sender: is who put the email into the mail stream (which is the list). Yes, there is a fundamental problem in identity confirmation with the internet, which is especially a problem with email. One partial solution is users should be using email programs that show them things like the Sender field, and some of these can be more easily checked. Yes, the way things are setup, there is no way to say that a message isn't "From" a given person, as the system has no way built in to say that, but it can let you know that it was sent via some other 3rd party, and let you decide if it make sense. It makes sense for some companies (like banks) to say that all email from them will ALWAYS come via a specific set of paths. It doesn't make sense for a email provider for the public to say the same thing, especially AFTER the fact. It would be another thing if Yahoo, when it started, touted that it was offering an "identity protection" service where people could know your emails come from you, with the provision that you had to send all your email via their system and couldn't post to mailing list with that account. -- Richard Damon From turnbull at sk.tsukuba.ac.jp Tue Apr 15 05:33:00 2014 From: turnbull at sk.tsukuba.ac.jp (Stephen J. Turnbull) Date: Tue, 15 Apr 2014 12:33:00 +0900 Subject: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, "Service Unavailable". In-Reply-To: References: <534AEA16.8040303@psfc.mit.edu> <534AED23.7010808@Damon-Family.org> <534C2A07.1080106@thoroquel.org> <1397502992.30541.9.camel@pudina.fmp.com> <6C8AF96A-7A74-4D91-909A-C3FE76E3CFD2@stonejongleux.com> Message-ID: <87sipffes3.fsf@uwakimon.sk.tsukuba.ac.jp> Keith Bierman writes: > While the process of revising the RFC should have been followed, No revision of the RFC was made, and Yahoo! followed the RFC in updating its own DMARC policy. That's where DMARC sucks[tm]. > it does seem that they are trying to solve a real problem. Perhaps. > Mail should come from who it says it comes from, not make it > trivial to pretend to be someone one isn't. Well, maybe. But DMARC doesn't solve that problem. It's still trivial to pretend to be someone you aren't. Just get an address at Yahoo! I suppose what you mean is phishing, ie, pretending to be a specific other someone. Well, if you want to be sure of identity, insist that your correspondents digitally sign their mail. Effective checks must be done in the MUAs because it's still very easy to spoof somebody (use "Chase Bank" , for example) even with DKIM or SPF. What needs to be done to make this user-friendly is for the MUAs to provide a simple way to configure "trusted partners" such as your bank and your psychotherapist. The bank would probably be very easy (it uses DKIM so the MUA can check it). Web-based MUAs can do this for you (Google's "Gold Key" program). The personal relationship problem is harder, but basically you need a convenient way to distribute PGP public keys and add them to specific correspondent records. For licensed professionals, governments could maintain third-party authorization mechanisms a la OpenAuth. > So why not adopt a standard where the *sender* is always the list? Because Internet mail makes a specific distinction between *sender* and *author*. we already *have* a way to identify the *sender*, and we already *do* identify the list as the sender IIRC (Resent-* headers), and in most cases we do make it clear that the list is a list (RFC 2369 headers). However, in their bottomless contempt for the average user, the DMARC authors chose to insist on authenticating the *author* with the *sender's* credentials because that's the best that can be done without cooperation from the recipient and her MUA. > The obvious downside is that "reply to poster" stops working, but > do these "security" tools care if the reply-to is different from > sender? if the list default is "reply to poster" set the reply to > as the original sender, but "correctly" identify the message as > coming from the mail server automation ... not the original sender. > > Other than noncompliance to the existing RFC(s), what am I missing? Nonconformance to RFCs means that you break all conforming implementations. "Reply-To Munging Considered Harmful" is just the start. Internet governance is based on the RFC process. If you allow large companies to disregard RFCs for their convenience, they *will* break things badly. (Small companies will break things, too, but not so badly.) Note that Yahoo! has initiated a denial of service attack on millions of innocent list subscribers. *This is not a one-time problem.* This will happen again every time a new domain changes its policy to reject, because even if we break *future* Mailman to conform to Yahoo!'s Brave New World, *past* Mailman installations will continue to exist and many of them will have taken stopgap measures (eg, moderating all Yahoo! subscribers). We have to take a stand against this kind of behavior. From fmouse at fmp.com Tue Apr 15 06:03:23 2014 From: fmouse at fmp.com (Lindsay Haisley) Date: Mon, 14 Apr 2014 23:03:23 -0500 Subject: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, "Service Unavailable". In-Reply-To: <87sipffes3.fsf@uwakimon.sk.tsukuba.ac.jp> References: <534AEA16.8040303@psfc.mit.edu> <534AED23.7010808@Damon-Family.org> <534C2A07.1080106@thoroquel.org> <1397502992.30541.9.camel@pudina.fmp.com> <6C8AF96A-7A74-4D91-909A-C3FE76E3CFD2@stonejongleux.com> <87sipffes3.fsf@uwakimon.sk.tsukuba.ac.jp> Message-ID: <1397534603.30541.41.camel@pudina.fmp.com> On Tue, 2014-04-15 at 12:33 +0900, Stephen J. Turnbull wrote: > Note that Yahoo! has initiated a denial of service attack on millions > of innocent list subscribers. *This is not a one-time problem.* This > will happen again every time a new domain changes its policy to > reject, because even if we break *future* Mailman to conform to > Yahoo!'s Brave New World, *past* Mailman installations will continue > to exist and many of them will have taken stopgap measures (eg, > moderating all Yahoo! subscribers). We have to take a stand against > this kind of behavior. Well said, Stephen! Having a presence in a number of different worlds, including the entertainment business, I frequently have had the opportunity to address the question on FB and elsewhere, "what is the Internet?" My answer is always that the Internet, at a fundamental level, is a collection of agreements on how things are going to work (coupled with some absolutely brilliant and foresighted CS technology). This agreement spanned government, corporate (large and small) and educational entities, and everyone realized that the whole could be greater than the sum of its parts, and behaved accordingly. If history teaches us anything, it's that such social mindsets have a lifespan, and that the lifespan appears to be inversely proportional to the success of model in which it flourished. In the long run, I think Murphy's Law and its 1st corollary offer a note of wisdom. Law: "If you play with anything long enough, it's gonna break." Corollary: "True, but there's always still something you can do with it." -- Lindsay Haisley | "The only unchanging Autoharpist, musical entertainer | certainty is the http://www.lindsayhaisley.com | certainty of change" 512-259-1190 | Ancient wisdom - all cultures From stephen at xemacs.org Tue Apr 15 06:13:10 2014 From: stephen at xemacs.org (Stephen J. Turnbull) Date: Tue, 15 Apr 2014 13:13:10 +0900 Subject: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, "Service Unavailable". In-Reply-To: References: <534AEA16.8040303@psfc.mit.edu> <534AED23.7010808@Damon-Family.org> <534C2A07.1080106@thoroquel.org> <1397502992.30541.9.camel@pudina.fmp.com> <6C8AF96A-7A74-4D91-909A-C3FE76E3CFD2@stonejongleux.com> Message-ID: <87r44zfcx5.fsf@uwakimon.sk.tsukuba.ac.jp> Jim Popovitch writes: > Bingo! The dmarc folks (many of who are IETF participants) ignored > and performed an end-run around the standards process. Not really. The basic protocols (SPF and DKIM) are RFCs, and that's really what the IETF process is for. What people (including bloated corporate people) choose to do with those protocols is really outside of the RFC process, just as use of SMTP to spam (under your own From, spoofing does violate the RFC :-) is outside of the RFC process. That doesn't make what Yahoo! did "right", but as much as I disagree with DMARC's basic philosophy, I don't really think DMARC is a subject for the RFC process. I just think it's a problem from the point of view of maintaining the integrity of the Internet. > Dmarc designers choose to ignore these well defined RFC email > headers and, independently of any standards process, choose to > focus solely on the From header. They do have a point. Some users are extremely susceptible to fraud. Believe it or not, in Japan there's a species of fraud where criminals call more or less random phone numbers, identify themselves as the victim's child or spouse with "It's me. It's me!" and continue by requesting money to get themselves out of some kind of jam. The victim takes cash to the specified meeting place, only to find that the jam got worse and so a friend was sent to pick up the money. This actually works to the tune of 15,000 victims and $200 million in a bad year. That's the model that DMARC has of Internet users, so it's natural that they would focus on From. > After all, RFC 5322 is only 8 years old, not the decades that the > dmarc folks would like people to think. I haven't got that impression. I think they know what they're doing and have been quite forthright about it. They just are willing to hurt lots of people, break working mechanisms, and in the process undermine Internet governance, to reduce spam and phishing (which also hurt lots of people and break working mechanisms). I'm not sure what the top people at Yahoo! are thinking, though. Conspiracy theories may well be in order there. I suspect they're thinking the same kind of thoughts that caused Microsoft to think that breaking backward compatibility with Office '97 or so was a good idea. I hope they pay a similar price. Steve From fmouse at fmp.com Tue Apr 15 06:19:24 2014 From: fmouse at fmp.com (Lindsay Haisley) Date: Mon, 14 Apr 2014 23:19:24 -0500 Subject: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, "Service Unavailable". In-Reply-To: References: <534AEA16.8040303@psfc.mit.edu> <534AED23.7010808@Damon-Family.org> <534C2A07.1080106@thoroquel.org> <1397502992.30541.9.camel@pudina.fmp.com> Message-ID: <1397535564.30541.53.camel@pudina.fmp.com> On Mon, 2014-04-14 at 18:51 -0400, Jim Popovitch wrote: > On Mon, Apr 14, 2014 at 3:16 PM, Lindsay Haisley wrote: > > So what is being said here? > > When a yahoo poster sends an email to your list, that email is > reflected to the rest of the other subscribers. Those other > subscribers may or may not check yahoo's dmarc policy before accepting > your list email. If they do reject your list message, then that > equals 1 mailman bounce. After a few posts from yahoo members, the > bounce scores increase and the other subscribers are unsubscribed. FWIW, here's a list of the DNs of subscriber addresses that got unsubscribed last week from one of FMP's lists, ostensibly as a result of the DMARC issue: yahoo.com hotmail.com comcast.net bellsouth.net att.net cityofgastonia.com fronteirnet.net sbcglobal.net There were about 76 addresses, most of which were yahoo.com or comcast.net addresses, with bellsouth.net coming in 3rd. -- Lindsay Haisley | "Everything works if you let it" FMP Computer Services | 512-259-1190 | --- The Roadie http://www.fmp.com | From jimpop at gmail.com Tue Apr 15 06:32:23 2014 From: jimpop at gmail.com (Jim Popovitch) Date: Tue, 15 Apr 2014 00:32:23 -0400 Subject: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, "Service Unavailable". In-Reply-To: <87r44zfcx5.fsf@uwakimon.sk.tsukuba.ac.jp> References: <534AEA16.8040303@psfc.mit.edu> <534AED23.7010808@Damon-Family.org> <534C2A07.1080106@thoroquel.org> <1397502992.30541.9.camel@pudina.fmp.com> <6C8AF96A-7A74-4D91-909A-C3FE76E3CFD2@stonejongleux.com> <87r44zfcx5.fsf@uwakimon.sk.tsukuba.ac.jp> Message-ID: On Tue, Apr 15, 2014 at 12:13 AM, Stephen J. Turnbull wrote: > Jim Popovitch writes: > > > Bingo! The dmarc folks (many of who are IETF participants) ignored > > and performed an end-run around the standards process. > > Not really. The basic protocols (SPF and DKIM) are RFCs, and that's > really what the IETF process is for. Interoperatabiliy and functionality is what a standards body is for. DMARC is a system that allows 1st parties to announce to 3rd parties what to do with something delivered by a 2nd party, all without any standards or feedback/care for the 2nd party. It sits atop 2 standards that were never intended for the purpose (rfc5322.From blocking) they are being used for. -Jim P. From stephen at xemacs.org Tue Apr 15 08:52:05 2014 From: stephen at xemacs.org (Stephen J. Turnbull) Date: Tue, 15 Apr 2014 15:52:05 +0900 Subject: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, "Service Unavailable". In-Reply-To: References: <534AEA16.8040303@psfc.mit.edu> <534AED23.7010808@Damon-Family.org> <534C2A07.1080106@thoroquel.org> <1397502992.30541.9.camel@pudina.fmp.com> <6C8AF96A-7A74-4D91-909A-C3FE76E3CFD2@stonejongleux.com> <87r44zfcx5.fsf@uwakimon.sk.tsukuba.ac.jp> Message-ID: <87ob03f5ka.fsf@uwakimon.sk.tsukuba.ac.jp> Jim Popovitch writes: > On Tue, Apr 15, 2014 at 12:13 AM, Stephen J. Turnbull > wrote: > > Jim Popovitch writes: > > > > > Bingo! The dmarc folks (many of who are IETF participants) ignored > > > and performed an end-run around the standards process. > > > > Not really. The basic protocols (SPF and DKIM) are RFCs, and that's > > really what the IETF process is for. > > Interoperatabiliy and functionality is what a standards body is > for. But interoperability and functionality of *what*? The IETF's mission is to define the interpretation of what comes off the wire, so that parties who have never met can communicate reliably. It's not to tell you not to send advertisements by SMTP or NNTP. It's not to tell you who you can trust to make your accept/reject decisions on Internet messages. > DMARC is a system that allows 1st parties to announce to 3rd parties > what to do with something delivered by a 2nd party, all without any > standards or feedback/care for the 2nd party. Well, yes, that's what "transparent protocols" like SMTP + DNS MX are all about. The MX doesn't need to know what the sender wants the recipient to do with the message, it just forwards it. If you don't want to be screwed as a second party, don't participate. And that's what your patch does. Right? Right! *Exactly* right! :-) But back to the MX example. xemacs.org is an oldish domain (registered in 1995, I think) with a *lot* of email addresses out in public on the web. So one of our secondary MXes backed out on us because most of the spam they were seeing was destined for us, and they didn't want anything that translated to their domain in our Received headers if it was going to go into a spam database somewhere. It was also getting to be a significant fraction of traffic to their MTA. I can't blame them! Given their situation, I think that was the right thing to do. We managed to get along. So IMHO the point of the RFC process is to make it easy for those who *want* to cooperate to do so. It's not to force anybody to cooperate with anybody else. > It sits atop 2 standards that were never intended for the purpose > (rfc5322.From blocking) they are being used for. So what? Who cares about *intention*? As Lindsay pointed out, "you can always use it for something else" (even if it's not broken!) The question is were DKIM and SPF designed to accomplish the purpose of authenticating "From" well? IMO, probably not -- they are sender, not author, authentication. Does it make sense to pay attention to DMARC "reject"? I think not -- so it's a damn good thing it's not an RFC! I really wouldn't want to be in the position of criticizing Google for RFC non-conformance if they decided to ignore Yahoo! rejects.[1] ;-) My point is not to defend what Yahoo! did, or the DMARC standard. Simply that *policies* about when to emit/respect DMARC "reject" and "ruf" are out of scope for specification by RFC. Footnotes: [1] Which I actually think might be a strategically good move for them. "Don't break the world! Use Gmail and get your bank on the 'Gold Key' program!" From mark at msapiro.net Tue Apr 15 14:56:51 2014 From: mark at msapiro.net (Mark Sapiro) Date: Tue, 15 Apr 2014 05:56:51 -0700 Subject: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, "Service Unavailable". In-Reply-To: References: Message-ID: <534D2C93.1040002@msapiro.net> Keith Bierman wrote: > The obvious downside is that "reply to poster" stops working It doesn't in the From: Munging/Message wrapping feature in Mailman 2.1.16+. The poster's From: is merged into her possibly empty Reply-To:. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From mark at msapiro.net Tue Apr 15 15:04:06 2014 From: mark at msapiro.net (Mark Sapiro) Date: Tue, 15 Apr 2014 06:04:06 -0700 Subject: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, "Service Unavailable". In-Reply-To: <1397535564.30541.53.camel@pudina.fmp.com> References: <534AEA16.8040303@psfc.mit.edu> <534AED23.7010808@Damon-Family.org> <534C2A07.1080106@thoroquel.org> <1397502992.30541.9.camel@pudina.fmp.com> <1397535564.30541.53.camel@pudina.fmp.com> Message-ID: <534D2E46.4090400@msapiro.net> On 04/14/2014 09:19 PM, Lindsay Haisley wrote: > > FWIW, here's a list of the DNs of subscriber addresses that got > unsubscribed last week from one of FMP's lists, ostensibly as a result > of the DMARC issue: > > yahoo.com > hotmail.com > comcast.net > bellsouth.net > att.net > cityofgastonia.com > fronteirnet.net > sbcglobal.net Add to that list: aol.com compuserve.com msn.com netscape.net pacbell.net See . -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From cgtyoder at alum.mit.edu Tue Apr 15 18:35:46 2014 From: cgtyoder at alum.mit.edu (Conrad G T Yoder) Date: Tue, 15 Apr 2014 12:35:46 -0400 Subject: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, "Service Unavailable". In-Reply-To: <534D2E46.4090400@msapiro.net> References: <534AEA16.8040303@psfc.mit.edu> <534AED23.7010808@Damon-Family.org> <534C2A07.1080106@thoroquel.org> <1397502992.30541.9.camel@pudina.fmp.com> <1397535564.30541.53.camel@pudina.fmp.com> <534D2E46.4090400@msapiro.net> Message-ID: <1D276494-328A-4C39-987B-ADD1D05C1E28@alum.mit.edu> Seriously? AOL/MSN as well? My users are going to be pissed. Who?s going to blink first here? -Conrad -- Is there a suspect in your family? Contact the Ministry of Information. Ring 100 00 00. On Apr 15, 2014, at 9:04 AM, Mark Sapiro wrote: > On 04/14/2014 09:19 PM, Lindsay Haisley wrote: >> >> FWIW, here's a list of the DNs of subscriber addresses that got >> unsubscribed last week from one of FMP's lists, ostensibly as a result >> of the DMARC issue: >> >> yahoo.com >> hotmail.com >> comcast.net >> bellsouth.net >> att.net >> cityofgastonia.com >> fronteirnet.net >> sbcglobal.net > > > Add to that list: > > aol.com > compuserve.com > msn.com > netscape.net > pacbell.net > > See > . > > -- > Mark Sapiro The highway is for gamblers, > San Francisco Bay Area, California better use your sense - B. Dylan > ------------------------------------------------------ > Mailman-Users mailing list Mailman-Users at python.org > https://mail.python.org/mailman/listinfo/mailman-users > Mailman FAQ: http://wiki.list.org/x/AgA3 > Security Policy: http://wiki.list.org/x/QIA9 > Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ > Unsubscribe: https://mail.python.org/mailman/options/mailman-users/cgtyoder%40alum.mit.edu From jimpop at gmail.com Tue Apr 15 18:38:09 2014 From: jimpop at gmail.com (Jim Popovitch) Date: Tue, 15 Apr 2014 12:38:09 -0400 Subject: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, "Service Unavailable". In-Reply-To: <1D276494-328A-4C39-987B-ADD1D05C1E28@alum.mit.edu> References: <534AEA16.8040303@psfc.mit.edu> <534AED23.7010808@Damon-Family.org> <534C2A07.1080106@thoroquel.org> <1397502992.30541.9.camel@pudina.fmp.com> <1397535564.30541.53.camel@pudina.fmp.com> <534D2E46.4090400@msapiro.net> <1D276494-328A-4C39-987B-ADD1D05C1E28@alum.mit.edu> Message-ID: On Tue, Apr 15, 2014 at 12:35 PM, Conrad G T Yoder wrote: > Seriously? AOL/MSN as well? My users are going to be pissed. Just to be clear, all those domains (other than yahoo.com) will bounce email to you if your list sends out an email from a yahoo.com subscriber. It's not the case that you need to prevent all those other domains (AOL/MSN/etc) from posting, just don't allow yahoo.com addresses to post to the list. -Jim P. From cgtyoder at alum.mit.edu Tue Apr 15 18:43:05 2014 From: cgtyoder at alum.mit.edu (Conrad G T Yoder) Date: Tue, 15 Apr 2014 12:43:05 -0400 Subject: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, "Service Unavailable". In-Reply-To: References: <534AEA16.8040303@psfc.mit.edu> <534AED23.7010808@Damon-Family.org> <534C2A07.1080106@thoroquel.org> <1397502992.30541.9.camel@pudina.fmp.com> <1397535564.30541.53.camel@pudina.fmp.com> <534D2E46.4090400@msapiro.net> <1D276494-328A-4C39-987B-ADD1D05C1E28@alum.mit.edu> Message-ID: <6710ABA1-4B28-4387-B6F2-CFE35F3446F7@alum.mit.edu> Ok, thanks for the clarification. I thought Mark was saying that these had implemented the DMARC rules as well. -Conrad -- DO NOT FOLD, SPINDLE, MUTILATE On Apr 15, 2014, at 12:38 PM, Jim Popovitch wrote: > On Tue, Apr 15, 2014 at 12:35 PM, Conrad G T Yoder > wrote: >> Seriously? AOL/MSN as well? My users are going to be pissed. > > Just to be clear, all those domains (other than yahoo.com) will bounce > email to you if your list sends out an email from a yahoo.com > subscriber. It's not the case that you need to prevent all those > other domains (AOL/MSN/etc) from posting, just don't allow yahoo.com > addresses to post to the list. > > -Jim P. From jimpop at gmail.com Tue Apr 15 18:49:55 2014 From: jimpop at gmail.com (Jim Popovitch) Date: Tue, 15 Apr 2014 12:49:55 -0400 Subject: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, "Service Unavailable". In-Reply-To: <6710ABA1-4B28-4387-B6F2-CFE35F3446F7@alum.mit.edu> References: <534AEA16.8040303@psfc.mit.edu> <534AED23.7010808@Damon-Family.org> <534C2A07.1080106@thoroquel.org> <1397502992.30541.9.camel@pudina.fmp.com> <1397535564.30541.53.camel@pudina.fmp.com> <534D2E46.4090400@msapiro.net> <1D276494-328A-4C39-987B-ADD1D05C1E28@alum.mit.edu> <6710ABA1-4B28-4387-B6F2-CFE35F3446F7@alum.mit.edu> Message-ID: On Tue, Apr 15, 2014 at 12:43 PM, Conrad G T Yoder wrote: > Ok, thanks for the clarification. I thought Mark was saying that these had implemented the DMARC rules as well. Well, technically they have implemented "the DMARC rules". Yahoo.com publishes a dmarc record (dig +short txt _dmarc.yahoo.com), all those others check it and respect it. -Jim P. From cgtyoder at alum.mit.edu Tue Apr 15 18:53:07 2014 From: cgtyoder at alum.mit.edu (Conrad G T Yoder) Date: Tue, 15 Apr 2014 09:53:07 -0700 Subject: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, "Service Unavailable". In-Reply-To: References: <534AEA16.8040303@psfc.mit.edu> <534AED23.7010808@Damon-Family.org> <534C2A07.1080106@thoroquel.org> <1397502992.30541.9.camel@pudina.fmp.com> <1397535564.30541.53.camel@pudina.fmp.com> <534D2E46.4090400@msapiro.net> <1D276494-328A-4C39-987B-ADD1D05C1E28@alum.mit.edu> <6710ABA1-4B28-4387-B6F2-CFE35F3446F7@alum.mit.edu> Message-ID: <4f2d3af3-0d9a-4f15-a873-60f88f1e8333@email.android.com> Yes, sorry for my sloppy language. I appreciate the clarification. -Conrad On April 15, 2014 9:49:55 AM PDT, Jim Popovitch wrote: >On Tue, Apr 15, 2014 at 12:43 PM, Conrad G T Yoder > wrote: >> Ok, thanks for the clarification. I thought Mark was saying that >these had implemented the DMARC rules as well. > >Well, technically they have implemented "the DMARC rules". Yahoo.com >publishes a dmarc record (dig +short txt _dmarc.yahoo.com), all those >others check it and respect it. > >-Jim P. >------------------------------------------------------ >Mailman-Users mailing list Mailman-Users at python.org >https://mail.python.org/mailman/listinfo/mailman-users >Mailman FAQ: http://wiki.list.org/x/AgA3 >Security Policy: http://wiki.list.org/x/QIA9 >Searchable Archives: >http://www.mail-archive.com/mailman-users%40python.org/ >Unsubscribe: >https://mail.python.org/mailman/options/mailman-users/cgtyoder%40alum.mit.edu -- Sent from a tiny keyboard and auto-corrected. From fmouse at fmp.com Tue Apr 15 20:05:17 2014 From: fmouse at fmp.com (Lindsay Haisley) Date: Tue, 15 Apr 2014 13:05:17 -0500 Subject: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, "Service Unavailable". In-Reply-To: References: <534AEA16.8040303@psfc.mit.edu> <534AED23.7010808@Damon-Family.org> <534C2A07.1080106@thoroquel.org> <1397502992.30541.9.camel@pudina.fmp.com> <1397535564.30541.53.camel@pudina.fmp.com> <534D2E46.4090400@msapiro.net> <1D276494-328A-4C39-987B-ADD1D05C1E28@alum.mit.edu> Message-ID: <1397585117.49157.17.camel@pudina.fmp.com> On Tue, 2014-04-15 at 12:38 -0400, Jim Popovitch wrote: > Just to be clear, all those domains (other than yahoo.com) will bounce > email to you if your list sends out an email from a yahoo.com > subscriber. It's not the case that you need to prevent all those > other domains (AOL/MSN/etc) from posting, just don't allow yahoo.com > addresses to post to the list. So just to be clear, putting a damper on this at this point requires _only_ that posts from yahoo.com be blocked from posting to a list. Is this correct? This can be done by selectively unsubscribing (or moderating) current yahoo.com users and adding "^.*@yahoo\.com" to the ban_list of addresses banned from membership going forward. Should some other ESP start publishing advisory DMARC records then said ESP would need to be added to the ban_list as well. Am I correct in this? -- Lindsay Haisley | "UNIX is user-friendly, it just FMP Computer Services | chooses its friends." 512-259-1190 | -- Andreas Bogk http://www.fmp.com | From jimpop at gmail.com Tue Apr 15 20:11:06 2014 From: jimpop at gmail.com (Jim Popovitch) Date: Tue, 15 Apr 2014 14:11:06 -0400 Subject: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, "Service Unavailable". In-Reply-To: <1397585117.49157.17.camel@pudina.fmp.com> References: <534AEA16.8040303@psfc.mit.edu> <534AED23.7010808@Damon-Family.org> <534C2A07.1080106@thoroquel.org> <1397502992.30541.9.camel@pudina.fmp.com> <1397535564.30541.53.camel@pudina.fmp.com> <534D2E46.4090400@msapiro.net> <1D276494-328A-4C39-987B-ADD1D05C1E28@alum.mit.edu> <1397585117.49157.17.camel@pudina.fmp.com> Message-ID: On Tue, Apr 15, 2014 at 2:05 PM, Lindsay Haisley wrote: > On Tue, 2014-04-15 at 12:38 -0400, Jim Popovitch wrote: >> Just to be clear, all those domains (other than yahoo.com) will bounce >> email to you if your list sends out an email from a yahoo.com >> subscriber. It's not the case that you need to prevent all those >> other domains (AOL/MSN/etc) from posting, just don't allow yahoo.com >> addresses to post to the list. > > So just to be clear, putting a damper on this at this point requires > _only_ that posts from yahoo.com be blocked from posting to a list. Is > this correct? This can be done by selectively unsubscribing (or > moderating) current yahoo.com users and adding "^.*@yahoo\.com" to the > ban_list of addresses banned from membership going forward. Should some > other ESP start publishing advisory DMARC records then said ESP would > need to be added to the ban_list as well. > > Am I correct in this? You don't need to ban yahoo members, you just most likely don't want them posting. As of right now, today, you should prevent yahoo.com addrs from posting to your lists. Of course that could all change tomorrow if Hotmail published a dmarc p=reject record. However, given the yahoo fallout, I think it will be a while before we see anymore of this kinds of shenanigans. I'm still predicting that yahoo pulls their dmarc record (unless of course they are getting out of the end-user email biz) -Jim P. From stephen at xemacs.org Tue Apr 15 20:29:35 2014 From: stephen at xemacs.org (Stephen J. Turnbull) Date: Wed, 16 Apr 2014 03:29:35 +0900 Subject: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, "Service Unavailable". In-Reply-To: References: <534AEA16.8040303@psfc.mit.edu> <534AED23.7010808@Damon-Family.org> <534C2A07.1080106@thoroquel.org> <1397502992.30541.9.camel@pudina.fmp.com> <1397535564.30541.53.camel@pudina.fmp.com> <534D2E46.4090400@msapiro.net> <1D276494-328A-4C39-987B-ADD1D05C1E28@alum.mit.edu> <1397585117.49157.17.camel@pudina.fmp.com> Message-ID: <87ha5ufnu8.fsf@uwakimon.sk.tsukuba.ac.jp> > On Tue, Apr 15, 2014 at 2:05 PM, Lindsay Haisley wrote: > > So just to be clear, putting a damper on this at this point requires > > _only_ that posts from yahoo.com be blocked from posting to a list. Is > > this correct? This can be done by selectively unsubscribing (or > > moderating) current yahoo.com users and adding "^.*@yahoo\.com" to the > > ban_list of addresses banned from membership going forward. That's a bit bloodthirsty! I like that! :-) Seriously, if people want to read their list mail at Yahoo, that's not a technical problem. I would class banning subscriptions as "harrassment". > > Should some other ESP start publishing advisory DMARC records > > then said ESP would need to be added to the ban_list as well. To be precise, almost certainly all of the services on Mark's list do publish advisory records; they just don't include the p=reject option. For privacy advocates, this means that they *may* get failure-to- authenticate reports, which *may* contain full mail text (remember, this is for spam-fighting). Jim Popovitch writes: > However, given the yahoo fallout, I think it will be a while before > we see anymore of this kinds of shenanigans. I'm still predicting > that yahoo pulls their dmarc record I suspect they will, too. I already have four students who are switching away from yahoo because of this (they're not even on my mailing lists yet, I'm adding them now!) Steve From sylvain at opensource-expert.com Tue Apr 15 18:08:46 2014 From: sylvain at opensource-expert.com (Sylvain Viart) Date: Tue, 15 Apr 2014 18:08:46 +0200 Subject: [Mailman-Users] handler to auto detach attachment and link it to a website keeping html In-Reply-To: <534AB359.6090205@msapiro.net> References: <53368652.90207@opensource-expert.com> <53481019.2000209@opensource-expert.com> <5348596E.6070703@msapiro.net> <534AB359.6090205@msapiro.net> Message-ID: <534D598E.6030301@opensource-expert.com> Hi, Le 13/04/2014 17:55, Mark Sapiro a ?crit : >> withlist is the tool for this. + >> http://www.msapiro.net/scripts/test_handler.py > I also updated the FAQ at to point to this script. Thanks, it saves me a lot of re-testing boring emails. Especially useful as I never programmed in Python before. And I do perform some SyntaxError! I borrowed a code from Mailman/Handlers/MimeDel.py def reset_payload(msg, txt, fname, url): # Reset payload of msg to contents of subpart, and fix up content headers msg.set_payload(txt) del msg['content-type'] del msg['content-transfer-encoding'] del msg['content-disposition'] del msg['content-description'] msg.add_header('X-Mailman-Part', 'Attachment-moved', url=url) msg.add_header('Content-Type', 'text/plain', charset='UTF-8', name=fname) msg.add_header('Content-Transfer-Encoding', '8bit') msg.add_header('Content-Disposition', 'attachment', filename=fname) msg.add_header('Content-Description', "Attachment-moved by Mailman") Is it the correct way to use email.message.Message in order to replace an attachment with a dummy text file containing the link? No other way to, remove all header in oneshot, or replace with a fresh parsed attachment? A thunderbird Filelink extension produced for example: X-Mozilla-Cloud-Part: cloudFile; url=http://ovh.to/someurl; name=crazy_heavy_to_much.pdf Content-Type: application/octet-stream Content-Transfer-Encoding: 7bit I took this behavior and started to develop some parts. I will limit the feature to my own context, not covering all case of mix of nested part attached? But I will publish the source. Is there a preferred repository or procedure? Or is it ok to push it on git hub? Regards, Sylvain. From pshute at nuw.org.au Tue Apr 15 22:17:21 2014 From: pshute at nuw.org.au (Peter Shute) Date: Wed, 16 Apr 2014 06:17:21 +1000 Subject: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, "Service Unavailable". In-Reply-To: <1397585117.49157.17.camel@pudina.fmp.com> References: <534AEA16.8040303@psfc.mit.edu> <534AED23.7010808@Damon-Family.org> <534C2A07.1080106@thoroquel.org> <1397502992.30541.9.camel@pudina.fmp.com> <1397535564.30541.53.camel@pudina.fmp.com> <534D2E46.4090400@msapiro.net> <1D276494-328A-4C39-987B-ADD1D05C1E28@alum.mit.edu> <1397585117.49157.17.camel@pudina.fmp.com> Message-ID: <73E90F99-516A-4E12-9474-519CC81324F7@nuw.org.au> > On 16 Apr 2014, at 4:05 am, "Lindsay Haisley" wrote: > > So just to be clear, putting a damper on this at this point requires > _only_ that posts from yahoo.com be blocked from posting to a list. Is > this correct? This can be done by selectively unsubscribing (or > moderating) current yahoo.com users and adding "^.*@yahoo\.com" to the > ban_list of addresses banned from membership going forward. Should some > other ESP start publishing advisory DMARC records then said ESP would > need to be added to the ban_list as well. Does yahoo allow people to use their own domain names with yahoo mail? Ie is it good enough to just look at the subscriber's email address? Peter Shute From jimpop at gmail.com Tue Apr 15 22:23:47 2014 From: jimpop at gmail.com (Jim Popovitch) Date: Tue, 15 Apr 2014 16:23:47 -0400 Subject: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, "Service Unavailable". In-Reply-To: <73E90F99-516A-4E12-9474-519CC81324F7@nuw.org.au> References: <534AEA16.8040303@psfc.mit.edu> <534AED23.7010808@Damon-Family.org> <534C2A07.1080106@thoroquel.org> <1397502992.30541.9.camel@pudina.fmp.com> <1397535564.30541.53.camel@pudina.fmp.com> <534D2E46.4090400@msapiro.net> <1D276494-328A-4C39-987B-ADD1D05C1E28@alum.mit.edu> <1397585117.49157.17.camel@pudina.fmp.com> <73E90F99-516A-4E12-9474-519CC81324F7@nuw.org.au> Message-ID: On Tue, Apr 15, 2014 at 4:17 PM, Peter Shute wrote: >> On 16 Apr 2014, at 4:05 am, "Lindsay Haisley" wrote: >> >> So just to be clear, putting a damper on this at this point requires >> _only_ that posts from yahoo.com be blocked from posting to a list. Is >> this correct? This can be done by selectively unsubscribing (or >> moderating) current yahoo.com users and adding "^.*@yahoo\.com" to the >> ban_list of addresses banned from membership going forward. Should some >> other ESP start publishing advisory DMARC records then said ESP would >> need to be added to the ban_list as well. > > Does yahoo allow people to use their own domain names with yahoo mail? Ie is it good enough to just look at the subscriber's email address? Yes. via Yahoo's small biz portal. That said, those domains would be responsible for publishing (or not) their own dmarc record. -Jim P. From pshute at nuw.org.au Wed Apr 16 03:20:00 2014 From: pshute at nuw.org.au (Peter Shute) Date: Wed, 16 Apr 2014 11:20:00 +1000 Subject: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, "Service Unavailable". In-Reply-To: References: <534AEA16.8040303@psfc.mit.edu> <534AED23.7010808@Damon-Family.org> <534C2A07.1080106@thoroquel.org> <1397502992.30541.9.camel@pudina.fmp.com> <1397535564.30541.53.camel@pudina.fmp.com> <534D2E46.4090400@msapiro.net> <1D276494-328A-4C39-987B-ADD1D05C1E28@alum.mit.edu> <1397585117.49157.17.camel@pudina.fmp.com> <73E90F99-516A-4E12-9474-519CC81324F7@nuw.org.au> Message-ID: <87C5BDB1-5407-497E-8231-B1103A0139D1@nuw.org.au> > On 16 Apr 2014, at 6:23 am, "Jim Popovitch" wrote: > > On Tue, Apr 15, 2014 at 4:17 PM, Peter Shute wrote: >>> On 16 Apr 2014, at 4:05 am, "Lindsay Haisley" wrote: >>> >>> So just to be clear, putting a damper on this at this point requires >>> _only_ that posts from yahoo.com be blocked from posting to a list. Is >>> this correct? This can be done by selectively unsubscribing (or >>> moderating) current yahoo.com users and adding "^.*@yahoo\.com" to the >>> ban_list of addresses banned from membership going forward. Should some >>> other ESP start publishing advisory DMARC records then said ESP would >>> need to be added to the ban_list as well. >> >> Does yahoo allow people to use their own domain names with yahoo mail? Ie is it good enough to just look at the subscriber's email address? > > Yes. via Yahoo's small biz portal. That said, those domains would be > responsible for publishing (or not) their own dmarc record. Although it doesn't contribute to the discussion, I'd like to say that I'm very relieved to hear that those addresses won't be affected. Peter Shute From jimpop at gmail.com Wed Apr 16 03:58:13 2014 From: jimpop at gmail.com (Jim Popovitch) Date: Tue, 15 Apr 2014 21:58:13 -0400 Subject: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, "Service Unavailable". In-Reply-To: <2BB5DDD3-900B-404E-A0B6-BD40822720AA@yoders.org> References: <534AEA16.8040303@psfc.mit.edu> <534AED23.7010808@Damon-Family.org> <534C2A07.1080106@thoroquel.org> <1397502992.30541.9.camel@pudina.fmp.com> <1397535564.30541.53.camel@pudina.fmp.com> <534D2E46.4090400@msapiro.net> <1D276494-328A-4C39-987B-ADD1D05C1E28@alum.mit.edu> <1397585117.49157.17.camel@pudina.fmp.com> <2BB5DDD3-900B-404E-A0B6-BD40822720AA@yoders.org> Message-ID: On Tue, Apr 15, 2014 at 9:50 PM, Conrad G T Yoder wrote: > On Apr 15, 2014, at 2:11 PM, Jim Popovitch wrote: > >> On Tue, Apr 15, 2014 at 2:05 PM, Lindsay Haisley wrote: >>> On Tue, 2014-04-15 at 12:38 -0400, Jim Popovitch wrote: >>>> Just to be clear, all those domains (other than yahoo.com) will bounce >>>> email to you if your list sends out an email from a yahoo.com >>>> subscriber. It's not the case that you need to prevent all those >>>> other domains (AOL/MSN/etc) from posting, just don't allow yahoo.com >>>> addresses to post to the list. >>> >>> So just to be clear, putting a damper on this at this point requires >>> _only_ that posts from yahoo.com be blocked from posting to a list. Is >>> this correct? This can be done by selectively unsubscribing (or >>> moderating) current yahoo.com users and adding "^.*@yahoo\.com" to the >>> ban_list of addresses banned from membership going forward. Should some >>> other ESP start publishing advisory DMARC records then said ESP would >>> need to be added to the ban_list as well. >>> >>> Am I correct in this? >> >> You don't need to ban yahoo members, you just most likely don't want >> them posting. >> >> As of right now, today, you should prevent yahoo.com addrs from >> posting to your lists. Of course that could all change tomorrow if >> Hotmail published a dmarc p=reject record. However, given the yahoo >> fallout, I think it will be a while before we see anymore of this >> kinds of shenanigans. I'm still predicting that yahoo pulls their >> dmarc record (unless of course they are getting out of the end-user >> email biz) > > So it really doesn?t affect domain email hosted by Yahoo such as att.net, sbcglobal.net, ymail.com, etc? Yahoo has not added a dmarc p=reject record for email from these domains? Correct. But that could all change tomorrow if they do add dmarc records for those domains. -Jim P. From fmouse at fmp.com Wed Apr 16 04:04:36 2014 From: fmouse at fmp.com (Lindsay Haisley) Date: Tue, 15 Apr 2014 21:04:36 -0500 Subject: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, "Service Unavailable". In-Reply-To: References: <534AEA16.8040303@psfc.mit.edu> <534AED23.7010808@Damon-Family.org> <534C2A07.1080106@thoroquel.org> <1397502992.30541.9.camel@pudina.fmp.com> <1397535564.30541.53.camel@pudina.fmp.com> <534D2E46.4090400@msapiro.net> <1D276494-328A-4C39-987B-ADD1D05C1E28@alum.mit.edu> <1397585117.49157.17.camel@pudina.fmp.com> <2BB5DDD3-900B-404E-A0B6-BD40822720AA@yoders.org> Message-ID: <1397613876.49157.95.camel@pudina.fmp.com> On Tue, 2014-04-15 at 21:58 -0400, Jim Popovitch wrote: > Correct. But that could all change tomorrow if they do add dmarc > records for those domains. > This is a pretty big deal, and it's been a week or more since Yahoo pulled this stunt. What kind of blowback are they getting, and is there any indication that they're feeling the heat? -- Lindsay Haisley | SUPPORT NETWORK NEUTRALITY FMP Computer Services | -------------------------- 512-259-1190 | Boycott Yahoo, RoadRunner, AOL http://www.fmp.com | and Verison From jimpop at gmail.com Wed Apr 16 04:10:24 2014 From: jimpop at gmail.com (Jim Popovitch) Date: Tue, 15 Apr 2014 22:10:24 -0400 Subject: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, "Service Unavailable". In-Reply-To: <1397613876.49157.95.camel@pudina.fmp.com> References: <534AEA16.8040303@psfc.mit.edu> <534AED23.7010808@Damon-Family.org> <534C2A07.1080106@thoroquel.org> <1397502992.30541.9.camel@pudina.fmp.com> <1397535564.30541.53.camel@pudina.fmp.com> <534D2E46.4090400@msapiro.net> <1D276494-328A-4C39-987B-ADD1D05C1E28@alum.mit.edu> <1397585117.49157.17.camel@pudina.fmp.com> <2BB5DDD3-900B-404E-A0B6-BD40822720AA@yoders.org> <1397613876.49157.95.camel@pudina.fmp.com> Message-ID: On Tue, Apr 15, 2014 at 10:04 PM, Lindsay Haisley wrote: > On Tue, 2014-04-15 at 21:58 -0400, Jim Popovitch wrote: >> Correct. But that could all change tomorrow if they do add dmarc >> records for those domains. >> > This is a pretty big deal, and it's been a week or more since Yahoo > pulled this stunt. What kind of blowback are they getting, and is there > any indication that they're feeling the heat? They initially tried to defend it, but since then silence. I suspect they are trying to ride it out for now. -Jim P. From conrad at yoders.org Wed Apr 16 03:50:55 2014 From: conrad at yoders.org (Conrad G T Yoder) Date: Tue, 15 Apr 2014 21:50:55 -0400 Subject: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, "Service Unavailable". In-Reply-To: References: <534AEA16.8040303@psfc.mit.edu> <534AED23.7010808@Damon-Family.org> <534C2A07.1080106@thoroquel.org> <1397502992.30541.9.camel@pudina.fmp.com> <1397535564.30541.53.camel@pudina.fmp.com> <534D2E46.4090400@msapiro.net> <1D276494-328A-4C39-987B-ADD1D05C1E28@alum.mit.edu> <1397585117.49157.17.camel@pudina.fmp.com> Message-ID: <2BB5DDD3-900B-404E-A0B6-BD40822720AA@yoders.org> On Apr 15, 2014, at 2:11 PM, Jim Popovitch wrote: > On Tue, Apr 15, 2014 at 2:05 PM, Lindsay Haisley wrote: >> On Tue, 2014-04-15 at 12:38 -0400, Jim Popovitch wrote: >>> Just to be clear, all those domains (other than yahoo.com) will bounce >>> email to you if your list sends out an email from a yahoo.com >>> subscriber. It's not the case that you need to prevent all those >>> other domains (AOL/MSN/etc) from posting, just don't allow yahoo.com >>> addresses to post to the list. >> >> So just to be clear, putting a damper on this at this point requires >> _only_ that posts from yahoo.com be blocked from posting to a list. Is >> this correct? This can be done by selectively unsubscribing (or >> moderating) current yahoo.com users and adding "^.*@yahoo\.com" to the >> ban_list of addresses banned from membership going forward. Should some >> other ESP start publishing advisory DMARC records then said ESP would >> need to be added to the ban_list as well. >> >> Am I correct in this? > > You don't need to ban yahoo members, you just most likely don't want > them posting. > > As of right now, today, you should prevent yahoo.com addrs from > posting to your lists. Of course that could all change tomorrow if > Hotmail published a dmarc p=reject record. However, given the yahoo > fallout, I think it will be a while before we see anymore of this > kinds of shenanigans. I'm still predicting that yahoo pulls their > dmarc record (unless of course they are getting out of the end-user > email biz) So it really doesn?t affect domain email hosted by Yahoo such as att.net, sbcglobal.net, ymail.com, etc? Yahoo has not added a dmarc p=reject record for email from these domains? -Conrad -- The truth shall make you free. From isakov.shavkat at gmail.com Tue Apr 15 22:23:02 2014 From: isakov.shavkat at gmail.com (Shavkat_BEK) Date: Tue, 15 Apr 2014 16:23:02 -0400 Subject: [Mailman-Users] NEED HELP: Mailman is not archiving Message-ID: Hello, I have a lot of mailing lists that I have to look after. NB: I am not familiar with mailman. I recently found out that the mailman is not archiving most of the mailing lists. Here is some info that might give you some idea of what is going on. 1. /var/log/mailman/qrunner: Apr 13 04:02:04 2014 (15275) Master watcher caught SIGHUP. Re-opening log files. Apr 13 04:02:04 2014 (15280) BounceRunner qrunner caught SIGHUP. Reopening logs. Apr 13 04:02:04 2014 (15284) OutgoingRunner qrunner caught SIGHUP. Reopening logs. Apr 13 04:02:04 2014 (15281) CommandRunner qrunner caught SIGHUP. Reopening logs. Apr 13 04:02:04 2014 (15285) VirginRunner qrunner caught SIGHUP. Reopening logs. Apr 13 04:02:04 2014 (15279) ArchRunner qrunner caught SIGHUP. Reopening logs. Apr 13 04:02:04 2014 (15286) RetryRunner qrunner caught SIGHUP. Reopening logs. Apr 13 04:02:04 2014 (15283) NewsRunner qrunner caught SIGHUP. Reopening logs. Apr 13 04:02:04 2014 (15282) IncomingRunner qrunner caught SIGHUP. Reopening logs. 2. /var/log/mailman/error: Apr 15 08:08:53 2014 (15279) SHUNTING: 1396932558.512722+32b8dc6f945cc9837829a7803dba6d48978dc65f Apr 15 08:19:12 2014 (15279) Archive file access failure: /var/lib/mailman/archives/private/maillist1.mbox/maillist1.mbox [Errno 2] No such file or directory: '/var/lib/mailman/archives/private/maillist1.mbox/maillist1.mbox' Apr 15 08:19:12 2014 (15279) Uncaught runner exception: [Errno 2] No such file or directory: '/var/lib/mailman/archives/private/maillist1.mbox/maillist1.mbox' Apr 15 08:19:12 2014 (15279) Traceback (most recent call last): File "/usr/lib/mailman/Mailman/Queue/Runner.py", line 112, in _oneloop self._onefile(msg, msgdata) File "/usr/lib/mailman/Mailman/Queue/Runner.py", line 170, in _onefile keepqueued = self._dispose(mlist, msg, msgdata) File "/usr/lib/mailman/Mailman/Queue/ArchRunner.py", line 73, in _dispose mlist.ArchiveMail(msg) File "/usr/lib/mailman/Mailman/Archiver/Archiver.py", line 200, in ArchiveMail self.__archive_to_mbox(msg) File "/usr/lib/mailman/Mailman/Archiver/Archiver.py", line 169, in __archive_to_mbox mbox = self.__archive_file(afn) File "/usr/lib/mailman/Mailman/Archiver/Archiver.py", line 157, in __archive_file return Mailbox.Mailbox(open(afn, 'a+')) IOError: [Errno 2] No such file or directory: '/var/lib/mailman/archives/private/maillist1.mbox/maillist1.mbox' Apr 15 08:19:12 2014 (15279) SHUNTING: 1396933144.6830571+143d9830d84db9f9833d8aa2d4b112db01eeab5f Apr 15 11:24:33 2014 (15279) Archive file access failure: /var/lib/mailman/archives/private/maillist2.mbox/maillist2.mbox [Errno 2] No such file or directory: '/var/lib/mailman/archives/private/maillist2.mbox/maillist2.mbox' Apr 15 11:24:33 2014 (15279) Uncaught runner exception: [Errno 2] No such file or directory: '/var/lib/mailman/archives/private/maillist2.mbox/maillist2.mbox' Apr 15 11:24:33 2014 (15279) Traceback (most recent call last): File "/usr/lib/mailman/Mailman/Queue/Runner.py", line 112, in _oneloop self._onefile(msg, msgdata) File "/usr/lib/mailman/Mailman/Queue/Runner.py", line 170, in _onefile keepqueued = self._dispose(mlist, msg, msgdata) File "/usr/lib/mailman/Mailman/Queue/ArchRunner.py", line 73, in _dispose mlist.ArchiveMail(msg) File "/usr/lib/mailman/Mailman/Archiver/Archiver.py", line 200, in ArchiveMail self.__archive_to_mbox(msg) File "/usr/lib/mailman/Mailman/Archiver/Archiver.py", line 169, in __archive_to_mbox mbox = self.__archive_file(afn) File "/usr/lib/mailman/Mailman/Archiver/Archiver.py", line 157, in __archive_file return Mailbox.Mailbox(open(afn, 'a+')) IOError: [Errno 2] No such file or directory: '/var/lib/mailman/archives/private/maillist2.mbox/maillist2.mbox' Apr 15 11:24:33 2014 (15279) SHUNTING: 1396942654.773037+9f511553f025a03a229585b84e51b0793b1b6949 3. /var/log/mailman/error: Apr 07 19:29:08 2014 (15279) SHUNTING: 1396159793.503808+5dbeb8164ec49776298a682f26a0d002227e76a6 Apr 07 19:44:10 2014 (15279) Uncaught runner exception: [Errno 17] File exists Apr 07 19:44:10 2014 (15279) Traceback (most recent call last): File "/usr/lib/mailman/Mailman/Queue/Runner.py", line 112, in _oneloop self._onefile(msg, msgdata) File "/usr/lib/mailman/Mailman/Queue/Runner.py", line 170, in _onefile keepqueued = self._dispose(mlist, msg, msgdata) File "/usr/lib/mailman/Mailman/Queue/ArchRunner.py", line 74, in _dispose mlist.Save() File "/usr/lib/mailman/Mailman/MailList.py", line 561, in Save self.__save(dict) File "/usr/lib/mailman/Mailman/MailList.py", line 538, in __save os.link(fname, fname_last) OSError: [Errno 17] File exists 4. /var/log/mailman/error: Apr 06 20:00:14 2014 (15282) SHUNTING: 1396828813.636153+b2971b4c411884368c3c706a189b42ce68820a2b Apr 07 08:00:35 2014 (15282) send_digests() failed: [Errno 2] No such file or directory: '/var/lib/mailman/lists/maillist3/digest.mbox' Apr 07 08:00:35 2014 (15285) Uncaught runner exception: [Errno 116] Stale NFS file handle Apr 07 08:00:35 2014 (15285) Traceback (most recent call last): File "/usr/lib/mailman/Mailman/Queue/Runner.py", line 112, in _oneloop self._onefile(msg, msgdata) File "/usr/lib/mailman/Mailman/Queue/Runner.py", line 145, in _onefile mlist = self._open_list(listname) File "/usr/lib/mailman/Mailman/Queue/Runner.py", line 190, in _open_list mlist = MailList.MailList(listname, lock=False) File "/usr/lib/mailman/Mailman/MailList.py", line 130, in __init__ self.Load() File "/usr/lib/mailman/Mailman/MailList.py", line 629, in Load dict, e = self.__load(file) File "/usr/lib/mailman/Mailman/MailList.py", line 602, in __load dict = loadfunc(fp) IOError: [Errno 116] Stale NFS file handle Any help is greatly appreciated. Shavkat From webmaster at nolanchart.com Tue Apr 15 23:25:58 2014 From: webmaster at nolanchart.com (Walt Thiessen) Date: Tue, 15 Apr 2014 17:25:58 -0400 Subject: [Mailman-Users] email subscribe command not responding Message-ID: <534DA3E6.9060100@nolanchart.com> I have a list where the email command to subscribe another user doesn't seem to work when I include it in the body of an email and send it to mylist-request at mydomain.tld. subscribe [$<$PASSWORD$>$] [digest|nodigest] [address=$<$ADDRESS$>$] When I try to use it, I get no notification back of any kind. is there a setting somewhere that might be affecting this functionality? From mailman-admin at uni-konstanz.de Wed Apr 16 13:25:06 2014 From: mailman-admin at uni-konstanz.de (Mailman Admin) Date: Wed, 16 Apr 2014 13:25:06 +0200 Subject: [Mailman-Users] email subscribe command not responding In-Reply-To: <534DA3E6.9060100@nolanchart.com> References: <534DA3E6.9060100@nolanchart.com> Message-ID: <534E6892.1010303@uni-konstanz.de> Hello Walt Thiessen Am 2014-04-15 23:25, schrieb Walt Thiessen: > I have a list where the email command to subscribe another user doesn't > seem to work when I include it in the body of an email and send it to > mylist-request at mydomain.tld. > > subscribe [$<$PASSWORD$>$] [digest|nodigest] [address=$<$ADDRESS$>$] > > When I try to use it, I get no notification back of any kind. > > is there a setting somewhere that might be affecting this functionality? > Did you activate this functionality for this list "mylist" ? Look for: administrivia -> Yes autorespond_requests (Yes if you want always a response) autorespond_request_text Kind regards, Christian Mack From mark at msapiro.net Wed Apr 16 13:27:49 2014 From: mark at msapiro.net (Mark Sapiro) Date: Wed, 16 Apr 2014 04:27:49 -0700 Subject: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, "Service Unavailable". In-Reply-To: <2BB5DDD3-900B-404E-A0B6-BD40822720AA@yoders.org> References: <534AEA16.8040303@psfc.mit.edu> <534AED23.7010808@Damon-Family.org> <534C2A07.1080106@thoroquel.org> <1397502992.30541.9.camel@pudina.fmp.com> <1397535564.30541.53.camel@pudina.fmp.com> <534D2E46.4090400@msapiro.net> <1D276494-328A-4C39-987B-ADD1D05C1E28@alum.mit.edu> <1397585117.49157.17.camel@pudina.fmp.com> <2BB5DDD3-900B-404E-A0B6-BD40822720AA@yoders.org> Message-ID: <534E6935.3080204@msapiro.net> On 04/15/2014 06:50 PM, Conrad G T Yoder wrote: > > So it really doesn?t affect domain email hosted by Yahoo such as att.net, sbcglobal.net, ymail.com, etc? Yahoo has not added a dmarc p=reject record for email from these domains? Short answer: That's correct. Long answer: mark at Notebook-09:~$ dig +short txt _dmarc.ymail.com "v=DMARC1\; p=none\; pct=100\; rua=mailto:dmarc-yahoo-rua at yahoo-inc.com\;" mark at Notebook-09:~$ dig +short txt _dmarc.sbcglobal.net mark at Notebook-09:~$ dig +short txt _dmarc.att.net mark at Notebook-09:~$ The above means that ymail.com publishes a DMARC p=none policy and sbcglobal.net and att.net publish no DMARC policy at all, so while those domains may honor the DMARC policy of the From: domain for incoming mail, mail From: those domains is currently unaffected. Note that ymail.com does request aggregate reports to be sent to dmarc-yahoo-rua at yahoo-inc.com which means that failures will be reported even if they don't affect mail delivery. Note also, that sec 6 of the draft DMARC specification says in part: Mail Receivers MAY choose to reject or quarantine email even if email passes the DMARC mechanism check. ... Mail Receivers MAY choose to accept email that fails the DMARC mechanism check even if the Domain Owner has published a "reject" policy. so no one is REQUIRED to honor DMARC policy, and even domains which publish a DMARC policy are free to ignore the DMARC policy that should apply and accept, reject or quarantine any particular incoming message for other reasons. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From mark at msapiro.net Wed Apr 16 15:01:09 2014 From: mark at msapiro.net (Mark Sapiro) Date: Wed, 16 Apr 2014 06:01:09 -0700 Subject: [Mailman-Users] email subscribe command not responding In-Reply-To: <534E6892.1010303@uni-konstanz.de> References: <534DA3E6.9060100@nolanchart.com> <534E6892.1010303@uni-konstanz.de> Message-ID: <534E7F15.7020204@msapiro.net> On 04/16/2014 04:25 AM, Mailman Admin wrote: > > Am 2014-04-15 23:25, schrieb Walt Thiessen: >> I have a list where the email command to subscribe another user doesn't >> seem to work when I include it in the body of an email and send it to >> mylist-request at mydomain.tld. >> >> subscribe [$<$PASSWORD$>$] [digest|nodigest] [address=$<$ADDRESS$>$] >> >> When I try to use it, I get no notification back of any kind. >> >> is there a setting somewhere that might be affecting this functionality? This is probably expected. The email subscribe does not respond if the subscribe command is successful and the subscribe requires confirmation. This is because in the normal case, the subscription is for the user submitting the command and it's redundant to send both "results of your email commands" and "your subscription requires confirmation" emails. In your case however, the "your subscription requires confirmation" email goes to a different address and you get nothing. You may consider this a bug, but fixing it is tricky as the subscribed address may or may not be an alternate for the submitter's address and "correct" behavior may depend on that which is unknowable. > Did you activate this functionality for this list "mylist" ? > Look for: > administrivia -> Yes > autorespond_requests (Yes if you want always a response) > autorespond_request_text You can use the Auto-responder settings to generate an auto response to the message to mylist-request at mydomain.tld, but this autoresponse only tells you that the message was received. It doesn't say what the disposition was. You can assume the request was successful because you should receive a response to the command if there was an error. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From mark at msapiro.net Wed Apr 16 15:10:57 2014 From: mark at msapiro.net (Mark Sapiro) Date: Wed, 16 Apr 2014 06:10:57 -0700 Subject: [Mailman-Users] NEED HELP: Mailman is not archiving In-Reply-To: References: Message-ID: <534E8161.60502@msapiro.net> On 04/15/2014 01:23 PM, Shavkat_BEK wrote: > > I recently found out that the mailman is not archiving most of the mailing > lists. Here is some info that might give you some idea of what is going on. ... > 2. /var/log/mailman/error: > > Apr 15 08:08:53 2014 (15279) SHUNTING: > 1396932558.512722+32b8dc6f945cc9837829a7803dba6d48978dc65f > Apr 15 08:19:12 2014 (15279) Archive file access failure: > /var/lib/mailman/archives/private/maillist1.mbox/maillist1.mbox > [Errno 2] No such file or directory: > '/var/lib/mailman/archives/private/maillist1.mbox/maillist1.mbox' > Apr 15 08:19:12 2014 (15279) Uncaught runner exception: [Errno 2] No such > file or directory: > '/var/lib/mailman/archives/private/maillist1.mbox/maillist1.mbox' > Apr 15 08:19:12 2014 (15279) Traceback (most recent call last): > File "/usr/lib/mailman/Mailman/Queue/Runner.py", line 112, in _oneloop > self._onefile(msg, msgdata) > File "/usr/lib/mailman/Mailman/Queue/Runner.py", line 170, in _onefile > keepqueued = self._dispose(mlist, msg, msgdata) > File "/usr/lib/mailman/Mailman/Queue/ArchRunner.py", line 73, in _dispose > mlist.ArchiveMail(msg) > File "/usr/lib/mailman/Mailman/Archiver/Archiver.py", line 200, in > ArchiveMail > self.__archive_to_mbox(msg) > File "/usr/lib/mailman/Mailman/Archiver/Archiver.py", line 169, in > __archive_to_mbox > mbox = self.__archive_file(afn) > File "/usr/lib/mailman/Mailman/Archiver/Archiver.py", line 157, in > __archive_file > return Mailbox.Mailbox(open(afn, 'a+')) > IOError: [Errno 2] No such file or directory: > '/var/lib/mailman/archives/private/maillist1.mbox/maillist1.mbox' The file /var/lib/mailman/archives/private/maillist1.mbox/maillist1.mbox does not exist on your server. Do the HTML archives in /var/lib/mailman/archives/private/maillist1/ exist? Does the directory /var/lib/mailman/archives/private/maillist1.mbox exist? (probably not - I think if it did, Mailman would create a new /var/lib/mailman/archives/private/maillist1.mbox/maillist1.mbox file). Figure out what happened to the missing files and restore them. Then you can run Mailman's 'bin/unshunt' to add the missing messages to the archive, but first look at Mailman's shunt queue (bin/show_qfiles will help) to make sure everything there is wanted. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From fmouse at fmp.com Wed Apr 16 15:58:29 2014 From: fmouse at fmp.com (Lindsay Haisley) Date: Wed, 16 Apr 2014 08:58:29 -0500 Subject: [Mailman-Users] DMARC and Gmail Message-ID: <1397656709.18445.23.camel@pudina.fmp.com> Has anyone seen issues with Gmail accounts and Yahoo's DMARC policy? I've been working with the list admins of one of FMP's hosted lists and they've seen over 100 addresses unsubscribed from the usual suspects - yahoo.com, att.net, Comcast, etc., but no Gmail accounts and there are 228 of them on the list. Nonetheless, the PC World article at http://www.pcworld.com/article/2141120/yahoo-email-antispoofing-policy-breaks-mailing-lists.html lists Gmail as being one of the cooperating email service providers honoring Yahoo's DMARC p=reject policy. I've been telling list admins to recommend that subscribers drop their Yahoo accounts in favor of Gmail. What's the story here? -- Lindsay Haisley | "Everything works if you let it" FMP Computer Services | 512-259-1190 | --- The Roadie http://www.fmp.com | From mark at msapiro.net Wed Apr 16 16:01:39 2014 From: mark at msapiro.net (Mark Sapiro) Date: Wed, 16 Apr 2014 07:01:39 -0700 Subject: [Mailman-Users] handler to auto detach attachment and link it to a website keeping html In-Reply-To: <534D598E.6030301@opensource-expert.com> References: <53368652.90207@opensource-expert.com> <53481019.2000209@opensource-expert.com> <5348596E.6070703@msapiro.net> <534AB359.6090205@msapiro.net> <534D598E.6030301@opensource-expert.com> Message-ID: <534E8D43.9050803@msapiro.net> On 04/15/2014 09:08 AM, Sylvain Viart wrote: > > I borrowed a code from Mailman/Handlers/MimeDel.py > > def reset_payload(msg, txt, fname, url): > # Reset payload of msg to contents of subpart, and fix up content > headers > msg.set_payload(txt) > del msg['content-type'] > del msg['content-transfer-encoding'] > del msg['content-disposition'] > del msg['content-description'] > > msg.add_header('X-Mailman-Part', 'Attachment-moved', url=url) > msg.add_header('Content-Type', 'text/plain', charset='UTF-8', > name=fname) > msg.add_header('Content-Transfer-Encoding', '8bit') > msg.add_header('Content-Disposition', 'attachment', filename=fname) > msg.add_header('Content-Description', "Attachment-moved by Mailman") > > > Is it the correct way to use email.message.Message > > in order to replace an attachment with a dummy text file containing the > link? It isn't really important in this case, but 'msg' is a Mailman.Message.Message instance. Mailman.Message.Message is a subclass of email.message.Message, but it mostly just adds a few methods. It doesn't change the behavior of any methods documented at . You can use code like the above to manipulate the sub-part headers, but > No other way to, remove all header in oneshot, or replace with a fresh > parsed attachment? if you wish to remove the subpart all together you can just 'del' it and use methods documented at to create new sub-parts and use the Message.attach() method to attach them. > But I will publish the source. > > Is there a preferred repository or procedure? Yes. This will change in the future, but the preferred method is to create a bzr branch containing your change, register at launchpad and then push your branch to . But whatever you do, post a note here so we know. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From fmouse at fmp.com Wed Apr 16 16:40:12 2014 From: fmouse at fmp.com (Lindsay Haisley) Date: Wed, 16 Apr 2014 09:40:12 -0500 Subject: [Mailman-Users] More mass unsubscriptions Message-ID: <1397659212.18445.34.camel@pudina.fmp.com> This morning at 9 AM CDT one of FMP's lists here saw another mass unsubscription event - 51 subscribers with the usual ESP addresses: hotmail, yahoo, comcast, bellsouth, etc. Checking the list archive, there have been no posts to the list from yahoo.com since the 13th. Someone else must be publishing a DMARC p=reject record. Any insight on this? I've told the list admins that putting all yahoo.com subscribers on moderation so that they can read list traffic but not post would put a band-aid on the problem, but apparently this isn't the case. Is there a delay inherent in Mailman's bounce processing that would cause the unsubscriptions today rather than on the 13th when the last yahoo.com post was received by the list? Posts that have come to the list today are from: osu.edu sbcglobal.net cyberport.net -- Lindsay Haisley | "Everything works if you let it" FMP Computer Services | 512-259-1190 | --- The Roadie http://www.fmp.com | From mark at msapiro.net Wed Apr 16 16:48:34 2014 From: mark at msapiro.net (Mark Sapiro) Date: Wed, 16 Apr 2014 07:48:34 -0700 Subject: [Mailman-Users] DMARC and Gmail In-Reply-To: <1397656709.18445.23.camel@pudina.fmp.com> References: <1397656709.18445.23.camel@pudina.fmp.com> Message-ID: <534E9842.60504@msapiro.net> On 04/16/2014 06:58 AM, Lindsay Haisley wrote: > Has anyone seen issues with Gmail accounts and Yahoo's DMARC policy? > I've been working with the list admins of one of FMP's hosted lists and > they've seen over 100 addresses unsubscribed from the usual suspects - > yahoo.com, att.net, Comcast, etc., but no Gmail accounts and there are > 228 of them on the list. This is consistent with what I've observed on lists. > Nonetheless, the PC World article at > http://www.pcworld.com/article/2141120/yahoo-email-antispoofing-policy-breaks-mailing-lists.html > lists Gmail as being one of the cooperating email service providers > honoring Yahoo's DMARC p=reject policy. I've done some testing. If I send a message from my server, but not from a list From: a yahoo.com address to a gmail address, it gets rejected with > 550-5.7.1 Unauthenticated email from yahoo.com is not accepted due to domain's > 550-5.7.1 DMARC policy. Please contact administrator of yahoo.com domain if > 550-5.7.1 this was a legitimate mail. Please visit > 550-5.7.1 http://support.google.com/mail/answer/2451690 to learn about DMARC > 550 5.7.1 initiative. uc7si1048327pbc.131 - gsmtp However, if I send the same message to a list which then resends it without touching the From: to the same gmail address, gmail accepts it and delivers it to my gmail spam folder. Thus, it appears that gmail does honor DMARC policy in general, but has some kind of mitigation policy to identify (heuristicly? via headers?) mail from a list and quarantine it even if the From: domain's policy is reject. Note it doesn't use the RFC 2369 List- headers because it still recognizes a message without them as from a list. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From mark at msapiro.net Wed Apr 16 16:55:16 2014 From: mark at msapiro.net (Mark Sapiro) Date: Wed, 16 Apr 2014 07:55:16 -0700 Subject: [Mailman-Users] More mass unsubscriptions In-Reply-To: <1397659212.18445.34.camel@pudina.fmp.com> References: <1397659212.18445.34.camel@pudina.fmp.com> Message-ID: <534E99D4.7060601@msapiro.net> On 04/16/2014 07:40 AM, Lindsay Haisley wrote: > This morning at 9 AM CDT one of FMP's lists here saw another mass > unsubscription event - 51 subscribers with the usual ESP addresses: > hotmail, yahoo, comcast, bellsouth, etc. Checking the list archive, > there have been no posts to the list from yahoo.com since the 13th. > > Someone else must be publishing a DMARC p=reject record. Any insight on > this? Or the members had delivery disabled by bounce a while ago and only now were unsubscribed after exhausting notices. Check Mailman's bounce log. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From mark at msapiro.net Wed Apr 16 17:06:01 2014 From: mark at msapiro.net (Mark Sapiro) Date: Wed, 16 Apr 2014 08:06:01 -0700 Subject: [Mailman-Users] Accessing sub-letter search lists In-Reply-To: <534BC8EA.3070805@msapiro.net> References: <534BC8EA.3070805@msapiro.net> Message-ID: <534E9C59.50800@msapiro.net> On 04/14/2014 04:39 AM, Mark Sapiro wrote: > On 04/13/2014 10:48 PM, Conrad G T Yoder wrote: >> >> I have a large list (7600 addresses), and when I search for a list of users of a popular domain (e.g. yahoo.com), I of course get a large result set back - sometimes more than 50 beginning with a particular letter. On those addresses with more than 50 starting with a common letter, they are of course split up, but when I click on another of the sub-letter lists, the ?Find? string disappears in the search results and I?m back to a subset of the whole list, not the searched list. Is there any way around this? Thanks much. > > > This is a bug. Thanks for the report. I'll fix it. See > . > > In the mean time, the only work around is to set admin_member_chunksize > on the General Options page large enough to include all members of the > largest sublist so it isn't chunked. The fix has been committed for 2.1.18. In the mean time, another work around is when you click the link for another chunk and get the unfiltered chunk back with a URL like in the browsers address bar, add the filter to the URL and get that. E.g. with yahoo.com as the search, the above becomes . -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From mark at msapiro.net Wed Apr 16 17:14:42 2014 From: mark at msapiro.net (Mark Sapiro) Date: Wed, 16 Apr 2014 08:14:42 -0700 Subject: [Mailman-Users] Accessing sub-letter search lists In-Reply-To: <534E9C59.50800@msapiro.net> References: <534BC8EA.3070805@msapiro.net> <534E9C59.50800@msapiro.net> Message-ID: <534E9E62.6080605@msapiro.net> On 04/16/2014 08:06 AM, Mark Sapiro wrote: > > In the mean time, another work > around is when you click the link for another chunk and get the > unfiltered chunk back with a URL like > > in the browsers address bar, add the filter to the URL and get that. > E.g. with yahoo.com as the search, the above becomes > . Just to avoid any possible confusion, the second URL above should have been . -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From fmouse at fmp.com Wed Apr 16 17:16:19 2014 From: fmouse at fmp.com (Lindsay Haisley) Date: Wed, 16 Apr 2014 10:16:19 -0500 Subject: [Mailman-Users] More mass unsubscriptions In-Reply-To: <534E99D4.7060601@msapiro.net> References: <1397659212.18445.34.camel@pudina.fmp.com> <534E99D4.7060601@msapiro.net> Message-ID: <1397661379.18445.44.camel@pudina.fmp.com> On Wed, 2014-04-16 at 07:55 -0700, Mark Sapiro wrote: > On 04/16/2014 07:40 AM, Lindsay Haisley wrote: > > This morning at 9 AM CDT one of FMP's lists here saw another mass > > unsubscription event - 51 subscribers with the usual ESP addresses: > > hotmail, yahoo, comcast, bellsouth, etc. Checking the list archive, > > there have been no posts to the list from yahoo.com since the 13th. > > > > Someone else must be publishing a DMARC p=reject record. Any insight on > > this? > > > Or the members had delivery disabled by bounce a while ago and only now > were unsubscribed after exhausting notices. Check Mailman's bounce log. OK, thanks. I had to refresh my knowledge of how the bounce system works. Apparently a subscriber disabled for excessive bounces _must_ attend to the matter within a given time frame (bounce_you_are_disabled_warnings number of notices) or the disablement turns into an unsubscription. -- Lindsay Haisley | "Everything works if you let it" FMP Computer Services | 512-259-1190 | --- The Roadie http://www.fmp.com | From kjohnson at pcc.edu Wed Apr 16 17:35:00 2014 From: kjohnson at pcc.edu (Kirke Johnson) Date: Wed, 16 Apr 2014 08:35:00 -0700 Subject: [Mailman-Users] Accessing sub-letter search lists In-Reply-To: <534E9E62.6080605@msapiro.net> References: <534BC8EA.3070805@msapiro.net> <534E9C59.50800@msapiro.net> <534E9E62.6080605@msapiro.net> Message-ID: Just to confirm my suspicions, the "chunk" capability requires Mailman newer than version 2.1.9? Another question: is there a way to negate the findmember search, so that all members not in the example.com domain could be shown? Thanks! Kirke Johnson Internet: kjohnson at pcc.edu Email Administrator, TSS , Sylvania Campus Portland Community College, Portland, OR, USA (971) 722-4368 On Wed, Apr 16, 2014 at 8:14 AM, Mark Sapiro wrote: > On 04/16/2014 08:06 AM, Mark Sapiro wrote: >> >> In the mean time, another work >> around is when you click the link for another chunk and get the >> unfiltered chunk back with a URL like >> >> in the browsers address bar, add the filter to the URL and get that. >> E.g. with yahoo.com as the search, the above becomes >> . > > > Just to avoid any possible confusion, the second URL above should have > been > . > > -- > Mark Sapiro The highway is for gamblers, > San Francisco Bay Area, California better use your sense - B. Dylan > ------------------------------------------------------ > Mailman-Users mailing list Mailman-Users at python.org > https://mail.python.org/mailman/listinfo/mailman-users > Mailman FAQ: http://wiki.list.org/x/AgA3 > Security Policy: http://wiki.list.org/x/QIA9 > Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ > Unsubscribe: https://mail.python.org/mailman/options/mailman-users/kjohnson%40pcc.edu From jirojas at bellsouth.net Wed Apr 16 17:30:52 2014 From: jirojas at bellsouth.net (Jose I. Rojas ) Date: Wed, 16 Apr 2014 11:30:52 -0400 Subject: [Mailman-Users] DMARC and Bellsouth, etc. In-Reply-To: <534E9842.60504@msapiro.net> References: <1397656709.18445.23.camel@pudina.fmp.com> <534E9842.60504@msapiro.net> Message-ID: <0FF72167-1BBF-4391-AB7F-0E46BF171E6B@bellsouth.net> We have a community group mail list which we run using Mailman and have lately had a problem getting our emails to members who have Bellsouth and Yahoo email addresses. I've seen the posts about DMARC but am not that tech-savvy to figure out what this means and how to resolve. Some of our members have complained that they are not getting the group's emails. We have written Bellsouth but they claim the domain is not on a blacklist and problem is not on their end. Our ISP tells us domain is "RFC -compliant" and problem must be with Bellsouth or Yahoo. How do we resolve this? What is the fix? Help, please... > On Apr 16, 2014, at 10:48 AM, Mark Sapiro wrote: > >> On 04/16/2014 06:58 AM, Lindsay Haisley wrote: >> Has anyone seen issues with Gmail accounts and Yahoo's DMARC policy? >> I've been working with the list admins of one of FMP's hosted lists and >> they've seen over 100 addresses unsubscribed from the usual suspects - >> yahoo.com, att.net, Comcast, etc., but no Gmail accounts and there are >> 228 of them on the list. > > > This is consistent with what I've observed on lists. > > >> Nonetheless, the PC World article at >> http://www.pcworld.com/article/2141120/yahoo-email-antispoofing-policy-breaks-mailing-lists.html >> lists Gmail as being one of the cooperating email service providers >> honoring Yahoo's DMARC p=reject policy. > > > I've done some testing. If I send a message from my server, but not from > a list From: a yahoo.com address to a gmail address, it gets rejected with > >> 550-5.7.1 Unauthenticated email from yahoo.com is not accepted due to domain's >> 550-5.7.1 DMARC policy. Please contact administrator of yahoo.com domain if >> 550-5.7.1 this was a legitimate mail. Please visit >> 550-5.7.1 http://support.google.com/mail/answer/2451690 to learn about DMARC >> 550 5.7.1 initiative. uc7si1048327pbc.131 - gsmtp > > However, if I send the same message to a list which then resends it > without touching the From: to the same gmail address, gmail accepts it > and delivers it to my gmail spam folder. > > Thus, it appears that gmail does honor DMARC policy in general, but has > some kind of mitigation policy to identify (heuristicly? via headers?) > mail from a list and quarantine it even if the From: domain's policy is > reject. > > Note it doesn't use the RFC 2369 List- headers because it still > recognizes a message without them as from a list. > > -- > Mark Sapiro The highway is for gamblers, > San Francisco Bay Area, California better use your sense - B. Dylan > From stephen at xemacs.org Wed Apr 16 18:27:23 2014 From: stephen at xemacs.org (Stephen J. Turnbull) Date: Thu, 17 Apr 2014 01:27:23 +0900 Subject: [Mailman-Users] DMARC and Gmail In-Reply-To: <1397656709.18445.23.camel@pudina.fmp.com> References: <1397656709.18445.23.camel@pudina.fmp.com> Message-ID: <21326.44907.976004.170171@uwakimon.sk.tsukuba.ac.jp> Lindsay Haisley writes: > I've been working with the list admins of one of FMP's hosted lists and > they've seen over 100 addresses unsubscribed from the usual suspects - > yahoo.com, att.net, Comcast, etc., but no Gmail accounts and there are > 228 of them on the list. Nonetheless, the PC World article [...] > lists Gmail as being one of the cooperating email service providers > honoring Yahoo's DMARC p=reject policy. I wouldn't trust the popular press to be fully accurate. Even one test delivery failure would probably be counted as "honoring", and it's not obvious that you need to specifically test mailing lists, since DMARC doesn't explicitly allow treating different DMARC failures differently. > I've been telling list admins to recommend that subscribers drop > their Yahoo accounts in favor of Gmail. That remains good policy AFAICT. > What's the story here? There are several possibilities. One is that DMARC doesn't define the semantics of "reject". (Why doesn't that surprise me?) Here's what they say: 15.4. Rejecting Messages This proposal calls for rejection of a message during the SMTP session under certain circumstances. This is typically done in one of two ways: o Full rejection, wherein the SMTP server issues a 5xy reply code as an indication to the SMTP client that the transaction failed; the SMTP client is then responsible for generating notification that delivery failed (see Section 4.2.5 of [SMTP]). o A "silent discard", wherein the SMTP server returns a 2xy reply code implying to the client that delivery (or, at least, relay) was successfully completed, but then simply discarding the message with no further action. Each of these has a cost. For instance, a silent discard may prevent "backscatter" (the annoying generation of delivery failure reports, which go back to the RFC5321.MailFrom address, about messages that were fraudulently generated), but effectively means the SMTP server has to be programmed to give a false result, which can confound external debugging efforts. A "silent discard" by Google is consistent with your observation, since no bounce would be generated. However, it is not consistent with Mark's experimental outcome.[1] So apparently, at least in their implementation of DMARC, Google takes their "Don't Be Evil" slogan quite seriously. It is clear to me that the "silent discard" method is the right way to handle a DMARC p=reject policy. Although the receiving MTA is "giving a false result" in some sense, in fact the DMARC-using domain can request a specific failure report which will enable the domain to determine why non-delivery occurred despite an SMTP success. If they don't request such a report, too bad for their users. Note that the "annoyance" mentioned in the 4th paragraph includes denial of service to completely innocent third parties, ie, the DMARC-triggered unsubscribes that have been observed. Footnotes: [1] His message arrived while I was composing this one. From fmouse at fmp.com Wed Apr 16 18:51:24 2014 From: fmouse at fmp.com (Lindsay Haisley) Date: Wed, 16 Apr 2014 11:51:24 -0500 Subject: [Mailman-Users] DMARC and Bellsouth, etc. In-Reply-To: <0FF72167-1BBF-4391-AB7F-0E46BF171E6B@bellsouth.net> References: <1397656709.18445.23.camel@pudina.fmp.com> <534E9842.60504@msapiro.net> <0FF72167-1BBF-4391-AB7F-0E46BF171E6B@bellsouth.net> Message-ID: <1397667084.18445.97.camel@pudina.fmp.com> I'll jump in here and offer the quick solution that I'm using at FMP. The primary culprit here is Yahoo, which publishes a DMARC p=reject policy via DNS. To the best of our knowledge, so far, no one else is doing this, although sbcglobal, att.net, comcast.net, Hotmail and a number of other email service providers will honor Yahoo's policy and bounce posts which have a yahoo.com address in the From header and come from an IP address which isn't a yahoo.com server. This is the case, as per relevant RFCs, for most mail from Mailman mailing lists. What I'm advising list admins here, which puts a band-aid on the problem, is to put all yahoo.com subscribers on moderation, effectively making them read-only subscriptions. Also go through your membership list and clear any nomail disablements with a "[B]" beside them. We're also advising yahoo.com list subscribers to get a Gmail account (as free and easy to get as a Yahoo account) Mark or Stephen may have a more in-depth response to you, but this is how I've addressed the problem here. On Wed, 2014-04-16 at 11:30 -0400, Jose I. Rojas wrote: > We have a community group mail list which we run using Mailman and > have lately had a problem getting our emails to members who have > Bellsouth and Yahoo email addresses. I've seen the posts about DMARC > but am not that tech-savvy to figure out what this means and how to > resolve. Some of our members have complained that they are not getting > the group's emails. We have written Bellsouth but they claim the > domain is not on a blacklist and problem is not on their end. Our ISP > tells us domain is "RFC -compliant" and problem must be with Bellsouth > or Yahoo. How do we resolve this? What is the fix? Help, please... -- Lindsay Haisley | "Everything works if you let it" FMP Computer Services | 512-259-1190 | --- The Roadie http://www.fmp.com | From addw at phcomp.co.uk Wed Apr 16 18:55:12 2014 From: addw at phcomp.co.uk (Alain Williams) Date: Wed, 16 Apr 2014 17:55:12 +0100 Subject: [Mailman-Users] DMARC and Gmail In-Reply-To: <21326.44907.976004.170171@uwakimon.sk.tsukuba.ac.jp> References: <1397656709.18445.23.camel@pudina.fmp.com> <21326.44907.976004.170171@uwakimon.sk.tsukuba.ac.jp> Message-ID: <20140416165512.GZ5587@phcomp.co.uk> On Thu, Apr 17, 2014 at 01:27:23AM +0900, Stephen J. Turnbull wrote: > There are several possibilities. One is that DMARC doesn't define the > semantics of "reject". (Why doesn't that surprise me?) Here's what > they say: > > 15.4. Rejecting Messages > > This proposal calls for rejection of a message during the SMTP > session under certain circumstances. This is typically done in one > of two ways: > > o Full rejection, wherein the SMTP server issues a 5xy reply code > as an indication to the SMTP client that the transaction failed; > the SMTP client is then responsible for generating notification > that delivery failed (see Section 4.2.5 of [SMTP]). > > o A "silent discard", wherein the SMTP server returns a 2xy reply > code implying to the client that delivery (or, at least, relay) > was successfully completed, but then simply discarding the > message with no further action. > > Each of these has a cost. For instance, a silent discard may > prevent "backscatter" (the annoying generation of delivery failure > reports, which go back to the RFC5321.MailFrom address, about > messages that were fraudulently generated), but effectively means > the SMTP server has to be programmed to give a false result, which > can confound external debugging efforts. They should have allowed/defined a new 2xy code that could be returned, eg 253 which means ''Mail accepted but will be discarded''. So a simple sending MTA could just look at the initial '2' and think 'job done', a more complex one could note that the receipt wasn't quite right. However: it still means that some people on mail lists occasionally don't get stuff - this will cause confusion at best or could be dangerous (if the mail list has a critical function). -- Alain Williams Linux/GNU Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer. +44 (0) 787 668 0256 http://www.phcomp.co.uk/ Parliament Hill Computers Ltd. Registration Information: http://www.phcomp.co.uk/contact.php #include From brennan at columbia.edu Wed Apr 16 19:35:37 2014 From: brennan at columbia.edu (Joseph Brennan) Date: Wed, 16 Apr 2014 13:35:37 -0400 Subject: [Mailman-Users] DMARC and Gmail In-Reply-To: <21326.44907.976004.170171@uwakimon.sk.tsukuba.ac.jp> References: <1397656709.18445.23.camel@pudina.fmp.com> <21326.44907.976004.170171@uwakimon.sk.tsukuba.ac.jp> Message-ID: <4F0186F554154FD7E94F09F2@sodor.cc.columbia.edu> [DMARC's words] > o A "silent discard", wherein the SMTP server returns a 2xy reply > code implying to the client that delivery (or, at least, relay) > was successfully completed, but then simply discarding the > message with no further action. Naturally the people who can't read RFC5322 and understand that the From header line represents the writer of the message also can't read RFC5321 and grasp that a 2xy code signifies a responsibility that is well defined (sec 4.2.5). They're just making stuff up. And companies that fall for it betray their cluelessness. Joseph Brennan Columbia University Information Technology (N.B. They were so proud of using "wherein" that they got lost later in the sentence-- s/b "discards" not "discarding".) From stephen at xemacs.org Wed Apr 16 20:11:35 2014 From: stephen at xemacs.org (Stephen J. Turnbull) Date: Thu, 17 Apr 2014 03:11:35 +0900 Subject: [Mailman-Users] DMARC and Bellsouth, etc. In-Reply-To: <0FF72167-1BBF-4391-AB7F-0E46BF171E6B@bellsouth.net> References: <1397656709.18445.23.camel@pudina.fmp.com> <534E9842.60504@msapiro.net> <0FF72167-1BBF-4391-AB7F-0E46BF171E6B@bellsouth.net> Message-ID: <21326.51159.958885.304659@uwakimon.sk.tsukuba.ac.jp> Jose I. Rojas writes: > We have a community group mail list which we run using Mailman and > have lately had a problem getting our emails to members who have > Bellsouth and Yahoo email addresses. I've seen the posts about DMARC > but am not that tech-savvy to figure out what this means and how to > resolve. What it means right now is that posts with "@yahoo.com" in the "From" header field will not be delivered to users whose subscribed addresses are at a long list of large email service providers. If emails posted by users with "@gmail.com" and "@harvard.edu" etc addresses are getting through to everybody, but emails from "@yahoo.com" members are not, then the problem may very well be Yahoo!'s DMARC policy. > Our ISP tells us domain is "RFC-compliant" and problem must be with > Bellsouth or Yahoo. That's not very helpful of them. > How do we resolve this? What is the fix? If in fact the problem is Yahoo!'s DMARC policy, you can't resolve it and there is no fix. Simply put, Yahoo! does not permit their users to post to modern mailing lists that conform to the mail standards. There are four possible workarounds, depending on the access you have to your mailing list's configuration: (1) You can tell your members with @yahoo.com addresses to post from a different domain. This is what I personally recommend, as it (a) conforms to Yahoo's stated policy and (b) makes Yahoo users unhappy with their provider, whose behavior is causing denial of service to thousands, perhaps millions, of mailing list users. My experience with this approach is "no complaints", but my users are unusual in that they don't really care about their yahoo.com addresses for various reasons. People who do most or all of their mail using Yahoo addresses will find this painful. Depending on how actively you want to protest Yahoo's behavior, you may or may not be willing to impose that pain. (2) You can break your mailing lists by using the author_is_list option in Mailman 2.1.16 and later. This option will only be available if the site configuration has ALLOW_AUTHOR_IS_LIST set to "Yes". This will cause the list to replace the author's address with its own address in "From". However, your domain may not permit this, as it's a clear violation of the mail RFCs. (3) There is a patch to have Mailman encapsulate posts from yahoo.com addresses in a "one-message digest". This is RFC-conformant, but some users may have difficulty reading such mail. (Frequently reported on iPhones.) It also requires using a third-party patch for Mailman, which may be prohibited by your ISP or beyond your technical capability in the short run. (4) You can operate Mailman in pure pass-through mode. I believe it is sufficient to configure Mailman to (a) have a completely empty header (not even whitespace) (b) a completely empty footer (c) no list prefix in the Subject header field. This is conformant to the RFCs, but may place you in violation of anti-spam law (because for most users there will be no visible indication of how to unsubscribe from the list). From mark at msapiro.net Wed Apr 16 20:19:13 2014 From: mark at msapiro.net (Mark Sapiro) Date: Wed, 16 Apr 2014 11:19:13 -0700 Subject: [Mailman-Users] Accessing sub-letter search lists In-Reply-To: References: <534BC8EA.3070805@msapiro.net> <534E9C59.50800@msapiro.net> <534E9E62.6080605@msapiro.net> Message-ID: <534EC9A1.4010207@msapiro.net> On 04/16/2014 08:35 AM, Kirke Johnson wrote: > Just to confirm my suspicions, the "chunk" capability requires Mailman > newer than version 2.1.9? If you mean the ability to set admin_member_chunksize from the admin General Options page, then yes, that was added in 2.1.10. Everything else to do with chunking the admin Membership List has always been in Mailman 2.1 > Another question: is there a way to negate > the findmember search, so that all members not in the example.com > domain could be shown? The search is a python regular expression. There is syntax for negative lookahead/lookbehind assertions, so that for example the search pattern $(? The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From larry at qhpress.org Wed Apr 16 19:57:12 2014 From: larry at qhpress.org (Larry Kuenning) Date: Wed, 16 Apr 2014 13:57:12 -0400 Subject: [Mailman-Users] DMARC and Bellsouth, etc. In-Reply-To: <1397667084.18445.97.camel@pudina.fmp.com> References: <1397656709.18445.23.camel@pudina.fmp.com> <534E9842.60504@msapiro.net> <0FF72167-1BBF-4391-AB7F-0E46BF171E6B@bellsouth.net> <1397667084.18445.97.camel@pudina.fmp.com> Message-ID: <534EC478.2060002@qhpress.org> On 4/16/2014 12:51 PM, Lindsay Haisley wrote: > What I'm advising list admins here, which puts a band-aid on the > problem, is to put all yahoo.com subscribers on moderation, effectively > making them read-only subscriptions. Also go through your membership > list and clear any nomail disablements with a "[B]" beside them. We're > also advising yahoo.com list subscribers to get a Gmail account (as free > and easy to get as a Yahoo account) Query: On a very low-traffic mailing list (i.e. one where the list admin doesn't think it too much trouble), would it be a reasonable workaround for the list admin to paste the content of a message-to-be-moderated (i.e. one From: a yahoo address) into a new message _of his/her own_ and send _that_ to the list? This message could include the original From: address _in its body text_ (not its headers) along with a brief reference to the yahoo problem to explain the unusual format. From what I've read here so far, I think this would succeed in avoiding the usual yahoo-generated problems. However, I can foresee a couple of drawbacks (besides the extra work for list admins): 1. Other subscribers replying to the message will get MUA-generated text saying "Larry List-Admin wrote" instead of "Sonia Subscriber wrote". Those who pay attention and take a little trouble can change that before clicking Send, but many won't. 2. Similarly, other subscribers wanting to reply privately will send their replies to Larry List-Admin instead of Sonia Subscriber if they aren't careful (and some of them won't be). The list admin can forward these replies, but in a few cases they may contain confidential material that the admin shouldn't have seen. -- Larry Kuenning larry at qhpress.org From jimpop at gmail.com Wed Apr 16 20:28:43 2014 From: jimpop at gmail.com (Jim Popovitch) Date: Wed, 16 Apr 2014 14:28:43 -0400 Subject: [Mailman-Users] DMARC and Gmail In-Reply-To: <4F0186F554154FD7E94F09F2@sodor.cc.columbia.edu> References: <1397656709.18445.23.camel@pudina.fmp.com> <21326.44907.976004.170171@uwakimon.sk.tsukuba.ac.jp> <4F0186F554154FD7E94F09F2@sodor.cc.columbia.edu> Message-ID: On Wed, Apr 16, 2014 at 1:35 PM, Joseph Brennan wrote: > > [DMARC's words] > >> o A "silent discard", wherein the SMTP server returns a 2xy reply >> code implying to the client that delivery (or, at least, relay) >> was successfully completed, but then simply discarding the >> message with no further action. > > > Naturally the people who can't read RFC5322 and understand that the From > header line represents the writer of the message also can't read RFC5321 and > grasp that a 2xy code signifies a responsibility that is well defined (sec > 4.2.5). > > They're just making stuff up. And companies that fall for it betray their > cluelessness. > > Joseph Brennan > Columbia University Information Technology > > (N.B. They were so proud of using "wherein" that they got lost later in the > sentence-- s/b "discards" not "discarding".) > +10 ^^ This is by far the best description of the situation. -Jim P. From mark at msapiro.net Wed Apr 16 20:31:07 2014 From: mark at msapiro.net (Mark Sapiro) Date: Wed, 16 Apr 2014 11:31:07 -0700 Subject: [Mailman-Users] DMARC and Bellsouth, etc. In-Reply-To: <534EC478.2060002@qhpress.org> References: <1397656709.18445.23.camel@pudina.fmp.com> <534E9842.60504@msapiro.net> <0FF72167-1BBF-4391-AB7F-0E46BF171E6B@bellsouth.net> <1397667084.18445.97.camel@pudina.fmp.com> <534EC478.2060002@qhpress.org> Message-ID: <534ECC6B.9090801@msapiro.net> On 04/16/2014 10:57 AM, Larry Kuenning wrote: > > Query: On a very low-traffic mailing list (i.e. one where the list > admin doesn't think it too much trouble), would it be a reasonable > workaround for the list admin to paste the content of a > message-to-be-moderated (i.e. one From: a yahoo address) into a new > message _of his/her own_ and send _that_ to the list? This message > could include the original From: address _in its body text_ (not its > headers) along with a brief reference to the yahoo problem to explain > the unusual format. I think you then go on to answer your own query ;) > From what I've read here so far, I think this would succeed in avoiding > the usual yahoo-generated problems. However, I can foresee a couple of > drawbacks (besides the extra work for list admins): > > 1. Other subscribers replying to the message will get MUA-generated > text saying "Larry List-Admin wrote" instead of "Sonia Subscriber > wrote". Those who pay attention and take a little trouble can change > that before clicking Send, but many won't. > > 2. Similarly, other subscribers wanting to reply privately will send > their replies to Larry List-Admin instead of Sonia Subscriber if they > aren't careful (and some of them won't be). The list admin can forward > these replies, but in a few cases they may contain confidential material > that the admin shouldn't have seen. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From jdanield at free.fr Wed Apr 16 20:31:25 2014 From: jdanield at free.fr (jdd) Date: Wed, 16 Apr 2014 20:31:25 +0200 Subject: [Mailman-Users] DMARC and Bellsouth, etc. In-Reply-To: <534EC478.2060002@qhpress.org> References: <1397656709.18445.23.camel@pudina.fmp.com> <534E9842.60504@msapiro.net> <0FF72167-1BBF-4391-AB7F-0E46BF171E6B@bellsouth.net> <1397667084.18445.97.camel@pudina.fmp.com> <534EC478.2060002@qhpress.org> Message-ID: <534ECC7D.7060403@free.fr> Le 16/04/2014 19:57, Larry Kuenning a ?crit : >> also advising yahoo.com list subscribers to get a Gmail account (as free >> and easy to get as a Yahoo account) so to be sure all your mail a read by google :-) (of course may be yahoo do the same - why people can't use they ISP's mail?) jdd -- http://www.dodin.org From mark at msapiro.net Wed Apr 16 20:55:56 2014 From: mark at msapiro.net (Mark Sapiro) Date: Wed, 16 Apr 2014 11:55:56 -0700 Subject: [Mailman-Users] DMARC and Bellsouth, etc. In-Reply-To: <21326.51159.958885.304659@uwakimon.sk.tsukuba.ac.jp> References: <1397656709.18445.23.camel@pudina.fmp.com> <534E9842.60504@msapiro.net> <0FF72167-1BBF-4391-AB7F-0E46BF171E6B@bellsouth.net> <21326.51159.958885.304659@uwakimon.sk.tsukuba.ac.jp> Message-ID: <534ED23C.1060209@msapiro.net> On 04/16/2014 11:11 AM, Stephen J. Turnbull wrote: > > (2) You can break your mailing lists by using the author_is_list > option in Mailman 2.1.16 and later. This option will only be > available if the site configuration has ALLOW_AUTHOR_IS_LIST set > to "Yes". This will cause the list to replace the author's > address with its own address in "From". However, your domain may > not permit this, as it's a clear violation of the mail RFCs. The ALLOW_AUTHOR_IS_LIST switch has been removed (is effectively always Yes) for Mailman 2.1.18 (watch for a release announcement soon or pull the head of the lp:mailman/2.1 bzr branch ;) > (3) There is a patch to have Mailman encapsulate posts from yahoo.com > addresses in a "one-message digest". This is RFC-conformant, but > some users may have difficulty reading such mail. (Frequently > reported on iPhones.) It also requires using a third-party patch > for Mailman, which may be prohibited by your ISP or beyond your > technical capability in the short run. This capability, without the dnspython dependency, is an option to (2) above, even in 2.1.16. In 2.1.18 There is an enhanced set of controls that can be applied to all mail From: domains with DMARC p=reject and (optionally, default includes) p=quarantine policies. See for a bit more detail. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From cgtyoder at alum.mit.edu Wed Apr 16 21:20:33 2014 From: cgtyoder at alum.mit.edu (Conrad G T Yoder) Date: Wed, 16 Apr 2014 15:20:33 -0400 Subject: [Mailman-Users] Accessing sub-letter search lists In-Reply-To: <534E9C59.50800@msapiro.net> References: <534BC8EA.3070805@msapiro.net> <534E9C59.50800@msapiro.net> Message-ID: <2B60A1BA-E2A5-4148-96F3-8C3B37EDF9F9@alum.mit.edu> On Apr 16, 2014, at 11:06 AM, Mark Sapiro wrote: > On 04/14/2014 04:39 AM, Mark Sapiro wrote: >> On 04/13/2014 10:48 PM, Conrad G T Yoder wrote: >>> >>> I have a large list (7600 addresses), and when I search for a list of users of a popular domain (e.g. yahoo.com), I of course get a large result set back - sometimes more than 50 beginning with a particular letter. On those addresses with more than 50 starting with a common letter, they are of course split up, but when I click on another of the sub-letter lists, the ?Find? string disappears in the search results and I?m back to a subset of the whole list, not the searched list. Is there any way around this? Thanks much. >> >> >> This is a bug. Thanks for the report. I'll fix it. See >> . >> >> In the mean time, the only work around is to set admin_member_chunksize >> on the General Options page large enough to include all members of the >> largest sublist so it isn't chunked. > > > The fix has been committed for 2.1.18. In the mean time, another work > around is when you click the link for another chunk and get the > unfiltered chunk back with a URL like > > in the browsers address bar, add the filter to the URL and get that. > E.g. with yahoo.com as the search, the above becomes > . What great service - 2-day turnaround on bug fixes! (Not that I will be seeing it any time in the near future with my hosting service :^) Since we?re on the topic of items residing at bugs.launchpad.net, what are the odds of Bug #1067953 (https://bugs.launchpad.net/mailman/+bug/1067953) getting a little love? Not quite as easy a change as this one, but would benefit many I?m sure. Everyone subscribe! -Conrad -- Truth is information. From lists at datatravels.com Wed Apr 16 20:54:09 2014 From: lists at datatravels.com (jason fb) Date: Wed, 16 Apr 2014 14:54:09 -0400 Subject: [Mailman-Users] DMARC Message-ID: <1C827069-33F4-47FD-9697-911C39E26A71@datatravels.com> Isn't this DMARC issue a bellwether for the end of email lists as we know them? It seems to me that the means of production (the internet backbone, the mail servers, etc) are now owned by Big Media (Comcast, Walt Disney, CBS, Viacom, Time Warner) and it is in their interest to make sure they can sell as much advertising as possible to the cattle. People who operate Mailman servers (you guys) are just the little guys who are helping people facilitate non-advertisable communication between the masses. This seems like a poignant example of the fiction of the distributed network. The last 15 years of the internet history (indeed, the first 15 years of internet history) has been the story of the consolidation of control into the hands of the few, not the open and egalitarian peer-to-peer network utopia that the internet was touted to be in populist culture. If I really have something to say to someone, I write it using ink and paper, put it in an envelope, put a stamp on it and drop it into an actual post box. This way I know the NSA can't see it. -Jason From jimpop at gmail.com Wed Apr 16 21:32:50 2014 From: jimpop at gmail.com (Jim Popovitch) Date: Wed, 16 Apr 2014 15:32:50 -0400 Subject: [Mailman-Users] DMARC In-Reply-To: <1C827069-33F4-47FD-9697-911C39E26A71@datatravels.com> References: <1C827069-33F4-47FD-9697-911C39E26A71@datatravels.com> Message-ID: On Wed, Apr 16, 2014 at 2:54 PM, jason fb wrote: > > > Isn't this DMARC issue a bellwether for the end of email lists as we know them? It seems to me that the means of production (the internet backbone, the mail servers, etc) are now owned by Big Media (Comcast, Walt Disney, CBS, Viacom, Time Warner) and it is in their interest to make sure they can sell as much advertising as possible to the cattle. That statement is even more relevant when you consider that some of the biggest DMARC promoters offer (advertising revenue-based electronic communication) services that they have always believed to be a replacement for mailinglists. > People who operate Mailman servers (you guys) are just the little guys who are helping people facilitate non-advertisable communication between the masses. > > This seems like a poignant example of the fiction of the distributed network. The last 15 years of the internet history (indeed, the first 15 years of internet history) has been the story of the consolidation of control into the hands of the few, not the open and egalitarian peer-to-peer network utopia that the internet was touted to be in populist culture. > > If I really have something to say to someone, I write it using ink and paper, put it in an envelope, put a stamp on it and drop it into an actual post box. This way I know the NSA can't see it. The USPS publicly acknowledges (which makes one wonder what they haven't publicly acknowledged) that it regularly scans and saves postal envelopes (postcards too!) http://en.wikipedia.org/wiki/Mail_Isolation_Control_and_Tracking . 160 billion pieces in 2012, but don't worry it's only META data. -Jim P. From stephen at xemacs.org Wed Apr 16 21:34:56 2014 From: stephen at xemacs.org (Stephen J. Turnbull) Date: Thu, 17 Apr 2014 04:34:56 +0900 Subject: [Mailman-Users] DMARC and Gmail In-Reply-To: <20140416165512.GZ5587@phcomp.co.uk> References: <1397656709.18445.23.camel@pudina.fmp.com> <21326.44907.976004.170171@uwakimon.sk.tsukuba.ac.jp> <20140416165512.GZ5587@phcomp.co.uk> Message-ID: <21326.56160.745318.899746@uwakimon.sk.tsukuba.ac.jp> Alain Williams writes: > They should have allowed/defined a new 2xy code that could be > returned, eg 253 which means ''Mail accepted but will be > discarded''. That's problematic. It would require an extension negotiated via EHLO at least, and maybe a new SMTP RFC, since there's no registry for extensions to the SMTP reply codes. It might not be harmful, since most modern MTAs are 2821-conforming, and so must interpret 253 as a "2yz success" == 250, even if they don't understand 253 specifically. I note that RFC 821, the current standard, does *not* have this requirement, though. Still, it could work, I guess, since DMARC policies are outside-of-RFC agreements anyway. > However: it still means that some people on mail lists occasionally > don't get stuff - this will cause confusion at best or could be > dangerous (if the mail list has a critical function). Sure, but that's the tradeoff that DMARC explicitly makes. DMARC thinks that rejecting spam and phishing is sometimes more important than delivering legitimate mail, and that the provider of a mailbox is the appropriate entity to make that decision. It's not limited to mailing lists, either. Anybody who has a forwarding mailbox is at some risk (in a personal .forward this is a simple pass-through preserving the DKIM signature so it should be OK, but I've seen commercial forwarders who add junk in the footer), and it breaks the common patterns where a website allows you to request a mail to a friend or an email service provider allows you to use different From addresses (all of my mail from my @xemacs.org address is sent from a different domain, and of the large webmail providers at least Gmail provides this feature, and I use it occasionally). From fmouse at fmp.com Wed Apr 16 21:49:37 2014 From: fmouse at fmp.com (Lindsay Haisley) Date: Wed, 16 Apr 2014 14:49:37 -0500 Subject: [Mailman-Users] DMARC and Gmail In-Reply-To: <21326.56160.745318.899746@uwakimon.sk.tsukuba.ac.jp> References: <1397656709.18445.23.camel@pudina.fmp.com> <21326.44907.976004.170171@uwakimon.sk.tsukuba.ac.jp> <20140416165512.GZ5587@phcomp.co.uk> <21326.56160.745318.899746@uwakimon.sk.tsukuba.ac.jp> Message-ID: <1397677777.22397.7.camel@indra.fmp.com> On Thu, 2014-04-17 at 04:34 +0900, Stephen J. Turnbull wrote: > It's not limited to mailing lists, either. Anybody who has a > forwarding mailbox is at some risk (in a personal .forward this is a > simple pass-through preserving the DKIM signature so it should be OK, > but I've seen commercial forwarders who add junk in the footer) Simple pass-through forwarding/redirection of email is one of the situations in which SPF fails. Does this in any way impact DMARC? -- Lindsay Haisley | "We have met the enemy and he is us." FMP Computer Services | 512-259-1190 | -- Pogo http://www.fmp.com | From brad at fineby.me.uk Wed Apr 16 20:59:10 2014 From: brad at fineby.me.uk (Brad Rogers) Date: Wed, 16 Apr 2014 19:59:10 +0100 Subject: [Mailman-Users] DMARC and Bellsouth, etc. In-Reply-To: <534ECC7D.7060403@free.fr> References: <1397656709.18445.23.camel@pudina.fmp.com> <534E9842.60504@msapiro.net> <0FF72167-1BBF-4391-AB7F-0E46BF171E6B@bellsouth.net> <1397667084.18445.97.camel@pudina.fmp.com> <534EC478.2060002@qhpress.org> <534ECC7D.7060403@free.fr> Message-ID: <20140416195910.1a4a0c1a@abydos.stargate.org.uk> On Wed, 16 Apr 2014 20:31:25 +0200 jdd wrote: Hello jdd, >(... why people can't use they ISP's mail?) In case that's not a rhetorical question: Because every time you change provider, you would have to change email address too. When you're subscribed to over one hundred mailing lists, to say nothing of the umpteen individuals that would need to be told of the change, it would be an (shall we say) onerous task. -- Regards _ / ) "The blindingly obvious is / _)rad never immediately apparent" You suck my blood like a leech Death On Two Legs - Queen -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 490 bytes Desc: not available URL: From barry at list.org Wed Apr 16 22:25:51 2014 From: barry at list.org (Barry Warsaw) Date: Wed, 16 Apr 2014 16:25:51 -0400 Subject: [Mailman-Users] DMARC and Gmail In-Reply-To: <21326.56160.745318.899746@uwakimon.sk.tsukuba.ac.jp> References: <1397656709.18445.23.camel@pudina.fmp.com> <21326.44907.976004.170171@uwakimon.sk.tsukuba.ac.jp> <20140416165512.GZ5587@phcomp.co.uk> <21326.56160.745318.899746@uwakimon.sk.tsukuba.ac.jp> Message-ID: <20140416162551.4903b93d@anarchist.localdomain> On Apr 17, 2014, at 04:34 AM, Stephen J. Turnbull wrote: >Sure, but that's the tradeoff that DMARC explicitly makes. DMARC >thinks that rejecting spam and phishing is sometimes more important >than delivering legitimate mail, and that the provider of a mailbox is >the appropriate entity to make that decision. Of course, it really doesn't help with phishing because with a slight tweak of the domain (or even a similar enough non-ascii domain), you can still put phishing links in the body and I'll bet you'll still fool most people who would be tricked anyway. >It's not limited to mailing lists, either. Anybody who has a >forwarding mailbox is at some risk (in a personal .forward this is a >simple pass-through preserving the DKIM signature so it should be OK, Yeah that sucks too. I sure hope none of the FLOSS projects I work on never publish a DMARC reject. Sigh. -Barry From larry at qhpress.org Wed Apr 16 22:34:37 2014 From: larry at qhpress.org (Larry Kuenning) Date: Wed, 16 Apr 2014 16:34:37 -0400 Subject: [Mailman-Users] DMARC and Bellsouth, etc. In-Reply-To: <534EC478.2060002@qhpress.org> References: <1397656709.18445.23.camel@pudina.fmp.com> <534E9842.60504@msapiro.net> <0FF72167-1BBF-4391-AB7F-0E46BF171E6B@bellsouth.net> <1397667084.18445.97.camel@pudina.fmp.com> <534EC478.2060002@qhpress.org> Message-ID: <534EE95D.6020704@qhpress.org> On 4/16/2014 1:57 PM, Larry Kuenning wrote: > Query: On a very low-traffic mailing list (i.e. one where the list > admin doesn't think it too much trouble), would it be a reasonable > workaround for the list admin to paste the content of a > message-to-be-moderated (i.e. one From: a yahoo address) into a new > message _of his/her own_ and send _that_ to the list? This message > could include the original From: address _in its body text_ (not its > headers) along with a brief reference to the yahoo problem to explain > the unusual format. I've since thought of a third difficulty besides the two I mentioned. If the post-to-be-moderated is itself a reply to an earlier post, then mailman's archive threading will be broken unless the list moderator goes to the trouble of setting up the substitute message as a reply to the same earlier post. (And of course one must delete all the stuff one's MUA wants to insert, as that will already be provided in the message-to-be-moderated.) Is this correct? -- Larry Kuenning larry at qhpress.org From toml at engr.orst.edu Wed Apr 16 22:30:02 2014 From: toml at engr.orst.edu (Tom Lieuallen) Date: Wed, 16 Apr 2014 13:30:02 -0700 Subject: [Mailman-Users] DMARC and Bellsouth, etc. In-Reply-To: <21326.51159.958885.304659@uwakimon.sk.tsukuba.ac.jp> References: <1397656709.18445.23.camel@pudina.fmp.com> <534E9842.60504@msapiro.net> <0FF72167-1BBF-4391-AB7F-0E46BF171E6B@bellsouth.net> <21326.51159.958885.304659@uwakimon.sk.tsukuba.ac.jp> Message-ID: <534EE84A.8050801@engr.orst.edu> Stephen, Thank you very much for the summary of solutions. I was about to suggest/request it. It may be helpful to add to the wiki as it seems quite important and complicated. I'd be interested in more mails like this, helping those of us move forward and alleviate the issues. Unless I'm overlooking something, there is another option that appears to work. The anonymous_list option repackages the mail enough that gmail no longer marks it as spam. I don't think it's appropriate for most lists, but could be mentioned as another option. Unless it's similar to option 2 below. I'm not familiar with ALLOW_AUTHOR_IS_LIST. Lindsay Haisley also suggested: "What I'm advising list admins here, which puts a band-aid on the problem, is to put all yahoo.com subscribers on moderation, effectively making them read-only subscriptions. Also go through your membership list and clear any nomail disablements with a "[B]" beside them." Is there any way to make these changes with a script, or would one have to do it manually? I'm also curious if the spam options (header_filter_rules or bounce_matching_headers) might be options to catch inbound messages from yahoo. Thank you all Tom Lieuallen On 4/16/14, 11:11 AM, Stephen J. Turnbull wrote: > Jose I. Rojas writes: > > > We have a community group mail list which we run using Mailman and > > have lately had a problem getting our emails to members who have > > Bellsouth and Yahoo email addresses. I've seen the posts about DMARC > > but am not that tech-savvy to figure out what this means and how to > > resolve. > > What it means right now is that posts with "@yahoo.com" in the "From" > header field will not be delivered to users whose subscribed addresses > are at a long list of large email service providers. > > If emails posted by users with "@gmail.com" and "@harvard.edu" etc > addresses are getting through to everybody, but emails from > "@yahoo.com" members are not, then the problem may very well be > Yahoo!'s DMARC policy. > > > Our ISP tells us domain is "RFC-compliant" and problem must be with > > Bellsouth or Yahoo. > > That's not very helpful of them. > > > How do we resolve this? What is the fix? > > If in fact the problem is Yahoo!'s DMARC policy, you can't resolve it > and there is no fix. Simply put, Yahoo! does not permit their users > to post to modern mailing lists that conform to the mail standards. > There are four possible workarounds, depending on the access you have > to your mailing list's configuration: > > (1) You can tell your members with @yahoo.com addresses to post from a > different domain. This is what I personally recommend, as it (a) > conforms to Yahoo's stated policy and (b) makes Yahoo users > unhappy with their provider, whose behavior is causing denial of > service to thousands, perhaps millions, of mailing list users. > > My experience with this approach is "no complaints", but my users > are unusual in that they don't really care about their yahoo.com > addresses for various reasons. People who do most or all of their > mail using Yahoo addresses will find this painful. Depending on > how actively you want to protest Yahoo's behavior, you may or may > not be willing to impose that pain. > > (2) You can break your mailing lists by using the author_is_list > option in Mailman 2.1.16 and later. This option will only be > available if the site configuration has ALLOW_AUTHOR_IS_LIST set > to "Yes". This will cause the list to replace the author's > address with its own address in "From". However, your domain may > not permit this, as it's a clear violation of the mail RFCs. > > (3) There is a patch to have Mailman encapsulate posts from yahoo.com > addresses in a "one-message digest". This is RFC-conformant, but > some users may have difficulty reading such mail. (Frequently > reported on iPhones.) It also requires using a third-party patch > for Mailman, which may be prohibited by your ISP or beyond your > technical capability in the short run. > > (4) You can operate Mailman in pure pass-through mode. I believe it > is sufficient to configure Mailman to (a) have a completely empty > header (not even whitespace) (b) a completely empty footer (c) no > list prefix in the Subject header field. This is conformant to > the RFCs, but may place you in violation of anti-spam law (because > for most users there will be no visible indication of how to > unsubscribe from the list). > > > From mark at msapiro.net Wed Apr 16 22:51:32 2014 From: mark at msapiro.net (Mark Sapiro) Date: Wed, 16 Apr 2014 13:51:32 -0700 Subject: [Mailman-Users] DMARC and Bellsouth, etc. In-Reply-To: <534EE95D.6020704@qhpress.org> References: <1397656709.18445.23.camel@pudina.fmp.com> <534E9842.60504@msapiro.net> <0FF72167-1BBF-4391-AB7F-0E46BF171E6B@bellsouth.net> <1397667084.18445.97.camel@pudina.fmp.com> <534EC478.2060002@qhpress.org> <534EE95D.6020704@qhpress.org> Message-ID: <534EED54.6010406@msapiro.net> On 04/16/2014 01:34 PM, Larry Kuenning wrote: > > I've since thought of a third difficulty besides the two I mentioned. > > If the post-to-be-moderated is itself a reply to an earlier post, then > mailman's archive threading will be broken unless the list moderator > goes to the trouble of setting up the substitute message as a reply to > the same earlier post. (And of course one must delete all the stuff > one's MUA wants to insert, as that will already be provided in the > message-to-be-moderated.) > > Is this correct? If I understand, yes... But what you are suggesting is essentially what the Wrap Message option introduced as a site option in 2.1.16 and expanded in 2.1.18 does. Effectively (with some details omitted) that option is forward the message as an attachment to a message from the list with Reply-To: including the original poster. It does all this without any moderator intervention. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From mark at msapiro.net Wed Apr 16 22:56:10 2014 From: mark at msapiro.net (Mark Sapiro) Date: Wed, 16 Apr 2014 13:56:10 -0700 Subject: [Mailman-Users] DMARC and Gmail In-Reply-To: <1397677777.22397.7.camel@indra.fmp.com> References: <1397656709.18445.23.camel@pudina.fmp.com> <21326.44907.976004.170171@uwakimon.sk.tsukuba.ac.jp> <20140416165512.GZ5587@phcomp.co.uk> <21326.56160.745318.899746@uwakimon.sk.tsukuba.ac.jp> <1397677777.22397.7.camel@indra.fmp.com> Message-ID: <534EEE6A.5080509@msapiro.net> On 04/16/2014 12:49 PM, Lindsay Haisley wrote: > > Simple pass-through forwarding/redirection of email is one of the > situations in which SPF fails. Does this in any way impact DMARC? Not if the message is properly DKIM signed by the From: domain. In this case DKIM passes and the domains align so the fact that SPF fails for the original envelope sender doesn't matter. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From jdanield at free.fr Wed Apr 16 23:19:29 2014 From: jdanield at free.fr (jdd) Date: Wed, 16 Apr 2014 23:19:29 +0200 Subject: [Mailman-Users] DMARC and Bellsouth, etc. In-Reply-To: <20140416195910.1a4a0c1a@abydos.stargate.org.uk> References: <1397656709.18445.23.camel@pudina.fmp.com> <534E9842.60504@msapiro.net> <0FF72167-1BBF-4391-AB7F-0E46BF171E6B@bellsouth.net> <1397667084.18445.97.camel@pudina.fmp.com> <534EC478.2060002@qhpress.org> <534ECC7D.7060403@free.fr> <20140416195910.1a4a0c1a@abydos.stargate.org.uk> Message-ID: <534EF3E1.7010009@free.fr> Le 16/04/2014 20:59, Brad Rogers a ?crit : > On Wed, 16 Apr 2014 20:31:25 +0200 > jdd wrote: > > Hello jdd, > >> (... why people can't use they ISP's mail?) > > In case that's not a rhetorical question: > > Because every time you change provider, you would have to change email > address too. does this occur often? I find too often many problems are caused by mass mail providers like gmail but it's not necessary to go further sorry to have begun this jdd -- http://www.dodin.org From mark at msapiro.net Wed Apr 16 23:22:57 2014 From: mark at msapiro.net (Mark Sapiro) Date: Wed, 16 Apr 2014 14:22:57 -0700 Subject: [Mailman-Users] DMARC and Bellsouth, etc. In-Reply-To: <534EE84A.8050801@engr.orst.edu> References: <1397656709.18445.23.camel@pudina.fmp.com> <534E9842.60504@msapiro.net> <0FF72167-1BBF-4391-AB7F-0E46BF171E6B@bellsouth.net> <21326.51159.958885.304659@uwakimon.sk.tsukuba.ac.jp> <534EE84A.8050801@engr.orst.edu> Message-ID: <534EF4B1.3020309@msapiro.net> On 04/16/2014 01:30 PM, Tom Lieuallen wrote: > > Thank you very much for the summary of solutions. I was about to > suggest/request it. It may be helpful to add to the wiki as it seems > quite important and complicated. I'd be interested in more mails like > this, helping those of us move forward and alleviate the issues. I just updated . What do you think? > Lindsay Haisley also suggested: > > "What I'm advising list admins here, which puts a band-aid on the > problem, is to put all yahoo.com subscribers on moderation, effectively > making them read-only subscriptions. Also go through your membership > list and clear any nomail disablements with a "[B]" beside them." > > Is there any way to make these changes with a script, or would one have > to do it manually? See . > I'm also curious if the spam options (header_filter_rules or > bounce_matching_headers) might be options to catch inbound messages from > yahoo. Either could be used but bounce_matching_headers is deprecated in favor of header_filter_rules. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From brad at fineby.me.uk Wed Apr 16 23:40:14 2014 From: brad at fineby.me.uk (Brad Rogers) Date: Wed, 16 Apr 2014 22:40:14 +0100 Subject: [Mailman-Users] DMARC and Bellsouth, etc. In-Reply-To: <534EF3E1.7010009@free.fr> References: <1397656709.18445.23.camel@pudina.fmp.com> <534E9842.60504@msapiro.net> <0FF72167-1BBF-4391-AB7F-0E46BF171E6B@bellsouth.net> <1397667084.18445.97.camel@pudina.fmp.com> <534EC478.2060002@qhpress.org> <534ECC7D.7060403@free.fr> <20140416195910.1a4a0c1a@abydos.stargate.org.uk> <534EF3E1.7010009@free.fr> Message-ID: <20140416224014.5bd2f3e3@abydos.stargate.org.uk> On Wed, 16 Apr 2014 23:19:29 +0200 jdd wrote: Hello jdd, >Le 16/04/2014 20:59, Brad Rogers a ?crit : >> Because every time you change provider, you would have to change email >> address too. >does this occur often? It can, yes. In the past year, I've changed provider twice. If things continue as they are with the current one, I'll be changing again, soon. >I find too often many problems are caused by mass mail providers like >gmail There are other providers, both free and paid for. >but it's not necessary to go further sorry to have begun this Not a problem. Sorry for extending this slightly further, but as the answers were reasonably short I felt it was worth taking the risk. :-) -- Regards _ / ) "The blindingly obvious is / _)rad never immediately apparent" He looked the wrong way at a policeman I Predict A Riot - Kaiser Chiefs -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 490 bytes Desc: not available URL: From mike at writestarr.com Wed Apr 16 22:34:51 2014 From: mike at writestarr.com (Mike Starr) Date: Wed, 16 Apr 2014 15:34:51 -0500 Subject: [Mailman-Users] DMARC and Bellsouth, etc. In-Reply-To: <534ECC7D.7060403@free.fr> References: <1397656709.18445.23.camel@pudina.fmp.com> <534E9842.60504@msapiro.net> <0FF72167-1BBF-4391-AB7F-0E46BF171E6B@bellsouth.net> <1397667084.18445.97.camel@pudina.fmp.com> <534EC478.2060002@qhpress.org> <534ECC7D.7060403@free.fr> Message-ID: <534EE96B.2030300@writestarr.com> If one is interested in maintaining one's identity, using an ISP's email makes it a pain to change ISPs. Of course, that does make the ISPs very happy. This is a fascinating discussion and as administrator of two very small lists, it's giving me an awful lot to think about. However, being a clues newbie to matters of RFCs and such I'm going to ask what could be a very naive question... would it be possible/useful/productive to create an RFC to explicitly override this foolishness? I know there aren't any teeth behind RFCs but it might at least get their attention. Of course, I'd be willing to make the appropriate person a loan of my "Official Technical Writer's 2x4?" . Best Regards, Mike -- Mike Starr, Writer Technical Writer - Online Help Developer - WordPress Websites Graphic Designer - Desktop Publisher - Custom Microsoft Word templates (262) 694-1028 - mike at writestarr.com - http://www.writestarr.com President - Working Writers of Wisconsin http://www.workingwriters.org/ On 4/16/2014 1:31 PM, jdd wrote: > (of course may be yahoo do the same - why people can't use they ISP's > mail?) > > jdd From fmouse at fmp.com Thu Apr 17 00:15:05 2014 From: fmouse at fmp.com (Lindsay Haisley) Date: Wed, 16 Apr 2014 17:15:05 -0500 Subject: [Mailman-Users] DMARC and Bellsouth, etc. In-Reply-To: <534EE96B.2030300@writestarr.com> References: <1397656709.18445.23.camel@pudina.fmp.com> <534E9842.60504@msapiro.net> <0FF72167-1BBF-4391-AB7F-0E46BF171E6B@bellsouth.net> <1397667084.18445.97.camel@pudina.fmp.com> <534EC478.2060002@qhpress.org> <534ECC7D.7060403@free.fr> <534EE96B.2030300@writestarr.com> Message-ID: <1397686505.18445.110.camel@pudina.fmp.com> On Wed, 2014-04-16 at 15:34 -0500, Mike Starr wrote: > I know there aren't any teeth behind RFCs but it might at least get > their attention. Doubtful, but the sentiment is noble. My guess is that the people at Yahoo who implemented this, and possibly also the designers of DMARC, don't fully understand the RFC process and have a limited attention span and very narrow focus of attention as far as such things are concerned. Their understanding (and knowledge) of accepted best practices regarding email and mailing lists is woefully limited. My guess also is that as a result, all of this kerfuffle has probably caught a number of these people by surprise. -- Lindsay Haisley | "Everything works if you let it" FMP Computer Services | 512-259-1190 | --- The Roadie http://www.fmp.com | From jon.1234 at hotmail.co.uk Thu Apr 17 00:28:35 2014 From: jon.1234 at hotmail.co.uk (Jon 1234) Date: Wed, 16 Apr 2014 23:28:35 +0100 Subject: [Mailman-Users] Reconfiguring Mailman with different with-cgi-gid In-Reply-To: <53437620.3070504@msapiro.net> References: , ,,<52AFDC5D.7000704@msapiro.net>, , , <52B09211.1040008@msapiro.net> ,<53437620.3070504@msapiro.net> Message-ID: > From: mark at msapiro.net > Download the 2.1.17 tarball, unpack it and run configure, make and sudo > make install in the unpack directory which must not be the installation > directory. > > Install it over your existing installation, and everything should be > fine, you shouldn't have to move anything. I see mention of version 2.1.18 in the FAQ about DMARC. How long until 2.1.18 is released? (I can wait.) I really appreciate the responses, thank you. Jon From mark at msapiro.net Thu Apr 17 00:42:00 2014 From: mark at msapiro.net (Mark Sapiro) Date: Wed, 16 Apr 2014 15:42:00 -0700 Subject: [Mailman-Users] Reconfiguring Mailman with different with-cgi-gid In-Reply-To: References: , , , <52AFDC5D.7000704@msapiro.net>, , , <52B09211.1040008@msapiro.net> , <53437620.3070504@msapiro.net> Message-ID: <534F0738.20902@msapiro.net> On 04/16/2014 03:28 PM, Jon 1234 wrote: > > I see mention of version 2.1.18 in the FAQ about DMARC. How long until > 2.1.18 is released? (I can wait.) I really appreciate the responses, > thank you. It will be very soon. A candidate within a week or so and final maybe early May. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From jon.1234 at hotmail.co.uk Thu Apr 17 01:06:01 2014 From: jon.1234 at hotmail.co.uk (Jon 1234) Date: Thu, 17 Apr 2014 00:06:01 +0100 Subject: [Mailman-Users] Mirror mailing list with web forum Message-ID: I'd be interested in how others have implemented this. Here are the options I've identified so far, with some questions. * FUDforum - http://www.fudforum.org/forum/ This is a forum with a 'mailing list manager' admin page. For me, the script to send list emails to the web forum only works from the command line, and I can't get postfix to pipe emails to that script (or, at least, I can't get the script to do anything). Has anyone got over that problem? I've asked on their own forum but no response yet. * Groupserver - http://groupserver.org/ It looks like an absolute beast to install but is a combined mailing list/web forum. I would would prefer not to leave Mailman so wonder... When is Mailman 3 likely to be released (roughly) and - if that is ages away - what are the chances of being able to migrate 'back' from Groupserver to Mailman 3? * PHPBB - https://www.phpbb.com/ They say there is no mailing list feature with version 3. * Tikiwiki CMS Groupware - https://info.tiki.org/ This has a forum which apparently can mirror a Mailman list - has anyone tried this? Sorry for all the questions. Answers to any of them would be appreciated! Best wishes Jon From larry at qhpress.org Thu Apr 17 02:33:50 2014 From: larry at qhpress.org (Larry Kuenning) Date: Wed, 16 Apr 2014 20:33:50 -0400 Subject: [Mailman-Users] DMARC and Bellsouth, etc. In-Reply-To: <534EED54.6010406@msapiro.net> References: <1397656709.18445.23.camel@pudina.fmp.com> <534E9842.60504@msapiro.net> <0FF72167-1BBF-4391-AB7F-0E46BF171E6B@bellsouth.net> <1397667084.18445.97.camel@pudina.fmp.com> <534EC478.2060002@qhpress.org> <534EE95D.6020704@qhpress.org> <534EED54.6010406@msapiro.net> Message-ID: <534F216E.4020001@qhpress.org> On 4/16/2014 4:51 PM, Mark Sapiro wrote (about my suggestion of manually moderating posts from Yahoo users): > But what you are suggesting is essentially what the Wrap Message option > introduced as a site option in 2.1.16 and expanded in 2.1.18 does. Well, yes. But: -- if you're working with an earlier Mailman version (I have 2.1.9), -- if upgrading Mailman might be difficult (mine was pre-installed under Plesk, which probably implies some unknown tweaking), -- if you're a novice at writing and debugging Python scripts, -- and if your site has *extremely* low traffic (I have 2 lists with a total of 20 messages in the past year, and only 5 Yahoo users, who are usually lurkers), then you might find it easier to live with the manual moderating task than to try to make changes to an otherwise well-working system. (At least in the short run while waiting to see what else develops.) -- Larry Kuenning larry at qhpress.org From Richard at Damon-Family.org Thu Apr 17 04:40:27 2014 From: Richard at Damon-Family.org (Richard Damon) Date: Wed, 16 Apr 2014 22:40:27 -0400 Subject: [Mailman-Users] Mirror mailing list with web forum In-Reply-To: References: Message-ID: <534F3F1B.1030700@Damon-Family.org> On 4/16/14, 7:06 PM, Jon 1234 wrote: > I'd be interested in how others have implemented this. Here are the options I've identified so far, with some questions. > > I have been (slowly) working on an module to integrate a mailing list to a Drupal web site. My goal is to generate an archive that you can easily find recent messages in, and then be able to reply back to the list via the web site. I will need to look at some of those options to see if any would help in my needs. -- Richard Damon From mark at msapiro.net Thu Apr 17 04:41:03 2014 From: mark at msapiro.net (Mark Sapiro) Date: Wed, 16 Apr 2014 19:41:03 -0700 Subject: [Mailman-Users] Accessing sub-letter search lists In-Reply-To: <2B60A1BA-E2A5-4148-96F3-8C3B37EDF9F9@alum.mit.edu> References: <534BC8EA.3070805@msapiro.net> <534E9C59.50800@msapiro.net> <2B60A1BA-E2A5-4148-96F3-8C3B37EDF9F9@alum.mit.edu> Message-ID: <534F3F3F.9020007@msapiro.net> On 04/16/2014 12:20 PM, Conrad G T Yoder wrote: > > What great service - 2-day turnaround on bug fixes! (Not that I will be seeing it any time in the near future with my hosting service :^) We try. Thanks for the appreciation. > Since we?re on the topic of items residing at bugs.launchpad.net, what are the odds of Bug #1067953 (https://bugs.launchpad.net/mailman/+bug/1067953) getting a little love? Not quite as easy a change as this one, but would benefit many I?m sure. Everyone subscribe! I updated the bug report and marked it Wishlist. I commented This won't happen in MM 2.1. The best you can do is set admin_immed_notify On and view the HTML rendering of the message attached to the moderation notice in your mail client. Something may be done in MM 3, but rendering untrusted HTML on your web site via a privileged CGI is not a very good idea. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From stephen at xemacs.org Thu Apr 17 04:53:02 2014 From: stephen at xemacs.org (Stephen J. Turnbull) Date: Thu, 17 Apr 2014 11:53:02 +0900 Subject: [Mailman-Users] Accessing sub-letter search lists In-Reply-To: <2B60A1BA-E2A5-4148-96F3-8C3B37EDF9F9@alum.mit.edu> References: <534BC8EA.3070805@msapiro.net> <534E9C59.50800@msapiro.net> <2B60A1BA-E2A5-4148-96F3-8C3B37EDF9F9@alum.mit.edu> Message-ID: <21327.16910.173091.726654@uwakimon.sk.tsukuba.ac.jp> Conrad G T Yoder writes: > Since we?re on the topic of items residing at bugs.launchpad.net, > what are the odds of Bug #1067953 > (https://bugs.launchpad.net/mailman/+bug/1067953) getting a little > love? Not quite as easy a change as this one, but would benefit many > I?m sure. Everyone subscribe! Pretty good, now that you've posted this -- the Mailman developers are sprinting at Pycon as I write this, I believe, or maybe still at dinner since none of them are on IRC. A few words to the wise, in the interest of DAO[1]. At least for me personally I would be slightly more likely to look, and very likely to look sooner, if you posted the title as well as the bug number. In general, Mailman developers are mail-oriented (including Barry who last I heard was a Launchpad developer). I don't know if anybody who can do something about bugs actually pays attention to subscription counts. Can't hurt, but posting here (or on -developers if you actually want to participate in fixing by contributing code or code reviews) is likely the best way to be a "squeaky wheel". Please avoid "me too posts" unless nobody responds in a few days. At least Mark and I read *every post* to mailman-users. Once discussion on a fix starts, it will typically move to -developers for the requirements and design discussion, then to the issue itself (this is formalized for developing Python itself, we're less informal but take our cue from Python). Footnotes: [1] Developer Attention Optimization. :-) From jon.1234 at hotmail.co.uk Thu Apr 17 05:27:57 2014 From: jon.1234 at hotmail.co.uk (Jon 1234) Date: Thu, 17 Apr 2014 04:27:57 +0100 Subject: [Mailman-Users] Mirror mailing list with web forum In-Reply-To: <534F3F1B.1030700@Damon-Family.org> References: , <534F3F1B.1030700@Damon-Family.org> Message-ID: > From: Richard at Damon-Family.org > I have been (slowly) working on an module to integrate a mailing list to > a Drupal web site. My goal is to generate an archive that you can easily > find recent messages in, and then be able to reply back to the list via > the web site. I will need to look at some of those options to see if any > would help in my needs. I found Drupal hard enough by itself, let alone integrating it with a mailing list. Good luck. I finally got FUDforum to work. Without wanting to go into detail here, I had to change the shebang line on maillist.php and change the file permissions in the FUDforum/messages folder. Seems simple now! On installation I had other permission errors (host doesn't allow 777 web directories), and other errors may occur in future, but at least I know in principle it works for me. Incidentally, my impression of Groupserver is that it would be good but difficult to install and maintain, as their focus is definitely on their hosted, paid-for service. When is Mailman 3 expected to be released, very approximately? From stephen at xemacs.org Thu Apr 17 05:38:28 2014 From: stephen at xemacs.org (Stephen J. Turnbull) Date: Thu, 17 Apr 2014 12:38:28 +0900 Subject: [Mailman-Users] DMARC In-Reply-To: <1C827069-33F4-47FD-9697-911C39E26A71@datatravels.com> References: <1C827069-33F4-47FD-9697-911C39E26A71@datatravels.com> Message-ID: <21327.19636.854914.187971@uwakimon.sk.tsukuba.ac.jp> jason fb writes: > Isn't this DMARC issue a bellwether for the end of email lists as > we know them? Yes and no. Those who like mailing lists "as we know them" will continue to use them "that way", assuming that there's no active interference from the infrastructure itself. (This is supported by a mathematical theorem that I know to be true :-) but haven't actually succeeded in doing more than provide some persuasive examples yet.) It seems likely to me that Mailman itself will evolve in the direction of a multi-protocol distribution facility. What I mean by that is that at some point in the history of Mailman 3 you will be able to install a suite of applications that allow users to communicate with a "mailing list" via SMTP, NNTP, or HTTP. I don't know whether you consider that an "email list as we know them" or not. It's good enough for me, though. DMARC will still mean that you can't use your Yahoo! email as an author ID in such a system, though. > It seems to me that the means of production (the internet backbone, > the mail servers, etc) are now owned by Big Media (Comcast, Walt > Disney, CBS, Viacom, Time Warner) and it is in their interest to > make sure they can sell as much advertising as possible to the > cattle. True. However, the backbone is constrained by U.S. law about common carriers. They *want* that protection, because otherwise they'd be liable for damages and criminal charges for pornography and terrorist communications. This doesn't prevent other countries or international gateways from operating by different rules, but as Larry Lessig pointed out, "Code Is Law". Somebody has to write that software that operates by different rules, and it *will* be buggy at gateways. That doesn't appeal to Big Media, because working around would require that "the sheep look up", and I doubt they want that. The "free email" service providers also have to worry about that because of the hysteria about spam and phishing. They could easily find themselves in a position where either they have to authenticate potential users the way banks do credit card applicants, or try to hide behind "common carrier" because anybody with an Internet connection can get a mailbox there. > People who operate Mailman servers (you guys) are just the little > guys who are helping people facilitate non-advertisable communication > between the masses. There's nothing "non-advertisable" about it (if you're serious about the "potential" semantics of "-able"). Putting an advertisement into list footers or headers is trivial, and doing Web-2.0-style dynamic ads is a SMOP. We just choose not to do so, but I would imagine there exist lists that do accept advertising revenue for use of their footers. > This seems like a poignant example of the fiction of the > distributed network. The last 15 years of the internet history > (indeed, the first 15 years of internet history) has been the story of > the consolidation of control into the hands of the few, not the open > and egalitarian peer-to-peer network utopia that the internet was > touted to be in populist culture. So much the worse for popular culture. Some form of consolidation of responsibility was inevitable due to economies of scale in provision of the backbone. Since things don't work very well if authority ("control") isn't commensurate with responsibility, consolidation of control is very hard to avoid. TANSTAAFL, you know. The Internet was never egalitarian. It always required enough expertise to make you a stranger in a strange land (damn, the science fiction ObRefs just don't stop coming!) Anybody who thought otherwise can hardly be accused of actually thinking about the issue. And "egalitarian peer-to-peer" is almost an oxymoron. People aren't peer-to-peer in any egalitarian sense: their social networks are hardly uniform. Phenomena like Facebook ("social netword aggregators") were inevitable, and they have strong economies of scale too. So the bottom line is that this doesn't really bother me, I don't think that (at this point) the potential abuse by the powerful has really achieved 1984 or Brave New World levels, due to internal checks and balances of the system as it exists. And Mailman still has a lifespan more limited by our ability to adapt to new technology than by the society around us IMO. From turnbull at sk.tsukuba.ac.jp Thu Apr 17 08:24:28 2014 From: turnbull at sk.tsukuba.ac.jp (Stephen J. Turnbull) Date: Thu, 17 Apr 2014 15:24:28 +0900 Subject: [Mailman-Users] DMARC and Bellsouth, etc. In-Reply-To: <1397686505.18445.110.camel@pudina.fmp.com> References: <1397656709.18445.23.camel@pudina.fmp.com> <534E9842.60504@msapiro.net> <0FF72167-1BBF-4391-AB7F-0E46BF171E6B@bellsouth.net> <1397667084.18445.97.camel@pudina.fmp.com> <534EC478.2060002@qhpress.org> <534ECC7D.7060403@free.fr> <534EE96B.2030300@writestarr.com> <1397686505.18445.110.camel@pudina.fmp.com> Message-ID: <87fvlc4go3.fsf@uwakimon.sk.tsukuba.ac.jp> Lindsay Haisley writes: > On Wed, 2014-04-16 at 15:34 -0500, Mike Starr wrote: > > I know there aren't any teeth behind RFCs but it might at least get > > their attention. The real problem is that RFCs are based on working practice, preferably acknowledged best practice. DMARC is an experiment which is seriously flawed on the policy side, but has the potential to provide a lot of useful information for spam-fighting (I mean real spam-fighting, not the posturing that Yahoo! is involved in at the moment), not to mention lightening the burden on ISPs and list operators who implement DKIM and SPF. Until Yahoo!'s experiment has played out (which will take months), an anti-DMARC RFC is moot. After that, it will take years to get it through the IETF. Note that DMARC itself is an Internet-Draft (ie, proto-RFC). If you want to fight this, the related mailing list is the right place. However, looking at some of the threads there are rather high-powered folks already on the list (eg, the guy who edited most of the SMTP RFCs, and the guy who edited most of the RFC 822 series). You had better go in having booked up, or you will get ignored to death at best. Put it this way: *I* may go look over their archives, but it will be quite a while before I'm willing to speak to anything except technical details of how it affects mailing lists. > Doubtful, but the sentiment is noble. My guess is that the people > at Yahoo who implemented this, and possibly also the designers of > DMARC, don't fully understand the RFC process and have a limited > attention span and very narrow focus of attention as far as such > things are concerned. Nope. If E. Zwicky (DMARC editor) is who I think she is, I owe her a kitten. No dummy. Murray Kucherawy doesn't seem to have two heads or a half-brain, either. > Their understanding (and knowledge) of accepted best practices > regarding email and mailing lists is woefully limited. I rather doubt that. The DMARC I-D has gone through several editions (I-Ds have a life-span limited to 6 months, the current renewal happened just about the time of Yahoo!'s policy change), suggesting that the NetGods and the commercial providers have been thinking pretty carefully all along. I think that where understanding and knowledge is lacking is on *this side* of the fence. Few, if any, of us have to make decisions about how to spend many millions of dollars on additional bandwidth, 90% of which (according to some accounts) is spam. That's a pile of money on the line for these guys. > My guess also is that as a result, all of this kerfuffle has > probably caught a number of these people by surprise. Indeed. I suspect that they didn't do their homework and simply count how many subscribers receive mail with List-* headers in them. I think they probably also were surprised by how fast Yahoo is hemmorhaging email users. Steve-rushes-not-where-angels-fear-to-tread-ly y'rs, From misterbhatt at gmail.com Thu Apr 17 08:22:47 2014 From: misterbhatt at gmail.com (Amit Bhatt) Date: Thu, 17 Apr 2014 11:52:47 +0530 Subject: [Mailman-Users] Seeking suggestion for better services for mailing list Message-ID: We are using the services from ultrahost.us There is no response from Ultrahost team in spite of our several tickets loged. Is anyone confronting the similar issue with them? I think now we may again have to change the service provider where we can get unlimited traffic with mailman as per the requirement. Do we have any hosting provider in India or Asia region? IN US we do face gap in communication when it comes to get the solution. Thanks, Amit Bhatt These days our list is out of function due to their server updation and all. From pshute at nuw.org.au Thu Apr 17 08:41:06 2014 From: pshute at nuw.org.au (Peter Shute) Date: Thu, 17 Apr 2014 16:41:06 +1000 Subject: [Mailman-Users] DMARC In-Reply-To: <21327.19636.854914.187971@uwakimon.sk.tsukuba.ac.jp> References: <1C827069-33F4-47FD-9697-911C39E26A71@datatravels.com> <21327.19636.854914.187971@uwakimon.sk.tsukuba.ac.jp> Message-ID: <176E18F1-65D6-4C93-BAA2-C15527DE61F2@nuw.org.au> That sounds a bit like what yahoo and google groups do. If there's a web forum associated with the list then there'd be the option to simply not deliver to yahoo members, and they can just use the web interface. Peter Shute Sent from my iPhone > On 17 Apr 2014, at 1:39 pm, "Stephen J. Turnbull" wrote: > > jason fb writes: > >> Isn't this DMARC issue a bellwether for the end of email lists as >> we know them? > > Yes and no. Those who like mailing lists "as we know them" will > continue to use them "that way", assuming that there's no active > interference from the infrastructure itself. (This is supported by a > mathematical theorem that I know to be true :-) but haven't actually > succeeded in doing more than provide some persuasive examples yet.) > > It seems likely to me that Mailman itself will evolve in the direction > of a multi-protocol distribution facility. What I mean by that is > that at some point in the history of Mailman 3 you will be able to > install a suite of applications that allow users to communicate with a > "mailing list" via SMTP, NNTP, or HTTP. I don't know whether you > consider that an "email list as we know them" or not. It's good > enough for me, though. > > DMARC will still mean that you can't use your Yahoo! email as an > author ID in such a system, though. > >> It seems to me that the means of production (the internet backbone, >> the mail servers, etc) are now owned by Big Media (Comcast, Walt >> Disney, CBS, Viacom, Time Warner) and it is in their interest to >> make sure they can sell as much advertising as possible to the >> cattle. > > True. However, the backbone is constrained by U.S. law about common > carriers. They *want* that protection, because otherwise they'd be > liable for damages and criminal charges for pornography and terrorist > communications. This doesn't prevent other countries or international > gateways from operating by different rules, but as Larry Lessig > pointed out, "Code Is Law". Somebody has to write that software that > operates by different rules, and it *will* be buggy at gateways. That > doesn't appeal to Big Media, because working around would require that > "the sheep look up", and I doubt they want that. > > The "free email" service providers also have to worry about that > because of the hysteria about spam and phishing. They could easily > find themselves in a position where either they have to authenticate > potential users the way banks do credit card applicants, or try to > hide behind "common carrier" because anybody with an Internet > connection can get a mailbox there. > >> People who operate Mailman servers (you guys) are just the little >> guys who are helping people facilitate non-advertisable communication >> between the masses. > > There's nothing "non-advertisable" about it (if you're serious about > the "potential" semantics of "-able"). Putting an advertisement into > list footers or headers is trivial, and doing Web-2.0-style dynamic > ads is a SMOP. We just choose not to do so, but I would imagine there > exist lists that do accept advertising revenue for use of their footers. > >> This seems like a poignant example of the fiction of the >> distributed network. The last 15 years of the internet history >> (indeed, the first 15 years of internet history) has been the story of >> the consolidation of control into the hands of the few, not the open >> and egalitarian peer-to-peer network utopia that the internet was >> touted to be in populist culture. > > So much the worse for popular culture. Some form of consolidation of > responsibility was inevitable due to economies of scale in provision > of the backbone. Since things don't work very well if authority > ("control") isn't commensurate with responsibility, consolidation of > control is very hard to avoid. TANSTAAFL, you know. > > The Internet was never egalitarian. It always required enough > expertise to make you a stranger in a strange land (damn, the science > fiction ObRefs just don't stop coming!) Anybody who thought otherwise > can hardly be accused of actually thinking about the issue. > > And "egalitarian peer-to-peer" is almost an oxymoron. People aren't > peer-to-peer in any egalitarian sense: their social networks are > hardly uniform. Phenomena like Facebook ("social netword > aggregators") were inevitable, and they have strong economies of scale > too. > > So the bottom line is that this doesn't really bother me, I don't > think that (at this point) the potential abuse by the powerful has > really achieved 1984 or Brave New World levels, due to internal checks > and balances of the system as it exists. And Mailman still has a > lifespan more limited by our ability to adapt to new technology than > by the society around us IMO. > > ------------------------------------------------------ > Mailman-Users mailing list Mailman-Users at python.org > https://mail.python.org/mailman/listinfo/mailman-users > Mailman FAQ: http://wiki.list.org/x/AgA3 > Security Policy: http://wiki.list.org/x/QIA9 > Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ > Unsubscribe: https://mail.python.org/mailman/options/mailman-users/pshute%40nuw.org.au From stephen at xemacs.org Thu Apr 17 10:29:53 2014 From: stephen at xemacs.org (Stephen J. Turnbull) Date: Thu, 17 Apr 2014 17:29:53 +0900 Subject: [Mailman-Users] DMARC and Bellsouth, etc. In-Reply-To: <534EC478.2060002@qhpress.org> References: <1397656709.18445.23.camel@pudina.fmp.com> <534E9842.60504@msapiro.net> <0FF72167-1BBF-4391-AB7F-0E46BF171E6B@bellsouth.net> <1397667084.18445.97.camel@pudina.fmp.com> <534EC478.2060002@qhpress.org> Message-ID: <87a9bk4av2.fsf@uwakimon.sk.tsukuba.ac.jp> Larry Kuenning writes: > Query: On a very low-traffic mailing list (i.e. one where the list > admin doesn't think it too much trouble), would it be a reasonable > workaround for the list admin to paste the content of a > message-to-be-moderated (i.e. one From: a yahoo address) into a new > message _of his/her own_ and send _that_ to the list? Yes, although given the available alternatives in the web admin pages I don't think this is worth the trouble for almost anybody (I understand that you have a very special situation with a relatively old Mailman that's working just fine, thank you, for you, but that's pretty unusual nowadays). > This message could include the original From: address _in its body > text_ (not its headers) along with a brief reference to the yahoo > problem to explain the unusual format. > 1. Other subscribers replying to the message will get MUA-generated > text saying "Larry List-Admin wrote" instead of "Sonia Subscriber > wrote". Those who pay attention and take a little trouble can change > that before clicking Send, but many won't. Change the display name to "Sonia Subscriber/lla" (the usual convention for letters written by a secretary but signed by the boss). > 2. Similarly, other subscribers wanting to reply privately will send > their replies to Larry List-Admin instead of Sonia Subscriber if they > aren't careful (and some of them won't be). Add a "Reply-To: sonia at her-place.net" header field. The recommendations above violate the letter but conform to the spirit of RFC 822 and successor standards. > The list admin can forward these replies, but in a few cases they > may contain confidential material that the admin shouldn't have > seen. The above practices should mitigate this issue. From lac at openend.se Thu Apr 17 13:19:02 2014 From: lac at openend.se (Laura Creighton) Date: Thu, 17 Apr 2014 13:19:02 +0200 Subject: [Mailman-Users] Trying to understand charset encoding in mailman Message-ID: <201404171119.s3HBJ2ni028360@fido.openend.se> I am trying to understand how charset encoding works, and I get the distinct idea that I must be missing one small, vital piece of information. Background: The problem arose as follows: Somebody changed the footer of the EuroPython Mailing list which is hosted at python.org to be: EuroPython 2014 \x96 Berlin, 21th\x9627th July Note the two \x96 s. The intent was almost certainly to have this string interpreted by the windows-1252 charset, where \x96 means a en dash. But the Europython mailing list is configured so that its messages come out Content-Type: text/plain; charset="us-ascii" Since \x96 is an unrecognised character in us-ascii, my mailer complained bitterly every time I read an EP message. Being a list admin, this bothered me, and I thought it would be my job to fix things. I thought I would change the charset to utf-8. After all, most European languages do not fit into "us-ascii" in any event. What if the conference had been held in my home town of G?teborg, for instance? But unless I have overlooked something, there is no way to make a charset change on a per-list basis through the mailman administrative interface. Instead you have to edit mm_cfg.py Even if I had root access on python.org, I wouldn't really want to inflict utf-8 on everybody else just because it makes things more convenient for the EuroPython mailing list. But needing to edit mm_cfg.py strikes me as a very odd design choice, odd enough that I figure either a) this isn't so and I have overlooked something, or b) it absolutely must be done this way for a reason I do not understand. Can somebody please explain this? Thank you very much, Laura Creighton From stephen at xemacs.org Thu Apr 17 14:28:42 2014 From: stephen at xemacs.org (Stephen J. Turnbull) Date: Thu, 17 Apr 2014 21:28:42 +0900 Subject: [Mailman-Users] Trying to understand charset encoding in mailman In-Reply-To: <201404171119.s3HBJ2ni028360@fido.openend.se> References: <201404171119.s3HBJ2ni028360@fido.openend.se> Message-ID: <87ioq8rvgl.fsf@uwakimon.sk.tsukuba.ac.jp> Hi, Laura! Laura Creighton writes: > But the Europython mailing list is configured so that its messages > come out > > Content-Type: text/plain; charset="us-ascii" This isn't from the list or site configuration, this is from the poster's mail user agent (MUA). The mailing list does not choose the charset for the message; the MUA does. For example, grepping my archive of python-dev messages I see 3 different variants of UTF-8 (capitalization and quoting), us-ascii, iso-8859-1, and window-1252 (each in several variants). Mailman already has about 200 lines of logic to handle cases where the footer charset is incompatible with the message's charset. Have you tried simply changing the Python escape to a literal EN DASH in the web interface? I hope Mailman is smart enough to convert that to Unicode internally, and all should Just Work[tm]. If that doesn't work, change the EN DASH to "--", and report it as a bug. We'll see what we can do in 2.1.19, before EuroPython is held in G?teborg or ??d?. :-/ > Since \x96 is an unrecognised character in us-ascii, It's not even a character here, it's a raw byte, which may or may not get recognized correctly by Mailman depending on the list's preferred charset. Somebody was way too tricky for their own good. > But unless I have overlooked something, there is no way to make a charset > change on a per-list basis through the mailman administrative interface. There's no way to make a charset change in posts at all; it's not Mailman's job to do that, really. I suppose we could convert all posts to UTF-8, which would make the logic mentioned above a lot simpler, but that would probably annoy a few people and might not work for some variant charsets. Steve From mark at msapiro.net Thu Apr 17 14:33:06 2014 From: mark at msapiro.net (Mark Sapiro) Date: Thu, 17 Apr 2014 05:33:06 -0700 Subject: [Mailman-Users] Trying to understand charset encoding in mailman In-Reply-To: <201404171119.s3HBJ2ni028360@fido.openend.se> References: <201404171119.s3HBJ2ni028360@fido.openend.se> Message-ID: <534FCA02.7070106@msapiro.net> On 04/17/2014 04:19 AM, Laura Creighton wrote: > > But unless I have overlooked something, there is no way to make a charset > change on a per-list basis through the mailman administrative interface. > Instead you have to edit mm_cfg.py Correct. > Even if I had root access on python.org, I wouldn't really want to inflict > utf-8 on everybody else just because it makes things more convenient for > the EuroPython mailing list. > > But needing to edit mm_cfg.py strikes me as a very odd design choice, odd > enough that I figure either a) this isn't so and I have overlooked something, > or b) it absolutely must be done this way for a reason I do not understand. There are a couple of issues. Mailman was designed a long time ago in a galaxy far, far away (SciFi ObRef). There was no Unicode or MIME in common use and email was ASCII text. Everything was English and us-ascii. When Mailman was internationalized, other languages required different character sets so a scheme was developed where each translation had it's own character set, but that for English was retained as us-ascii. We can't give a list owner the ability to change the character set for a list independent of the list language, because the templates and message catalog for that language are encoded with a particular encoding, and changing the character set without recoding the message catalog and templates in the new character set would break everything. The one exception to this is English. Because utf-8 is a strict superset of us-ascii, one can change the charset for English to utf-8 and things will continue to work. We haven't done that for reasons of superstition, and because we use the Python email library which base64 encodes utf-8 text in message bodies rendering it unreadable by someone with a non-MIME MUA. Thus, a site can change the encoding for English to utf-8 if it chooses, but there is no mechanism to do this per-list. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From mark at msapiro.net Thu Apr 17 14:41:15 2014 From: mark at msapiro.net (Mark Sapiro) Date: Thu, 17 Apr 2014 05:41:15 -0700 Subject: [Mailman-Users] Trying to understand charset encoding in mailman In-Reply-To: <87ioq8rvgl.fsf@uwakimon.sk.tsukuba.ac.jp> References: <201404171119.s3HBJ2ni028360@fido.openend.se> <87ioq8rvgl.fsf@uwakimon.sk.tsukuba.ac.jp> Message-ID: <534FCBEB.30501@msapiro.net> On 04/17/2014 05:28 AM, Stephen J. Turnbull wrote: > > Mailman already has about 200 lines of logic to handle cases where the > footer charset is incompatible with the message's charset. Have you > tried simply changing the Python escape to a literal EN DASH in the > web interface? I hope Mailman is smart enough to convert that to > Unicode internally, and all should Just Work[tm]. I see Stephen and I are talking over each other again. The issue is msg_footer is assumed to be in the character set of the list's language, us-ascii by default for English. I don't think Mailman does the right thing in this case. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From guest2 at sgeinc.com Thu Apr 17 15:23:05 2014 From: guest2 at sgeinc.com (Richard Shetron) Date: Thu, 17 Apr 2014 09:23:05 -0400 Subject: [Mailman-Users] Upgrade 2.1.14 to 2.1.17 on Ubuntu Question Message-ID: <534FD5B9.7020301@sgeinc.com> I've searched the list and found enough related posts that this looks like it should be simple just reinstall, hopefully with the original PREFIX settings and probably diff the old and new mm_cfg.py files just to catch all the changes/new features/etc. I have visual problems so my eyes often go fuzzy if I do too much computer work at one time. However I find there may be a complication from a problem made from the initial install of 2.1.14. The initial install was done as user mailman, group mailman. When I reboot the server it seems to set mailman to user list, group list and I have to go an fix permissions and ownership back to mailman:mailman. If I install 2.1.17 over 2.1.14 and use list:list for user:group will this fix the 'problem'? Are there any gotchas I should be aware of? I've found that at least with the current install (not done by me) that fixing all the bin/checkperm problems will actually break mailman on the server ;) If relevant we are using postfix. I was thinking of upgrading to MM3, but I don't see any final release version and no software to upgrade from 2.1.x to 3.x. Thanks in advance. Rick Shetron From lac at openend.se Thu Apr 17 15:54:19 2014 From: lac at openend.se (Laura Creighton) Date: Thu, 17 Apr 2014 15:54:19 +0200 Subject: [Mailman-Users] Trying to understand charset encoding in mailman In-Reply-To: Message from Mark Sapiro of "Thu, 17 Apr 2014 05:41:15 -0700." <534FCBEB.30501@msapiro.net> References: <201404171119.s3HBJ2ni028360@fido.openend.se> <87ioq8rvgl.fsf@uwakimon.sk.tsukuba.ac.jp><534FCBEB.30501@msapiro.net> Message-ID: <201404171354.s3HDsJNg031023@fido.openend.se> In a message of Thu, 17 Apr 2014 05:41:15 -0700, Mark Sapiro writes: >The issue is msg_footer is assumed to be in the character set of the >list's language, us-ascii by default for English. I don't think Mailman >does the right thing in this case. >From my perspective, the problem is that by having these things defined in mm_cfg.py, all mailman administrators are stuck with whatever decisions their mailman host made for whatever language they chose as the default language for their list. But you and I could quite easily both want English(USA) as the default language for our lists, but you also want us-ascii while I want utf-8. The way things stand now, we cannot both use the same mailman host, and both get what we want, correct? Now that my problem has gone from 'getting the EP footers to work' to 'understanding what exactly is going on here'. And right now I do not see why the charset for the lists' language has to be hard coded in mm_cfg.py, nor why there has to be exactly one value for any given language which mailman supports. Thank you for your patience, Still trying to understand here, Laura From barry at list.org Thu Apr 17 16:16:08 2014 From: barry at list.org (Barry Warsaw) Date: Thu, 17 Apr 2014 10:16:08 -0400 Subject: [Mailman-Users] Trying to understand charset encoding in mailman In-Reply-To: <201404171354.s3HDsJNg031023@fido.openend.se> References: <201404171119.s3HBJ2ni028360@fido.openend.se> <87ioq8rvgl.fsf@uwakimon.sk.tsukuba.ac.jp> <534FCBEB.30501@msapiro.net> <201404171354.s3HDsJNg031023@fido.openend.se> Message-ID: <20140417101608.1cc9d0bb@anarchist.localdomain> On Apr 17, 2014, at 03:54 PM, Laura Creighton wrote: >Now that my problem has gone from 'getting the EP footers to work' to >'understanding what exactly is going on here'. And right now I do not >see why the charset for the lists' language has to be hard coded in >mm_cfg.py, nor why there has to be exactly one value for any given language >which mailman supports. The big problem is that you can't have multilingual footers. I'm hoping to fix this in MM3 by supporting a lookup scheme that would allow different footers (and other decorations, templates, and messages) per language. -Barry From mark at msapiro.net Thu Apr 17 16:16:32 2014 From: mark at msapiro.net (Mark Sapiro) Date: Thu, 17 Apr 2014 07:16:32 -0700 Subject: [Mailman-Users] Upgrade 2.1.14 to 2.1.17 on Ubuntu Question In-Reply-To: <534FD5B9.7020301@sgeinc.com> References: <534FD5B9.7020301@sgeinc.com> Message-ID: <534FE240.4040607@msapiro.net> On 04/17/2014 06:23 AM, Richard Shetron wrote: > I've searched the list and found enough related posts that this looks > like it should be simple just reinstall, hopefully with the original > PREFIX settings and probably diff the old and new mm_cfg.py files just > to catch all the changes/new features/etc. An upgrade never changes an existing mm_cfg.py. To see changes, diff the old and new Defaults.py files and/or read the NEWS file. > I have visual problems so my eyes often go fuzzy if I do too much > computer work at one time. I feel your pain. > However I find there may be a complication from a problem made from the > initial install of 2.1.14. > > The initial install was done as user mailman, group mailman. When I > reboot the server it seems to set mailman to user list, group list and I > have to go an fix permissions and ownership back to mailman:mailman. user:group list:list is from the Debian/Ubuntu Mailman package. There seems to be some conflict on your server between this package and your install. > If I install 2.1.17 over 2.1.14 and use list:list for user:group will > this fix the 'problem'? Are there any gotchas I should be aware of? If you installed 2.1.14 from source, I suggest configuring 2.1.17 with exactly the same ./configure command options as you used in 2.1.14. (Actually, if you can wait a week, I suggest 2.1.18rc1 which should be released by then.) > I've found that at least with the current install (not done by me) that > fixing all the bin/checkperm problems will actually break mailman on the > server ;) There is a conflict between what you have installed and the Debian/Ubuntu package. I don't know what that is, but I suggest resolving that before proceeding. If necessary, you can post more details about the exact issues, and we will try to help. > I was thinking of upgrading to MM3, but I don't see any final release > version and no software to upgrade from 2.1.x to 3.x. We're working on it, but it will still be a while before there is a robust install and migration path. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From barry at list.org Thu Apr 17 16:21:48 2014 From: barry at list.org (Barry Warsaw) Date: Thu, 17 Apr 2014 10:21:48 -0400 Subject: [Mailman-Users] Mirror mailing list with web forum In-Reply-To: References: <534F3F1B.1030700@Damon-Family.org> Message-ID: <20140417102148.6bfcb0fb@anarchist.localdomain> On Apr 17, 2014, at 04:27 AM, Jon 1234 wrote: >When is Mailman 3 expected to be released, very approximately? We *are* going to do a beta release of the full suite after Pycon. I expect there will be bugs and missing features, but we're hoping people will bang on it and help us get to a good, stable, final release. -Barry From mark at msapiro.net Thu Apr 17 16:29:00 2014 From: mark at msapiro.net (Mark Sapiro) Date: Thu, 17 Apr 2014 07:29:00 -0700 Subject: [Mailman-Users] Trying to understand charset encoding in mailman In-Reply-To: <201404171354.s3HDsJNg031023@fido.openend.se> References: <201404171119.s3HBJ2ni028360@fido.openend.se> <87ioq8rvgl.fsf@uwakimon.sk.tsukuba.ac.jp><534FCBEB.30501@msapiro.net> <201404171354.s3HDsJNg031023@fido.openend.se> Message-ID: <534FE52C.6010302@msapiro.net> On 04/17/2014 06:54 AM, Laura Creighton wrote: > In a message of Thu, 17 Apr 2014 05:41:15 -0700, Mark Sapiro writes: > > Now that my problem has gone from 'getting the EP footers to work' to > 'understanding what exactly is going on here'. And right now I do not > see why the charset for the lists' language has to be hard coded in > mm_cfg.py, nor why there has to be exactly one value for any given language > which mailman supports. I tried to explain that for any given language, the message catalog and templates are encoded in some specific character set. If you simply change the character set for the list, you must change it to one which is a strict superset or everything breaks unless you also recode the message catalog and templates. This works for changing us-ascii to, e.g., iso-8859-1 or utf-8, but not in general. Things will be easier in MM 3. Most things will be unicode internally and utf-8 will be the preferred encoding. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From fmouse at fmp.com Thu Apr 17 18:13:32 2014 From: fmouse at fmp.com (Lindsay Haisley) Date: Thu, 17 Apr 2014 11:13:32 -0500 Subject: [Mailman-Users] DMARC and Bellsouth, etc. In-Reply-To: <87fvlc4go3.fsf@uwakimon.sk.tsukuba.ac.jp> References: <1397656709.18445.23.camel@pudina.fmp.com> <534E9842.60504@msapiro.net> <0FF72167-1BBF-4391-AB7F-0E46BF171E6B@bellsouth.net> <1397667084.18445.97.camel@pudina.fmp.com> <534EC478.2060002@qhpress.org> <534ECC7D.7060403@free.fr> <534EE96B.2030300@writestarr.com> <1397686505.18445.110.camel@pudina.fmp.com> <87fvlc4go3.fsf@uwakimon.sk.tsukuba.ac.jp> Message-ID: <1397751212.11339.21.camel@pudina.fmp.com> On Thu, 2014-04-17 at 15:24 +0900, Stephen J. Turnbull wrote: > > Their understanding (and knowledge) of accepted best practices > > regarding email and mailing lists is woefully limited. > > I rather doubt that. The DMARC I-D has gone through several editions > (I-Ds have a life-span limited to 6 months, the current renewal > happened just about the time of Yahoo!'s policy change), suggesting > that the NetGods and the commercial providers have been thinking > pretty carefully all along. I think that where understanding and > knowledge is lacking is on *this side* of the fence. Few, if any, of > us have to make decisions about how to spend many millions of dollars > on additional bandwidth, 90% of which (according to some accounts) is > spam. That's a pile of money on the line for these guys. Stephen, thanks for your generous reply, and your insights. It does seem to me, though, that when megabucks are riding on additional bandwidth, and if Yahoo is serious about controlling spam, they might start by putting some resources behind putting their own house in order. Someone, maybe it was you, posted on this forum earlier that perhaps 90% or more of spam with a yahoo.com origin (or one of their international DNs) actually _does_ come from Yahoo and that their response to abuse notifications is abysmal to nonexistent. So it looks to me as if one of two things is happening here. Either the right hand doesn't know what the left hand is doing (or not doing), or this is a blatant, cynical attack on network neutrality designed to push people toward Yahoo's own list service. Has anyone seen or heard any figures on how much this DMARC fiasco has cost Yahoo in terms of the number of email end-users who have left their service? Someone mentioned that it was substantial enough to probably get their attention. -- Lindsay Haisley | "Everything works if you let it" FMP Computer Services | 512-259-1190 | --- The Roadie http://www.fmp.com | From mike at writestarr.com Thu Apr 17 19:10:00 2014 From: mike at writestarr.com (Mike Starr) Date: Thu, 17 Apr 2014 12:10:00 -0500 Subject: [Mailman-Users] DMARC and Bellsouth, etc. In-Reply-To: <1397751212.11339.21.camel@pudina.fmp.com> References: <1397656709.18445.23.camel@pudina.fmp.com> <534E9842.60504@msapiro.net> <0FF72167-1BBF-4391-AB7F-0E46BF171E6B@bellsouth.net> <1397667084.18445.97.camel@pudina.fmp.com> <534EC478.2060002@qhpress.org> <534ECC7D.7060403@free.fr> <534EE96B.2030300@writestarr.com> <1397686505.18445.110.camel@pudina.fmp.com> <87fvlc4go3.fsf@uwakimon.sk.tsukuba.ac.jp> <1397751212.11339.21.camel@pudina.fmp.com> Message-ID: <53500AE8.2060000@writestarr.com> I can't answer your specific question but a number of years ago I created a Yahoo account which required the creation of a Yahoo email address. I have never used that email address nor have I divulged it to anyone. Oddly enough, thousands of spam email addresses land in that Yahoo email account. I can only assume that Yahoo routinely sells email addresses indiscriminately... not caring if they're delivering those email addresses to spammers. The only other alternative is that somehow Yahoo's security at the time was so lax that spammers were able to hack into their servers and grab millions of Yahoo email addresses. Best Regards, Mike -- Mike Starr, Writer Technical Writer - Online Help Developer - WordPress Websites Graphic Designer - Desktop Publisher - Custom Microsoft Word templates (262) 694-1028 - mike at writestarr.com - http://www.writestarr.com President - Working Writers of Wisconsin http://www.workingwriters.org/ On 4/17/2014 11:13 AM, Lindsay Haisley wrote: > Stephen, thanks for your generous reply, and your insights. It does > seem to me, though, that when megabucks are riding on additional > bandwidth, and if Yahoo is serious about controlling spam, they might > start by putting some resources behind putting their own house in > order. Someone, maybe it was you, posted on this forum earlier that > perhaps 90% or more of spam with a yahoo.com origin (or one of their > international DNs) actually _does_ come from Yahoo and that their > response to abuse notifications is abysmal to nonexistent. So it looks > to me as if one of two things is happening here. Either the right hand > doesn't know what the left hand is doing (or not doing), or this is a > blatant, cynical attack on network neutrality designed to push people > toward Yahoo's own list service. Has anyone seen or heard any figures > on how much this DMARC fiasco has cost Yahoo in terms of the number of > email end-users who have left their service? Someone mentioned that it > was substantial enough to probably get their attention. From lac at openend.se Thu Apr 17 19:11:33 2014 From: lac at openend.se (Laura Creighton) Date: Thu, 17 Apr 2014 19:11:33 +0200 Subject: [Mailman-Users] Trying to understand charset encoding in mailman In-Reply-To: Message from Laura Creighton of "Thu, 17 Apr 2014 15:54:19 +0200." <201404171354.s3HDsJNg031023@fido.openend.se> References: <201404171119.s3HBJ2ni028360@fido.openend.se> <87ioq8rvgl.fsf@uwakimon.sk.tsukuba.ac.jp><534FCBEB.30501@msapiro.net><201404171354.s3HDsJNg031023@fido.openend.se> Message-ID: <201404171711.s3HHBX66001727@fido.openend.se> In a message of Thu, 17 Apr 2014 15:54:19 +0200, Laura Creighton writes: >In a message of Thu, 17 Apr 2014 05:41:15 -0700, Mark Sapiro writes: >>The issue is msg_footer is assumed to be in the character set of the >>list's language, us-ascii by default for English. I don't think Mailman >>does the right thing in this case. > >>From my perspective, the problem is that by having these things >defined in mm_cfg.py, all mailman administrators are stuck with >whatever decisions their mailman host made for whatever language >they chose as the default language for their list. But you and I >could quite easily both want English(USA) as the default language >for our lists, but you also want us-ascii while I want utf-8. The >way things stand now, we cannot both use the same mailman host, and >both get what we want, correct? > >Now that my problem has gone from 'getting the EP footers to work' to >'understanding what exactly is going on here'. And right now I do not >see why the charset for the lists' language has to be hard coded in >mm_cfg.py, nor why there has to be exactly one value for any given language >which mailman supports. > >Thank you for your patience, >Still trying to understand here, >Laura Sorry about this note -- mail is arriving in an odd order here. The mail where you explained this perfectly arrived after your other mail, so I was still confused when I wrote this note. Laura From fmouse at fmp.com Thu Apr 17 20:01:44 2014 From: fmouse at fmp.com (Lindsay Haisley) Date: Thu, 17 Apr 2014 13:01:44 -0500 Subject: [Mailman-Users] DMARC and From header munging Message-ID: <1397757704.11339.89.camel@pudina.fmp.com> It occurred to me that one possible variation on From: header munging which wouldn't break any applications depending on this being an actual, working address for a post's author, while still passing DMARC authentication, would be for Mailman to change the From: address to a VERP-like address with the author's address encapsulated within an address @ the list server. Any mail received by the list server for this address would have its address parsed by Mailman and be redirected to the original author's real email address. Would this pass RFC compliance? -- Lindsay Haisley | "Everything works if you let it" FMP Computer Services | 512-259-1190 | --- The Roadie http://www.fmp.com | From stephen at xemacs.org Thu Apr 17 20:07:24 2014 From: stephen at xemacs.org (Stephen J. Turnbull) Date: Fri, 18 Apr 2014 03:07:24 +0900 Subject: [Mailman-Users] Trying to understand charset encoding in mailman In-Reply-To: <201404171354.s3HDsJNg031023@fido.openend.se> References: <201404171119.s3HBJ2ni028360@fido.openend.se> <87ioq8rvgl.fsf@uwakimon.sk.tsukuba.ac.jp> <534FCBEB.30501@msapiro.net> <201404171354.s3HDsJNg031023@fido.openend.se> Message-ID: <87eh0vsucj.fsf@uwakimon.sk.tsukuba.ac.jp> I see you've already responded, but there are a few things I'd like to clarify. Laura Creighton writes: > But you and I could quite easily both want English(USA) as the > default language for our lists, but you also want us-ascii while I > want utf-8. The way things stand now, we cannot both use the same > mailman host, and both get what we want, correct? In this particular case, you can choose UTF-8, and you both get what you want. US-ASCII is a subset of UTF-8. Anybody else *may* have a problem if they have sufficiently ancient software that it can't handle UTF-8, but that's a rapidly vanishing issue. In fact *right now* you and I and Wang Han Lo can use English, Japanese, and Mandarin on the same list at the same time, each posting and setting our subscription options in our preferred language. It's only footers and headers that have this issue, and that's at least partly because even today there's no reliable way to mix charsets in a message (too many users still use MUAs-that-suck). For most purposes, Mailman is pretty well internationalized, it's just that some corner cases remain ugly. The other cause is historical accident. Email is very messy -- it's one of the oldest Internet protocols. Mailman itself goes back to a time when neither Python nor its email package had a coherent way of dealing with multilingual applications. So we've been overhauling various parts of Mailman 2 as necessary. And users -- well, many Mailman list admins think that they type Japanese or German rather than EUC-JP or ISO-8859-15, and undoubtedly the "charset-per-language" architecture was intended to make life easy for them. Why nobody ever got around to properly internationalizing the headers and footers (ie, allowing charsets defined per list) I'm not sure. I suspect it's because few users ever tried on international lists: they just use English in the footers as lingua franca. This is the first time I've seen somebody reporting issues with the internationalization of the footer, and I've been following Mailman since 1999 or so. Getting it right by design ... well, that's why we need Mailman 3. We know a lot more about lots of things than we did when Mailman 2 was designed. Steve From terry at fiteyes.com Thu Apr 17 20:26:22 2014 From: terry at fiteyes.com (Terry Earley) Date: Thu, 17 Apr 2014 12:26:22 -0600 Subject: [Mailman-Users] DMARC and From header munging In-Reply-To: <1397757704.11339.89.camel@pudina.fmp.com> References: <1397757704.11339.89.camel@pudina.fmp.com> Message-ID: Lindsey, I have been following this thread with interest, and relieved that for our list, all posts are moderated. We have determined to repost all messages coming from Yahoo with our moderator's account. To your question if VERP might be a partial answer, we are using VERP and "Full personalization" so the posters email address is passed through. we are still getting the DMARC error. Here is what came back to my gmail address as a result of a Yahoo post (which I did not receive): > Diagnostic-Code: smtp; 550-5.7.1 Unauthenticated email from yahoo.com is > not > accepted due to domain's 550-5.7.1 DMARC policy. Please contact > administrator of yahoo.com domain if 550-5.7.1 this was a legitimate > mail. > Please visit 550-5.7.1 http://support.google.com/mail/answer/2451690to > learn about DMARC 550 5.7.1 initiative. x7si9647998qaj.232 - gsmtp > Terry Earley 801 810-4175 Donate to FitEyes On Thu, Apr 17, 2014 at 12:01 PM, Lindsay Haisley wrote: > It occurred to me that one possible variation on From: header munging > which wouldn't break any applications depending on this being an actual, > working address for a post's author, while still passing DMARC > authentication, would be for Mailman to change the From: address to a > VERP-like address with the author's address encapsulated within an > address @ the list server. Any mail received by the list server for > this address would have its address parsed by Mailman and be redirected > to the original author's real email address. Would this pass RFC > compliance? > > -- > Lindsay Haisley | "Everything works if you let it" > FMP Computer Services | > 512-259-1190 | --- The Roadie > http://www.fmp.com | > > ------------------------------------------------------ > Mailman-Users mailing list Mailman-Users at python.org > https://mail.python.org/mailman/listinfo/mailman-users > Mailman FAQ: http://wiki.list.org/x/AgA3 > Security Policy: http://wiki.list.org/x/QIA9 > Searchable Archives: > http://www.mail-archive.com/mailman-users%40python.org/ > Unsubscribe: > https://mail.python.org/mailman/options/mailman-users/terry%40fiteyes.com > From mark at msapiro.net Thu Apr 17 20:29:21 2014 From: mark at msapiro.net (Mark Sapiro) Date: Thu, 17 Apr 2014 11:29:21 -0700 Subject: [Mailman-Users] DMARC and From header munging In-Reply-To: <1397757704.11339.89.camel@pudina.fmp.com> References: <1397757704.11339.89.camel@pudina.fmp.com> Message-ID: <53501D81.8010108@msapiro.net> On 04/17/2014 11:01 AM, Lindsay Haisley wrote: > It occurred to me that one possible variation on From: header munging > which wouldn't break any applications depending on this being an actual, > working address for a post's author, while still passing DMARC > authentication, would be for Mailman to change the From: address to a > VERP-like address with the author's address encapsulated within an > address @ the list server. Any mail received by the list server for > this address would have its address parsed by Mailman and be redirected > to the original author's real email address. Would this pass RFC > compliance? It would probably be RFC compliant as long as the from address reliably worked to send to the author, but there are other problems. The first that comes to mind is suppose a yahoo.com user replies to a post originally From: another yahoo.com user. There may be DMARC issues with the delivery of this reply from the Mailman server to the original poster. Maybe not because the forwarding of the reply is a pass-through that *probably* won't break a DKIM signature. But then what if the original poster had included a Reply-To: to an alternate address. This might result in a reply goint to the original From: instead of the original Reply-To:. Finally, there is this note from a draft document from the DMARC community: NOTE: The inclusion of more than one domain in the RFC5322.From field is dangerous. Recent studies by two major senders show that ~95% of all cases in which there is one domain in the RFC5322.From ?display name? and different domain in the RFC5322.From ?address-spec? are fraudulent. This practice should be discouraged as there are efforts underway to increase ?spam scores? within inbound filtering when this is detected. This implies that the "verp like" encoding should mangle things like "example.com" so they don't look like domain names which could make them difficult to parse. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From fmouse at fmp.com Thu Apr 17 20:31:24 2014 From: fmouse at fmp.com (Lindsay Haisley) Date: Thu, 17 Apr 2014 13:31:24 -0500 Subject: [Mailman-Users] DMARC and From header munging In-Reply-To: References: <1397757704.11339.89.camel@pudina.fmp.com> Message-ID: <1397759484.11339.105.camel@pudina.fmp.com> On Thu, 2014-04-17 at 12:26 -0600, Terry Earley wrote: > I have been following this thread with interest, and relieved that for our > list, all posts are moderated. We have determined to repost all messages > coming from Yahoo with our moderator's account. > > To your question if VERP might be a partial answer, we are using VERP and > "Full personalization" so the posters email address is passed through. we > are still getting the DMARC error. Here is what came back to my gmail > address as a result of a Yahoo post (which I did not receive): What I'm suggesting here isn't VERP, as it's optionally implemented in the envelope sender address, but a VERP-like encapsulation of the _author's_ email address into a munged From: address. This is something completely different, but uses the same paradigm for address encapsulation as does the current envelope sender VERP. > -- Lindsay Haisley | "Everything works if you let it" FMP Computer Services | 512-259-1190 | --- The Roadie http://www.fmp.com | From stephen at xemacs.org Thu Apr 17 20:32:14 2014 From: stephen at xemacs.org (Stephen J. Turnbull) Date: Fri, 18 Apr 2014 03:32:14 +0900 Subject: [Mailman-Users] DMARC and Bellsouth, etc. In-Reply-To: <1397751212.11339.21.camel@pudina.fmp.com> References: <1397656709.18445.23.camel@pudina.fmp.com> <534E9842.60504@msapiro.net> <0FF72167-1BBF-4391-AB7F-0E46BF171E6B@bellsouth.net> <1397667084.18445.97.camel@pudina.fmp.com> <534EC478.2060002@qhpress.org> <534ECC7D.7060403@free.fr> <534EE96B.2030300@writestarr.com> <1397686505.18445.110.camel@pudina.fmp.com> <87fvlc4go3.fsf@uwakimon.sk.tsukuba.ac.jp> <1397751212.11339.21.camel@pudina.fmp.com> Message-ID: <87d2gfst75.fsf@uwakimon.sk.tsukuba.ac.jp> Lindsay Haisley writes: > Stephen, thanks for your generous reply, and your insights. It > does seem to me, though, that when megabucks are riding on > additional bandwidth, and if Yahoo is serious about controlling > spam, they might start by putting some resources behind putting > their own house in order. Nobody can control spam in the current architecture of Internet mail. What needs to be done is author identification, that is, digital signatures. But that requires cooperation from users, which is anathema to the freemail providers. So p=reject, and to a lesser extent DMARC itself, are basically PR stunts IMO, see below. > Someone, maybe it was you, posted on this forum earlier that perhaps 90% > or more of spam with a yahoo.com origin (or one of their international > DNs) actually _does_ come from Yahoo Wasn't me. I don't have that data, and don't know where to get it offhand. So maybe it does, but in my spamtrap I have only 67/4359 (1.5%) messages from Yahoo (based on grepping for "^From:.*yahoo" and "^From:" respectively), vs. 658/38748 (1.7%) in my saved mail folders. It seems to me that spam using Yahoo addresses is hardly a big problem, whether it's spoofed or using throwaway addresses. > and that their response to abuse notifications is abysmal to > nonexistent. So it looks to me as if one of two things is > happening here. Either the right hand doesn't know what the left > hand is doing (or not doing), or this is a blatant, cynical attack > on network neutrality designed to push people toward Yahoo's own > list service. I think the main thing is that the decision-makers (who are basically business people) see this as a marketing/PR problem. I don't think it's an attack on network neutrality per se so much as a PR stunt to be perceived as "doing something about spam and phishing". I wonder if they're not positioning themselves to do something big in finance or expand in handling payments to vendors who use their e-business platforms -- which would make a "tough on phishing" stance very important to them, as it is for banks. > Has anyone seen or heard any figures on how much this DMARC fiasco has > cost Yahoo in terms of the number of email end-users who have left their > service? Someone mentioned that it was substantial enough to probably > get their attention. I did but that was based on my personal experience, with (as I wrote elsewhere) users who are not very attached to any particular email address yet. I don't see how anybody could get reliable figures, though, except Yahoo! themselves based on statistical analysis of outbound traffic and maybe an increase in the number of accounts that .forward to other accounts. Steve From mark at msapiro.net Thu Apr 17 20:32:15 2014 From: mark at msapiro.net (Mark Sapiro) Date: Thu, 17 Apr 2014 11:32:15 -0700 Subject: [Mailman-Users] Mailman 2.1.18 release Message-ID: <53501E2F.1040409@msapiro.net> I am pleased to announce the first release candidate for Mailman 2.1.18. Python 2.4 is the minimum supported, but Python 2.7 is recommended. This release has new features to help with mitigation of the impacts of DMARC on mailing lists. There is also a new dependency associated with these features. Namely, the new Privacy options -> Sender filters -> dmarc_moderation_action feature requires that the dnspython package be available in Python. There are also bug fixes. See the attached README for more details. Mailman is free software for managing email mailing lists and e-newsletters. Mailman is used for all the python.org and SourceForge.net mailing lists, as well as at hundreds of other sites. For more information, please see: http://www.list.org http://www.gnu.org/software/mailman http://mailman.sourceforge.net/ Mailman 2.1.18rc1 can be downloaded from https://launchpad.net/mailman/2.1/ http://ftp.gnu.org/gnu/mailman/ https://sourceforge.net/projects/mailman/ -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan -------------- next part -------------- 2.1.18rc1 (18-Apr-2014) Dependencies - There is a new dependency associated with the new Privacy options -> Sender filters -> dmarc_moderation_action feature discussed below. This requires that the dnspython package be available in Python. New Features - The from_is_list feature introduced in 2.1.16 is now unconditionally available to list owners. There is also, a new Privacy options -> Sender filters -> dmarc_moderation_action feature which applies to list messages where the From: address is in a domain which publishes a DMARC policy of reject or possibly quarantine. This is a list setting with values of Accept, Wrap Message, Munge From, Reject or Discard. There is a new DEFAULT_DMARC_MODERATION_ACTION configuration setting to set the default for this, and the list admin UI is not able to set an action which is 'less' than the default. The prior ALLOW_FROM_IS_LIST setting has been removed and is effectively always Yes. There is a new DMARC_QUARANTINE_MODERATION_ACTION configuration setting which defaults to Yes but can be set to No to exclude domains with DMARC policy of quarantine from dmarc_moderation_action. dmarc_moderation_action and from_is_list interact in the following way. If the message is From: a domain to which dmarc_moderation_action applies and if dmarc_moderation_action is other than Accept, dmarc_moderation_action applies to that message. Otherwise the from_is_list action applies. i18n - Added missing tag to French listinfo template. (LP: #1275964) Bug Fixes and other patches - Fixed a long standing issue in which a notice sent to a user whose language is other than that of the list can cause subsequent things which should be in the list's language to be in the user's language instead. (LP: #1308655) - Fixed the admin Membership List so a search string if any is not lost when visiting subsequent fragments of a chunked list. (LP: #1307454) - For from_is_list feature, use email address from original From: if original From: has no display name and strip domain part from resultant names that look like email addresses. (LP: #1304511) - Added the list name to the vette log "held message approved" entry. (LP: 1295875) - Added the CGI module name to various "No such list" error log entries. (LP: 1295875) - Modified contrib/mmdsr to report module name if present in "No such list error log entries. - Fixed a NameError exception in cron/nightly_gzip when it tries to print the usage message. (LP: #1291038) - Fixed a bug in ListAdmin._handlepost that would crash when trying to preserve a held message for the site admin if HOLD_MESSAGES_AS_PICKLES is False. (LP: #1282365) - The from_is_list header munging feature introduced in Mailman 2.1.16 is no longer erroneously applied to Mailman generated notices. (LP: #1279667) - Changed the message from the confirm CGI to not indicate approval is required for an acceptance of an invitation. (LP: #1277744) - Fixed POSTFIX_STYLE_VIRTUAL_DOMAINS to be case-insensitiive. (LP: #1267003) - Added recognition for another simple warning to bounce processing. (LP: #1263247) - Fixed a few failing tests in tests/test_handlers.py. (LP: #1262950) - Fixed bin/arch to not create scrubbed attachments for messages skipped when processing the --start= option. (LP: #1260883) - Fixed email address validation to do a bit better in obscure cases. (LP: #1258703) - Fixed a bug which caused some authentication cookies to expire too soon if AUTHENTICATION_COOKIE_LIFETIME is non-zero. (LP: #1257112) -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: OpenPGP digital signature URL: From tim at yingtong.co.uk Thu Apr 17 20:46:03 2014 From: tim at yingtong.co.uk (Tim Walter) Date: Thu, 17 Apr 2014 19:46:03 +0100 Subject: [Mailman-Users] Mirror mailing list with web forum In-Reply-To: References: , <534F3F1B.1030700@Damon-Family.org> Message-ID: <8D5B20FB-9A34-4796-8A99-FDC66371FF5D@yingtong.co.uk> On 17 Apr 2014, at 04:27, Jon 1234 wrote: >> From: Richard at Damon-Family.org >> I have been (slowly) working on an module to integrate a mailing list to >> a Drupal web site. My goal is to generate an archive that you can easily >> find recent messages in, and then be able to reply back to the list via >> the web site. I will need to look at some of those options to see if any >> would help in my needs. > > I found Drupal hard enough by itself, let alone integrating it with a mailing list. Good luck. > > I > finally got FUDforum to work. Without wanting to go into detail here, I > had to change the shebang line on maillist.php and change the file > permissions in the FUDforum/messages folder. Seems simple now! On > installation I had other permission errors (host doesn't allow 777 web > directories), and other errors may occur in future, but at least I know > in principle it works for me. > I have it working with Fudforum and although the fudforum integration was (to me) poorly documented I got it working and has been stable / rock solid for a couple of years now. It would be nice to get things like membership linked between the two and to more easily identify forum posters (when their mail hits the list) but that is just a comment not a request (unless someone has worked it out!) BW Tim From mark at msapiro.net Thu Apr 17 20:48:37 2014 From: mark at msapiro.net (Mark Sapiro) Date: Thu, 17 Apr 2014 11:48:37 -0700 Subject: [Mailman-Users] Mailman 2.1.18 release In-Reply-To: <53501E2F.1040409@msapiro.net> References: <53501E2F.1040409@msapiro.net> Message-ID: <53502205.1080606@msapiro.net> On 04/17/2014 11:32 AM, Mark Sapiro wrote: > I am pleased to announce the first release candidate for Mailman 2.1.18. I neglected to emphasize that there are some new and some modified i18n strings in this release. I strongly encourage all interested people to look at these and submit translation updates, preferably as launchpad merge proposals but directly to me is OK, before 1 May 2014 to get them in the final release. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: OpenPGP digital signature URL: From fmouse at fmp.com Thu Apr 17 20:50:37 2014 From: fmouse at fmp.com (Lindsay Haisley) Date: Thu, 17 Apr 2014 13:50:37 -0500 Subject: [Mailman-Users] DMARC and From header munging In-Reply-To: <53501D81.8010108@msapiro.net> References: <1397757704.11339.89.camel@pudina.fmp.com> <53501D81.8010108@msapiro.net> Message-ID: <1397760637.11339.116.camel@pudina.fmp.com> On Thu, 2014-04-17 at 11:29 -0700, Mark Sapiro wrote: > On 04/17/2014 11:01 AM, Lindsay Haisley wrote: > > It occurred to me that one possible variation on From: header munging > > which wouldn't break any applications depending on this being an actual, > > working address for a post's author, while still passing DMARC > > authentication, would be for Mailman to change the From: address to a > > VERP-like address with the author's address encapsulated within an > > address @ the list server. Any mail received by the list server for > > this address would have its address parsed by Mailman and be redirected > > to the original author's real email address. Would this pass RFC > > compliance? > > > It would probably be RFC compliant as long as the from address reliably > worked to send to the author, but there are other problems. > > The first that comes to mind is suppose a yahoo.com user replies to a > post originally From: another yahoo.com user. There may be DMARC issues > with the delivery of this reply from the Mailman server to the original > poster. > > Maybe not because the forwarding of the reply is a pass-through that > *probably* won't break a DKIM signature. Well it does come up against the long-standing issue with SPF regarding email redirection, and if an email doesn't come from a mail server supporting DKIM, then there would be an issues in this case. > But then what if the original poster had included a Reply-To: to an > alternate address. This might result in a reply goint to the original > From: instead of the original Reply-To:. This is, as I understand it, a MUA issue. Doesn't a reply _always_ go to a Reply-To: address by default? I don't see how munging of the From: address could affect this behavior. > This implies that the "verp like" encoding should mangle things like > "example.com" so they don't look like domain names which could make them > difficult to parse. I'm already using AES encryption/decryption in Mailman to put the recipient address into the Resent-Message-ID: header in a form that AOL's brain-dead TOS report system can't redact. This is the same kind of problem. Mangling wouldn't even have to be that sophisticated. ROT13 would probably do. -- Lindsay Haisley | "Everything works if you let it" FMP Computer Services | 512-259-1190 | --- The Roadie http://www.fmp.com | From stephen at xemacs.org Thu Apr 17 20:51:29 2014 From: stephen at xemacs.org (Stephen J. Turnbull) Date: Fri, 18 Apr 2014 03:51:29 +0900 Subject: [Mailman-Users] DMARC and From header munging In-Reply-To: <1397757704.11339.89.camel@pudina.fmp.com> References: <1397757704.11339.89.camel@pudina.fmp.com> Message-ID: <87bnvzssb2.fsf@uwakimon.sk.tsukuba.ac.jp> Lindsay Haisley writes: > Mailman to change the From: address to a VERP-like address with the > author's address encapsulated within an address @ the list server. > Any mail received by the list server for this address would have > its address parsed by Mailman and be redirected to the original > author's real email address. Would this pass RFC compliance? Technically, it probably does. The problem is that Mailman doesn't handle those mails, the MTA does. It would be reasonably easy to set up a filter and have the MTA pass the message to that filter. It's very ugly, though, especially if for some reason you have no display name to work with. A bigger problem, as stated what you've done is to set up an open relay. So you would need to either maintain a database of valid addresses forever, or do some crypto trickery so that only valid addresses would be forwarded. The latter would involve key management, etc. N.B. I read a very similar suggestion somewhere, probably in the DMARC Internet-Draft or in their FAQ. From barry at list.org Thu Apr 17 21:24:36 2014 From: barry at list.org (Barry Warsaw) Date: Thu, 17 Apr 2014 15:24:36 -0400 Subject: [Mailman-Users] Trying to understand charset encoding in mailman In-Reply-To: <87eh0vsucj.fsf@uwakimon.sk.tsukuba.ac.jp> References: <201404171119.s3HBJ2ni028360@fido.openend.se> <87ioq8rvgl.fsf@uwakimon.sk.tsukuba.ac.jp> <534FCBEB.30501@msapiro.net> <201404171354.s3HDsJNg031023@fido.openend.se> <87eh0vsucj.fsf@uwakimon.sk.tsukuba.ac.jp> Message-ID: <20140417152436.40a7cda3@anarchist.localdomain> On Apr 18, 2014, at 03:07 AM, Stephen J. Turnbull wrote: >Getting it right by design ... well, that's why we need Mailman 3. And really, Python 3. The email package in Python 3.4 rocks. -Barry From fmouse at fmp.com Thu Apr 17 21:36:44 2014 From: fmouse at fmp.com (Lindsay Haisley) Date: Thu, 17 Apr 2014 14:36:44 -0500 Subject: [Mailman-Users] DMARC and From header munging In-Reply-To: <87bnvzssb2.fsf@uwakimon.sk.tsukuba.ac.jp> References: <1397757704.11339.89.camel@pudina.fmp.com> <87bnvzssb2.fsf@uwakimon.sk.tsukuba.ac.jp> Message-ID: <1397763404.11339.152.camel@pudina.fmp.com> On Fri, 2014-04-18 at 03:51 +0900, Stephen J. Turnbull wrote: > Lindsay Haisley writes: > > > Mailman to change the From: address to a VERP-like address with the > > author's address encapsulated within an address @ the list server. > > Any mail received by the list server for this address would have > > its address parsed by Mailman and be redirected to the original > > author's real email address. Would this pass RFC compliance? > > Technically, it probably does. The problem is that Mailman doesn't > handle those mails, the MTA does. It would be reasonably easy to set > up a filter and have the MTA pass the message to that filter. We already do this for listname-subscribe, listname-owner, listname-bounces, etc. The addition of another similar name extension should be no problem. > It's very ugly, though, especially if for some reason you have no > display name to work with. Agreed! But the display name is free form and strictly informational. Could this not be the subscriber name of the author, if it's part of the subscription record? > A bigger problem, as stated what you've done is to set up an open > relay. So you would need to either maintain a database of valid > addresses forever, or do some crypto trickery so that only valid > addresses would be forwarded. The latter would involve key > management, etc. This is a good point, so the encapsulated address would have to be obfuscated in some way. Crypto wouldn't be difficult. I've already hacked AES encryption/decryption into Mailman for generating a Resent-Message-ID: header containing the recipient address. I have a single key in mm_cfg.py and as long as it stays the same then addresses will translate. But I see your point. This is putting RFC compliance out an a very long and thin thread. If you change the key, your entire archive of emails becomes theoretically non-compliant, and this is indeed ugly. > N.B. I read a very similar suggestion somewhere, probably in the DMARC > Internet-Draft or in their FAQ. -- Lindsay Haisley | "Everything works if you let it" FMP Computer Services | 512-259-1190 | --- The Roadie http://www.fmp.com | From fmouse at fmp.com Thu Apr 17 22:20:59 2014 From: fmouse at fmp.com (Lindsay Haisley) Date: Thu, 17 Apr 2014 15:20:59 -0500 Subject: [Mailman-Users] Mailman 2.1.18 release In-Reply-To: <53501E2F.1040409@msapiro.net> References: <53501E2F.1040409@msapiro.net> Message-ID: <1397766059.11339.154.camel@pudina.fmp.com> On Thu, 2014-04-17 at 11:32 -0700, Mark Sapiro wrote: > dnspython Mark, is this distinct from pydns at ? -- Lindsay Haisley | "Everything works if you let it" FMP Computer Services | 512-259-1190 | --- The Roadie http://www.fmp.com | From jimpop at gmail.com Thu Apr 17 22:28:06 2014 From: jimpop at gmail.com (Jim Popovitch) Date: Thu, 17 Apr 2014 16:28:06 -0400 Subject: [Mailman-Users] Mailman 2.1.18 release In-Reply-To: <1397766059.11339.154.camel@pudina.fmp.com> References: <53501E2F.1040409@msapiro.net> <1397766059.11339.154.camel@pudina.fmp.com> Message-ID: On Thu, Apr 17, 2014 at 4:20 PM, Lindsay Haisley wrote: > On Thu, 2014-04-17 at 11:32 -0700, Mark Sapiro wrote: > > dnspython > > Mark, is this distinct from pydns at ? > (not Mark), short answer "yes". PyDNS and DNSPython are 2 different python libs, the latter seems to be more popular. -Jim P. From jimpop at gmail.com Thu Apr 17 22:31:10 2014 From: jimpop at gmail.com (Jim Popovitch) Date: Thu, 17 Apr 2014 16:31:10 -0400 Subject: [Mailman-Users] DMARC and Bellsouth, etc. In-Reply-To: <87d2gfst75.fsf@uwakimon.sk.tsukuba.ac.jp> References: <1397656709.18445.23.camel@pudina.fmp.com> <534E9842.60504@msapiro.net> <0FF72167-1BBF-4391-AB7F-0E46BF171E6B@bellsouth.net> <1397667084.18445.97.camel@pudina.fmp.com> <534EC478.2060002@qhpress.org> <534ECC7D.7060403@free.fr> <534EE96B.2030300@writestarr.com> <1397686505.18445.110.camel@pudina.fmp.com> <87fvlc4go3.fsf@uwakimon.sk.tsukuba.ac.jp> <1397751212.11339.21.camel@pudina.fmp.com> <87d2gfst75.fsf@uwakimon.sk.tsukuba.ac.jp> Message-ID: On Thu, Apr 17, 2014 at 2:32 PM, Stephen J. Turnbull wrote: > Lindsay Haisley writes: > > Someone, maybe it was you, posted on this forum earlier that perhaps 90% > > or more of spam with a yahoo.com origin (or one of their international > > DNs) actually _does_ come from Yahoo > > Wasn't me. I don't have that data, and don't know where to get it > offhand. > > So maybe it does, but in my spamtrap I have only 67/4359 (1.5%) > messages from Yahoo (based on grepping for "^From:.*yahoo" and > "^From:" respectively), vs. 658/38748 (1.7%) in my saved mail folders. > It seems to me that spam using Yahoo addresses is hardly a big > problem, whether it's spoofed or using throwaway addresses. > > I'm curious, what numbers do you currently see for tumblr (also a yahoo company) spam? -Jim P. From fmouse at fmp.com Thu Apr 17 22:38:45 2014 From: fmouse at fmp.com (Lindsay Haisley) Date: Thu, 17 Apr 2014 15:38:45 -0500 Subject: [Mailman-Users] Mailman 2.1.18 release In-Reply-To: References: <53501E2F.1040409@msapiro.net> <1397766059.11339.154.camel@pudina.fmp.com> Message-ID: <1397767125.11339.157.camel@pudina.fmp.com> On Thu, 2014-04-17 at 16:28 -0400, Jim Popovitch wrote: > (not Mark), short answer "yes". PyDNS and DNSPython are 2 different python > libs, the latter seems to be more popular. Slightly confusing :) >>> import DNS [imports PyDNS] >>> import dns [imports DNSPython] -- Lindsay Haisley | "Real programmers use butterflies" FMP Computer Services | 512-259-1190 | - xkcd http://www.fmp.com | From jon.1234 at hotmail.co.uk Thu Apr 17 23:04:13 2014 From: jon.1234 at hotmail.co.uk (Jon 1234) Date: Thu, 17 Apr 2014 22:04:13 +0100 Subject: [Mailman-Users] Mirror mailing list with web forum In-Reply-To: <8D5B20FB-9A34-4796-8A99-FDC66371FF5D@yingtong.co.uk> References: , , <534F3F1B.1030700@Damon-Family.org>, , <8D5B20FB-9A34-4796-8A99-FDC66371FF5D@yingtong.co.uk> Message-ID: > From: tim at yingtong.co.uk > I have it working with Fudforum and although the fudforum integration was (to me) poorly documented I got it working and has been stable / rock solid for a couple of years now. > > It would be nice to get things like membership linked between the two and to more easily identify forum posters (when their mail hits the list) but that is just a comment not a request (unless someone has worked it out!) > > BW Tim I'm pleased to hear this - out of interest, which versions of FUDforum and Mailman are you running? I have some ideas about linking membership and will report back here if I come up with anything useful. By 'more easily identify forum posters' do you mean by, for instance, a header/footer stating that the message came from the web interface? I think that would be fairly easy to implement. Or is it part of your linking-membership point? - so that, for instance, you'd want Mailman to realise when a forum post should (or should not) be held for moderation? Best wishes Jon From tim at yingtong.co.uk Fri Apr 18 01:36:37 2014 From: tim at yingtong.co.uk (Tim Walter) Date: Fri, 18 Apr 2014 00:36:37 +0100 Subject: [Mailman-Users] Mirror mailing list with web forum In-Reply-To: References: , , <534F3F1B.1030700@Damon-Family.org>, , <8D5B20FB-9A34-4796-8A99-FDC66371FF5D@yingtong.co.uk> Message-ID: On 17 Apr 2014, at 22:04, Jon 1234 wrote: > > From: tim at yingtong.co.uk > > I have it working with Fudforum and although the fudforum integration was (to me) poorly documented I got it working and has been stable / rock solid for a couple of years now. > > > > It would be nice to get things like membership linked between the two and to more easily identify forum posters (when their mail hits the list) but that is just a comment not a request (unless someone has worked it out!) > > > > BW Tim > I'm pleased to hear this - out of interest, which versions of FUDforum and Mailman are you running? > > I have some ideas about linking membership and will report back here if I come up with anything useful. > > By 'more easily identify forum posters' do you mean by, for instance, a header/footer stating that the message came from the web interface? I think that would be fairly easy to implement. Or is it part of your linking-membership point? - so that, for instance, you'd want Mailman to realise when a forum post should (or should not) be held for moderation? > > Best wishes > > Jon Hi Jon, FUDForum 3.0.5 but several version prior to the latest too. Mailman 2.1.12 as part of Virtualmin ref identity I really mean at present most of the traffic is on the mailing list (and the forum is more of an archive for 80% of the joint community) where users complain they can?t easily identify forum posters as people (its a friendly bunch) as I?ve set it to post to the list as the single subscribed list address. They/I would like to see the forum users name/email address somewhere inside the body text so they can say ?Hi Peter, good to hear from you, I think I can answer this one?? I?ve searched within FUDforum for documentation of how to format posts to include posters names etc. to no avail. In reality for membership intergration between the two I suspect I wouldn?t be first in the queue currently as I have several hundred subscribers both places, with significant overlap between them! BW TIm From jon.1234 at hotmail.co.uk Fri Apr 18 03:26:59 2014 From: jon.1234 at hotmail.co.uk (Jon 1234) Date: Fri, 18 Apr 2014 02:26:59 +0100 Subject: [Mailman-Users] Mirror mailing list with web forum In-Reply-To: References: , , , <534F3F1B.1030700@Damon-Family.org>, , , , <8D5B20FB-9A34-4796-8A99-FDC66371FF5D@yingtong.co.uk>, , Message-ID: > From: tim at yingtong.co.uk > Date: Fri, 18 Apr 2014 00:36:37 +0100 > ref identity I really mean at present most of the traffic is on the mailing list (and the forum is more of an archive for 80% of the joint community) where users complain they can?t easily identify forum posters as people (its a friendly bunch) as I?ve set it to post to the list as the single subscribed list address. They/I would like to see the forum users name/email address somewhere inside the body text so they can say ?Hi Peter, good to hear from you, I think I can answer this one?? I?ve searched within FUDforum for documentation of how to format posts to include posters names etc. to no avail. This seems to work. Go to forum/theme/default/post.php and find the line: if (!empty($r[3])) { // Use the forum's fixed "From:" address. After it add words to the following effect: $body .= "\n-- \nThis message was sent via the web forum by $from"; You should get a footer along the lines of: This message was sent via the web forum by Name Which will be followed by the Mailman footer. > In reality for membership intergration between the two I suspect I wouldn?t be first in the queue currently as I have several hundred subscribers both places, with significant overlap between them! > > BW TIm If I manage to solve this how about I mention it here but post the detail on the FUDforum website? Best wishes Jon From cgtyoder at alum.mit.edu Fri Apr 18 04:40:07 2014 From: cgtyoder at alum.mit.edu (Conrad G T Yoder) Date: Thu, 17 Apr 2014 22:40:07 -0400 Subject: [Mailman-Users] Seeing your own sig appear in (someone else's) email to the list Message-ID: <110AD709-8C6E-4DA2-9897-ABA10AE29480@alum.mit.edu> One of my users on one of my lists is seeing something odd. His own signatures are appearing on other people?s emails sent to a Mailman (2.1.14) list. Some points of info: - He has his own domain, hosted by google - Email is read on the web (not sure which browser) - It appears on some, but not all list posts - Started happening ?about a week ago? - I do not see his signatures when the same emails come to me, nor are they in the archive. - He is a list admin and moderator. The list is fully moderated and he approves/rejects most of the posts. Is he crazy? Any idea how to track this ?problem? down? -Conrad -- Power today. Pleasure tomorrow. -- Mellowfields Top security holiday camps Luxury without fear Fun without suspicion Relax in a panic-free atmosphere From sylvain at opensource-expert.com Fri Apr 18 09:14:10 2014 From: sylvain at opensource-expert.com (Sylvain Viart) Date: Fri, 18 Apr 2014 09:14:10 +0200 Subject: [Mailman-Users] Mailman 2.1.18 release In-Reply-To: <53501E2F.1040409@msapiro.net> References: <53501E2F.1040409@msapiro.net> Message-ID: <5350D0C2.90700@opensource-expert.com> Hi, Le 17/04/2014 20:32, Mark Sapiro a ?crit : > I am pleased to announce the first release candidate for Mailman 2.1.18. > > http://www.list.org > http://www.gnu.org/software/mailman > http://mailman.sourceforge.net/ No topic are presented about the fresh release on those website, right? So a "postable" url about this announce would be? http://www.mail-archive.com/mailman-users%40python.org/msg64098.html Is there a better one? Regards, Sylvain. From sylvain at opensource-expert.com Fri Apr 18 09:26:28 2014 From: sylvain at opensource-expert.com (Sylvain Viart) Date: Fri, 18 Apr 2014 09:26:28 +0200 Subject: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, "Service Unavailable". In-Reply-To: <534AEA16.8040303@psfc.mit.edu> References: <534AEA16.8040303@psfc.mit.edu> Message-ID: <5350D3A4.80405@opensource-expert.com> Hi, I may have missed some topic, but why SRS (http://en.wikipedia.org/wiki/Sender_Rewriting_Scheme) doesn't come to rescue here? It isn't its original purpose? Resigning outgoing messages with messaging server own DKIM's key. Seem to be available by setuping mm_cfg.py: - ALLOW_FROM_IS_LIST = Yes - REMOVE_DKIM_HEADERS = Yes - FROM_IS_LIST = 1 Did I miss something? Regards, Sylvain. From addw at phcomp.co.uk Fri Apr 18 09:41:33 2014 From: addw at phcomp.co.uk (Alain Williams) Date: Fri, 18 Apr 2014 08:41:33 +0100 Subject: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, "Service Unavailable". In-Reply-To: <5350D3A4.80405@opensource-expert.com> References: <534AEA16.8040303@psfc.mit.edu> <5350D3A4.80405@opensource-expert.com> Message-ID: <20140418074133.GF5587@phcomp.co.uk> On Fri, Apr 18, 2014 at 09:26:28AM +0200, Sylvain Viart wrote: > Hi, > > I may have missed some topic, but why SRS > (http://en.wikipedia.org/wiki/Sender_Rewriting_Scheme) doesn't come > to rescue here? > > It isn't its original purpose? > Resigning outgoing messages with messaging server own DKIM's key. > > Seem to be available by setuping mm_cfg.py: > > - ALLOW_FROM_IS_LIST = Yes > - REMOVE_DKIM_HEADERS = Yes > - FROM_IS_LIST = 1 > > > Did I miss something? SRS rewrites the *envelope* sender. My understanding is that the YAHOO DKIM uses the From: header, not the envelope sender. -- Alain Williams Linux/GNU Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer. +44 (0) 787 668 0256 http://www.phcomp.co.uk/ Parliament Hill Computers Ltd. Registration Information: http://www.phcomp.co.uk/contact.php #include From mark at msapiro.net Fri Apr 18 10:41:02 2014 From: mark at msapiro.net (Mark Sapiro) Date: Fri, 18 Apr 2014 01:41:02 -0700 Subject: [Mailman-Users] Mailman 2.1.18 release In-Reply-To: <5350D0C2.90700@opensource-expert.com> References: <53501E2F.1040409@msapiro.net> <5350D0C2.90700@opensource-expert.com> Message-ID: <5350E51E.2030802@msapiro.net> On 04/18/2014 12:14 AM, Sylvain Viart wrote: > Hi, > > > Le 17/04/2014 20:32, Mark Sapiro a ?crit : >> I am pleased to announce the first release candidate for Mailman 2.1.18. >> >> http://www.list.org >> http://www.gnu.org/software/mailman >> http://mailman.sourceforge.net/ > > No topic are presented about the fresh release on those website, right? There wasn't when you wrote, but there is now. I didn't have my full release tool set at PyCon :( > So a "postable" url about this announce would be? > > http://www.mail-archive.com/mailman-users%40python.org/msg64098.html > > Is there a better one? If you want to link to the announcement itself, I would use -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From tim at yingtong.co.uk Fri Apr 18 11:49:20 2014 From: tim at yingtong.co.uk (Tim Walter) Date: Fri, 18 Apr 2014 10:49:20 +0100 Subject: [Mailman-Users] Mirror mailing list with web forum In-Reply-To: References: , , , <534F3F1B.1030700@Damon-Family.org>, , , , <8D5B20FB-9A34-4796-8A99-FDC66371FF5D@yingtong.co.uk>, , Message-ID: <6E464975-5C4C-41C3-8444-F12527930381@yingtong.co.uk> On 18 Apr 2014, at 02:26, Jon 1234 wrote: > > From: tim at yingtong.co.uk > > Date: Fri, 18 Apr 2014 00:36:37 +0100 > > ref identity I really mean at present most of the traffic is on the mailing list (and the forum is more of an archive for 80% of the joint community) where users complain they can?t easily identify forum posters as people (its a friendly bunch) as I?ve set it to post to the list as the single subscribed list address. They/I would like to see the forum users name/email address somewhere inside the body text so they can say ?Hi Peter, good to hear from you, I think I can answer this one?? I?ve searched within FUDforum for documentation of how to format posts to include posters names etc. to no avail. > > > This seems to work. Go to forum/theme/default/post.php and find the line: > > > if (!empty($r[3])) { // Use the forum's fixed "From:" address. > > > After it add words to the following effect: > > > $body .= "\n-- \nThis message was sent via the web forum by $from"; > > > You should get a footer along the lines of: > > > This message was sent via the web forum by Name > > > Which will be followed by the Mailman footer. > > > > In reality for membership intergration between the two I suspect I wouldn?t be first in the queue currently as I have several hundred subscribers both places, with significant overlap between them! > > > > BW TIm > > > If I manage to solve this how about I mention it here but post the detail on the FUDforum website? > > > Best wishes > > > Jon Hi Jon, brilliant. Works exactly as it says on the tin. I?m guessing however it will be overwritten with the next patch, but I can live with that. In this life I am a user rather than a contributor I?m afraid, is there a way of putting that at the top such as ?Tim Walter wrote on the forum?? As to the integration I suspect both places seem sensible, I hang out in both. (Sorry to have slightly hijacked the mailman list for FUDForum stuff, though hopefully moderately relevant.) From sylvain at opensource-expert.com Fri Apr 18 12:34:15 2014 From: sylvain at opensource-expert.com (Sylvain Viart) Date: Fri, 18 Apr 2014 12:34:15 +0200 Subject: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, "Service Unavailable". In-Reply-To: <20140418074133.GF5587@phcomp.co.uk> References: <534AEA16.8040303@psfc.mit.edu> <5350D3A4.80405@opensource-expert.com> <20140418074133.GF5587@phcomp.co.uk> Message-ID: <5350FFA7.1000602@opensource-expert.com> Le 18/04/2014 09:41, Alain Williams a ?crit : >> I may have missed some topic, but why SRS >> (http://en.wikipedia.org/wiki/Sender_Rewriting_Scheme) doesn't come to rescue here? > SRS rewrites the *envelope* sender. > > My understanding is that the YAHOO DKIM uses the From: header, not the envelope sender. Oh I see. Thanks. So to use mail's Header terminology, only the Return-path: is modified, not the From: Is this related to DMARC in general? May be not corrected by SRS, because of DMARC is more recent than SRS? Or this is a yahoo challenging with a somewhat too strong configuration? I mean, did they configure to specifically check the From: header? Regards, Sylvain. From stephen at xemacs.org Fri Apr 18 16:13:42 2014 From: stephen at xemacs.org (Stephen J. Turnbull) Date: Fri, 18 Apr 2014 23:13:42 +0900 Subject: [Mailman-Users] DMARC and From header munging In-Reply-To: <1397763404.11339.152.camel@pudina.fmp.com> References: <1397757704.11339.89.camel@pudina.fmp.com> <87bnvzssb2.fsf@uwakimon.sk.tsukuba.ac.jp> <1397763404.11339.152.camel@pudina.fmp.com> Message-ID: <87a9bisp2h.fsf@uwakimon.sk.tsukuba.ac.jp> Lindsay Haisley writes: > > It's very ugly, though, especially if for some reason you have no > > display name to work with. > > Agreed! But the display name is free form and strictly informational. > Could this not be the subscriber name of the author, if it's part of the > subscription record? Sure. But that's putting even more burden on the Mailman server, and in many cases it won't be close to 100%. That's all I'm saying. From stephen at xemacs.org Fri Apr 18 16:19:38 2014 From: stephen at xemacs.org (Stephen J. Turnbull) Date: Fri, 18 Apr 2014 23:19:38 +0900 Subject: [Mailman-Users] DMARC and Bellsouth, etc. In-Reply-To: References: <1397656709.18445.23.camel@pudina.fmp.com> <534E9842.60504@msapiro.net> <0FF72167-1BBF-4391-AB7F-0E46BF171E6B@bellsouth.net> <1397667084.18445.97.camel@pudina.fmp.com> <534EC478.2060002@qhpress.org> <534ECC7D.7060403@free.fr> <534EE96B.2030300@writestarr.com> <1397686505.18445.110.camel@pudina.fmp.com> <87fvlc4go3.fsf@uwakimon.sk.tsukuba.ac.jp> <1397751212.11339.21.camel@pudina.fmp.com> <87d2gfst75.fsf@uwakimon.sk.tsukuba.ac.jp> Message-ID: <878ur2sosl.fsf@uwakimon.sk.tsukuba.ac.jp> Jim Popovitch writes: > On Thu, Apr 17, 2014 at 2:32 PM, Stephen J. Turnbull wrote: > > > So maybe it does, but in my spamtrap I have only 67/4359 (1.5%) > > messages from Yahoo (based on grepping for "^From:.*yahoo" and > > "^From:" respectively), vs. 658/38748 (1.7%) in my saved mail folders. > > It seems to me that spam using Yahoo addresses is hardly a big > > problem, whether it's spoofed or using throwaway addresses. > I'm curious, what numbers do you currently see for tumblr (also a yahoo > company) spam? Zero. From stephen at xemacs.org Fri Apr 18 16:30:49 2014 From: stephen at xemacs.org (Stephen J. Turnbull) Date: Fri, 18 Apr 2014 23:30:49 +0900 Subject: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, "Service Unavailable". In-Reply-To: <5350FFA7.1000602@opensource-expert.com> References: <534AEA16.8040303@psfc.mit.edu> <5350D3A4.80405@opensource-expert.com> <20140418074133.GF5587@phcomp.co.uk> <5350FFA7.1000602@opensource-expert.com> Message-ID: <877g6mso9y.fsf@uwakimon.sk.tsukuba.ac.jp> Sylvain Viart writes: > Le 18/04/2014 09:41, Alain Williams a ?crit : > >> I may have missed some topic, but why SRS > >> (http://en.wikipedia.org/wiki/Sender_Rewriting_Scheme) doesn't > >> come to rescue here? > > SRS rewrites the *envelope* sender. > > > > My understanding is that the YAHOO DKIM uses the From: header, > > not the envelope sender. > > Oh I see. Thanks. > So to use mail's Header terminology, only the Return-path: is modified, > not the From: No, the envelope sender often does end up in Return-Path, but it need not. The envelope sender is the entity in the SMTP "MAIL FROM" command, not anything in the headers. > Is this related to DMARC in general? Yes. DMARC is designed to work with "From alignment", that is, authenticating the domain in the from header. It *can* also authenticate the mailbox using DKIM, but there's no guarantee that a third party can see. The reason for this is that the DMARC authors are concerned about phishing, which basically works by sending a fake "From". Therefore they want to ensure that only the real domain can send "From" that domain. > May be not corrected by SRS, because of DMARC is more recent than > SRS? They're completely unrelated. > Or this is a yahoo challenging with a somewhat too strong > configuration? Yahoo is following the DMARC standard. They don't believe it is "too strong". See above. From mark at msapiro.net Sat Apr 19 00:27:42 2014 From: mark at msapiro.net (Mark Sapiro) Date: Fri, 18 Apr 2014 15:27:42 -0700 Subject: [Mailman-Users] Seeing your own sig appear in (someone else's) email to the list In-Reply-To: <110AD709-8C6E-4DA2-9897-ABA10AE29480@alum.mit.edu> References: <110AD709-8C6E-4DA2-9897-ABA10AE29480@alum.mit.edu> Message-ID: <5351A6DE.6030306@msapiro.net> On 04/17/2014 07:40 PM, Conrad G T Yoder wrote: > One of my users on one of my lists is seeing something odd. His own signatures are appearing on other people?s emails sent to a Mailman (2.1.14) list. Some points of info: > > - He has his own domain, hosted by google > - Email is read on the web (not sure which browser) > - It appears on some, but not all list posts > - Started happening ?about a week ago? > - I do not see his signatures when the same emails come to me, nor are they in the archive. > - He is a list admin and moderator. The list is fully moderated and he approves/rejects most of the posts. > > Is he crazy? Any idea how to track this ?problem? down? The first thing that comes to mind is he sees this in posts which are direct Cc replies to his own posts from some user(s). Thus, what he is seeing isn't the list post, and something in the poster to list path is stripping signatures so other list members and the archive don't see it. (Perhaps the sig is in a MIME part removed by the list's content filtering.) You need to get a complete, raw message from him with the spurious sig, all headers, etc. If he uses the gmail/googlemail web client, he can click the down triangle 'more' button just right of the swooping arrow 'reply' button, click 'Show original' and copy/paste the result. This will tell you whether the message even came to him via the list and where in the message parts his sig appears. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From mark at msapiro.net Sat Apr 19 01:23:05 2014 From: mark at msapiro.net (Mark Sapiro) Date: Fri, 18 Apr 2014 16:23:05 -0700 Subject: [Mailman-Users] DMARC and Bellsouth, etc. In-Reply-To: <1397751212.11339.21.camel@pudina.fmp.com> References: <1397656709.18445.23.camel@pudina.fmp.com> <534E9842.60504@msapiro.net> <0FF72167-1BBF-4391-AB7F-0E46BF171E6B@bellsouth.net> <1397667084.18445.97.camel@pudina.fmp.com> <534EC478.2060002@qhpress.org> <534ECC7D.7060403@free.fr> <534EE96B.2030300@writestarr.com> <1397686505.18445.110.camel@pudina.fmp.com> <87fvlc4go3.fsf@uwakimon.sk.tsukuba.ac.jp> <1397751212.11339.21.camel@pudina.fmp.com> Message-ID: <5351B3D9.3020803@msapiro.net> On 04/17/2014 09:13 AM, Lindsay Haisley wrote: > Someone, maybe it was you, posted on this forum earlier that perhaps 90% > or more of spam with a yahoo.com origin (or one of their international > DNs) actually _does_ come from Yahoo and that their response to abuse > notifications is abysmal to nonexistent. The post is at -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From fmouse at fmp.com Sat Apr 19 01:47:29 2014 From: fmouse at fmp.com (Lindsay Haisley) Date: Fri, 18 Apr 2014 18:47:29 -0500 Subject: [Mailman-Users] DMARC and Bellsouth, etc. In-Reply-To: <5351B3D9.3020803@msapiro.net> References: <1397656709.18445.23.camel@pudina.fmp.com> <534E9842.60504@msapiro.net> <0FF72167-1BBF-4391-AB7F-0E46BF171E6B@bellsouth.net> <1397667084.18445.97.camel@pudina.fmp.com> <534EC478.2060002@qhpress.org> <534ECC7D.7060403@free.fr> <534EE96B.2030300@writestarr.com> <1397686505.18445.110.camel@pudina.fmp.com> <87fvlc4go3.fsf@uwakimon.sk.tsukuba.ac.jp> <1397751212.11339.21.camel@pudina.fmp.com> <5351B3D9.3020803@msapiro.net> Message-ID: <1397864849.11339.254.camel@pudina.fmp.com> On Fri, 2014-04-18 at 16:23 -0700, Mark Sapiro wrote: > On 04/17/2014 09:13 AM, Lindsay Haisley wrote: > > > Someone, maybe it was you, posted on this forum earlier that perhaps 90% > > or more of spam with a yahoo.com origin (or one of their international > > DNs) actually _does_ come from Yahoo and that their response to abuse > > notifications is abysmal to nonexistent. > > > The post is at > On Fri Apr 11 12:13:58 CEST 2014 Rich Kulawiec rsk at gsp.org said: > This is just (a) propaganda, > so that they claim to be "doing something" Which pretty much meshes with what you've suggested about Yahoo's motives. -- Lindsay Haisley | "Everything works if you let it" FMP Computer Services | 512-259-1190 | --- The Roadie http://www.fmp.com | From lac at openend.se Sat Apr 19 08:43:27 2014 From: lac at openend.se (Laura Creighton) Date: Sat, 19 Apr 2014 08:43:27 +0200 Subject: [Mailman-Users] Seeing your own sig appear in (someone else's) email to the list In-Reply-To: Message from Mark Sapiro of "Fri, 18 Apr 2014 15:27:42 -0700." <5351A6DE.6030306@msapiro.net> References: <110AD709-8C6E-4DA2-9897-ABA10AE29480@alum.mit.edu><5351A6DE.6030306@msapiro.net> Message-ID: <201404190643.s3J6hRfR006564@fido.openend.se> Some long dormant bits in my brain are remembering something like this happening when the MIME type application/pgp-signature was introduced. Before then, people were using application/pgp for such things, and some were using other things like pgp-encrypt. If the signature problem is a pgp signature problem, these docs may prove illuminating. http://www.phildev.net/pgp/pgp_clear_vs_mime.html http://www.ietf.org/rfc/rfc2015.txt Laura From jon.1234 at hotmail.co.uk Sat Apr 19 22:57:45 2014 From: jon.1234 at hotmail.co.uk (Jon 1234) Date: Sat, 19 Apr 2014 21:57:45 +0100 Subject: [Mailman-Users] Mirror mailing list with web forum In-Reply-To: <6E464975-5C4C-41C3-8444-F12527930381@yingtong.co.uk> References: , , ,,<534F3F1B.1030700@Damon-Family.org>, ,,, , , <8D5B20FB-9A34-4796-8A99-FDC66371FF5D@yingtong.co.uk>, , , , , , <6E464975-5C4C-41C3-8444-F12527930381@yingtong.co.uk> Message-ID: > From: tim at yingtong.co.uk > Date: Fri, 18 Apr 2014 10:49:20 +0100 > Hi Jon, brilliant. Works exactly as it says on the tin. I?m guessing however it will be overwritten with the next patch, but I can live with that. In this life I am a user rather than a contributor I?m afraid, is there a way of putting that at the top such as ?Tim Walter wrote on the forum?? You're welcome - I'm pleased to have helped. You could change the line to: $body = "This message was sent via the web forum by $from \n\n" . $body; I'll be checking the FUDforum forum for the next while so we can discuss it further there if necessary. > As to the integration I suspect both places seem sensible, I hang out in both. I suppose it depends on which code I tinker with the most :-) Best wishes Jon From mark at msapiro.net Sun Apr 20 06:13:00 2014 From: mark at msapiro.net (Mark Sapiro) Date: Sat, 19 Apr 2014 21:13:00 -0700 Subject: [Mailman-Users] Mailman 2.1.18 release In-Reply-To: <53501E2F.1040409@msapiro.net> References: <53501E2F.1040409@msapiro.net> Message-ID: <5353494C.5070609@msapiro.net> On 04/17/2014 11:32 AM, Mark Sapiro wrote: > I am pleased to announce the first release candidate for Mailman 2.1.18. > > Python 2.4 is the minimum supported, but Python 2.7 is recommended. It turns out that Mailman 2.1.18rc1 required Python 2.5 or later. The problem code has been modified and I have released Mailman 2.1.18rc2. Fixing this issue is the only change. If you are trying to run Mailman 2.1.18 with Python 2.4.x, you need to use 2.1.18rc2 or later. If you are running with Python 2.5 or later, either version is OK. Please submit any i18n updates before May 1 to get them in the final release. This release has new features to help with mitigation of the impacts of DMARC on mailing lists. There is also a new dependency associated with these features. Namely, the new Privacy options -> Sender filters -> dmarc_moderation_action feature requires that the dnspython package be available in Python. There are also bug fixes. See the attached README for more details. Mailman is free software for managing email mailing lists and e-newsletters. Mailman is used for all the python.org and SourceForge.net mailing lists, as well as at hundreds of other sites. For more information, please see: http://www.list.org http://www.gnu.org/software/mailman http://mailman.sourceforge.net/ Mailman 2.1.18rc2 can be downloaded from https://launchpad.net/mailman/2.1/ http://ftp.gnu.org/gnu/mailman/ https://sourceforge.net/projects/mailman/ -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan -------------- next part -------------- 2.1.18rc2 (19-Apr-2014) - The new Utils.IsDMARCProhibited() used collections.defaultdict which requires Python 2.5. Changed to use a dict and setdefault. 2.1.18rc1 (18-Apr-2014) Dependencies - There is a new dependency associated with the new Privacy options -> Sender filters -> dmarc_moderation_action feature discussed below. This requires that the dnspython package be available in Python. New Features - The from_is_list feature introduced in 2.1.16 is now unconditionally available to list owners. There is also, a new Privacy options -> Sender filters -> dmarc_moderation_action feature which applies to list messages where the From: address is in a domain which publishes a DMARC policy of reject or possibly quarantine. This is a list setting with values of Accept, Wrap Message, Munge From, Reject or Discard. There is a new DEFAULT_DMARC_MODERATION_ACTION configuration setting to set the default for this, and the list admin UI is not able to set an action which is 'less' than the default. The prior ALLOW_FROM_IS_LIST setting has been removed and is effectively always Yes. There is a new DMARC_QUARANTINE_MODERATION_ACTION configuration setting which defaults to Yes but can be set to No to exclude domains with DMARC policy of quarantine from dmarc_moderation_action. dmarc_moderation_action and from_is_list interact in the following way. If the message is From: a domain to which dmarc_moderation_action applies and if dmarc_moderation_action is other than Accept, dmarc_moderation_action applies to that message. Otherwise the from_is_list action applies. i18n - Added missing tag to French listinfo template. (LP: #1275964) Bug Fixes and other patches - Fixed a long standing issue in which a notice sent to a user whose language is other than that of the list can cause subsequent things which should be in the list's language to be in the user's language instead. (LP: #1308655) - Fixed the admin Membership List so a search string if any is not lost when visiting subsequent fragments of a chunked list. (LP: #1307454) - For from_is_list feature, use email address from original From: if original From: has no display name and strip domain part from resultant names that look like email addresses. (LP: #1304511) - Added the list name to the vette log "held message approved" entry. (LP: 1295875) - Added the CGI module name to various "No such list" error log entries. (LP: 1295875) - Modified contrib/mmdsr to report module name if present in "No such list error log entries. - Fixed a NameError exception in cron/nightly_gzip when it tries to print the usage message. (LP: #1291038) - Fixed a bug in ListAdmin._handlepost that would crash when trying to preserve a held message for the site admin if HOLD_MESSAGES_AS_PICKLES is False. (LP: #1282365) - The from_is_list header munging feature introduced in Mailman 2.1.16 is no longer erroneously applied to Mailman generated notices. (LP: #1279667) - Changed the message from the confirm CGI to not indicate approval is required for an acceptance of an invitation. (LP: #1277744) - Fixed POSTFIX_STYLE_VIRTUAL_DOMAINS to be case-insensitiive. (LP: #1267003) - Added recognition for another simple warning to bounce processing. (LP: #1263247) - Fixed a few failing tests in tests/test_handlers.py. (LP: #1262950) - Fixed bin/arch to not create scrubbed attachments for messages skipped when processing the --start= option. (LP: #1260883) - Fixed email address validation to do a bit better in obscure cases. (LP: #1258703) - Fixed a bug which caused some authentication cookies to expire too soon if AUTHENTICATION_COOKIE_LIFETIME is non-zero. (LP: #1257112) - Fixed a possible TypeError in bin/sync_members introduced in 2.1.17. (LP: #1243343) Miscellaneous - Added to the contrib directory, a script from Alain Williams to count posts in a list's archive. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: OpenPGP digital signature URL: From misterbhatt at gmail.com Sun Apr 20 16:57:16 2014 From: misterbhatt at gmail.com (Amit Bhatt) Date: Sun, 20 Apr 2014 20:27:16 +0530 Subject: [Mailman-Users] Delivery failure from mailing list Message-ID: <142D4427D53442C6A486B162C2579917@adminPC> All the subscribers of my mailing list are unable to post the messages and getting the below error in return: The service provider is not being able to get the solution, any advise from anyone? This message was created automatically by mail delivery software. A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. The following address(es) failed: pipe to |/usr/local/cpanel/3rdparty/mailman/mail/mailman post sayeverything_sayeverything.org generated by sayeverything at sayeverything.org local delivery failed The following text was generated during the delivery attempt: ------ pipe to |/usr/local/cpanel/3rdparty/mailman/mail/mailman post sayeverything_sayeverything.org generated by sayeverything at sayeverything.org ------ Could not exec '/usr/local/cpanel/3rdparty/mailman/mail/mailman' ------ This is a copy of the message, including all the headers. ------ Return-path: Received: from mail-pb0-f49.google.com ([209.85.160.49]:49085) by hwa3.ultrahost.us with esmtps (TLSv1:RC4-SHA:128) (Exim 4.82) (envelope-from ) id 1WbYOq-0007Qr-8m for sayeverything at sayeverything.org; Sat, 19 Apr 2014 09:45:58 -0700 Received: by mail-pb0-f49.google.com with SMTP id jt11so2373073pbb.22 for ; Sat, 19 Apr 2014 09:45:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:from:to:subject:date:mime-version:content-type; bh=A9r8gW5KaDlTuOP5nfFpOUSUu3BjBxTKSXwlt4MwJKg=; b=j/1yGY6DtYBF2zE5Gj8MZ2E0P3g1FGSna1GXLpVXasOAyzDAMn1i43oBownIyYxm/X smKIPT6v5O6jETNiQ7ftdeMSGVrsAThW+6KUrlccgGBFAolT77kdXsQq0hTBBNgoIE2c kKiNDnm7anjIPT/uUUPvFGQ96UJN5DEZhrrSDHF5ncfR0ec/RqK7Maq8v1Cp1bYXnulr VQh5IK6oKjdpYibWymoqW1iD/VG1QGj3W5Z6mrUKyJCjLu9FnW5wxOtBQAupT4iWmlpY e9b70FlCwC7yGeXHNCHAPps9HaiLFfOBplcoJLqp1PzIf7PKyI4oJH+VeL29sjnvFBqx 6bsg== X-Received: by 10.66.148.70 with SMTP id tq6mr28629871pab.56.1397925957183; Sat, 19 Apr 2014 09:45:57 -0700 (PDT) Received: from adminPC ([115.242.99.242]) by mx.google.com with ESMTPSA id oa3sm67153389pbb.15.2014.04.19.09.45.53 for (version=TLSv1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Sat, 19 Apr 2014 09:45:55 -0700 (PDT) Message-ID: <9BDE5953C3834B7B8C104C8CEEC7EDBF at adminPC> From: "Amit Bhatt" To: Subject: Test Date: Sat, 19 Apr 2014 22:16:08 +0530 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_0005_01CF5C1C.F68D0370" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Windows Mail 6.0.6001.18000 X-MimeOLE: Produced By Microsoft MimeOLE V6.1.7601.17609 X-Spam-Status: No, score=-0.8 X-Spam-Score: -7 X-Spam-Bar: / X-Ham-Report: Spam detection software, running on the system "hwa3.ultrahost.us", has identified this incoming email as possible spam. The original message has been attached to this so you can view it (if it isn't spam) or label similar future email. If you have any questions, see root\@localhost for details. Content preview: [...] Content analysis details: (-0.8 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (misterbhatt[at]gmail.com) 0.0 HTML_MESSAGE BODY: HTML included in message -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at http://www.dnswl.org/, low trust [209.85.160.49 listed in list.dnswl.org] X-Spam-Flag: NO This is a multi-part message in MIME format. ------=_NextPart_000_0005_01CF5C1C.F68D0370 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable ------=_NextPart_000_0005_01CF5C1C.F68D0370 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable
    =
------=_NextPart_000_0005_01CF5C1C.F68D0370-- From mark at msapiro.net Sun Apr 20 19:50:13 2014 From: mark at msapiro.net (Mark Sapiro) Date: Sun, 20 Apr 2014 10:50:13 -0700 Subject: [Mailman-Users] Delivery failure from mailing list In-Reply-To: <142D4427D53442C6A486B162C2579917@adminPC> References: <142D4427D53442C6A486B162C2579917@adminPC> Message-ID: <535408D5.7060402@msapiro.net> On 04/20/2014 07:57 AM, Amit Bhatt wrote: > All the subscribers of my mailing list are unable to post the messages and getting the below error in return: > The service provider is not being able to get the solution, any advise from anyone? ... > Could not exec '/usr/local/cpanel/3rdparty/mailman/mail/mailman' There is some problem with the cPanel Mailman installation on the host server that is preventing execution of the /usr/local/cpanel/3rdparty/mailman/mail/mailman wrapper for delivery of mail to Mailman. Only the hosting service can resolve this. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From fmouse at fmp.com Sun Apr 20 20:33:58 2014 From: fmouse at fmp.com (Lindsay Haisley) Date: Sun, 20 Apr 2014 13:33:58 -0500 Subject: [Mailman-Users] Delivery failure from mailing list In-Reply-To: <142D4427D53442C6A486B162C2579917@adminPC> References: <142D4427D53442C6A486B162C2579917@adminPC> Message-ID: <1398018838.11339.285.camel@pudina.fmp.com> On Sun, 2014-04-20 at 20:27 +0530, Amit Bhatt wrote: > Could not exec '/usr/local/cpanel/3rdparty/mailman/mail/mailman' This should be a simple exercise in basic Linux system administration, and someone at your hosting service, even a novice or an intern, should be able to figure it out What user does the process attempting to execute IPC run as? What are the permissions of /usr/local/cpanel/3rdparty/mailman/mail/mailman, and what is the relationship to these permissions of the process trying to do IPC? It should be noted that Mailman makes more use of group execute permissions that a lot of packages, and in building and installing Mailman, it's important to set --with-mail-gid appropriately when running the configure script. The result of a mismatch here is a permissions failure, but the last time I made this mistake I _did_ get a fairly explanatory bunch of error messages posted to the mail log. If you're working via cPanel then you obviously don't have administrative access to the system, but surely _someone_ with your hosting service has enough basic Unix/Linux systems knowledge to figure this out in rather short order. -- Lindsay Haisley | "Everything works if you let it" FMP Computer Services | 512-259-1190 | --- The Roadie http://www.fmp.com | From misterbhatt at gmail.com Mon Apr 21 12:56:59 2014 From: misterbhatt at gmail.com (Amit Bhatt) Date: Mon, 21 Apr 2014 16:26:59 +0530 Subject: [Mailman-Users] Can I remove a particular archive from the list? Message-ID: As a list administrator, do I have any option to remove any particular post from the archive of all messages? Please share how to do this. Thanks, Amit Bhatt From jsetton at waycast.com Mon Apr 21 13:50:18 2014 From: jsetton at waycast.com (Jacques Setton) Date: Mon, 21 Apr 2014 13:50:18 +0200 Subject: [Mailman-Users] 'Undelivered Mail Returned to Sender' error when using an e-mail from a domain co-hosted with the one used for Mailman lists Message-ID: Hi, After completely abandoning the use of a Plesk based Linux package (see previous discussions ), I have been able to successfully deploy Mailman lists on a Webmin/Postfix/Dovecot Linux package. All mailman lists functions & features work well on the later system except in one specific case. When I try to subscribe to a list (say ?Mailman?) using an e-mail address based on a virtual domain (say ?domain.net?) which is co-hosted with the default virtual domain used for Mailman lists (say ?domain.org?), I immediately get an ?Undelivered Mail Returned to Sender? error as depicted below : -------------------------------------------------------------------- De : Jacques Setton [mailto:jsetton at domain.net] Envoy? : lundi 21 avril 2014 8:00 ? : 'mailman-request at domain.org' Objet : RE: confirm c36ad7639824b608c00b962a9afa76e2ccf006d1 De : MAILER-DAEMON (Mail Delivery System) [mailto:MAILER-DAEMON (Mail Delivery System)] Envoy? : lundi 21 avril 2014 8:00 ? : jsetton at domain.net Objet : Undelivered Mail Returned to Sender This is the mail system at host vps12345.ovh.net. I'm sorry to have to inform you that your message could not be delivered to one or more recipients. It's attached below. For further assistance, please send mail to postmaster. If you do so, please include this problem report. You can delete your own text from the attached returned message. The mail system : user unknown Attached error file details Reporting-MTA: dns; vps12345.ovh.net X-Postfix-Queue-ID: 9F72D11C00A X-Postfix-Sender: rfc822; jsetton at domain.net Arrival-Date: Mon, 21 Apr 2014 08:00:16 +0200 (CEST) Final-Recipient: rfc822; mailman-request at domain.org Original-Recipient: rfc822;mailman-request at domain.org Action: failed Status: 5.1.1 Diagnostic-Code: x-unix; user unknown --------------------------------------------------------------------- The 1st mail was sent to confirm the subscription to a list. The second mail is the response received in return, indicating that the mailman specified address was unknown. The attached error report follow thereafter. The collocated virtual domains labeled ?domain.org? and ?domain.net? are hosted on the same physical server ?vps12345 at ovh.net?, sharing a common IP address. Would such behavior be related to a bad or incomplete definition of the ?mydestination? / ?myorigin? parameters in the Postfix ?main.cf? file ? Here is an excerpt of the related values produced by the ?postconf ?n? command line : ---------------------------------------------------------------------- [ ] mydestination = localhost.$mydomain, localhost, localhost.localdomain mydomain = localdomain myhostname = vps12345.ovh.net mynetworks = 127.0.0.0/8 myorigin = $mydomain [ ] unknown_local_recipient_reject_code = 550 [ ] ------------------------------------------------------------------------ If not, what else could cause such failure ? Thanks for any feedback / help on this issue - - - Jacques Setton jsetton at waycast.com From Richard at Damon-Family.org Mon Apr 21 14:06:40 2014 From: Richard at Damon-Family.org (Richard Damon) Date: Mon, 21 Apr 2014 08:06:40 -0400 Subject: [Mailman-Users] Can I remove a particular archive from the list? In-Reply-To: References: Message-ID: <535509D0.3090201@Damon-Family.org> On 4/21/14, 6:56 AM, Amit Bhatt wrote: > As a list administrator, do I have any option to remove any particular > post from the archive of all messages? > Please share how to do this. > > Thanks, > > Amit Bhatt Not through the Web interface. I believe if you have *server* admin level access, you can edit the mbox file holding the messages, remove the message, and regenerate the archives. -- Richard Damon From stephen at xemacs.org Mon Apr 21 16:03:58 2014 From: stephen at xemacs.org (Stephen J. Turnbull) Date: Mon, 21 Apr 2014 23:03:58 +0900 Subject: [Mailman-Users] Can I remove a particular archive from the list? In-Reply-To: <535509D0.3090201@Damon-Family.org> References: <535509D0.3090201@Damon-Family.org> Message-ID: <87ppkard81.fsf@uwakimon.sk.tsukuba.ac.jp> Richard Damon writes: > On 4/21/14, 6:56 AM, Amit Bhatt wrote: > > As a list administrator, do I have any option to remove any particular > > post from the archive of all messages? > > Please share how to do this. > > > > Thanks, > > > > Amit Bhatt > > Not through the Web interface. I believe if you have *server* admin > level access, you can edit the mbox file holding the messages, remove > the message, and regenerate the archives. Yes, that's exactly the procedure. However, this will cause all posts after that message to change URLs. You have some hope of preserving URLs (which may have been communicated as references on the mailing list or in private mail, etc) if you edit the mail in the mbox file, substituting a fake address in the Unix From line that starts a message, removing all but the required From, Date, and Message-Id header fieldss and substituting a fake name and address in From and a local id in Message-Id, and replacing the entire message body with the sentence "This message was removed by the administrator". Then regenerate the archives. This could actually be automated fairly easily I suppose, but I don't know if it's a great idea. From jon.1234 at hotmail.co.uk Mon Apr 21 16:44:48 2014 From: jon.1234 at hotmail.co.uk (Jon 1234) Date: Mon, 21 Apr 2014 15:44:48 +0100 Subject: [Mailman-Users] Can I remove a particular archive from the list? In-Reply-To: References: Message-ID: > Date: Mon, 21 Apr 2014 16:26:59 +0530 > From: misterbhatt at gmail.com > > As a list administrator, do I have any option to remove any particular > post from the archive of all messages? > Please share how to do this. > > Thanks, > > Amit Bhatt I used the instructions in the FAQ a while back, which worked fine: http://wiki.list.org/pages/viewpage.action?pageId=4030681 Best wishes Jon From joemailgroups at gmail.com Wed Apr 23 02:03:19 2014 From: joemailgroups at gmail.com (Joe) Date: Tue, 22 Apr 2014 17:03:19 -0700 Subject: [Mailman-Users] Newsreader access. Message-ID: <03563E20-6A9F-4AA0-BEBF-CCC42BA1CFF2@gmail.com> Hi, everyone. Can Mailman be set-up for newsreader access ? I would like to allow users to access the mailing lists I host using a newsreader instead of the conventional e-mail method. How complicated is it to set-up Mailman so that users can access it this way ? Will I need to configure my server for this or is the configuration restricted to the Mailman administrative interface ? Thank you in advance of your help and replies. Joe. From mark at msapiro.net Wed Apr 23 02:09:40 2014 From: mark at msapiro.net (Mark Sapiro) Date: Tue, 22 Apr 2014 17:09:40 -0700 Subject: [Mailman-Users] Newsreader access. In-Reply-To: <03563E20-6A9F-4AA0-BEBF-CCC42BA1CFF2@gmail.com> References: <03563E20-6A9F-4AA0-BEBF-CCC42BA1CFF2@gmail.com> Message-ID: <535704C4.5020002@msapiro.net> On 04/22/2014 05:03 PM, Joe wrote: > > How complicated is it to set-up Mailman so that users can access it this way ? Will I need to configure my server for this or is the configuration restricted to the Mailman administrative interface ? You need to create a newsgroup on an nntp server somewhere. This can be the Mailman server or not. Then you can use the list's web admin Mail<->News gateways section to configure your list to send posts to your newsgroup, and your users can read the newsgroup. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From misterbhatt at gmail.com Wed Apr 23 05:50:10 2014 From: misterbhatt at gmail.com (Amit Bhatt) Date: Wed, 23 Apr 2014 09:20:10 +0530 Subject: [Mailman-Users] Mails are not reaching via mailing list..... Message-ID: As I have been writing for last couple of days that we are facing some problem with our mailing list such as delivery failure, not showing the list in public listing etc. Thanks to those who provided me the solution and I have told my service provider to follow them. Conciquently the above issues got resolved but now there is no delivery failure returning to the sender, however, none of the post or E-mail sent by any subscriber is not reaching across the list. Means we are not receiving any mail what so ever sent by the other members. Please advice. Thanks, Amit Bhatt From mark at msapiro.net Wed Apr 23 05:56:40 2014 From: mark at msapiro.net (Mark Sapiro) Date: Tue, 22 Apr 2014 20:56:40 -0700 Subject: [Mailman-Users] Mails are not reaching via mailing list..... In-Reply-To: References: Message-ID: <535739F8.3060106@msapiro.net> On 04/22/2014 08:50 PM, Amit Bhatt wrote: > > Thanks to those who provided me the solution and I have told my > service provider to follow them. Conciquently the above issues got > resolved but now there is no delivery failure returning to the sender, > however, none of the post or E-mail sent by any subscriber is not > reaching across the list. Means we are not receiving any mail what so > ever sent by the other members. You will need to resolve these issues with your hosting service. Only the hosting service has access to the logs and other information needed to resolve this. You can refer them to the FAQ at or to this list if they can't figure it out. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From fcocquyt at stanford.edu Wed Apr 23 18:04:28 2014 From: fcocquyt at stanford.edu (Fletcher Cocquyt) Date: Wed, 23 Apr 2014 16:04:28 +0000 (UTC) Subject: [Mailman-Users] One list repeatedly sends moderator requests for old already moderated messages Message-ID: Hi, We have one list where the moderator daily receives moderation requests for the same 4 messages from 3 months ago. They have already been moderated (discarded) months ago. Is this a known issue? Is there a solution? (mailman v 2.1.9) thanks! From toml at engr.orst.edu Wed Apr 23 22:58:00 2014 From: toml at engr.orst.edu (Tom Lieuallen) Date: Wed, 23 Apr 2014 13:58:00 -0700 Subject: [Mailman-Users] DMARC and Bellsouth, etc. In-Reply-To: <534EF4B1.3020309@msapiro.net> References: <1397656709.18445.23.camel@pudina.fmp.com> <534E9842.60504@msapiro.net> <0FF72167-1BBF-4391-AB7F-0E46BF171E6B@bellsouth.net> <21326.51159.958885.304659@uwakimon.sk.tsukuba.ac.jp> <534EE84A.8050801@engr.orst.edu> <534EF4B1.3020309@msapiro.net> Message-ID: <53582958.6080703@engr.orst.edu> The wiki page looks great and thank you for the other replies. thank you Tom Lieuallen On 4/16/14, 2:22 PM, Mark Sapiro wrote: > On 04/16/2014 01:30 PM, Tom Lieuallen wrote: >> >> Thank you very much for the summary of solutions. I was about to >> suggest/request it. It may be helpful to add to the wiki as it seems >> quite important and complicated. I'd be interested in more mails like >> this, helping those of us move forward and alleviate the issues. > > > I just updated . What do you think? > > >> Lindsay Haisley also suggested: >> >> "What I'm advising list admins here, which puts a band-aid on the >> problem, is to put all yahoo.com subscribers on moderation, effectively >> making them read-only subscriptions. Also go through your membership >> list and clear any nomail disablements with a "[B]" beside them." >> >> Is there any way to make these changes with a script, or would one have >> to do it manually? > > > See . > > >> I'm also curious if the spam options (header_filter_rules or >> bounce_matching_headers) might be options to catch inbound messages from >> yahoo. > > > Either could be used but bounce_matching_headers is deprecated in favor > of header_filter_rules. > From drew.tenenholz at isid.org Thu Apr 24 00:37:46 2014 From: drew.tenenholz at isid.org (Drew Tenenholz) Date: Wed, 23 Apr 2014 18:37:46 -0400 Subject: [Mailman-Users] Urgent List Migration/Transfer - Need some help Message-ID: All -- I need to move my existing Mailman system to a new AWS Server ASAP and could use some advice. The current server works just fine, the current problem is that the network it is on has been attacked, and the higher ups at IT have shut off all mail communication (in or out) to the internet. So, someone not familiar with Mailman at all has this idea of moving the entire setup (lists, subscribers, any messages in the queues would be great) to a AWS instance. They have already gotten underway by .tar-ring var/lib/mailman/ and think they can simply unpack this. I'm sure that isn't going to work. I know there is migration documentation in the Wiki & archives But would like to clarify that this information is up-to-date for our install (Mailman 2.1.9 --> ?? presumably the same or even a newer and better version). I don't even have access tot he new server yet, so I can't comment on it's specs....sorry to be in a bit of a panic, it's really just other folks making this into an emergency. Thanks for any help offered (including those who would like to get paid to do the work)., Drew Tenenholz From mark at msapiro.net Thu Apr 24 01:28:55 2014 From: mark at msapiro.net (Mark Sapiro) Date: Wed, 23 Apr 2014 16:28:55 -0700 Subject: [Mailman-Users] One list repeatedly sends moderator requests for old already moderated messages In-Reply-To: References: Message-ID: <53584CB7.2000708@msapiro.net> On 04/23/2014 09:04 AM, Fletcher Cocquyt wrote: > Hi, > We have one list where the moderator daily receives moderation requests for > the same 4 messages from 3 months ago. They have already been moderated > (discarded) months ago. > > Is this a known issue? Is there a solution? > (mailman v 2.1.9) See the FAQ at . -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From mark at msapiro.net Thu Apr 24 02:21:24 2014 From: mark at msapiro.net (Mark Sapiro) Date: Wed, 23 Apr 2014 17:21:24 -0700 Subject: [Mailman-Users] Urgent List Migration/Transfer - Need some help In-Reply-To: References: Message-ID: <53585904.3030701@msapiro.net> On 04/23/2014 03:37 PM, Drew Tenenholz wrote: > > But would like to clarify that this information is up-to-date for our install (Mailman 2.1.9 --> ?? presumably the same or even a newer and better version). It's probably fine, but assuming the new server has a Mailman 2.1.9 or newer actually installed and working, here's the procedure I would follow: On the new server, untar your tarball somewhere aside. 'cp -a' all of the directories in the tarball's var/lib/mailman/lists/ directory to the corresponding Mailman list's directory which may have a different path. likewise all the var/lib/mailman/archives/private/*.mbox/ directories. Each of these LISTNAME.mbox directories should contain a single LISTNAME.mbox file which is the cumulative archive mbox for the list. You can rebuild the a list's archive with 'bin/arch --wipe LISTNAME'. This may be preferable to copying all of archives/private because there are URLs in the HTML archive that may have the wrong host name. If not, you can copy the whole archives/private directory and skip the rebuild. If some lists are very old, it's a good idea to check the mbox files with bin/cleanarch before running bin/arch. It is not necessary or advisable to copy archives/public as this contains only symlinks and Mailman continuously (each time the list is saved) sets or removes those as appropriate for public/private archive settings. Its better not to try to copy archives/public/* because it's not necessary and if your tar followed symlinks you will be restoring files and your public archive will forever more consist of only those files. You also have to deal with aliases for mail delivery. Depending on the new installation, bin/genaliases may be needed or nothing or some manual updates, but bin/genaliases will tell you about those. Also, be sure to run bin/check_perms. This is usually needed. The above will move the lists and archives. If you're concerned about held messages, shunted messages, etc. you could look at the data/ and qfiles/shunt directories, although they may not even be in your tarball depending on paths in the installation you're coming from. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From rclemings at gmail.com Thu Apr 24 04:16:36 2014 From: rclemings at gmail.com (Russell Clemings) Date: Wed, 23 Apr 2014 19:16:36 -0700 Subject: [Mailman-Users] Yahoo's DMARC and Mailman 2.17 Message-ID: I'm afraid I'm not much of a Python programmer so I will post this as a suggestion and hope it's easy enough to do so that someone will pick it up. (Or should I post it to the developers' list? I don't subscribe to it though so I'm not familiar with the culture there.) I've just upgraded cPanel to take advantage of Mailman 2.1.17's "from_is_list" feature and it works great except for one thing. If the poster has not filled out the "name" field in his/her MUA (i.e., if the From field says just "email at example.com" instead of "Your Name Here < email at example.com>"), then the munged From field reads "via Listname" instead of "Your Name Here via Listname." If I'm reading the code right, it looks as if the munging occurs at line 132 of CookHeders.py: formataddr(('%s via %s' % (realname, mlist.real_name), I'd like to make a humble feature request as follows: 1. Check whether the From field has a name and email address or just an email address (i.e., whether "realname" is an empty string). 2. If it has a name and email address, go ahead and munge it as it is done now: formataddr(('%s via %s' % (realname, mlist.real_name), 3. If there is only an email address, have it use the email address (or maybe just the local part?) instead: formataddr(('%s via %s' % (email, mlist.real_name), The "realname" and "email" variables appear to come from line 120: realname, email = parseaddr(msg['from']) Does that sound reasonable? This would be useful to me because I'm using Drupal (Mailhandler and Feeds) to archive some lists and I populate the "Submitted by" line with the From field. So whereas it usually says "Submitted by Your Name Here via Listname," it just says "Submitted by via Listname" if the user didn't fill out the MUA's name field. From mark at msapiro.net Thu Apr 24 05:08:09 2014 From: mark at msapiro.net (Mark Sapiro) Date: Wed, 23 Apr 2014 20:08:09 -0700 Subject: [Mailman-Users] Yahoo's DMARC and Mailman 2.17 In-Reply-To: References: Message-ID: <53588019.5020006@msapiro.net> On 04/23/2014 07:16 PM, Russell Clemings wrote: > > If the poster has not filled out the "name" field in his/her MUA (i.e., if > the From field says just "email at example.com" instead of "Your Name Here < > email at example.com>"), then the munged From field reads "via Listname" > instead of "Your Name Here via Listname." This is fixed in 2.1.18rc1. 2.1.18rc2 is released and is better than 2.1.17 for this and and a few unrelated bug fixes, but I'm working on another patch for and there will shortly be a 2.1.18rc3. Here's the code in CookHeaders.py. Sorry for the wrapping. if (msgdata.get('from_is_list') or mlist.from_is_list) and not fasttrack: realname, email = parseaddr(msg['from']) if not realname: if mlist.isMember(email): realname = mlist.getMemberName(email) or email else: realname = email # Remove domain from realname if it looks like an email address realname = re.sub(r'@([^ .]+\.)+[^ .]+$', '---', realname) change_header('From', formataddr(('%s via %s' % (realname, mlist.real_name), mlist.GetListEmail())), This takes first, the display name from the From: header. If none and the address is a list member with a real name, use that, and finally fall back to the local part of the email address with 3 dashes appended. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From rclemings at gmail.com Thu Apr 24 05:19:53 2014 From: rclemings at gmail.com (Russell Clemings) Date: Wed, 23 Apr 2014 20:19:53 -0700 Subject: [Mailman-Users] Yahoo's DMARC and Mailman 2.17 In-Reply-To: <53588019.5020006@msapiro.net> References: <53588019.5020006@msapiro.net> Message-ID: I should have known you'd already have caught this. Thanks. I'll see if I can apply it to 2.1.17 for now. Cpanel hasn't picked up 2.1.18 yet (and in fact still has 2.1.15 in its stable versions). rac On Wed, Apr 23, 2014 at 8:08 PM, Mark Sapiro wrote: > On 04/23/2014 07:16 PM, Russell Clemings wrote: > > > > If the poster has not filled out the "name" field in his/her MUA (i.e., > if > > the From field says just "email at example.com" instead of "Your Name Here > < > > email at example.com>"), then the munged From field reads "via Listname" > > instead of "Your Name Here via Listname." > > > This is fixed in > 2.1.18rc1. 2.1.18rc2 is released and is better than 2.1.17 for this and > and a few unrelated > bug fixes, but I'm working on another patch for > and there will shortly > be a 2.1.18rc3. > > Here's the code in CookHeaders.py. Sorry for the wrapping. > > if (msgdata.get('from_is_list') or mlist.from_is_list) and not > fasttrack: > realname, email = parseaddr(msg['from']) > if not realname: > if mlist.isMember(email): > realname = mlist.getMemberName(email) or email > else: > realname = email > # Remove domain from realname if it looks like an email address > realname = re.sub(r'@([^ .]+\.)+[^ .]+$', '---', realname) > change_header('From', > formataddr(('%s via %s' % (realname, > mlist.real_name), > mlist.GetListEmail())), > > This takes first, the display name from the From: header. If none and > the address is a list member with a real name, use that, and finally > fall back to the local part of the email address with 3 dashes appended. > > -- > Mark Sapiro The highway is for gamblers, > San Francisco Bay Area, California better use your sense - B. Dylan > ------------------------------------------------------ > Mailman-Users mailing list Mailman-Users at python.org > https://mail.python.org/mailman/listinfo/mailman-users > Mailman FAQ: http://wiki.list.org/x/AgA3 > Security Policy: http://wiki.list.org/x/QIA9 > Searchable Archives: > http://www.mail-archive.com/mailman-users%40python.org/ > Unsubscribe: > https://mail.python.org/mailman/options/mailman-users/rclemings%40gmail.com > From fcocquyt at stanford.edu Thu Apr 24 06:26:52 2014 From: fcocquyt at stanford.edu (Fletcher Cocquyt) Date: Thu, 24 Apr 2014 04:26:52 +0000 (UTC) Subject: [Mailman-Users] One list repeatedly sends moderator requests for old already moderated messages References: <53584CB7.2000708@msapiro.net> Message-ID: Mark Sapiro msapiro.net> writes: > > On 04/23/2014 09:04 AM, Fletcher Cocquyt wrote: > > Hi, > > We have one list where the moderator daily receives moderation requests for > > the same 4 messages from 3 months ago. They have already been moderated > > (discarded) months ago. > > > > Is this a known issue? Is there a solution? > > (mailman v 2.1.9) > > See the FAQ at . > Yep - I was probably one google keyword from getting this FAQ hit turns a colleague made a few clones of the production mailman VM (for HA testing) and this was a side effect thanks! PS: #GOSHARKS ! From mark at msapiro.net Thu Apr 24 07:01:16 2014 From: mark at msapiro.net (Mark Sapiro) Date: Wed, 23 Apr 2014 22:01:16 -0700 Subject: [Mailman-Users] 'Undelivered Mail Returned to Sender' error when using an e-mail from a domain co-hosted with the one used for Mailman lists In-Reply-To: References: Message-ID: <53589A9C.4070802@msapiro.net> On 04/21/2014 04:50 AM, Jacques Setton wrote: > > All mailman lists functions & features work well on the later system except > in one specific case. When I try to subscribe to a list (say ?Mailman?) > using an e-mail address based on a virtual domain (say ?domain.net?) which > is co-hosted with the default virtual domain used for Mailman lists (say > ?domain.org?), I immediately get an ?Undelivered Mail Returned to Sender? > error as depicted below : ... > De : MAILER-DAEMON (Mail Delivery System) [mailto:MAILER-DAEMON (Mail > Delivery System)] > > Envoy? : lundi 21 avril 2014 8:00 > > ? : jsetton at domain.net > > Objet : Undelivered Mail Returned to Sender > > This is the mail system at host vps12345.ovh.net. > > I'm sorry to have to inform you that your message could not be delivered to > one or more recipients. It's attached below. > > For further assistance, please send mail to postmaster. > > If you do so, please include this problem report. You can delete your own > text from the attached returned message. > > The mail system > > : user unknown Is the problem perhaps that the address in the confirmation should be mailman-request at domain.net instead of mailman-request at domain.org?. If so, see the FAQ at . Or maybe just set the host_name attribute on the list's General Options page to domain.net. > Attached error file details > > Reporting-MTA: dns; vps12345.ovh.net > > X-Postfix-Queue-ID: 9F72D11C00A Post the results of grepping your maillog for 9F72D11C00A > X-Postfix-Sender: rfc822; jsetton at domain.net > > Arrival-Date: Mon, 21 Apr 2014 08:00:16 +0200 (CEST) > > Final-Recipient: rfc822; mailman-request at domain.org > > Original-Recipient: rfc822;mailman-request at domain.org > > Action: failed Status: 5.1.1 > > Diagnostic-Code: x-unix; user unknown > > --------------------------------------------------------------------- > > > > The 1st mail was sent to confirm the subscription to a list. The second mail > is the response received in return, indicating that the mailman specified > address was unknown. The attached error report follow thereafter. > > > > The collocated virtual domains labeled ?domain.org? and ?domain.net? are > hosted on the same physical server ?vps12345 at ovh.net?, sharing a common IP > address. > > > > Would such behavior be related to a bad or incomplete definition of the > ?mydestination? / ?myorigin? parameters in the Postfix ?main.cf? file ? Probably not. It depends on how postfix is delivering to Mailman. Are you using aliases and virtual alias maps or some alternate transport? > Here is an excerpt of the related values produced by the ?postconf ?n? > command line : What's the rest of postconf -n? See and . Have you configured Postfix this way or some other way? -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From mark at msapiro.net Thu Apr 24 07:19:49 2014 From: mark at msapiro.net (Mark Sapiro) Date: Wed, 23 Apr 2014 22:19:49 -0700 Subject: [Mailman-Users] 'Undelivered Mail Returned to Sender' error when using an e-mail from a domain co-hosted with the one used for Mailman lists In-Reply-To: <53589A9C.4070802@msapiro.net> References: <53589A9C.4070802@msapiro.net> Message-ID: <53589EF5.6090205@msapiro.net> On 04/23/2014 10:01 PM, Mark Sapiro wrote: > > Is the problem perhaps that the address in the confirmation should be > mailman-request at domain.net instead of mailman-request at domain.org?. > > If so, see the FAQ at . > > Or maybe just set the host_name attribute on the list's General Options > page to domain.net. Ignore the above portion of my prior reply. I wasn't paying enough attention to what the actual issue was. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From barry at list.org Thu Apr 24 16:19:38 2014 From: barry at list.org (Barry Warsaw) Date: Thu, 24 Apr 2014 10:19:38 -0400 Subject: [Mailman-Users] ANNOUNCE: The GNU Mailman 3 suite, beta 1 preview Message-ID: <20140424101938.0efc11d4@anarchist.wooz.org> Hello Mailman enthusiasts! Time and motion Wind and sun and rain Days connect like boxcars in a train Another Pycon has come and gone and with it, another fantastic sprint among the core developers. We accomplished quite a bit, and now we'd like to share the results with you. On behalf of the Mailman development team, I am happy to announce the first beta release of the full Mailman 3 suite. This release includes: * Postorius 1.0.0b1 (Year of the Parrot), our new Django-based web user interface for list owners and list members. * HyperKitty 1.0.0b1, the fantastic new Django-based archiver. * Mailman Core 3.0b4 (Time and Motion), the mailing list engine and administrative REST API. * The mailman-bundler package 3.0b1, a helpful buildout-based tool for putting it all together. We're very excited to finally be able to announce this preview of the entire suite of tools, and we hope you'll give it a try. As with any beta software, we give a word of caution should you be adventurous enough to want to try it in production. There are surely bugs and missing features, but we feel confident enough to encourage you to play with the system and provide us with feedback, bug reports, suggestions, and above all, contributions! Each project is separately downloadable from the Python Cheeseshop, and links are provided below. Perhaps the best way to begin is to grab the bundler, unpack it and, follow the directions included in the bundle. It should work on most modern *nixes with Python 2.7. You can download the bundler tarball from: https://pypi.python.org/pypi/mailman-bundler/3.0b1 See below for links to the individual project pages, bug report packages, and package documentation. The best place to discuss Mailman 3 is on the mailman-developers mailing list, or on IRC via the freenode #mailman channel. Enjoy! -Barry (On behalf of the entire GNU Mailman development team) P.S. My personal, deepest thanks to Florian, Terri, Aur?lien, Mark, John, and Piotr for coming to Pycon, working hard and joyfully at the sprints, sharing friendly meals and tea shop excursions, and to Steve who wasn't able to make it in person, and also to all the contributors to the project who make the code better and the community an honor to be a part of. Postorius project - https://launchpad.net/postorius bugs - https://bugs.launchpad.net/postorius download - https://pypi.python.org/pypi/postorius/1.0.0b1 docs - http://pythonhosted.org//postorius/ HyperKitty project - https://fedorahosted.org/hyperkitty/ bugs - https://fedorahosted.org/hyperkitty/report download - https://pypi.python.org/pypi/HyperKitty/1.0 docs - https://hyperkitty.readthedocs.org/en/latest/ Core project - https://launchpad.net/mailman bugs - https://bugs.launchpad.net/mailman/+bugs?field.tag=mailman3 download - https://pypi.python.org/pypi/mailman/3.0.0b4 docs - http://pythonhosted.org/mailman/ Bundler project - https://launchpad.net/mailman-bundler bugs - https://bugs.launchpad.net/mailman-bundler download - https://pypi.python.org/pypi/mailman-bundler/3.0b1 docs - README.rst (in the unpacked tarball) -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: not available URL: From al-black at telus.net Thu Apr 24 18:22:46 2014 From: al-black at telus.net (Al Black) Date: Thu, 24 Apr 2014 10:22:46 -0600 Subject: [Mailman-Users] aol fyi Message-ID: Hey gang, For all those keeping track on DMARC aol has changed its DMARC settings to reject: http://postmaster-blog.aol.com/2014/04/22/aol-mail-updates-dmarc-policy-to-reject/ al From jimpop at gmail.com Thu Apr 24 18:37:57 2014 From: jimpop at gmail.com (Jim Popovitch) Date: Thu, 24 Apr 2014 12:37:57 -0400 Subject: [Mailman-Users] aol fyi In-Reply-To: References: Message-ID: On Thu, Apr 24, 2014 at 12:22 PM, Al Black wrote: > Hey gang, > > For all those keeping track on DMARC aol has changed its DMARC settings to reject: > http://postmaster-blog.aol.com/2014/04/22/aol-mail-updates-dmarc-policy-to-reject/ This makes sense for them because they hardly have any active users left. :-) -Jim P. From cgtyoder at alum.mit.edu Thu Apr 24 21:13:33 2014 From: cgtyoder at alum.mit.edu (Conrad G T Yoder) Date: Thu, 24 Apr 2014 15:13:33 -0400 Subject: [Mailman-Users] aol fyi In-Reply-To: References: Message-ID: <27454ADE-9AFA-4E5D-A75A-4DDB55A7FBA5@alum.mit.edu> On Apr 24, 2014, at 12:22 PM, Al Black wrote: > Hey gang, > > For all those keeping track on DMARC aol has changed its DMARC settings to reject: > http://postmaster-blog.aol.com/2014/04/22/aol-mail-updates-dmarc-policy-to-reject/ I was exchanging some email with an AOL email admin contact I have, cc?ing the dmarc-help at teamaol.com email referenced in the blog, and ended up getting this msg: > Hi Conrad, > > Thank you for your thoughts. Unfortunately we had to make that decision to curb the amount of spam mail out there. And I am certain that the industry is looking at this very carefully, including other mail providers. And I am sure that they might follow very soon. > > This really means that we have to work together with those mailling list developers and they have to come up with solutions to deal with the new reality out there. > > The IETF and MAAWG working groups are discussing that. You can find more information particularly about mailling lists here:http://dmarc.org/faq.html#s_3 > > I encourage you to also share this with whoever is responsible for maintaining the mail solutions you are using. > > Thanks, > Marcel Becker > Director, AOL Mail Mostly content-free but at least a response from a human. -Conrad From fmouse at fmp.com Thu Apr 24 21:35:29 2014 From: fmouse at fmp.com (Lindsay Haisley) Date: Thu, 24 Apr 2014 14:35:29 -0500 Subject: [Mailman-Users] Gmail and DMARC In-Reply-To: <27454ADE-9AFA-4E5D-A75A-4DDB55A7FBA5@alum.mit.edu> References: <27454ADE-9AFA-4E5D-A75A-4DDB55A7FBA5@alum.mit.edu> Message-ID: <1398368129.26046.90.camel@pudina.fmp.com> I don't know if this was the case before, but Gmail is publishing a DMARC record with p=none. I seem to recall that last week the weren't publishing a DMARC record at all, although I might be mistaken. -- Lindsay Haisley | "Everything works if you let it" FMP Computer Services | 512-259-1190 | --- The Roadie http://www.fmp.com | From mark at msapiro.net Thu Apr 24 21:43:36 2014 From: mark at msapiro.net (Mark Sapiro) Date: Thu, 24 Apr 2014 12:43:36 -0700 Subject: [Mailman-Users] Gmail and DMARC In-Reply-To: <1398368129.26046.90.camel@pudina.fmp.com> References: <27454ADE-9AFA-4E5D-A75A-4DDB55A7FBA5@alum.mit.edu> <1398368129.26046.90.camel@pudina.fmp.com> Message-ID: <53596968.8050106@msapiro.net> On 04/24/2014 12:35 PM, Lindsay Haisley wrote: > I don't know if this was the case before, but Gmail is publishing a > DMARC record with p=none. I seem to recall that last week the weren't > publishing a DMARC record at all, although I might be mistaken. These results are from over a week ago. They are in a draft of a report of research and testing I was doing that was last updated on April 15. _dmarc.gmail.com.: v=DMARC1\; p=none\; rua=mailto:mailauth-reports at google.com _dmarc.googlegroups.com: v=DMARC1\; p=none\; rua=mailto:mailauth-reports at google.com _dmarc.google.com: v=DMARC1\; p=quarantine\; rua=mailto:mailauth-reports at google.com -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From jimpop at gmail.com Thu Apr 24 22:08:13 2014 From: jimpop at gmail.com (Jim Popovitch) Date: Thu, 24 Apr 2014 16:08:13 -0400 Subject: [Mailman-Users] Gmail and DMARC In-Reply-To: <53596968.8050106@msapiro.net> References: <27454ADE-9AFA-4E5D-A75A-4DDB55A7FBA5@alum.mit.edu> <1398368129.26046.90.camel@pudina.fmp.com> <53596968.8050106@msapiro.net> Message-ID: On Thu, Apr 24, 2014 at 3:43 PM, Mark Sapiro wrote: > On 04/24/2014 12:35 PM, Lindsay Haisley wrote: >> I don't know if this was the case before, but Gmail is publishing a >> DMARC record with p=none. I seem to recall that last week the weren't >> publishing a DMARC record at all, although I might be mistaken. > > > These results are from over a week ago. They are in a draft of a report > of research and testing I was doing that was last updated on April 15. > > _dmarc.gmail.com.: v=DMARC1\; p=none\; > rua=mailto:mailauth-reports at google.com > _dmarc.googlegroups.com: v=DMARC1\; p=none\; > rua=mailto:mailauth-reports at google.com > _dmarc.google.com: v=DMARC1\; p=quarantine\; > rua=mailto:mailauth-reports at google.com > GMail's had a p=none for a while now... months. GMail also had an odd hiccup today. I received a ton of bounces because: Apr 24 18:20:59 svr6 postfix/smtp[26753]: 2838F36B12: to= , relay=gmail-smtp-in.l.google.com [74.125.201.109]:25, delay=0.69, delays=0.26/0/0.38/0.05, dsn=5.5.1, status=bounced (host gmail-smtp-in.l.google.com[74.125.201.109] said: 530-5.5.1 Authentication Required. Learn more at 530 5.5.1 http://support.google.com/mail/bin/answer.py?answer=14257 b6sm884241igm.2 - gsmtp (in reply to MAIL FROM command)) So for some period of time, they wanted Mailman to auth as who? :-) -Jim P. From jimpop at gmail.com Thu Apr 24 22:13:09 2014 From: jimpop at gmail.com (Jim Popovitch) Date: Thu, 24 Apr 2014 16:13:09 -0400 Subject: [Mailman-Users] aol fyi In-Reply-To: <27454ADE-9AFA-4E5D-A75A-4DDB55A7FBA5@alum.mit.edu> References: <27454ADE-9AFA-4E5D-A75A-4DDB55A7FBA5@alum.mit.edu> Message-ID: >> This really means that we have to work together with those mailling list developers and they have to come up with solutions to deal with the new reality out there. New reality!? LOL. There's nothing new about fighting spam/phishing emails. AOL just doesn't want to say that they regret laying off their spam fighting group a few years back: https://www.google.com/#q=aol+postmasters+laid+off -Jim P. From sylvain at opensource-expert.com Thu Apr 24 16:37:00 2014 From: sylvain at opensource-expert.com (Sylvain Viart) Date: Thu, 24 Apr 2014 16:37:00 +0200 Subject: [Mailman-Users] #Mailman Message-ID: <5359218C.5080300@opensource-expert.com> Amusing. What the hashtag #mailman stand for? I don't understand any topic, not mailman related at all? Hey, great job for mailman 3! Congrats. Regards, Sylvain. From barry at list.org Thu Apr 24 22:37:41 2014 From: barry at list.org (Barry Warsaw) Date: Thu, 24 Apr 2014 16:37:41 -0400 Subject: [Mailman-Users] #Mailman In-Reply-To: <5359218C.5080300@opensource-expert.com> References: <5359218C.5080300@opensource-expert.com> Message-ID: <20140424163741.2e544ac8@anarchist.wooz.org> On Apr 24, 2014, at 04:37 PM, Sylvain Viart wrote: >What the hashtag #mailman stand for? That's the channel name on the freenode IRC network we use. https://www.freenode.net/ If you don't have a dedicated IRC client, this is a good web-based one I've used often: https://kiwiirc.com/ Cheers, -Barry From jsetton at waycast.com Thu Apr 24 23:27:35 2014 From: jsetton at waycast.com (Jacques Setton) Date: Thu, 24 Apr 2014 23:27:35 +0200 Subject: [Mailman-Users] I : Error message "Bug in Mailman version 2.1.12" when approving a moderated post and selecting "Preserve message for the Administrator"... Message-ID: Hi, I was logged-into Mailman as a moderator and just hit the error message "Bug in Mailman version 2.1.12 - We're sorry, we hit a bug! " The latter was generated when approving a moderated post and concomitantly selecting "Preserve message for the Administrator" - see all the details below. When returning to the approval form screen (back arrow in the navigator) , this time I only approved the post without selecting the "Preserve message for the Administrator" check button. This led to a screen indicating that the approval procedure resumed. As moderator, I later received a copy of the post indicating that sections of it were filtered out, according the rules enforced in the admin section . Would anyone have an idea about the related problem and possible workaround solution ? Thanks for your help - Regards. Jacques Setton jsetton at waycast.com ============================================== Bug in Mailman version 2.1.12 We're sorry, we hit a bug! Please inform the webmaster for this site of this problem. Printing of traceback and other system information has been explicitly inhibited, but the webmaster can find this information in the Mailman error logs. _______________________________________________ Here is a corresponding excerpt of the Mailman Error Log _______________________________________________ Apr 24 22:46:22 2014 admin(10087): @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ admin(10087): [----- Mailman Version: 2.1.12 -----] admin(10087): [----- Traceback ------] admin(10087): Traceback (most recent call last): admin(10087): File "/usr/lib/mailman/scripts/driver", line 112, in run_main admin(10087): main() admin(10087): File "/usr/lib/mailman/Mailman/Cgi/admindb.py", line 165, in main admin(10087): process_form(mlist, doc, cgidata) admin(10087): File "/usr/lib/mailman/Mailman/Cgi/admindb.py", line 716, in process_form admin(10087): forward, forwardaddr) admin(10087): File "/usr/lib/mailman/Mailman/ListAdmin.py", line 167, in HandleRequest admin(10087): forward, addr) admin(10087): File "/usr/lib/mailman/Mailman/ListAdmin.py", line 254, in __handlepost admin(10087): g(msg, 1) admin(10087): AttributeError: Generator instance has no __call__ method admin(10087): [----- Python Information -----] admin(10087): sys.version = 2.6.6 (r266:84292, Jan 22 2014, 09:42:36) [GCC 4.4.7 20120313 (Red Hat 4.4.7-4)] admin(10087): sys.executable = /usr/bin/python admin(10087): sys.prefix = /usr admin(10087): sys.exec_prefix = /usr admin(10087): sys.path = /usr admin(10087): sys.platform = linux2 admin(10087): [----- Environment Variables -----] admin(10087): HTTP_REFERER: https://lists.domain.org/mailman/admindb/lablist admin(10087): SERVER_SOFTWARE: Apache admin(10087): SCRIPT_NAME: /mailman/admindb admin(10087): SERVER_SIGNATURE: admin(10087): REQUEST_METHOD: POST admin(10087): PATH_INFO: /lablist admin(10087): SERVER_PROTOCOL: HTTP/1.1 admin(10087): QUERY_STRING: admin(10087): SSL_TLS_SNI: lists.domain.org admin(10087): CONTENT_LENGTH: 169 admin(10087): HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like Gecko admin(10087): HTTP_CONNECTION: Keep-Alive admin(10087): HTTP_COOKIE: lablist+admin=; mailman+admin=; lablist+user+jsetton--at--waycast.com=; lablist+moderator=2802000000690677595373280000006366333761313332666438323266 3961333537613962376330633335346663346562616265303836 admin(10087): SERVER_NAME: lists.domain.org admin(10087): REMOTE_ADDR: 83.197.22.185 admin(10087): PATH_TRANSLATED: /home/ovh/www/lablist admin(10087): SERVER_PORT: 443 admin(10087): SERVER_ADDR: 37.187.67.136 admin(10087): DOCUMENT_ROOT: /home/ovh/www admin(10087): PYTHONPATH: /usr/lib/mailman admin(10087): SCRIPT_FILENAME: /usr/lib/mailman/cgi-bin/admindb admin(10087): SERVER_ADMIN: postmaster at vps59845.ovh.net admin(10087): HTTP_DNT: 1 admin(10087): HTTP_HOST: lists.domain.org admin(10087): HTTPS: on admin(10087): HTTP_CACHE_CONTROL: no-cache admin(10087): REQUEST_URI: /mailman/admindb/lablist admin(10087): HTTP_ACCEPT: text/html, application/xhtml+xml, */* admin(10087): GATEWAY_INTERFACE: CGI/1.1 admin(10087): REMOTE_PORT: 52302 admin(10087): HTTP_ACCEPT_LANGUAGE: fr-FR admin(10087): CONTENT_TYPE: application/x-www-form-urlencoded admin(10087): HTTP_ACCEPT_ENCODING: gzip, deflate _______________________________________________ From mark at msapiro.net Thu Apr 24 23:54:45 2014 From: mark at msapiro.net (Mark Sapiro) Date: Thu, 24 Apr 2014 14:54:45 -0700 Subject: [Mailman-Users] I : Error message "Bug in Mailman version 2.1.12" when approving a moderated post and selecting "Preserve message for the Administrator"... In-Reply-To: References: Message-ID: <53598825.2040308@msapiro.net> On 04/24/2014 02:27 PM, Jacques Setton wrote: > > admin(10087): File "/usr/lib/mailman/Mailman/ListAdmin.py", line 254, in > __handlepost > > admin(10087): g(msg, 1) > > admin(10087): AttributeError: Generator instance has no __call__ method This is a Python 2.6 incompatibility fixed in Mailman 2.1.13. The fix is at . If RedHat is packaging Mailman 2.1.12 with Python 2.6.6, this is a RedHat issue. See the FAQ at . -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From jsetton at waycast.com Thu Apr 24 23:56:52 2014 From: jsetton at waycast.com (Jacques Setton) Date: Thu, 24 Apr 2014 23:56:52 +0200 Subject: [Mailman-Users] 'Undelivered Mail Returned to Sender' error when using an e-mail from a domain co-hosted with the one used for Mailman lists In-Reply-To: <53589EF5.6090205@msapiro.net> References: <53589A9C.4070802@msapiro.net> <53589EF5.6090205@msapiro.net> Message-ID: >> >> What's the rest of postconf -n? >> See and . >> Have you configured Postfix this way or some other way ? >> The complete output generated by the '# postconf -n' command is appended below. Besides that, I have not configured postfix in any particular way... As previously indicated, Mailman works well with any external Email address, but not with the ones co-hosted on the same physical server... Any idea about what the problem could be ? Jacques Setton jsetton at waycast.com COMPLETE OUTPUT OF "POSTCONF -N" COMMAND __________________________________________ alias_database = hash:/etc/aliases, hash:/etc/mailman/aliases alias_maps = hash:/etc/aliases, hash:/etc/mailman/aliases command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix debug_peer_level = 2 html_directory = no inet_interfaces = all inet_protocols = all local_recipient_maps = unix:passwd.byname mail_owner = postfix mailbox_command = /usr/libexec/dovecot/deliver mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man milter_default_action = accept mydestination = localhost.$mydomain, localhost, localhost.localdomain mydomain = localdomain myhostname = vps39345.ovh.net mynetworks = 127.0.0.0/8 myorigin = $mydomain newaliases_path = /usr/bin/newaliases.postfix non_smtpd_milters = inet:localhost:8891 queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix-2.6.6/README_FILES recipient_delimiter = + sample_directory = /usr/share/doc/postfix-2.6.6/samples sender_canonical_maps = hash:/etc/postfix/sender_canonical sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtpd_milters = inet:localhost:8891 smtpd_recipient_restrictions = check_recipient_access mysql:/etc/postfix/sql/mysql_amavis_in.cf, permit_mynetworks, reject_unauth_destination smtpd_tls_auth_only = yes smtpd_tls_cert_file = /etc/pki/tls/certs/localhost.crt smtpd_tls_key_file = /etc/pki/tls/private/localhost.key smtpd_tls_loglevel = 1 smtpd_tls_security_level = may smtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_tls_cache.db smtpd_tls_session_cache_timeout = 3600s tls_random_source = dev:/dev/urandom transport_maps = hash:/etc/postfix/transport unknown_local_recipient_reject_code = 550 virtual_alias_maps = mysql:/etc/postfix/sql/mysql_virtual_alias_maps.cf, mysql:/etc/postfix/sql/mysql_virtual_alias_domain_maps.cf, mysql:/etc/postfix/sql/mysql_virtual_alias_domain_catchall_maps.cf, mysql:/etc/postfix/sql/mysql_virtual_mailing.cf, hash:/etc/mailman/virtual-mailman virtual_gid_maps = static:101 virtual_mailbox_base = /var/mail/vhosts virtual_mailbox_domains = mysql:/etc/postfix/sql/mysql_virtual_domains_maps.cf virtual_mailbox_maps = mysql:/etc/postfix/sql/mysql_virtual_mailbox_maps.cf, mysql:/etc/postfix/sql/mysql_virtual_alias_domain_mailbox_maps.cf virtual_transport = dovecot virtual_uid_maps = static:500 -----Message d'origine----- De?: Mark Sapiro [mailto:mark at msapiro.net] Envoy??: jeudi 24 avril 2014 07:20 ??: mailman-users at python.org Objet?: Re: [Mailman-Users] 'Undelivered Mail Returned to Sender' error when using an e-mail from a domain co-hosted with the one used for Mailman lists On 04/23/2014 10:01 PM, Mark Sapiro wrote: > > Is the problem perhaps that the address in the confirmation should be > mailman-request at domain.net instead of mailman-request at domain.org?. > > If so, see the FAQ at . > > Or maybe just set the host_name attribute on the list's General > Options page to domain.net. Ignore the above portion of my prior reply. I wasn't paying enough attention to what the actual issue was. >>> OK - JSetton -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From mark at msapiro.net Fri Apr 25 00:54:38 2014 From: mark at msapiro.net (Mark Sapiro) Date: Thu, 24 Apr 2014 15:54:38 -0700 Subject: [Mailman-Users] 'Undelivered Mail Returned to Sender' error when using an e-mail from a domain co-hosted with the one used for Mailman lists In-Reply-To: References: <53589A9C.4070802@msapiro.net> <53589EF5.6090205@msapiro.net> Message-ID: <5359962E.8030206@msapiro.net> On 04/24/2014 02:56 PM, Jacques Setton wrote: > > The complete output generated by the '# postconf -n' command is appended > below. > Besides that, I have not configured postfix in any particular way... > As previously indicated, Mailman works well with any external Email address, > but not with the ones co-hosted on the same physical server... > > Any idea about what the problem could be ? Not until you do as I asked before and post the resulting output from grepping the mail log for the Postfix queue id of a returned message. Based on your prior post, this would be something like grep 9F72D11C00A /var/log/maillog Also it might help to see your transport maps - /etc/postfix/transport -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From sylvain at opensource-expert.com Fri Apr 25 08:40:42 2014 From: sylvain at opensource-expert.com (Sylvain Viart) Date: Fri, 25 Apr 2014 08:40:42 +0200 Subject: [Mailman-Users] #Mailman on twitter In-Reply-To: <20140424163741.2e544ac8@anarchist.wooz.org> References: <5359218C.5080300@opensource-expert.com> <20140424163741.2e544ac8@anarchist.wooz.org> Message-ID: <535A036A.8070203@opensource-expert.com> Hi, Le 24/04/2014 22:37, Barry Warsaw a ?crit : >> What the hashtag #mailman stand for? I know about IRC, thanks. My question was about twitter's related topic found on this #hashtag. https://twitter.com/search?q=%23mailman&src=typd I think it's related to the mail man, or postman, the guy who's deliver the post mail. Not related to opensource software at all. Pretty funny, understandable topics? :-) (for me) Regards, Sylvain. From jsetton at waycast.com Fri Apr 25 12:25:07 2014 From: jsetton at waycast.com (Jacques Setton) Date: Fri, 25 Apr 2014 12:25:07 +0200 Subject: [Mailman-Users] 'Undelivered Mail Returned to Sender' error when using an e-mail from a domain co-hosted with the one used for Mailman lists In-Reply-To: <5359962E.8030206@msapiro.net> References: <53589A9C.4070802@msapiro.net> <53589EF5.6090205@msapiro.net> <5359962E.8030206@msapiro.net> Message-ID: Hello Mark, >> Not until you do as I asked before and post the resulting output from grepping the mail log for the Postfix queue id of a returned message. >> Based on your prior post, this would be something like >> grep 9F72D11C00A /var/log/maillog >> Also it might help to see your transport maps - /etc/postfix/transport >> Postfix 'transport' file content Sorry, but I didn't immediately spot that you were asking for this type of information which I am now enclosing below, as requested : (Reminder : 'domain.org' and 'domain.net' are hosted on the same VPS and 'domain.org' is the virtual domain that has been specified in the 'mm_cfg.py' config file. The declared MTA is 'Postfix'.) 1) Selected Sequence from /var/log/maillog ___________________________________ Apr 21 02:49:55 vps12345 postfix/smtpd[9396]: F030911C008: [details-removed*], sasl_method=PLAIN, sasl_username=j.setton at domain.net Apr 21 02:49:56 vps12345 dovecot: pop3-login: Login: user=, method=PLAIN, rip=83.xxx.xxx.xxx*, lip=37.yyy.yyy.yyy*, mpid=9413 Apr 21 02:49:56 vps12345 postfix/cleanup[9412]: F030911C008: message-id=<001901cf5cfb$994e5cb0$cbeb1610$@domain.net> Apr 21 02:49:56 vps12345 postfix/qmgr[9319]: F030911C008: from=, size=900, nrcpt=1 (queue active) Apr 21 02:49:56 vps12345 dovecot: pop3(j.setton at domain.net): Disconnected: Logged out top=0/0, retr=0/0, del=0/6, size=15209 Apr 21 02:49:56 vps12345 dovecot: pop3-login: Login: user=, method=PLAIN, rip=83.xxx.xxx.xxx*, lip=37.yyy.yyy.yyy*, mpid=9418 Apr 21 02:49:56 vps12345 dovecot: pop3(admin-wiki at domain.net): Disconnected: Logged out top=0/0, retr=0/0, del=0/3, size=21056 Apr 21 02:49:56 vps12345 postfix/smtpd[9419]: connect from localhost.localdomain[127.0.0.1] Apr 21 02:49:56 vps12345 postfix/smtpd[9419]: 9F72D11C00A: client=localhost.localdomain[127.0.0.1] Apr 21 02:49:56 vps12345 postfix/cleanup[9412]: 9F72D11C00A: message-id=<001901cf5cfb$994e5cb0$cbeb1610$@domain.net> Apr 21 02:49:56 vps12345 postfix/qmgr[9319]: 9F72D11C00A: from=, size=1364, nrcpt=1 (queue active) Apr 21 02:49:56 vps12345 amavis[24558]: (24558-09) Passed CLEAN {RelayedInbound}, [83.xxx.xxx.xxx*]:56370 [83.xxx.xxx.xxx*] -> , Message-ID: <001901cf5cfb$994e5cb0$cbeb1610$@domain.net>, mail_id: EMVkrlB1bIaY, Hits: -0.999, size: 866, queued_as: 9F72D11C00A, 462 ms Apr 21 02:49:56 vps12345 postfix/qmgr[9319]: F030911C008: removed Apr 21 02:49:56 vps12345 postfix/smtp[9414]: F030911C008: to=, relay=127.0.0.1[127.0.0.1]:10024, delay=0.73, delays=0.26/0.01/0/0.46, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 9F72D11C00A) Apr 21 02:49:56 vps12345 postfix/smtpd[9419]: disconnect from localhost.localdomain[127.0.0.1] Apr 21 02:49:56 vps12345 dovecot: auth: sql(mailman-request at domain.org): Unknown user Apr 21 02:49:56 vps12345 postfix/pipe[9420]: 9F72D11C00A: to=, relay=dovecot, delay=0.04, delays=0.01/0.01/0/0.02, dsn=5.1.1, status=bounced (user unknown) Apr 21 02:49:56 vps12345 postfix/cleanup[9412]: A866A11C00B: message-id=<20140421004956.A866A11C00B at vps12345.ovh.net> Apr 21 02:49:56 vps12345 postfix/qmgr[9319]: A866A11C00B: from=<>, size=3206, nrcpt=1 (queue active) Apr 21 02:49:56 vps12345 postfix/bounce[9422]: 9F72D11C00A: sender non-delivery notification: A866A11C00B Apr 21 02:49:56 vps12345 postfix/qmgr[9319]: 9F72D11C00A: removed Apr 21 02:49:56 vps12345 dovecot: dict: mysql: Connected to localhost (mail) Apr 21 02:49:56 vps12345 dovecot: lda(j.setton at domain.net): sieve: msgid=<20140421004956.A866A11C00B at vps12345.ovh.net>: stored mail into mailbox 'INBOX' Apr 21 02:49:56 vps12345 postfix/pipe[9420]: A866A11C00B: to=, relay=dovecot, delay=0.04, delays=0.01/0/0/0.04, dsn=2.0.0, status=sent (delivered via dovecot service) Apr 21 02:49:56 vps12345 postfix/qmgr[9319]: A866A11C00B: removed Apr 21 02:49:58 vps12345 postfix/smtpd[9396]: disconnect from [details-removed*] ___________________________________ (*) Details removed from log excerpt for privacy reasons. 2) Postfix 'transport' file content ___________________________________ [root at vps12345 ~]# postmap -s /etc/postfix/transport autoreply.vps12345.ovh.net vacation: [root at vps12345 ~]# ___________________________________ Does the above data details clarify in any way the previously reported issue ? Jacques Setton jsetton at waycast.com -----Message d'origine----- De?: Mark Sapiro [mailto:mark at msapiro.net] Envoy??: vendredi 25 avril 2014 00:55 ??: Jacques Setton Cc?: mailman-users at python.org Objet?: Re: [Mailman-Users] 'Undelivered Mail Returned to Sender' error when using an e-mail from a domain co-hosted with the one used for Mailman lists On 04/24/2014 02:56 PM, Jacques Setton wrote: > > The complete output generated by the '# postconf -n' command is > appended below. > Besides that, I have not configured postfix in any particular way... > As previously indicated, Mailman works well with any external Email > address, but not with the ones co-hosted on the same physical server... > > Any idea about what the problem could be ? Not until you do as I asked before and post the resulting output from grepping the mail log for the Postfix queue id of a returned message. Based on your prior post, this would be something like grep 9F72D11C00A /var/log/maillog Also it might help to see your transport maps - /etc/postfix/transport -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From jsetton at waycast.com Fri Apr 25 13:46:27 2014 From: jsetton at waycast.com (Jacques Setton) Date: Fri, 25 Apr 2014 13:46:27 +0200 Subject: [Mailman-Users] I : Error message "Bug in Mailman version 2.1.12" when approving a moderated post and selecting "Preserve message for the Administrator"... In-Reply-To: <53598825.2040308@msapiro.net> References: <53598825.2040308@msapiro.net> Message-ID: >> This is a Python 2.6 incompatibility fixed in Mailman 2.1.13. The fix is at . Thanks Mark for the pointer to the 1183 fix. For the time being, would it be ok that I replace the existing 'ListAdmin.py' file by a revised one which includes the 2 code-lines changes (actually 3 with the Copyright one) ? I also assume that, after loading the revised file on the server, it would be advisable to then restart (reload) the Mailman service. >> If RedHat is packaging Mailman 2.1.12 with Python 2.6.6, this is a RedHat issue. See the FAQ at . I understand that this is a bundled package provided by our current Cloud provider (OVH). I'd need to check the current contractual statements, but it could be that the duty falls on the customer to maintain the software revisions included in the package supplied by the provider. Hence, it would be helpful to know if I can just apply the above fix for now and then consider (plan for) an upgrade to Mailman 2.1.13+ at a later stage. Thanks for your advice on this preferred approach. - - - Regards, Jacques Setton jsetton at waycast.com -----Message d'origine----- De?: Mark Sapiro [mailto:mark at msapiro.net] Envoy??: jeudi 24 avril 2014 23:55 ??: mailman-users at python.org Objet?: Re: [Mailman-Users] I : Error message "Bug in Mailman version 2.1.12" when approving a moderated post and selecting "Preserve message for the Administrator"... On 04/24/2014 02:27 PM, Jacques Setton wrote: > > admin(10087): File "/usr/lib/mailman/Mailman/ListAdmin.py", line 254, in > __handlepost > > admin(10087): g(msg, 1) > > admin(10087): AttributeError: Generator instance has no __call__ > method This is a Python 2.6 incompatibility fixed in Mailman 2.1.13. The fix is at . If RedHat is packaging Mailman 2.1.12 with Python 2.6.6, this is a RedHat issue. See the FAQ at . -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From jimpop at gmail.com Fri Apr 25 17:54:49 2014 From: jimpop at gmail.com (Jim Popovitch) Date: Fri, 25 Apr 2014 11:54:49 -0400 Subject: [Mailman-Users] Gmail and DMARC In-Reply-To: References: <27454ADE-9AFA-4E5D-A75A-4DDB55A7FBA5@alum.mit.edu> <1398368129.26046.90.camel@pudina.fmp.com> <53596968.8050106@msapiro.net> Message-ID: On Thu, Apr 24, 2014 at 4:08 PM, Jim Popovitch wrote: > On Thu, Apr 24, 2014 at 3:43 PM, Mark Sapiro wrote: >> On 04/24/2014 12:35 PM, Lindsay Haisley wrote: >>> I don't know if this was the case before, but Gmail is publishing a >>> DMARC record with p=none. I seem to recall that last week the weren't >>> publishing a DMARC record at all, although I might be mistaken. >> >> >> These results are from over a week ago. They are in a draft of a report >> of research and testing I was doing that was last updated on April 15. >> >> _dmarc.gmail.com.: v=DMARC1\; p=none\; >> rua=mailto:mailauth-reports at google.com >> _dmarc.googlegroups.com: v=DMARC1\; p=none\; >> rua=mailto:mailauth-reports at google.com >> _dmarc.google.com: v=DMARC1\; p=quarantine\; >> rua=mailto:mailauth-reports at google.com >> > > GMail's had a p=none for a while now... months. > > GMail also had an odd hiccup today. I received a ton of bounces because: > > Apr 24 18:20:59 svr6 postfix/smtp[26753]: 2838F36B12: to= > , relay=gmail-smtp-in.l.google.com > [74.125.201.109]:25, delay=0.69, > delays=0.26/0/0.38/0.05, dsn=5.5.1, status=bounced (host > gmail-smtp-in.l.google.com[74.125.201.109] said: 530-5.5.1 > Authentication Required. Learn more at 530 5.5.1 > http://support.google.com/mail/bin/answer.py?answer=14257 > b6sm884241igm.2 - gsmtp (in reply to MAIL FROM command)) > > So for some period of time, they wanted Mailman to auth as who? :-) OK, that wasn't an odd hiccup, that was/is intentional action by google. Gmail now seems to be bouncing email where From: is another gmail account. Check your bounce logs..... -Jim P. From fmouse at fmp.com Fri Apr 25 18:48:55 2014 From: fmouse at fmp.com (Lindsay Haisley) Date: Fri, 25 Apr 2014 11:48:55 -0500 Subject: [Mailman-Users] Gmail and DMARC In-Reply-To: References: <27454ADE-9AFA-4E5D-A75A-4DDB55A7FBA5@alum.mit.edu> <1398368129.26046.90.camel@pudina.fmp.com> <53596968.8050106@msapiro.net> Message-ID: <1398444535.16099.69.camel@pudina.fmp.com> On Fri, 2014-04-25 at 11:54 -0400, Jim Popovitch wrote: > http://support.google.com/mail/bin/answer.py?answer=14257 > > b6sm884241igm.2 - gsmtp (in reply to MAIL FROM > command)) > > > > So for some period of time, they wanted Mailman to auth as who? :-) > > OK, that wasn't an odd hiccup, that was/is intentional action by > google. Gmail now seems to be bouncing email where From: is another > gmail account. I'm not seeing this in my mail logs here. The URL cited in the log entry gives no reason for such a policy. The mail log here shows a number of 5.1.1 bounces of list mail to gmail.com addresses for a number of reasons, but this isn't one of them. # grep gmail mail.log|grep [listname]|grep "5\.1\.1" Should I be looking for something else? About 25% of the subscribers on our biggest discussion list are gmail.com subscribers. -- Lindsay Haisley | "Everything works if you let it" FMP Computer Services | 512-259-1190 | --- The Roadie http://www.fmp.com | From mark at msapiro.net Fri Apr 25 19:03:46 2014 From: mark at msapiro.net (Mark Sapiro) Date: Fri, 25 Apr 2014 10:03:46 -0700 Subject: [Mailman-Users] I : Error message "Bug in Mailman version 2.1.12" when approving a moderated post and selecting "Preserve message for the Administrator"... In-Reply-To: References: <53598825.2040308@msapiro.net> Message-ID: <535A9572.2070003@msapiro.net> On 04/25/2014 04:46 AM, Jacques Setton wrote: >>> This is a Python 2.6 incompatibility fixed in Mailman 2.1.13. The fix is > at . > > Thanks Mark for the pointer to the 1183 fix. For the time being, would it be > ok that I replace the existing 'ListAdmin.py' file by a revised one which > includes the 2 code-lines changes (actually 3 with the Copyright one) ? > I also assume that, after loading the revised file on the server, it would > be advisable to then restart (reload) the Mailman service. Yes, that's what you need to do, and it is not only advisable, but necessary to restart Mailman after any changes to the source code. > Hence, it would > be helpful to know if I can just apply the above fix for now and then > consider (plan for) an upgrade to Mailman 2.1.13+ at a later stage. Thanks > for your advice on this preferred approach. Yes, you can do all that. I would recommend 2.1.18, but upgrading a RedHat/CentOS package from source is not totally straightforward. See the FAQ at and the mailman-developers post and INSTALL.REDHAT document referred to therein. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From mark at msapiro.net Fri Apr 25 20:40:01 2014 From: mark at msapiro.net (Mark Sapiro) Date: Fri, 25 Apr 2014 11:40:01 -0700 Subject: [Mailman-Users] 'Undelivered Mail Returned to Sender' error when using an e-mail from a domain co-hosted with the one used for Mailman lists In-Reply-To: References: <53589A9C.4070802@msapiro.net> <53589EF5.6090205@msapiro.net> <5359962E.8030206@msapiro.net> Message-ID: <535AAC01.7040903@msapiro.net> On 04/25/2014 03:25 AM, Jacques Setton wrote: > > 1) Selected Sequence from /var/log/maillog ... > Apr 21 02:49:56 vps12345 postfix/smtp[9414]: F030911C008: > to=, relay=127.0.0.1[127.0.0.1]:10024, > delay=0.73, delays=0.26/0.01/0/0.46, dsn=2.0.0, status=sent (250 2.0.0 from > MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 9F72D11C00A) > Apr 21 02:49:56 vps12345 postfix/smtpd[9419]: disconnect from > localhost.localdomain[127.0.0.1] > Apr 21 02:49:56 vps12345 dovecot: auth: sql(mailman-request at domain.org): > Unknown user > Apr 21 02:49:56 vps12345 postfix/pipe[9420]: 9F72D11C00A: > to=, relay=dovecot, delay=0.04, > delays=0.01/0.01/0/0.02, dsn=5.1.1, status=bounced (user unknown) Delivery to Mailman is via aliases. The dovecot LDA does not use your aliases. Delivery to Mailman must be via the local LDA. Something in your Postfix configuration is telling it to relay this particular mail via the dovecot transport rather than the local transport. That's why it bounces. The question is what's causing it. I suspect it has to do with two things in your Postfix configuration: local_recipient_maps = unix:passwd.byname and virtual_transport = dovecot By default, local_recipient_maps includes $alias_maps, and I *think* it should in your case. Why this lack would cause Postfix to use the virtual_transport rather than local in just this one case is really a question for postfix-users at postfix.org or some other Postfix resource, but you might try local_recipient_maps = unix:passwd.byname $alias_maps or simply removing that line from main.cf and see if that helps. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From terry at fiteyes.com Fri Apr 25 22:06:21 2014 From: terry at fiteyes.com (Terry Earley) Date: Fri, 25 Apr 2014 14:06:21 -0600 Subject: [Mailman-Users] DMARC: Testing anonymous_list as an option Message-ID: I have been reading these posts and your documentationwith interest, and since in our list, we moderate every post, we did not have too much concern about having moderators re-post yahoo messages. Then the news that AOL is joining the DMARC party got me worrying that soon the big players, gmail, hotmail, etc may also decide to implement DMARC for messages coming from their users. To prepare for that possibility, I have been testing one of the solutions, anonymous_list. In my test environment, it passes a yahoo post to my gmail account without a problem since "from" is our list's address, so it matches. The problem is identifying the poster in some way in the message body. I added a msg_header with "user_address" and text, but that returns the recipient's email address, not the sender's. The moderators see the sender's email address, but it is not passed to the recipient by design, I know. That is what anonymous is for. Currently, moderators cannot directly edit pending posts. My question then is what variable would return the sender's address in the msg_header? If there is no variable, then how could we do that? Some of our posters carry more credibility than others. We are on version 2.1.13, with full personalization set, and using SPF and DKIM. anonymous_list currently set to "no" in our production environment. Terry Earley FitEyes From mark at msapiro.net Fri Apr 25 22:29:34 2014 From: mark at msapiro.net (Mark Sapiro) Date: Fri, 25 Apr 2014 13:29:34 -0700 Subject: [Mailman-Users] DMARC: Testing anonymous_list as an option In-Reply-To: References: Message-ID: <535AC5AE.3030709@msapiro.net> On 04/25/2014 01:06 PM, Terry Earley wrote: > > My question then is what variable would return the sender's address in the > msg_header? If there is no variable, then how could we do that? Some of our > posters carry more credibility than others. There currently is none. It would be possible to implement one, but if you have the necessary access, you could just upgrade to Mailman 2.1.18 and use one of the DMARC mitigation features therein. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From cgtyoder at alum.mit.edu Fri Apr 25 22:30:45 2014 From: cgtyoder at alum.mit.edu (Conrad G T Yoder) Date: Fri, 25 Apr 2014 16:30:45 -0400 Subject: [Mailman-Users] Workaround for yahoo/aol dmarc? Message-ID: <70725FF6-9B40-400A-A84C-57F684BFF95C@alum.mit.edu> I?ve been poking around the Mailman options (that I have access to? I am using a hosted Mailman 2.1.14) and brainstorming - would it be possible, using the options in the ?Non-digest options? page, to munge the ?From:? header of Yahoo/AOL posters to change their address to something like smith at aol-removethis.com? I don?t know enough python to answer this. -Conrad -- Loose talk is noose talk. Be a live patriot, not a dead traitor. From mark at msapiro.net Fri Apr 25 22:46:12 2014 From: mark at msapiro.net (Mark Sapiro) Date: Fri, 25 Apr 2014 13:46:12 -0700 Subject: [Mailman-Users] Workaround for yahoo/aol dmarc? In-Reply-To: <70725FF6-9B40-400A-A84C-57F684BFF95C@alum.mit.edu> References: <70725FF6-9B40-400A-A84C-57F684BFF95C@alum.mit.edu> Message-ID: <535AC994.2040501@msapiro.net> On 04/25/2014 01:30 PM, Conrad G T Yoder wrote: > I?ve been poking around the Mailman options (that I have access to? I am using a hosted Mailman 2.1.14) and brainstorming - would it be possible, using the options in the ?Non-digest options? page, to munge the ?From:? header of Yahoo/AOL posters to change their address to something like smith at aol-removethis.com? I don?t know enough python to answer this. No. In Mailman 2.1.14, there are Privacy options... -> Spam filters -> header_filter_rules that allow you to take various actions on a message based on pattern matches on headers including From:, but there is nothing other than General Options -> anonymous_list that will allow you to change the From: -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From jimpop at gmail.com Sat Apr 26 02:39:42 2014 From: jimpop at gmail.com (Jim Popovitch) Date: Fri, 25 Apr 2014 20:39:42 -0400 Subject: [Mailman-Users] Gmail and DMARC In-Reply-To: <1398444535.16099.69.camel@pudina.fmp.com> References: <27454ADE-9AFA-4E5D-A75A-4DDB55A7FBA5@alum.mit.edu> <1398368129.26046.90.camel@pudina.fmp.com> <53596968.8050106@msapiro.net> <1398444535.16099.69.camel@pudina.fmp.com> Message-ID: On Fri, Apr 25, 2014 at 12:48 PM, Lindsay Haisley wrote: > On Fri, 2014-04-25 at 11:54 -0400, Jim Popovitch wrote: >> http://support.google.com/mail/bin/answer.py?answer=14257 >> > b6sm884241igm.2 - gsmtp (in reply to MAIL FROM >> command)) >> > >> > So for some period of time, they wanted Mailman to auth as who? :-) >> >> OK, that wasn't an odd hiccup, that was/is intentional action by >> google. Gmail now seems to be bouncing email where From: is another >> gmail account. > > I'm not seeing this in my mail logs here. The URL cited in the log > entry gives no reason for such a policy. The mail log here shows a > number of 5.1.1 bounces of list mail to gmail.com addresses for a number > of reasons, but this isn't one of them. > > # grep gmail mail.log|grep [listname]|grep "5\.1\.1" > > Should I be looking for something else? About 25% of the subscribers on > our biggest discussion list are gmail.com subscribers. TBH, I'm not sure what else there is to look for. :-) GMail, every so often, is telling my Mailman that it needs to Auth in order to reflect From:gmail to other gmail customers. It's like DMARC without following the DMARC standard (GMail has a p=none policy). -Jim P. From danm at prime.gushi.org Sat Apr 26 01:55:21 2014 From: danm at prime.gushi.org (Dan Mahoney, System Admin) Date: Fri, 25 Apr 2014 16:55:21 -0700 (PDT) Subject: [Mailman-Users] How to re-send list traffic from archives? Message-ID: Hey there all, Due to a VERP misconfig on one of our systems, we had a number of outbound posts bounce with a 500-series error. What we'd like to do is go through the archives for the period of time we missed, and re-send those messages. Is this something anyone's had to do in the past and could maybe provide pointers? Failing that, can someone tell me why it might be a really bad idea? -Dan Mahoney -- --------Dan Mahoney-------- Techie, Sysadmin, WebGeek Gushi on efnet/undernet IRC ICQ: 13735144 AIM: LarpGM Site: http://www.gushi.org --------------------------- From mark at msapiro.net Sat Apr 26 08:17:46 2014 From: mark at msapiro.net (Mark Sapiro) Date: Fri, 25 Apr 2014 23:17:46 -0700 Subject: [Mailman-Users] Mailman 2.1.18 release In-Reply-To: <5353494C.5070609@msapiro.net> References: <53501E2F.1040409@msapiro.net> <5353494C.5070609@msapiro.net> Message-ID: <535B4F8A.8060809@msapiro.net> I'm pleased to announce the third candidate release for Mailman 2.1.18. This fixes a few bugs since discovered since the second release candidate. Python 2.4 is the minimum supported, but Python 2.7 is recommended. Please submit any i18n updates before May 1 to get them in the final release. This release has new features to help with mitigation of the impacts of DMARC on mailing lists. There is also a new dependency associated with these features. Namely, the new Privacy options -> Sender filters -> dmarc_moderation_action feature requires that the dnspython package be available in Python. There are also bug fixes. See the attached README for more details. Mailman is free software for managing email mailing lists and e-newsletters. Mailman is used for all the python.org and SourceForge.net mailing lists, as well as at hundreds of other sites. For more information, please see: http://www.list.org http://www.gnu.org/software/mailman http://mailman.sourceforge.net/ Mailman 2.1.18rc1 can be downloaded from https://launchpad.net/mailman/2.1/ http://ftp.gnu.org/gnu/mailman/ https://sourceforge.net/projects/mailman/ -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan -------------- next part -------------- 2.1.18rc3 (25-Apr-2014) Bug fixes and other patches - The Reply-To: munging options weren't honored if there was no from_is_list action. (LP: #1313010) - Changed from_is_list actions to insert the list address in Cc: if the list is fully personalized. Otherwise, the list address is only in From: and Reply-To: overrides it. (LP: #1312970) - Fixed the Munge From action to only Munge the From: and/or Reply-To: in the outgoing message and not in archives, digests and messages sent via the usenet gateway. (LP: #1311431) 2.1.18rc2 (19-Apr-2014) Bug fixes and other patches - The new Utils.IsDMARCProhibited() used collections.defaultdict which requires Python 2.5. Changed to use a dict and setdefault. 2.1.18rc1 (18-Apr-2014) Dependencies - There is a new dependency associated with the new Privacy options -> Sender filters -> dmarc_moderation_action feature discussed below. This requires that the dnspython package be available in Python. This package can be downloaded from the above site or from the CheeseShop or installed with pip. New Features - The from_is_list feature introduced in 2.1.16 is now unconditionally available to list owners. There is also, a new Privacy options -> Sender filters -> dmarc_moderation_action feature which applies to list messages where the From: address is in a domain which publishes a DMARC policy of reject or possibly quarantine. This is a list setting with values of Accept, Wrap Message, Munge From, Reject or Discard. There is a new DEFAULT_DMARC_MODERATION_ACTION configuration setting to set the default for this, and the list admin UI is not able to set an action which is 'less' than the default. The prior ALLOW_FROM_IS_LIST setting has been removed and is effectively always Yes. There is a new DMARC_QUARANTINE_MODERATION_ACTION configuration setting which defaults to Yes but can be set to No to exclude domains with DMARC policy of quarantine from dmarc_moderation_action. dmarc_moderation_action and from_is_list interact in the following way. If the message is From: a domain to which dmarc_moderation_action applies and if dmarc_moderation_action is other than Accept, dmarc_moderation_action applies to that message. Otherwise the from_is_list action applies. i18n - Added missing tag to French listinfo template. (LP: #1275964) Bug Fixes and other patches - Fixed a long standing issue in which a notice sent to a user whose language is other than that of the list can cause subsequent things which should be in the list's language to be in the user's language instead. (LP: #1308655) - Fixed the admin Membership List so a search string if any is not lost when visiting subsequent fragments of a chunked list. (LP: #1307454) - For from_is_list feature, use email address from original From: if original From: has no display name and strip domain part from resultant names that look like email addresses. (LP: #1304511) - Added the list name to the vette log "held message approved" entry. (LP: 1295875) - Added the CGI module name to various "No such list" error log entries. (LP: 1295875) - Modified contrib/mmdsr to report module name if present in "No such list error log entries. - Fixed a NameError exception in cron/nightly_gzip when it tries to print the usage message. (LP: #1291038) - Fixed a bug in ListAdmin._handlepost that would crash when trying to preserve a held message for the site admin if HOLD_MESSAGES_AS_PICKLES is False. (LP: #1282365) - The from_is_list header munging feature introduced in Mailman 2.1.16 is no longer erroneously applied to Mailman generated notices. (LP: #1279667) - Changed the message from the confirm CGI to not indicate approval is required for an acceptance of an invitation. (LP: #1277744) - Fixed POSTFIX_STYLE_VIRTUAL_DOMAINS to be case-insensitiive. (LP: #1267003) - Added recognition for another simple warning to bounce processing. (LP: #1263247) - Fixed a few failing tests in tests/test_handlers.py. (LP: #1262950) - Fixed bin/arch to not create scrubbed attachments for messages skipped when processing the --start= option. (LP: #1260883) - Fixed email address validation to do a bit better in obscure cases. (LP: #1258703) - Fixed a bug which caused some authentication cookies to expire too soon if AUTHENTICATION_COOKIE_LIFETIME is non-zero. (LP: #1257112) - Fixed a possible TypeError in bin/sync_members introduced in 2.1.17. (LP: #1243343) Miscellaneous - Added to the contrib directory, a script from Alain Williams to count posts in a list's archive. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: OpenPGP digital signature URL: From stephen at xemacs.org Sat Apr 26 08:24:25 2014 From: stephen at xemacs.org (Stephen J. Turnbull) Date: Sat, 26 Apr 2014 15:24:25 +0900 Subject: [Mailman-Users] Gmail and DMARC In-Reply-To: References: <27454ADE-9AFA-4E5D-A75A-4DDB55A7FBA5@alum.mit.edu> <1398368129.26046.90.camel@pudina.fmp.com> <53596968.8050106@msapiro.net> <1398444535.16099.69.camel@pudina.fmp.com> Message-ID: <87sip0obfq.fsf@uwakimon.sk.tsukuba.ac.jp> Jim Popovitch writes: > TBH, I'm not sure what else there is to look for. :-) GMail, every so > often, is telling my Mailman that it needs to Auth in order to reflect > From:gmail to other gmail customers. It's like DMARC without > following the DMARC standard (GMail has a p=none policy). Is it possible that those users are using their GMail address from a non-Google host? That would explain the intermittent nature of the challenge -- it doesn't have the GMail DKIM signature that identifies GMail-from-GMail messages. And it would also explain why it "looks like" DMARC, since DKIM is one of the underlying protocols used to implement DMARC. From jimpop at gmail.com Sat Apr 26 08:39:17 2014 From: jimpop at gmail.com (Jim Popovitch) Date: Sat, 26 Apr 2014 02:39:17 -0400 Subject: [Mailman-Users] Gmail and DMARC In-Reply-To: <87sip0obfq.fsf@uwakimon.sk.tsukuba.ac.jp> References: <27454ADE-9AFA-4E5D-A75A-4DDB55A7FBA5@alum.mit.edu> <1398368129.26046.90.camel@pudina.fmp.com> <53596968.8050106@msapiro.net> <1398444535.16099.69.camel@pudina.fmp.com> <87sip0obfq.fsf@uwakimon.sk.tsukuba.ac.jp> Message-ID: On Sat, Apr 26, 2014 at 2:24 AM, Stephen J. Turnbull wrote: > Jim Popovitch writes: > > > TBH, I'm not sure what else there is to look for. :-) GMail, every so > > often, is telling my Mailman that it needs to Auth in order to reflect > > From:gmail to other gmail customers. It's like DMARC without > > following the DMARC standard (GMail has a p=none policy). > > Is it possible that those users are using their GMail address from a > non-Google host? That would explain the intermittent nature of the > challenge -- it doesn't have the GMail DKIM signature that identifies > GMail-from-GMail messages. And it would also explain why it "looks > like" DMARC, since DKIM is one of the underlying protocols used to > implement DMARC. I strip any existing inbound sigs. The GMail senders were using GMail web interface. This looks more and more like a lazy DNS issue, as the MX for GMail has flip-flopped over the past ~24 hours. I honestly think that GMail rotated in a wrong server...the only other possibility is that powerdns cached a record beyond it's TTL. -Jim P. From mark at msapiro.net Sat Apr 26 09:35:55 2014 From: mark at msapiro.net (Mark Sapiro) Date: Sat, 26 Apr 2014 00:35:55 -0700 Subject: [Mailman-Users] How to re-send list traffic from archives? In-Reply-To: References: Message-ID: <535B61DB.7000902@msapiro.net> On 04/25/2014 04:55 PM, Dan Mahoney, System Admin wrote: > > What we'd like to do is go through the archives for the period of time > we missed, and re-send those messages. Is this something anyone's had > to do in the past and could maybe provide pointers? This has come up before, but I couldn't find it in the archives with a quick look, so I wrote a script which you can find at (mirrored at ). This script takes two arguments, the path to a mbox file and a list name and (re)posts all the messages in the mbox file to the list. Once the messages reach the list, they will still be subject to all the membership tests and miscellaneous holds as if they had actually just been posted to the list. You could just get a copy of the list's archives/private/listname.mbox/listname.mbox file and extract the messages you want (i.e. delete those older and younger that the period of interest) and use that as input to the script. > Failing that, can someone tell me why it might be a really bad idea? There will be side effects. The messages will be re-archived. This means they will be added to the archives/private/listname.mbox/listname.mbox file, but they won't appear in the pipermail archive indexes because of duplicate message-ids, but their HTML files will still be there. Also, if there are any attachments that were scrubbed and stored aside, they will be again scrubbed and stored aside. All this results in a little wasted file space, but beyond that, I don't think anything bad will happen. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From joemailgroups at gmail.com Sun Apr 27 14:46:16 2014 From: joemailgroups at gmail.com (Joe) Date: Sun, 27 Apr 2014 05:46:16 -0700 Subject: [Mailman-Users] Newsreader access. In-Reply-To: <535704C4.5020002@msapiro.net> References: <03563E20-6A9F-4AA0-BEBF-CCC42BA1CFF2@gmail.com> <535704C4.5020002@msapiro.net> Message-ID: <37D5AF38-F310-4DB6-8D8A-447740B920FF@gmail.com> Hi, Mark. In the case you describe the server would send posts to the newsgroups and readers would access these newsgroups to see the posts. So posts are sent to the list using each list's e-mail address and then 'copied' to the newsserver. What happens when readers wish to reply to what they read on their newsreaders ? Would they send their reply to the newsgroup or have to send their reply to the list itself using the list's e-mail address ? This part is not very clear to me. Thank you in advance, Joe. On April 22, 2014, at 5:09 PM, Mark Sapiro wrote: > On 04/22/2014 05:03 PM, Joe wrote: >> >> How complicated is it to set-up Mailman so that users can access it this way ? Will I need to configure my server for this or is the configuration restricted to the Mailman administrative interface ? > > > You need to create a newsgroup on an nntp server somewhere. This can be > the Mailman server or not. Then you can use the list's web admin > Mail<->News gateways section to configure your list to send posts to > your newsgroup, and your users can read the newsgroup. > > -- > Mark Sapiro The highway is for gamblers, > San Francisco Bay Area, California better use your sense - B. Dylan > ------------------------------------------------------ > Mailman-Users mailing list Mailman-Users at python.org > https://mail.python.org/mailman/listinfo/mailman-users > Mailman FAQ: http://wiki.list.org/x/AgA3 > Security Policy: http://wiki.list.org/x/QIA9 > Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ > Unsubscribe: https://mail.python.org/mailman/options/mailman-users/joemailgroups%40gmail.com From mark at msapiro.net Sun Apr 27 17:55:11 2014 From: mark at msapiro.net (Mark Sapiro) Date: Sun, 27 Apr 2014 08:55:11 -0700 Subject: [Mailman-Users] Newsreader access. In-Reply-To: <37D5AF38-F310-4DB6-8D8A-447740B920FF@gmail.com> References: <03563E20-6A9F-4AA0-BEBF-CCC42BA1CFF2@gmail.com> <535704C4.5020002@msapiro.net> <37D5AF38-F310-4DB6-8D8A-447740B920FF@gmail.com> Message-ID: <535D285F.6020201@msapiro.net> On 04/27/2014 05:46 AM, Joe wrote: > > In the case you describe the server would send posts to the newsgroups and readers would access these newsgroups to see the posts. So posts are sent to the list using each list's e-mail address and then 'copied' to the newsserver. What happens when readers wish to reply to what they read on their newsreaders ? Would they send their reply to the newsgroup or have to send their reply to the list itself using the list's e-mail address ? This part is not very clear to me. Either way. Look at the settings in the web admin UI Mail<->News gateways section. You have separate controls for sending from Mailman to the news group and from the news group to Mailman. If you enable gateway_to_mail, posts to the newsgroup will be sent to the list. If you don't enable gateway_to_mail, posts to the newsgroup will not be sent to the list. You should be aware that if you do gate from the newsgroup to the list, posts to the newsgroup from nonmembers of the list will be accepted by the list regardless of the list's generic_nonmember_action. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From fmouse at fmp.com Sun Apr 27 19:16:51 2014 From: fmouse at fmp.com (Lindsay Haisley) Date: Sun, 27 Apr 2014 12:16:51 -0500 Subject: [Mailman-Users] Mailman, DMARC and OpenDKIM Message-ID: <1398619011.36252.49.camel@pudina.fmp.com> My understanding is that DMARC alignment depends on both SPF and DKIM and that if a test using either protocol passes, then a DMARC will pass. This is probably an oversimplification, but I'm exploring the idea of whether it might be possible to interpose a milter using OpenDKIM (perhaps zdkimfilter) between Mailman and the outgoing SMTP server (courier-MTA) so that outgoing list posts are appropriately signed. I know next to nothing about DKIM, but there was a time when I knew next to nothing about almost everything, so I learn what I have to to make things work :) -- Lindsay Haisley | "The only unchanging certainty FMP Computer Services | is the certainty of change" 512-259-1190 | http://www.fmp.com | - Ancient wisdom, many cultures From mark at msapiro.net Sun Apr 27 19:34:24 2014 From: mark at msapiro.net (Mark Sapiro) Date: Sun, 27 Apr 2014 10:34:24 -0700 Subject: [Mailman-Users] Mailman, DMARC and OpenDKIM In-Reply-To: <1398619011.36252.49.camel@pudina.fmp.com> References: <1398619011.36252.49.camel@pudina.fmp.com> Message-ID: <535D3FA0.6000008@msapiro.net> On 04/27/2014 10:16 AM, Lindsay Haisley wrote: > My understanding is that DMARC alignment depends on both SPF and DKIM > and that if a test using either protocol passes, then a DMARC will pass. > This is probably an oversimplification, but I'm exploring the idea of > whether it might be possible to interpose a milter using OpenDKIM > (perhaps zdkimfilter) between Mailman and the outgoing SMTP server > (courier-MTA) so that outgoing list posts are appropriately signed. This doesn't help. The whole idea behind DMARC is the message must pass either SPF or DKIM with a domain that 'aligns' with the domain of the address in the From: header. You can't DKIM sign for the yahoo.com or aol.com or whatever.com domain because you don't know their private keys. You can only DKIM sign for your own domain which won't 'align' with the From: domain. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From fmouse at fmp.com Sun Apr 27 19:47:10 2014 From: fmouse at fmp.com (Lindsay Haisley) Date: Sun, 27 Apr 2014 12:47:10 -0500 Subject: [Mailman-Users] Mailman, DMARC and OpenDKIM In-Reply-To: <535D3FA0.6000008@msapiro.net> References: <1398619011.36252.49.camel@pudina.fmp.com> <535D3FA0.6000008@msapiro.net> Message-ID: <1398620830.36252.50.camel@pudina.fmp.com> On Sun, 2014-04-27 at 10:34 -0700, Mark Sapiro wrote: > On 04/27/2014 10:16 AM, Lindsay Haisley wrote: > > My understanding is that DMARC alignment depends on both SPF and DKIM > > and that if a test using either protocol passes, then a DMARC will pass. > > This is probably an oversimplification, but I'm exploring the idea of > > whether it might be possible to interpose a milter using OpenDKIM > > (perhaps zdkimfilter) between Mailman and the outgoing SMTP server > > (courier-MTA) so that outgoing list posts are appropriately signed. > > > This doesn't help. The whole idea behind DMARC is the message must pass > either SPF or DKIM with a domain that 'aligns' with the domain of the > address in the From: header. > > You can't DKIM sign for the yahoo.com or aol.com or whatever.com domain > because you don't know their private keys. You can only DKIM sign for > your own domain which won't 'align' with the From: domain. OK, Thanks Mark. This makes sense. No need for anyone else to post a reply to my post. -- Lindsay Haisley | "Everything works if you let it" FMP Computer Services | 512-259-1190 | --- The Roadie http://www.fmp.com | From Richard at Damon-Family.org Sun Apr 27 20:00:20 2014 From: Richard at Damon-Family.org (Richard Damon) Date: Sun, 27 Apr 2014 14:00:20 -0400 Subject: [Mailman-Users] Mailman, DMARC and OpenDKIM In-Reply-To: <535D3FA0.6000008@msapiro.net> References: <1398619011.36252.49.camel@pudina.fmp.com> <535D3FA0.6000008@msapiro.net> Message-ID: <535D45B4.70104@Damon-Family.org> On 4/27/14, 1:34 PM, Mark Sapiro wrote: > On 04/27/2014 10:16 AM, Lindsay Haisley wrote: >> My understanding is that DMARC alignment depends on both SPF and DKIM >> and that if a test using either protocol passes, then a DMARC will pass. >> This is probably an oversimplification, but I'm exploring the idea of >> whether it might be possible to interpose a milter using OpenDKIM >> (perhaps zdkimfilter) between Mailman and the outgoing SMTP server >> (courier-MTA) so that outgoing list posts are appropriately signed. > > This doesn't help. The whole idea behind DMARC is the message must pass > either SPF or DKIM with a domain that 'aligns' with the domain of the > address in the From: header. > > You can't DKIM sign for the yahoo.com or aol.com or whatever.com domain > because you don't know their private keys. You can only DKIM sign for > your own domain which won't 'align' with the From: domain. > One question I have had over how this works is why SPF is added to the mix. If the message passes SPF, then it has come directly from a server that is supposedly controlled by the sending provider. Said server should have been able to DKIM sign the message, so you should never see a message that passes SPF but fails DKIM. Was that option just put in to allow an organization to just implement SPF (and ignore DKIM), but change SPF to require the alignment to From: ? -- Richard Damon From jsetton at waycast.com Sun Apr 27 21:04:54 2014 From: jsetton at waycast.com (Jacques Setton) Date: Sun, 27 Apr 2014 21:04:54 +0200 Subject: [Mailman-Users] 'Undelivered Mail Returned to Sender' error when using an e-mail from a domain co-hosted with the one used for Mailman lists In-Reply-To: <535AAC01.7040903@msapiro.net> References: <53589A9C.4070802@msapiro.net> <53589EF5.6090205@msapiro.net> <5359962E.8030206@msapiro.net> <535AAC01.7040903@msapiro.net> Message-ID: <004101cf624b$93cdc8c0$bb695a40$@waycast.com> >> By default, local_recipient_maps includes $alias_maps, and I *think* it should in your case. >> Why this lack would cause Postfix to use the virtual_transport rather than local in just this >> one case is really a question for postfix-users at postfix.org or some other Postfix resource, >> but you might try local_recipient_maps = unix:passwd.byname $alias_maps Very well spotted ! This is indeed the source of the mail rejection behavior that I have reported on when using a locally-hosted mail accounts on the same VPS which also hosts Mailman. The 'postconf -d' command output shows the following default setting : alias_maps = hash:/etc/aliases, nis:mail.aliases local_recipient_maps = proxy:unix:passwd.byname $alias_maps The 'postconf -n' command output shows the following (re)specified setting : alias_maps = hash:/etc/aliases, hash:/etc/mailman/aliases local_recipient_maps = unix:passwd.byname For some unclear reason, in the distribution we are using the '$allias_maps' parameter had been removed from the 'local_recipient_maps' setting in the Postfix 'main.cf' configuration file. After redefining the line as "local_recipient_maps = unix:passwd.byname $alias_maps" and doing a few test, it appears that we can now successfully use local mail accounts in relation with Mailman. >> or simply removing that line from main.cf and see if that helps. No need to do that as the above corrective action did fully resolve the problem. Many thanks, Mark, for your very effective guidance on this issue ! - - - Jacques Setton jsetton at waycast.com -----Message d'origine----- De?: Mark Sapiro [mailto:mark at msapiro.net] Envoy??: vendredi 25 avril 2014 20:40 ??: Jacques Setton Cc?: mailman-users at python.org Objet?: Re: [Mailman-Users] 'Undelivered Mail Returned to Sender' error when using an e-mail from a domain co-hosted with the one used for Mailman lists On 04/25/2014 03:25 AM, Jacques Setton wrote: > > 1) Selected Sequence from /var/log/maillog ... > Apr 21 02:49:56 vps12345 postfix/smtp[9414]: F030911C008: > to=, relay=127.0.0.1[127.0.0.1]:10024, > delay=0.73, delays=0.26/0.01/0/0.46, dsn=2.0.0, status=sent (250 2.0.0 > from > MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 9F72D11C00A) Apr > 21 02:49:56 vps12345 postfix/smtpd[9419]: disconnect from > localhost.localdomain[127.0.0.1] Apr 21 02:49:56 vps12345 dovecot: > auth: sql(mailman-request at domain.org): > Unknown user > Apr 21 02:49:56 vps12345 postfix/pipe[9420]: 9F72D11C00A: > to=, relay=dovecot, delay=0.04, > delays=0.01/0.01/0/0.02, dsn=5.1.1, status=bounced (user unknown) Delivery to Mailman is via aliases. The dovecot LDA does not use your aliases. Delivery to Mailman must be via the local LDA. Something in your Postfix configuration is telling it to relay this particular mail via the dovecot transport rather than the local transport. That's why it bounces. The question is what's causing it. I suspect it has to do with two things in your Postfix configuration: local_recipient_maps = unix:passwd.byname and virtual_transport = dovecot By default, local_recipient_maps includes $alias_maps, and I *think* it should in your case. Why this lack would cause Postfix to use the virtual_transport rather than local in just this one case is really a question for postfix-users at postfix.org or some other Postfix resource, but you might try local_recipient_maps = unix:passwd.byname $alias_maps or simply removing that line from main.cf and see if that helps. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From mark at msapiro.net Sun Apr 27 21:14:39 2014 From: mark at msapiro.net (Mark Sapiro) Date: Sun, 27 Apr 2014 12:14:39 -0700 Subject: [Mailman-Users] Mailman, DMARC and OpenDKIM In-Reply-To: <535D45B4.70104@Damon-Family.org> References: <1398619011.36252.49.camel@pudina.fmp.com> <535D3FA0.6000008@msapiro.net> <535D45B4.70104@Damon-Family.org> Message-ID: <535D571F.2000406@msapiro.net> On 04/27/2014 11:00 AM, Richard Damon wrote: > One question I have had over how this works is why SPF is added to the > mix. If the message passes SPF, then it has come directly from a server > that is supposedly controlled by the sending provider. Said server > should have been able to DKIM sign the message, so you should never see > a message that passes SPF but fails DKIM. SPF applies to the domain of the envelope sender, not the From: address. It only says that the server that delivered this message is authorized (or not) for the domain of the envelope sender. > Was that option just put in to allow an organization to just implement > SPF (and ignore DKIM), but change SPF to require the alignment to From: ? I think the intent is that any domain that implements a DMARC policy will both publish SPF and DKIM sign, but the draft spec explicitly allows for the sending domain to not do both[1]. For a DMARC test to succeed either SPF must pass and the SPF domain must align with the From: domain or there must be a valid DKIM signature with a d= domain aligned with the From: domain. Note that this doesn't represent any change in either SPF or DKIM. It is just an additional requirement on the domains of these tests. So, if a relay modifies the domain of the envelope sender, e.g. like most mailing lists changes it to some bounce at my.domain, SPF may pass, but the domains won't align. For SPF to allow the message to pass DMARC validation, the envelope sender's domain must align with the From: domain and the server which delivered the mail to the recipient MTA must be authorized by the SPF of the envelope sender's domain. [1] From sec 10.2 of the draft spec. Heuristics applied in the absence of use by a Domain Owner of either SPF or DKIM (e.g., [Best-Guess-SPF]) SHOULD NOT be used, as it may be the case that the Domain Owner wishes a Message Receiver not to consider the results of that underlying authentication protocol at all. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From joemailgroups at gmail.com Sun Apr 27 23:27:14 2014 From: joemailgroups at gmail.com (Joe) Date: Sun, 27 Apr 2014 14:27:14 -0700 Subject: [Mailman-Users] Newsreader access. In-Reply-To: <535D285F.6020201@msapiro.net> References: <03563E20-6A9F-4AA0-BEBF-CCC42BA1CFF2@gmail.com> <535704C4.5020002@msapiro.net> <37D5AF38-F310-4DB6-8D8A-447740B920FF@gmail.com> <535D285F.6020201@msapiro.net> Message-ID: <89BBC1CC-997F-460C-883F-E0C59F6D5ECD@gmail.com> Mark, This represents a serious potential risk. One of the problems I've noticed over the years with most Usenet groups is that they tend to attract a lot of spam and non-relevants posts. In this case, assuming I open the gate and allow posts from the Newsgroups to be posted to the list even by non-members, is there a way to have all posts from the Newsgroups set to moderation so that I get the chance to review them first before they are posted to the lists ? Assuming there is, would moderation be set only for posts coming from the Newsgroups or would it be set for all posts independent on whether they come from the Newsgroups or from e-mail ? Thank you for your help. Joe. On April 27, 2014, at 8:55 AM, Mark Sapiro wrote: > On 04/27/2014 05:46 AM, Joe wrote: >> >> In the case you describe the server would send posts to the newsgroups and readers would access these newsgroups to see the posts. So posts are sent to the list using each list's e-mail address and then 'copied' to the newsserver. What happens when readers wish to reply to what they read on their newsreaders ? Would they send their reply to the newsgroup or have to send their reply to the list itself using the list's e-mail address ? This part is not very clear to me. > > > Either way. Look at the settings in the web admin UI Mail<->News > gateways section. You have separate controls for sending from Mailman to > the news group and from the news group to Mailman. > > If you enable gateway_to_mail, posts to the newsgroup will be sent to > the list. If you don't enable gateway_to_mail, posts to the newsgroup > will not be sent to the list. > > You should be aware that if you do gate from the newsgroup to the list, > posts to the newsgroup from nonmembers of the list will be accepted by > the list regardless of the list's generic_nonmember_action. > > -- > Mark Sapiro The highway is for gamblers, > San Francisco Bay Area, California better use your sense - B. Dylan > ------------------------------------------------------ > Mailman-Users mailing list Mailman-Users at python.org > https://mail.python.org/mailman/listinfo/mailman-users > Mailman FAQ: http://wiki.list.org/x/AgA3 > Security Policy: http://wiki.list.org/x/QIA9 > Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ > Unsubscribe: https://mail.python.org/mailman/options/mailman-users/joemailgroups%40gmail.com From mark at msapiro.net Mon Apr 28 00:01:56 2014 From: mark at msapiro.net (Mark Sapiro) Date: Sun, 27 Apr 2014 15:01:56 -0700 Subject: [Mailman-Users] Newsreader access. In-Reply-To: <89BBC1CC-997F-460C-883F-E0C59F6D5ECD@gmail.com> References: <03563E20-6A9F-4AA0-BEBF-CCC42BA1CFF2@gmail.com> <535704C4.5020002@msapiro.net> <37D5AF38-F310-4DB6-8D8A-447740B920FF@gmail.com> <535D285F.6020201@msapiro.net> <89BBC1CC-997F-460C-883F-E0C59F6D5ECD@gmail.com> Message-ID: <535D7E54.3030200@msapiro.net> On 04/27/2014 02:27 PM, Joe wrote: > > In this case, assuming I open the gate and allow posts from the Newsgroups to be posted to the list even by non-members, is there a way to have all posts from the Newsgroups set to moderation so that I get the chance to review them first before they are posted to the lists ? Assuming there is, would moderation be set only for posts coming from the Newsgroups or would it be set for all posts independent on whether they come from the Newsgroups or from e-mail ? Mailman's usenet gateway is from another era. Originally, all posts arriving via the usenet gateway were exempt from member moderation and *_these_nonmembers and generic_nonmember_action actions. This was changed in Mailman 2.1.17 per to apply member_moderation_action to a usenet gated post from a moderated member and to apply *_these_nonmember actions to usenet gated posts from nonmembers matching one of those filters. This was deliberately not extended to generic_nonmember_action because it would be too disruptive to existing lists. However, you can effectively accomplish the same thing since you can put regexp patterns in *_these_nonmembers, so if your list's generic_nonmember_action is, e.g., hold, and you also want to hold all nonmember posts that come via usenet, just put say ^.*$ in hold_these_nonmembers and every nonmember post will be held regardless of source except for those from users matching accept_these_nonmembers. This is not completely flexible, since the *_these_nonmember tests are applied in order (accept, hold, reject, discard) to all posts from nonmembers before generic_nonmember_action, so for example, if you put ^.*$ in discard_these_nonmembers, all nonmember posts will be discarded before ever checking generic_nonmember_action. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From joemailgroups at gmail.com Mon Apr 28 00:15:10 2014 From: joemailgroups at gmail.com (Joe) Date: Sun, 27 Apr 2014 15:15:10 -0700 Subject: [Mailman-Users] Newsreader access. In-Reply-To: <535D7E54.3030200@msapiro.net> References: <03563E20-6A9F-4AA0-BEBF-CCC42BA1CFF2@gmail.com> <535704C4.5020002@msapiro.net> <37D5AF38-F310-4DB6-8D8A-447740B920FF@gmail.com> <535D285F.6020201@msapiro.net> <89BBC1CC-997F-460C-883F-E0C59F6D5ECD@gmail.com> <535D7E54.3030200@msapiro.net> Message-ID: Mark, Since you said that newsgroups would allow non-members to post to the lists I have to assume that these newsgroups are open to the general public. Is this the case ? Some of my lists need to be kept private and can't be opened to the public (due to privacy and confidentiality laws). Is there a way to run newsgroups while maintaining them private and not visible to the general public ? Thank you, Joe. On April 27, 2014, at 3:01 PM, Mark Sapiro wrote: > On 04/27/2014 02:27 PM, Joe wrote: >> >> In this case, assuming I open the gate and allow posts from the Newsgroups to be posted to the list even by non-members, is there a way to have all posts from the Newsgroups set to moderation so that I get the chance to review them first before they are posted to the lists ? Assuming there is, would moderation be set only for posts coming from the Newsgroups or would it be set for all posts independent on whether they come from the Newsgroups or from e-mail ? > > > Mailman's usenet gateway is from another era. Originally, all posts > arriving via the usenet gateway were exempt from member moderation and > *_these_nonmembers and generic_nonmember_action actions. > > This was changed in Mailman 2.1.17 per > to apply > member_moderation_action to a usenet gated post from a moderated member > and to apply *_these_nonmember actions to usenet gated posts from > nonmembers matching one of those filters. > > This was deliberately not extended to generic_nonmember_action because > it would be too disruptive to existing lists. > > However, you can effectively accomplish the same thing since you can put > regexp patterns in *_these_nonmembers, so if your list's > generic_nonmember_action is, e.g., hold, and you also want to hold all > nonmember posts that come via usenet, just put say > > ^.*$ > > in hold_these_nonmembers and every nonmember post will be held > regardless of source except for those from users matching > accept_these_nonmembers. > > This is not completely flexible, since the *_these_nonmember tests are > applied in order (accept, hold, reject, discard) to all posts from > nonmembers before generic_nonmember_action, so for example, if you put > ^.*$ in discard_these_nonmembers, all nonmember posts will be discarded > before ever checking generic_nonmember_action. > > -- > Mark Sapiro The highway is for gamblers, > San Francisco Bay Area, California better use your sense - B. Dylan > ------------------------------------------------------ > Mailman-Users mailing list Mailman-Users at python.org > https://mail.python.org/mailman/listinfo/mailman-users > Mailman FAQ: http://wiki.list.org/x/AgA3 > Security Policy: http://wiki.list.org/x/QIA9 > Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ > Unsubscribe: https://mail.python.org/mailman/options/mailman-users/joemailgroups%40gmail.com From mark at msapiro.net Mon Apr 28 00:23:14 2014 From: mark at msapiro.net (Mark Sapiro) Date: Sun, 27 Apr 2014 15:23:14 -0700 Subject: [Mailman-Users] Newsreader access. In-Reply-To: References: <03563E20-6A9F-4AA0-BEBF-CCC42BA1CFF2@gmail.com> <535704C4.5020002@msapiro.net> <37D5AF38-F310-4DB6-8D8A-447740B920FF@gmail.com> <535D285F.6020201@msapiro.net> <89BBC1CC-997F-460C-883F-E0C59F6D5ECD@gmail.com> <535D7E54.3030200@msapiro.net> Message-ID: <535D8352.7000007@msapiro.net> On 04/27/2014 03:15 PM, Joe wrote: > Mark, > > Since you said that newsgroups would allow non-members to post to the lists I have to assume that these newsgroups are open to the general public. Is this the case ? Some are, some aren't. > Some of my lists need to be kept private and can't be opened to the public (due to privacy and confidentiality laws). Is there a way to run newsgroups while maintaining them private and not visible to the general public ? See, e.g., RFC 4643 . -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From joemailgroups at gmail.com Mon Apr 28 09:30:32 2014 From: joemailgroups at gmail.com (Joe) Date: Mon, 28 Apr 2014 00:30:32 -0700 Subject: [Mailman-Users] Newsreader access. In-Reply-To: <535D8352.7000007@msapiro.net> References: <03563E20-6A9F-4AA0-BEBF-CCC42BA1CFF2@gmail.com> <535704C4.5020002@msapiro.net> <37D5AF38-F310-4DB6-8D8A-447740B920FF@gmail.com> <535D285F.6020201@msapiro.net> <89BBC1CC-997F-460C-883F-E0C59F6D5ECD@gmail.com> <535D7E54.3030200@msapiro.net> <535D8352.7000007@msapiro.net> Message-ID: <39E81FD4-CC49-4269-A50A-BC2FDBD5AD4F@gmail.com> Hi, Mark. I have thought about an alternative solution that might be simpler and more efficient (if available) than using a news server and newsgroups. Are you aware of any Wordpress plug-in that would integrate with Mailman ? In other words, Mailman messages would be exchanged between Mailman and the Wordpress website with the aid of this plug-in so that members would have the option to read and post messages to one or more of their groups using this website instead of e-mail ? Thank you for your help. Joe. On April 27, 2014, at 3:23 PM, Mark Sapiro wrote: > On 04/27/2014 03:15 PM, Joe wrote: >> Mark, >> >> Since you said that newsgroups would allow non-members to post to the lists I have to assume that these newsgroups are open to the general public. Is this the case ? > > > Some are, some aren't. > > >> Some of my lists need to be kept private and can't be opened to the public (due to privacy and confidentiality laws). Is there a way to run newsgroups while maintaining them private and not visible to the general public ? > > > See, e.g., RFC 4643 . > > -- > Mark Sapiro The highway is for gamblers, > San Francisco Bay Area, California better use your sense - B. Dylan > ------------------------------------------------------ > Mailman-Users mailing list Mailman-Users at python.org > https://mail.python.org/mailman/listinfo/mailman-users > Mailman FAQ: http://wiki.list.org/x/AgA3 > Security Policy: http://wiki.list.org/x/QIA9 > Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ > Unsubscribe: https://mail.python.org/mailman/options/mailman-users/joemailgroups%40gmail.com From igoetrich at yahoo.de Mon Apr 28 13:34:48 2014 From: igoetrich at yahoo.de (E Kogler) Date: Mon, 28 Apr 2014 12:34:48 +0100 (BST) Subject: [Mailman-Users] Newsreader access. In-Reply-To: <39E81FD4-CC49-4269-A50A-BC2FDBD5AD4F@gmail.com> References: <03563E20-6A9F-4AA0-BEBF-CCC42BA1CFF2@gmail.com> <535704C4.5020002@msapiro.net> <37D5AF38-F310-4DB6-8D8A-447740B920FF@gmail.com> <535D285F.6020201@msapiro.net> <89BBC1CC-997F-460C-883F-E0C59F6D5ECD@gmail.com> <535D7E54.3030200@msapiro.net> <535D8352.7000007@msapiro.net> <39E81FD4-CC49-4269-A50A-BC2FDBD5AD4F@gmail.com> Message-ID: <1398684888.8990.YahooMailNeo@web172602.mail.ir2.yahoo.com> What you are looking for sounds like a Web forum. Edgar ________________________________ Von: Joe An: "mailman-users at python.org Users" Gesendet: 9:30 Montag, 28.April 2014 Betreff: Re: [Mailman-Users] Newsreader access. Hi, Mark. I have thought about an alternative solution that might be simpler and more efficient (if available) than using a news server and newsgroups. Are you aware of any Wordpress plug-in that would integrate with Mailman ? In other words, Mailman messages would be exchanged between Mailman and the Wordpress website with the aid of this plug-in so that members would have the option to read and post messages to one or more of their groups using this website instead of e-mail ? Thank you for your help. Joe. On April 27, 2014, at 3:23 PM, Mark Sapiro wrote: > On 04/27/2014 03:15 PM, Joe wrote: >> Mark, >> >> Since you said that newsgroups would allow non-members to post to the lists I have to assume that these newsgroups are open to the general public. Is this the case ? > > > Some are, some aren't. > > >> Some of my lists need to be kept private and can't be opened to the public (due to privacy and confidentiality laws). Is there a way to run newsgroups while maintaining them private and not visible to the general public ? > > > See, e.g., RFC 4643 . > > -- > Mark Sapiro ? ? ? ? The highway is for gamblers, > San Francisco Bay Area, California? ? better use your sense - B. Dylan > ------------------------------------------------------ > Mailman-Users mailing list Mailman-Users at python.org > https://mail.python.org/mailman/listinfo/mailman-users > Mailman FAQ: http://wiki.list.org/x/AgA3 > Security Policy: http://wiki.list.org/x/QIA9 > Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ > Unsubscribe: https://mail.python.org/mailman/options/mailman-users/joemailgroups%40gmail.com ------------------------------------------------------ Mailman-Users mailing list Mailman-Users at python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/igoetrich%40yahoo.de From joemailgroups at gmail.com Mon Apr 28 16:50:38 2014 From: joemailgroups at gmail.com (Joe) Date: Mon, 28 Apr 2014 07:50:38 -0700 Subject: [Mailman-Users] Newsreader access. In-Reply-To: <1398684888.8990.YahooMailNeo@web172602.mail.ir2.yahoo.com> References: <03563E20-6A9F-4AA0-BEBF-CCC42BA1CFF2@gmail.com> <535704C4.5020002@msapiro.net> <37D5AF38-F310-4DB6-8D8A-447740B920FF@gmail.com> <535D285F.6020201@msapiro.net> <89BBC1CC-997F-460C-883F-E0C59F6D5ECD@gmail.com> <535D7E54.3030200@msapiro.net> <535D8352.7000007@msapiro.net> <39E81FD4-CC49-4269-A50A-BC2FDBD5AD4F@gmail.com> <1398684888.8990.YahooMailNeo@web172602.mail.ir2.yahoo.com> Message-ID: <81385000-6D66-4FF1-BFC4-C805C6F94F31@gmail.com> Edgar, I am looking for a webforum as a second alternative to access. I have found (much to my surprise) that a large majority of users have trouble with even the simplest aspects of e-mail use despite the fact that e-mail is easy to use and technology that has been around now for several decades. I have instructed users to create subfolders in the mail clients and use filters to redirect mail from our mailing lists to these folders. They can't seem to do it and many complaint that e-mail from the mailing lists clutter their inboxes. I have also suggested that they create a second e-mail account to be used with our mailing lists but many find it either difficult or don't have the time to do it. With this in mind I would like to create another method of access in addition to e-mail so that users have an option. I personally find e-mail one of the easiest and simplest technologies to use but I would like to accommodate those that feel differently. I have found a few Wordpress plug-ins for Mailman but the ones I have found are just for subscription. I would like to find a plug-in that would duplicate the content of the mailing lists to a web forum on the Wordpress sites so users would have the option to use it in place of e-mail. Thank you, Joe. On April 28, 2014, at 4:34 AM, E Kogler wrote: > What you are looking for sounds like a Web forum. > > Edgar > > > > ________________________________ > Von: Joe > An: "mailman-users at python.org Users" > Gesendet: 9:30 Montag, 28.April 2014 > Betreff: Re: [Mailman-Users] Newsreader access. > > > Hi, Mark. > > I have thought about an alternative solution that might be simpler and more efficient (if available) than using a news server and newsgroups. > > Are you aware of any Wordpress plug-in that would integrate with Mailman ? In other words, Mailman messages would be exchanged between Mailman and the Wordpress website with the aid of this plug-in so that members would have the option to read and post messages to one or more of their groups using this website instead of e-mail ? > > Thank you for your help. > > Joe. > > > > On April 27, 2014, at 3:23 PM, Mark Sapiro wrote: > >> On 04/27/2014 03:15 PM, Joe wrote: >>> Mark, >>> >>> Since you said that newsgroups would allow non-members to post to the lists I have to assume that these newsgroups are open to the general public. Is this the case ? >> >> >> Some are, some aren't. >> >> >>> Some of my lists need to be kept private and can't be opened to the public (due to privacy and confidentiality laws). Is there a way to run newsgroups while maintaining them private and not visible to the general public ? >> >> >> See, e.g., RFC 4643 . >> >> -- >> Mark Sapiro The highway is for gamblers, >> San Francisco Bay Area, California better use your sense - B. Dylan >> ------------------------------------------------------ >> Mailman-Users mailing list Mailman-Users at python.org >> https://mail.python.org/mailman/listinfo/mailman-users >> Mailman FAQ: http://wiki.list.org/x/AgA3 >> Security Policy: http://wiki.list.org/x/QIA9 >> Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ >> Unsubscribe: https://mail.python.org/mailman/options/mailman-users/joemailgroups%40gmail.com > > > ------------------------------------------------------ > Mailman-Users mailing list Mailman-Users at python.org > https://mail.python.org/mailman/listinfo/mailman-users > Mailman FAQ: http://wiki.list.org/x/AgA3 > Security Policy: http://wiki.list.org/x/QIA9 > Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ > Unsubscribe: https://mail.python.org/mailman/options/mailman-users/igoetrich%40yahoo.de > ------------------------------------------------------ > Mailman-Users mailing list Mailman-Users at python.org > https://mail.python.org/mailman/listinfo/mailman-users > Mailman FAQ: http://wiki.list.org/x/AgA3 > Security Policy: http://wiki.list.org/x/QIA9 > Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ > Unsubscribe: https://mail.python.org/mailman/options/mailman-users/joemailgroups%40gmail.com From pshute at nuw.org.au Tue Apr 29 00:56:23 2014 From: pshute at nuw.org.au (Peter Shute) Date: Tue, 29 Apr 2014 08:56:23 +1000 Subject: [Mailman-Users] Newsreader access. In-Reply-To: <81385000-6D66-4FF1-BFC4-C805C6F94F31@gmail.com> References: <03563E20-6A9F-4AA0-BEBF-CCC42BA1CFF2@gmail.com> <535704C4.5020002@msapiro.net> <37D5AF38-F310-4DB6-8D8A-447740B920FF@gmail.com> <535D285F.6020201@msapiro.net> <89BBC1CC-997F-460C-883F-E0C59F6D5ECD@gmail.com> <535D7E54.3030200@msapiro.net> <535D8352.7000007@msapiro.net> <39E81FD4-CC49-4269-A50A-BC2FDBD5AD4F@gmail.com> <1398684888.8990.YahooMailNeo@web172602.mail.ir2.yahoo.com> <81385000-6D66-4FF1-BFC4-C805C6F94F31@gmail.com> Message-ID: We have the same problems. If they can't handle setting up email rules, etc, then they certainly aren't going to be able to handle setting up a newsreader. Most of those who complain about the emails are happy to read messages via an archive. The problems start when they want to reply to a message. A fully integrated web forum would solve the problem. Yahoo groups can be accessed via the web or by email, but had other problems I can't remember. Peter Shute > -----Original Message----- > From: Mailman-Users > [mailto:mailman-users-bounces+pshute=nuw.org.au at python.org] > On Behalf Of Joe > Sent: Tuesday, 29 April 2014 12:51 AM > To: mailman-users at python.org Users > Subject: Re: [Mailman-Users] Newsreader access. > > Edgar, > > I am looking for a webforum as a second alternative to > access. I have found (much to my surprise) that a large > majority of users have trouble with even the simplest aspects > of e-mail use despite the fact that e-mail is easy to use and > technology that has been around now for several decades. I > have instructed users to create subfolders in the mail > clients and use filters to redirect mail from our mailing > lists to these folders. They can't seem to do it and many > complaint that e-mail from the mailing lists clutter their > inboxes. I have also suggested that they create a second > e-mail account to be used with our mailing lists but many > find it either difficult or don't have the time to do it. > > With this in mind I would like to create another method of > access in addition to e-mail so that users have an option. I > personally find e-mail one of the easiest and simplest > technologies to use but I would like to accommodate those > that feel differently. > > I have found a few Wordpress plug-ins for Mailman but the > ones I have found are just for subscription. I would like to > find a plug-in that would duplicate the content of the > mailing lists to a web forum on the Wordpress sites so users > would have the option to use it in place of e-mail. > > Thank you, > > Joe. > > > On April 28, 2014, at 4:34 AM, E Kogler wrote: > > > What you are looking for sounds like a Web forum. > > > > Edgar > > > > > > > > ________________________________ > > Von: Joe > > An: "mailman-users at python.org Users" > > Gesendet: 9:30 Montag, 28.April 2014 > > Betreff: Re: [Mailman-Users] Newsreader access. > > > > > > Hi, Mark. > > > > I have thought about an alternative solution that might be > simpler and more efficient (if available) than using a news > server and newsgroups. > > > > Are you aware of any Wordpress plug-in that would integrate > with Mailman ? In other words, Mailman messages would be > exchanged between Mailman and the Wordpress website with the > aid of this plug-in so that members would have the option to > read and post messages to one or more of their groups using > this website instead of e-mail ? > > > > Thank you for your help. > > > > Joe. > > > > > > > > On April 27, 2014, at 3:23 PM, Mark Sapiro wrote: > > > >> On 04/27/2014 03:15 PM, Joe wrote: > >>> Mark, > >>> > >>> Since you said that newsgroups would allow non-members to > post to the lists I have to assume that these newsgroups are > open to the general public. Is this the case ? > >> > >> > >> Some are, some aren't. > >> > >> > >>> Some of my lists need to be kept private and can't be > opened to the public (due to privacy and confidentiality > laws). Is there a way to run newsgroups while maintaining > them private and not visible to the general public ? > >> > >> > >> See, e.g., RFC 4643 . > >> > >> -- > >> Mark Sapiro The highway is for gamblers, > >> San Francisco Bay Area, California better use your > sense - B. Dylan > >> ------------------------------------------------------ > >> Mailman-Users mailing list Mailman-Users at python.org > >> https://mail.python.org/mailman/listinfo/mailman-users > >> Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: > >> http://wiki.list.org/x/QIA9 Searchable Archives: > >> http://www.mail-archive.com/mailman-users%40python.org/ > >> Unsubscribe: > >> > https://mail.python.org/mailman/options/mailman-users/joemailgroups%4 > >> 0gmail.com > > > > > > ------------------------------------------------------ > > Mailman-Users mailing list Mailman-Users at python.org > > https://mail.python.org/mailman/listinfo/mailman-users > > Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: > > http://wiki.list.org/x/QIA9 Searchable Archives: > > http://www.mail-archive.com/mailman-users%40python.org/ > > Unsubscribe: > > > https://mail.python.org/mailman/options/mailman-users/igoetrich%40yaho > > o.de > > ------------------------------------------------------ > > Mailman-Users mailing list Mailman-Users at python.org > > https://mail.python.org/mailman/listinfo/mailman-users > > Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: > > http://wiki.list.org/x/QIA9 Searchable Archives: > > http://www.mail-archive.com/mailman-users%40python.org/ > > Unsubscribe: > > > https://mail.python.org/mailman/options/mailman-users/joemailgroups%40 > > gmail.com > > ------------------------------------------------------ > Mailman-Users mailing list Mailman-Users at python.org > https://mail.python.org/mailman/listinfo/mailman-users > Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: > http://wiki.list.org/x/QIA9 Searchable Archives: > http://www.mail-archive.com/mailman-users%40python.org/ > Unsubscribe: > https://mail.python.org/mailman/options/mailman-users/pshute%4 0nuw.org.au > From mark at msapiro.net Tue Apr 29 02:44:02 2014 From: mark at msapiro.net (Mark Sapiro) Date: Mon, 28 Apr 2014 17:44:02 -0700 Subject: [Mailman-Users] Newsreader access. In-Reply-To: <81385000-6D66-4FF1-BFC4-C805C6F94F31@gmail.com> References: <03563E20-6A9F-4AA0-BEBF-CCC42BA1CFF2@gmail.com> <535704C4.5020002@msapiro.net> <37D5AF38-F310-4DB6-8D8A-447740B920FF@gmail.com> <535D285F.6020201@msapiro.net> <89BBC1CC-997F-460C-883F-E0C59F6D5ECD@gmail.com> <535D7E54.3030200@msapiro.net> <535D8352.7000007@msapiro.net> <39E81FD4-CC49-4269-A50A-BC2FDBD5AD4F@gmail.com> <1398684888.8990.YahooMailNeo@web172602.mail.ir2.yahoo.com> <81385000-6D66-4FF1-BFC4-C805C6F94F31@gmail.com> Message-ID: <535EF5D2.1070806@msapiro.net> On 04/28/2014 07:50 AM, Joe wrote: > > I have found a few Wordpress plug-ins for Mailman but the ones I have found are just for subscription. I would like to find a plug-in that would duplicate the content of the mailing lists to a web forum on the Wordpress sites so users would have the option to use it in place of e-mail. I'm not aware of any existing plugin to mirror a Mailman list on wordpress, but you could probably implement one using an external archiver in Mailman 2.1.x. If you would also need to keep the existing, builtin pipermail archive updated, you can do both. See the FAQs at and . The full Mailman 3 suite is currently in beta release. See https://mail.python.org/pipermail/mailman-announce/2014-April/000191.html>. The HyperKitty archiver that's part of that package may satisfy your requirements, but it will still be a while before ewe have a full production quality release with a 2.1 -> 3 migration path. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From stephen at xemacs.org Tue Apr 29 04:00:04 2014 From: stephen at xemacs.org (Stephen J. Turnbull) Date: Tue, 29 Apr 2014 11:00:04 +0900 Subject: [Mailman-Users] Newsreader access. In-Reply-To: References: <03563E20-6A9F-4AA0-BEBF-CCC42BA1CFF2@gmail.com> <535704C4.5020002@msapiro.net> <37D5AF38-F310-4DB6-8D8A-447740B920FF@gmail.com> <535D285F.6020201@msapiro.net> <89BBC1CC-997F-460C-883F-E0C59F6D5ECD@gmail.com> <535D7E54.3030200@msapiro.net> <535D8352.7000007@msapiro.net> <39E81FD4-CC49-4269-A50A-BC2FDBD5AD4F@gmail.com> <1398684888.8990.YahooMailNeo@web172602.mail.ir2.yahoo.com> <81385000-6D66-4FF1-BFC4-C805C6F94F31@gmail.com> Message-ID: <87r44gnbdn.fsf@uwakimon.sk.tsukuba.ac.jp> Peter Shute writes: > A fully integrated web forum would solve the problem. Yahoo groups > can be accessed via the web or by email, but had other problems I > can't remember. Mailman 3 is taking some steps in that direction in the HyperKitty archiver module. Also, last year I mentored a GSoC project for the Systers which involved a sort of "dashboard" for Systers resources -- where Mailman is a central resource for the Systers. Shanu implemented it as a webapp, of course. It's very much a prototype at this stage, though, and it may not ready for use by people who can't deal with email. It will definitely require a fair amount of the administrator at this point (completely unpackaged). If you'd like to encourage Shanu, I can introduce you. Steve From pshute at nuw.org.au Tue Apr 29 06:02:38 2014 From: pshute at nuw.org.au (Peter Shute) Date: Tue, 29 Apr 2014 14:02:38 +1000 Subject: [Mailman-Users] Newsreader access. In-Reply-To: <87r44gnbdn.fsf@uwakimon.sk.tsukuba.ac.jp> References: <03563E20-6A9F-4AA0-BEBF-CCC42BA1CFF2@gmail.com> <535704C4.5020002@msapiro.net> <37D5AF38-F310-4DB6-8D8A-447740B920FF@gmail.com> <535D285F.6020201@msapiro.net> <89BBC1CC-997F-460C-883F-E0C59F6D5ECD@gmail.com> <535D7E54.3030200@msapiro.net> <535D8352.7000007@msapiro.net> <39E81FD4-CC49-4269-A50A-BC2FDBD5AD4F@gmail.com> <1398684888.8990.YahooMailNeo@web172602.mail.ir2.yahoo.com> <81385000-6D66-4FF1-BFC4-C805C6F94F31@gmail.com> <87r44gnbdn.fsf@uwakimon.sk.tsukuba.ac.jp> Message-ID: Stephen J. Turnbull wrote: > > > A fully integrated web forum would solve the problem. > Yahoo groups > can be accessed via the web or by email, but > had other problems I > can't remember. > > Mailman 3 is taking some steps in that direction in the > HyperKitty archiver module. Also, last year I mentored a > GSoC project for the Systers which involved a sort of > "dashboard" for Systers resources -- where Mailman is a > central resource for the Systers. Shanu implemented it as a > webapp, of course. It's very much a prototype at this stage, > though, and it may not ready for use by people who can't deal > with email. It will definitely require a fair amount of the > administrator at this point (completely unpackaged). > > If you'd like to encourage Shanu, I can introduce you. I read the HyperKitty requirements at http://wiki.list.org/display/DEV/ModernArchiving, but it makes no mention of allowing replies via the archive. Peter Shute From mark at msapiro.net Tue Apr 29 06:47:54 2014 From: mark at msapiro.net (Mark Sapiro) Date: Mon, 28 Apr 2014 21:47:54 -0700 Subject: [Mailman-Users] Newsreader access. In-Reply-To: References: <03563E20-6A9F-4AA0-BEBF-CCC42BA1CFF2@gmail.com> <535704C4.5020002@msapiro.net> <37D5AF38-F310-4DB6-8D8A-447740B920FF@gmail.com> <535D285F.6020201@msapiro.net> <89BBC1CC-997F-460C-883F-E0C59F6D5ECD@gmail.com> <535D7E54.3030200@msapiro.net> <535D8352.7000007@msapiro.net> <39E81FD4-CC49-4269-A50A-BC2FDBD5AD4F@gmail.com> <1398684888.8990.YahooMailNeo@web172602.mail.ir2.yahoo.com> <81385000-6D66-4FF1-BFC4-C805C6F94F31@gmail.com> <87r44gnbdn.fsf@uwakimon.sk.tsukuba.ac.jp> Message-ID: <535F2EFA.6050800@msapiro.net> On 04/28/2014 09:02 PM, Peter Shute wrote: > > I read the HyperKitty requirements at http://wiki.list.org/display/DEV/ModernArchiving, but it makes no mention of allowing replies via the archive. That wiki page is over 4 years old and actually doesn't mention HyperKitty at all. HyperKitty was only chosen to be the initial, bundled archiver for MM 3 about 2 years ago. You can find docs for HyperKitty at , although those aren't really user docs, but they link to some interesting stuff. If you visit the demo server, you will see a list's archive has a "start a new thread" button and messages have a "reply" button. You can't actually test them without a login, but they are there. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From mike at writestarr.com Tue Apr 29 03:38:08 2014 From: mike at writestarr.com (Mike Starr) Date: Mon, 28 Apr 2014 20:38:08 -0500 Subject: [Mailman-Users] Newsreader access. In-Reply-To: References: <03563E20-6A9F-4AA0-BEBF-CCC42BA1CFF2@gmail.com> <535704C4.5020002@msapiro.net> <37D5AF38-F310-4DB6-8D8A-447740B920FF@gmail.com> <535D285F.6020201@msapiro.net> <89BBC1CC-997F-460C-883F-E0C59F6D5ECD@gmail.com> <535D7E54.3030200@msapiro.net> <535D8352.7000007@msapiro.net> <39E81FD4-CC49-4269-A50A-BC2FDBD5AD4F@gmail.com> <1398684888.8990.YahooMailNeo@web172602.mail.ir2.yahoo.com> <81385000-6D66-4FF1-BFC4-C805C6F94F31@gmail.com> Message-ID: <535F0280.6000607@writestarr.com> Google Groups might be a good alternative. I agree with Peter as well... if they have a hard time with email, they're not going to be able to manage a newsreader. Best Regards, Mike -- Mike Starr, Writer Technical Writer - Online Help Developer - WordPress Websites Graphic Designer - Desktop Publisher - Custom Microsoft Word templates (262) 694-1028 - mike at writestarr.com - http://www.writestarr.com President - Working Writers of Wisconsin http://www.workingwriters.org/ On 4/28/2014 5:56 PM, Peter Shute wrote: > We have the same problems. If they can't handle setting up email rules, etc, then they certainly aren't going to be able to handle setting up a newsreader. > > Most of those who complain about the emails are happy to read messages via an archive. The problems start when they want to reply to a message. > > A fully integrated web forum would solve the problem. Yahoo groups can be accessed via the web or by email, but had other problems I can't remember. > > Peter Shute From jdanield at free.fr Tue Apr 29 17:39:06 2014 From: jdanield at free.fr (jdd) Date: Tue, 29 Apr 2014 17:39:06 +0200 Subject: [Mailman-Users] moving mailman Message-ID: <535FC79A.3090809@free.fr> Hello, I hate disturbing you :-(, but I can't manage it myself :-( my original mailman server broke. I had a backup. I loan a new hosted server, mailman is here: http://culte.org/mailman/listinfo the list "test" should be open. I followed all the infos to move mailman from here: http://wiki.list.org/pages/viewpage.action?pageId=4030682, but only mostly, because the infos are old and my distribution is openSUSE, so some minor changes (for example wwwrun:mailman as owner) I try to summarize what I do here: http://dodin.info/wiki/index.php?n=Doc.Mailman#sDoc.Mailman_9 my problem is that mailman seems to work, I can create a mailing list, see the old archives, but I can't have any mail received by mailman... I receive the message if I try to subscribe a list, then nothing - I receive the confirmation message, but no acknowledgement. looks like the mail do not reach mailman. I openned the firewall for smtp, used genaliases.. what can I do? thanks jdd -- http://www.dodin.org -- http://www.dodin.org From drimplants at aol.com Mon Apr 28 22:09:43 2014 From: drimplants at aol.com (Gregori Kurtzman, DDS) Date: Mon, 28 Apr 2014 16:09:43 -0400 (EDT) Subject: [Mailman-Users] Excessive bounces to list members on my list Message-ID: <8D13134EDFA7104-3D5C-22371@webmail-d176.sysops.aol.com> Need some insight and help. I have recently taken over a list that is using mailman v 2.1.14. And we are getting a lot of bounce notices regarding members and de-activation's of their subscriptions due to this. In the bounce notices I get as list manager I see the following 'This message failed DMARC Evaluation" Also members are complaining they see no messages coming from the list or even their own posts. Can any one guide me on this? Greg Gregori M. Kurtzman, DDS, MAGD, FPFA, FACD, FADI, DICOI, DADIA General Practitioner Leisure World Plaza Professional Building 3801 International Drive, Suite 102 Silver Spring, MD 20906 301-598-3500 301-598-9046 (fax) email: drimplants at aol.com www.maryland-implants.com From superuser at gmail.com Tue Apr 29 17:30:54 2014 From: superuser at gmail.com (Murray S. Kucherawy) Date: Tue, 29 Apr 2014 08:30:54 -0700 Subject: [Mailman-Users] Issue approving subscription requests Message-ID: For a list I recently migrated from 2.1.14 on one machine to 2.1.17 on another, I'm unable to approve pending subscription requests. After making my choices and clicking "Submit all data", the radio buttons simply reset themselves with no changes made to the subscriber records. "check_perms -f" and "check_db" make no complaints about my configuration. Is this a bug? Could something have gotten botched in the migration? The lists seem to be operating fine otherwise. -MSK From mark at msapiro.net Tue Apr 29 18:28:44 2014 From: mark at msapiro.net (Mark Sapiro) Date: Tue, 29 Apr 2014 09:28:44 -0700 Subject: [Mailman-Users] Excessive bounces to list members on my list In-Reply-To: <8D13134EDFA7104-3D5C-22371@webmail-d176.sysops.aol.com> References: <8D13134EDFA7104-3D5C-22371@webmail-d176.sysops.aol.com> Message-ID: <535FD33C.6020501@msapiro.net> On 04/28/2014 01:09 PM, Gregori Kurtzman, DDS wrote: > Need some insight and help. I have recently taken over a list that is using mailman v 2.1.14. And we are getting a lot of bounce notices regarding members and de-activation's of their subscriptions due to this. In the bounce notices I get as list manager I see the following 'This message failed DMARC Evaluation" Also members are complaining they see no messages coming from the list or even their own posts. > > > Can any one guide me on this? Go to and read the threads with DMARC or yahoo in the subject. Also, see the FAQ at . -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From mark at msapiro.net Tue Apr 29 18:39:32 2014 From: mark at msapiro.net (Mark Sapiro) Date: Tue, 29 Apr 2014 09:39:32 -0700 Subject: [Mailman-Users] Issue approving subscription requests In-Reply-To: References: Message-ID: <535FD5C4.9020206@msapiro.net> On 04/29/2014 08:30 AM, Murray S. Kucherawy wrote: > For a list I recently migrated from 2.1.14 on one machine to 2.1.17 on > another, I'm unable to approve pending subscription requests. After making > my choices and clicking "Submit all data", the radio buttons simply reset > themselves with no changes made to the subscriber records. See the FAQ at . -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From mark at msapiro.net Tue Apr 29 18:43:07 2014 From: mark at msapiro.net (Mark Sapiro) Date: Tue, 29 Apr 2014 09:43:07 -0700 Subject: [Mailman-Users] moving mailman In-Reply-To: <535FC79A.3090809@free.fr> References: <535FC79A.3090809@free.fr> Message-ID: <535FD69B.9030004@msapiro.net> On 04/29/2014 08:39 AM, jdd wrote: > > I receive the message if I try to subscribe a list, then nothing - I > receive the confirmation message, but no acknowledgement. looks like the > mail do not reach mailman. Look at the logs from your mail server. Does it receive the message? If so, what does it do with it? -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From jdanield at free.fr Tue Apr 29 18:46:26 2014 From: jdanield at free.fr (jdd) Date: Tue, 29 Apr 2014 18:46:26 +0200 Subject: [Mailman-Users] moving mailman In-Reply-To: <535FD69B.9030004@msapiro.net> References: <535FC79A.3090809@free.fr> <535FD69B.9030004@msapiro.net> Message-ID: <535FD762.6020508@free.fr> Le 29/04/2014 18:43, Mark Sapiro a ?crit : > On 04/29/2014 08:39 AM, jdd wrote: >> >> I receive the message if I try to subscribe a list, then nothing - I >> receive the confirmation message, but no acknowledgement. looks like the >> mail do not reach mailman. > > > Look at the logs from your mail server. Does it receive the message? If > so, what does it do with it? > well, I did it, finally. mailman was not guilty :-) it was postfix. some options (interfaces, for example) are not reset by postfix reload, but need a complete stop/start sorry to have disturbed, and thanks for a great piece of software jdd -- http://www.dodin.org From fmouse at fmp.com Tue Apr 29 18:55:30 2014 From: fmouse at fmp.com (Lindsay Haisley) Date: Tue, 29 Apr 2014 11:55:30 -0500 Subject: [Mailman-Users] moving mailman In-Reply-To: <535FD69B.9030004@msapiro.net> References: <535FC79A.3090809@free.fr> <535FD69B.9030004@msapiro.net> Message-ID: <1398790530.61040.20.camel@pudina.fmp.com> On Tue, 2014-04-29 at 09:43 -0700, Mark Sapiro wrote: > > I receive the message if I try to subscribe a list, then nothing - I > > receive the confirmation message, but no acknowledgement. looks like the > > mail do not reach mailman. > > Look at the logs from your mail server. Does it receive the message? If > so, what does it do with it? At the risk of being taken to task for illuminating the obvious .... Probably at least half the problems I see on this list, and several others I'm on, could be definitively addressed, if not completely solved, by reference to system or application logs. Logs are system administrators' first line of inquiry for most problems. I think a lot of people forget how compulsive Unix-like operating systems are about logging nearly everything that happens, and how useful logs can be when something doesn't work as expected. -- Lindsay Haisley | "We have met the enemy and he is us." FMP Computer Services | 512-259-1190 | -- Pogo http://www.fmp.com | From stephen at xemacs.org Tue Apr 29 19:04:01 2014 From: stephen at xemacs.org (Stephen J. Turnbull) Date: Wed, 30 Apr 2014 02:04:01 +0900 Subject: [Mailman-Users] Excessive bounces to list members on my list In-Reply-To: <8D13134EDFA7104-3D5C-22371@webmail-d176.sysops.aol.com> References: <8D13134EDFA7104-3D5C-22371@webmail-d176.sysops.aol.com> Message-ID: <87iopsm5j2.fsf@uwakimon.sk.tsukuba.ac.jp> Gregori Kurtzman, DDS writes: Your address is invalid, I hope you're reading the list. > Need some insight and help. I have recently taken over a list that > is using mailman v 2.1.14. And we are getting a lot of bounce > notices regarding members and de-activation's of their > subscriptions due to this. In the bounce notices I get as list > manager I see the following 'This message failed DMARC Evaluation" > Also members are complaining they see no messages coming from the > list or even their own posts. Yahoo! and AOL have decided that you are not allowed to forward messages from their members, and enforce it using a DMARC policy which requests that receiving mail servers bounce the mail, effectively causing a denial of service attack on their own users. Large services like Yahoo, AOL, and Hotmail seem to be respecting the policy despite the adverse effect on their users (ie, getting unsubscribed). GMail seems to have a more nuanced response so that at least some mailing lists get through. The problem occurs with posts *by* users with Yahoo and AOL addresses, although it is experienced by your entire subscriber base (that is, any subscriber at a service which respects the DMARC policy). There is no generally satisfactory way for mailing lists to deal with this. Several options and a lot of discussion are in the threads with "DMARC" or "Yahoo" in the subject at http://www.mail-archive.com/mailman-users%40python.org/ tl;dr summary is http://www.mail-archive.com/mailman-users%40python.org/msg63959.html The most palatable option for most list operators seems likely to be setting the "from_is_list" option, but that requires Mailman >= 2.1.16 (avoid 2.1.17, IIRC it has a related bug that needs to be patched for from_is_list to work properly, and 2.1.18 is not quite released yet, but should come out literally any day now). Whatever option you adopt for your list, your AOL and Yahoo users should be advised that their email provider's policy is causing the problem, and that they can defend themselves by switching providers (GMail seems to be handling the situation best at the moment). You probably don't want to *advocate* switching, but that's up to you. However, it *is* an effective remedy for the subscriber, if they are willing to pay the (often substantial) annoyance cost of switching email addresses. Regards From jdanield at free.fr Tue Apr 29 19:45:08 2014 From: jdanield at free.fr (jdd) Date: Tue, 29 Apr 2014 19:45:08 +0200 Subject: [Mailman-Users] moving mailman In-Reply-To: <1398790530.61040.20.camel@pudina.fmp.com> References: <535FC79A.3090809@free.fr> <535FD69B.9030004@msapiro.net> <1398790530.61040.20.camel@pudina.fmp.com> Message-ID: <535FE524.90202@free.fr> Le 29/04/2014 18:55, Lindsay Haisley a ?crit : > Probably at least half the problems I see on this list, and several > others I'm on, could be definitively addressed, if not completely > solved, by reference to system or application logs. you are often true. But on this part it was not visible on the logs. and by the way logs are not always easy to find. Mailman's are not (on openSUSE) available in /var/log, but in /var/lib/mailman/logs I use postfix for ten years, now, mailman for a bit less, but still have problems... I try to write down most http://dodin.info/wiki/index.php?n=Doc.Mailman but every install have some different bit :-( but I read most of the mail I see here and this is very useful thanks jdd -- http://www.dodin.org From superuser at gmail.com Tue Apr 29 20:09:49 2014 From: superuser at gmail.com (Murray S. Kucherawy) Date: Tue, 29 Apr 2014 11:09:49 -0700 Subject: [Mailman-Users] Issue approving subscription requests In-Reply-To: <535FD5C4.9020206@msapiro.net> References: <535FD5C4.9020206@msapiro.net> Message-ID: Thanks, Mark. It's almost certainly the redirect issue. Is there a way to do manual approvals from the command line until I can get rid of the redirect? On Apr 29, 2014 9:39 AM, "Mark Sapiro" wrote: > On 04/29/2014 08:30 AM, Murray S. Kucherawy wrote: > > For a list I recently migrated from 2.1.14 on one machine to 2.1.17 on > > another, I'm unable to approve pending subscription requests. After > making > > my choices and clicking "Submit all data", the radio buttons simply reset > > themselves with no changes made to the subscriber records. > > > See the FAQ at . > > -- > Mark Sapiro The highway is for gamblers, > San Francisco Bay Area, California better use your sense - B. Dylan > ------------------------------------------------------ > Mailman-Users mailing list Mailman-Users at python.org > https://mail.python.org/mailman/listinfo/mailman-users > Mailman FAQ: http://wiki.list.org/x/AgA3 > Security Policy: http://wiki.list.org/x/QIA9 > Searchable Archives: > http://www.mail-archive.com/mailman-users%40python.org/ > Unsubscribe: > https://mail.python.org/mailman/options/mailman-users/superuser%40gmail.com > From mark at msapiro.net Tue Apr 29 20:38:39 2014 From: mark at msapiro.net (Mark Sapiro) Date: Tue, 29 Apr 2014 11:38:39 -0700 Subject: [Mailman-Users] Issue approving subscription requests In-Reply-To: References: <535FD5C4.9020206@msapiro.net> Message-ID: <535FF1AF.6040606@msapiro.net> On 04/29/2014 11:09 AM, Murray S. Kucherawy wrote: > Thanks, Mark. It's almost certainly the redirect issue. > > Is there a way to do manual approvals from the command line until I can > get rid of the redirect? See the script at . Also, if you set admin_immed_notify to yes, the notice to the admin has three MIME parts. part 1 is the held post notice; part 2 is the held post itself, and part 3 is another message/rfc822 part which can be 'replied' to by email. If you simply reply to this message, to original post will be discarded, but if you include an 'Approved: password' header (or first body line pseudo header) in the reply, the post will be accepted. In the header, password is the list admin or moderator password or the (new in 2.1.15) poster password. See the Passwords section of the admin interface, although you'll probably not be able to set the poster password for the same reason you can't approve posts, but you can always set it with config_list with input post_password = 'desired_pw_value' -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From superuser at gmail.com Tue Apr 29 20:45:30 2014 From: superuser at gmail.com (Murray S. Kucherawy) Date: Tue, 29 Apr 2014 11:45:30 -0700 Subject: [Mailman-Users] Issue approving subscription requests In-Reply-To: <535FF1AF.6040606@msapiro.net> References: <535FD5C4.9020206@msapiro.net> <535FF1AF.6040606@msapiro.net> Message-ID: What about managing subscription requests? On Apr 29, 2014 11:38 AM, "Mark Sapiro" wrote: > On 04/29/2014 11:09 AM, Murray S. Kucherawy wrote: > > Thanks, Mark. It's almost certainly the redirect issue. > > > > Is there a way to do manual approvals from the command line until I can > > get rid of the redirect? > > > See the script at . > > Also, if you set admin_immed_notify to yes, the notice to the admin has > three MIME parts. part 1 is the held post notice; part 2 is the held > post itself, and part 3 is another message/rfc822 part which can be > 'replied' to by email. If you simply reply to this message, to original > post will be discarded, but if you include an 'Approved: password' > header (or first body line pseudo header) in the reply, the post will be > accepted. In the header, password is the list admin or moderator > password or the (new in 2.1.15) poster password. > > See the Passwords section of the admin interface, although you'll > probably not be able to set the poster password for the same reason you > can't approve posts, but you can always set it with config_list with input > > post_password = 'desired_pw_value' > > -- > Mark Sapiro The highway is for gamblers, > San Francisco Bay Area, California better use your sense - B. Dylan > From cgtyoder at alum.mit.edu Tue Apr 29 21:55:21 2014 From: cgtyoder at alum.mit.edu (Conrad G T Yoder) Date: Tue, 29 Apr 2014 15:55:21 -0400 Subject: [Mailman-Users] Excessive bounces to list members on my list In-Reply-To: <87iopsm5j2.fsf@uwakimon.sk.tsukuba.ac.jp> References: <8D13134EDFA7104-3D5C-22371@webmail-d176.sysops.aol.com> <87iopsm5j2.fsf@uwakimon.sk.tsukuba.ac.jp> Message-ID: On Apr 29, 2014, at 1:04 PM, Stephen J. Turnbull wrote: > Large services > like Yahoo, AOL, and Hotmail seem to be respecting the policy despite > the adverse effect on their users (ie, getting unsubscribed). Pretty sure Hotmail has not set their dmarc record to reject. Where are you seeing this? -Conrad -- Be safe - be suspicious. From fmouse at fmp.com Tue Apr 29 22:18:20 2014 From: fmouse at fmp.com (Lindsay Haisley) Date: Tue, 29 Apr 2014 15:18:20 -0500 Subject: [Mailman-Users] Excessive bounces to list members on my list In-Reply-To: References: <8D13134EDFA7104-3D5C-22371@webmail-d176.sysops.aol.com> <87iopsm5j2.fsf@uwakimon.sk.tsukuba.ac.jp> Message-ID: <1398802700.61040.23.camel@pudina.fmp.com> On Tue, 2014-04-29 at 15:55 -0400, Conrad G T Yoder wrote: > On Apr 29, 2014, at 1:04 PM, Stephen J. Turnbull > wrote: > > > Large services > > like Yahoo, AOL, and Hotmail seem to be respecting the policy > despite > > the adverse effect on their users (ie, getting unsubscribed). > > Pretty sure Hotmail has not set their dmarc record to reject. Where > are you seeing this? They don't have to. All they have to do is respect AOL's and Yahoo's DMARC p=reject record and bounce non-aligning email from these ESPs accordingly. -- Lindsay Haisley | "Everything works if you let it" FMP Computer Services | 512-259-1190 | --- The Roadie http://www.fmp.com | From fmouse at fmp.com Tue Apr 29 22:26:14 2014 From: fmouse at fmp.com (Lindsay Haisley) Date: Tue, 29 Apr 2014 15:26:14 -0500 Subject: [Mailman-Users] Excessive bounces to list members on my list In-Reply-To: <1398802700.61040.23.camel@pudina.fmp.com> References: <8D13134EDFA7104-3D5C-22371@webmail-d176.sysops.aol.com> <87iopsm5j2.fsf@uwakimon.sk.tsukuba.ac.jp> <1398802700.61040.23.camel@pudina.fmp.com> Message-ID: <1398803174.61040.27.camel@pudina.fmp.com> On Tue, 2014-04-29 at 15:18 -0500, Lindsay Haisley wrote: > On Tue, 2014-04-29 at 15:55 -0400, Conrad G T Yoder wrote: > > On Apr 29, 2014, at 1:04 PM, Stephen J. Turnbull > > > wrote: > > > > > Large services like Yahoo, AOL, and Hotmail seem to be respecting > > > the policy despite the adverse effect on their users (ie, getting > > > unsubscribed). > > > > Pretty sure Hotmail has not set their dmarc record to reject. Where > > are you seeing this? > > They don't have to. All they have to do is respect AOL's and Yahoo's > DMARC p=reject record and bounce non-aligning email from these ESPs > accordingly. Actually, to be more accurate, all they have to do is respect AOL's and Yahoo's DMARC p=reject record and bounce non-aligning email which has a header From address indicating that the _author_ has an address with these ESPs. Sorry for the imprecision. -- Lindsay Haisley | "Behold! Our way lies through a FMP Computer Services | dark wood whence in which 512-259-1190 | weirdness may wallow!? http://www.fmp.com | --Beauregard From brennan at columbia.edu Tue Apr 29 22:25:01 2014 From: brennan at columbia.edu (Joseph Brennan) Date: Tue, 29 Apr 2014 16:25:01 -0400 Subject: [Mailman-Users] Excessive bounces to list members on my list In-Reply-To: <1398802700.61040.23.camel@pudina.fmp.com> References: <8D13134EDFA7104-3D5C-22371@webmail-d176.sysops.aol.com> <87iopsm5j2.fsf@uwakimon.sk.tsukuba.ac.jp> <1398802700.61040.23.camel@pudina.fmp.com> Message-ID: <9E0F600A2292D67CE4396497@sodor.cc.columbia.edu> Lindsay Haisley wrote: > They don't have to. All they have to do is respect AOL's and Yahoo's > DMARC p=reject record and bounce non-aligning email from these ESPs > accordingly. I think Gmail is doing the same. It's a touch evil to make mail from aol and yahoo less deliverable than your own... but it's what they asked for. Joseph Brennan Columbia University Information Technology From mark at msapiro.net Tue Apr 29 23:49:28 2014 From: mark at msapiro.net (Mark Sapiro) Date: Tue, 29 Apr 2014 14:49:28 -0700 Subject: [Mailman-Users] Issue approving subscription requests In-Reply-To: References: <535FD5C4.9020206@msapiro.net> <535FF1AF.6040606@msapiro.net> Message-ID: <53601E68.7020202@msapiro.net> On 04/29/2014 11:45 AM, Murray S. Kucherawy wrote: > What about managing subscription requests? This script will do those too. > See the script at . The following won't work for (un)subscription because the notice to the admin doesn't contain the confirm message/token. > Also, if you set admin_immed_notify to yes, the notice to the admin has > three MIME parts. part 1 is the held post notice; part 2 is the held > post itself, and part 3 is another message/rfc822 part which can be > 'replied' to by email. If you simply reply to this message, to original > post will be discarded, but if you include an 'Approved: password' > header (or first body line pseudo header) in the reply, the post will be > accepted. In the header, password is the list admin or moderator > password or the (new in 2.1.15) poster password. > > See the Passwords section of the admin interface, although you'll > probably not be able to set the poster password for the same reason you > can't approve posts, but you can always set it with config_list with > input > > post_password = 'desired_pw_value' And the above won't work either. The file contents need to be from Mailman.Utils import sha_new post_password = sha_new('desired_pw_value').hexdigest() del sha_new I forgot that config_list won't do the encryption. Also, the 'del sha_new' line isn't mandatory, but omitting it will result in an 'attribute "sha_new" ignored' warning from config_list. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From mark at msapiro.net Wed Apr 30 01:32:18 2014 From: mark at msapiro.net (Mark Sapiro) Date: Tue, 29 Apr 2014 16:32:18 -0700 Subject: [Mailman-Users] Excessive bounces to list members on my list In-Reply-To: <9E0F600A2292D67CE4396497@sodor.cc.columbia.edu> References: <8D13134EDFA7104-3D5C-22371@webmail-d176.sysops.aol.com> <87iopsm5j2.fsf@uwakimon.sk.tsukuba.ac.jp> <1398802700.61040.23.camel@pudina.fmp.com> <9E0F600A2292D67CE4396497@sodor.cc.columbia.edu> Message-ID: <53603682.1070505@msapiro.net> On 04/29/2014 01:25 PM, Joseph Brennan wrote: > > I think Gmail is doing the same. It's a touch evil to make mail from > aol and yahoo less deliverable than your own... but it's what they asked > for. Gmail is honoring DMARC p=reject, but they have some magic for not applying it to mail from some lists. How they recognize list mail is probably a trade secret. They are also rewriting From: headers in outgoing googlegroups posts whose original From: address is in a domain with DMARC p=reject. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From mark at msapiro.net Wed Apr 30 04:11:07 2014 From: mark at msapiro.net (Mark Sapiro) Date: Tue, 29 Apr 2014 19:11:07 -0700 Subject: [Mailman-Users] Excessive bounces to list members on my list In-Reply-To: <201404300146.s3U1kelv032045@sharky2.deepsoft.com> References: <8D13134EDFA7104-3D5C-22371@webmail-d176.sysops.aol.com> <87iopsm5j2.fsf@uwakimon.sk.tsukuba.ac.jp> <1398802700.61040.23.camel@pudina.fmp.com> <9E0F600A2292D67CE4396497@sodor.cc.columbia.edu> <53603682.1070505@msapiro.net> <201404300146.s3U1kelv032045@sharky2.deepsoft.com> Message-ID: <53605BBB.7030106@msapiro.net> On 04/29/2014 06:46 PM, Robert Heller wrote: > > Actually probably not. I think the giveaway is the presense of the various > list specific headers (X-Mailman-Version:, List-Id:, List-Unsubscribe:, > List-Archive:, List-Post:, List-Help:, and List-Subscribe:). In other words, > they are using a *smart* filtering program, and not some dumb clueless test. Actually, I tested with a list message with a yahoo.com from with no RFC 2369 List-* headers added and it still went through to a gmail recipient, even though a non-list message from the same server with a yahoo.com from was rejected for DMARC policy by gmail. And think about it. If it were based on the presence of various headers, how long to you think it would take the black hats to figure out what they were and just put those headers into their phishing mails? -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From jimpop at gmail.com Wed Apr 30 04:20:11 2014 From: jimpop at gmail.com (Jim Popovitch) Date: Tue, 29 Apr 2014 22:20:11 -0400 Subject: [Mailman-Users] Excessive bounces to list members on my list In-Reply-To: <53605BBB.7030106@msapiro.net> References: <8D13134EDFA7104-3D5C-22371@webmail-d176.sysops.aol.com> <87iopsm5j2.fsf@uwakimon.sk.tsukuba.ac.jp> <1398802700.61040.23.camel@pudina.fmp.com> <9E0F600A2292D67CE4396497@sodor.cc.columbia.edu> <53603682.1070505@msapiro.net> <201404300146.s3U1kelv032045@sharky2.deepsoft.com> <53605BBB.7030106@msapiro.net> Message-ID: On Tue, Apr 29, 2014 at 10:11 PM, Mark Sapiro wrote: > And think about it. If it were based on the presence of various headers, > how long to you think it would take the black hats to figure out what > they were and just put those headers into their phishing mails? :-) If not that, they the black hats could/would/did just add DKIM+SPF+DMARC to their own yaaho.com, yahho.com, yahooo.com, etc. domains. After all, Granny Smith never looks at the domain, she just looks at From: "Flower of the Month Club" (which is likely long enough to push the right off the right side of the header field. In 2 years people will be wondering how DMARC did hardly anything to slow miscreants, just like some wondered why SPF, DKIM, PGP, SenderID, etc didn't solved all of mankind's problems. -Jim P. From stephen at xemacs.org Wed Apr 30 06:02:13 2014 From: stephen at xemacs.org (Stephen J. Turnbull) Date: Wed, 30 Apr 2014 13:02:13 +0900 Subject: [Mailman-Users] moving mailman In-Reply-To: <535FE524.90202@free.fr> References: <535FC79A.3090809@free.fr> <535FD69B.9030004@msapiro.net> <1398790530.61040.20.camel@pudina.fmp.com> <535FE524.90202@free.fr> Message-ID: <87ha5bmpmi.fsf@uwakimon.sk.tsukuba.ac.jp> jdd writes: > and by the way logs are not always easy to find. Mailman's are not (on > openSUSE) available in /var/log, but in /var/lib/mailman/logs True. Postfix has a utility "postconf" and Mailman 3 will have a similar capability ("mailman info" IIRC; maybe Mailman 2 has it too?) that allows you to print out application configuration, including log locations. (Of course if you use syslog or something like that the location will be determined by the syslog application. *sigh* -- but at least then it should be in /var/log somewhere.) I don't *expect* anybody to remember this advice, but it *might* save somebody some hairpulling someday, so I mention it. :-) From stephen at xemacs.org Wed Apr 30 06:10:02 2014 From: stephen at xemacs.org (Stephen J. Turnbull) Date: Wed, 30 Apr 2014 13:10:02 +0900 Subject: [Mailman-Users] Excessive bounces to list members on my list In-Reply-To: References: <8D13134EDFA7104-3D5C-22371@webmail-d176.sysops.aol.com> <87iopsm5j2.fsf@uwakimon.sk.tsukuba.ac.jp> <1398802700.61040.23.camel@pudina.fmp.com> <9E0F600A2292D67CE4396497@sodor.cc.columbia.edu> <53603682.1070505@msapiro.net> <201404300146.s3U1kelv032045@sharky2.deepsoft.com> <53605BBB.7030106@msapiro.net> Message-ID: <87fvkvmp9h.fsf@uwakimon.sk.tsukuba.ac.jp> Jim Popovitch writes: > In 2 years people will be wondering how DMARC did hardly anything to > slow miscreants, just like some wondered why SPF, DKIM, PGP, SenderID, > etc didn't solved all of mankind's problems. N.B. PGP *would* solve the world's problems if the GPG folks would spend more time on usability and less time on ever more arcane algorithms with the intent of keeping out the FBI and the NSA (who, as Jamie Z so pithily points out, have subpoenas and black helicopters[1] respectively, so there's little point in having crypto they can't crack). Footnotes: [1] OK, CIA and "Division", not the NSA, but the {FS,EF}Fanatics don't worry about the difference. From jdanield at free.fr Wed Apr 30 08:46:01 2014 From: jdanield at free.fr (jdd) Date: Wed, 30 Apr 2014 08:46:01 +0200 Subject: [Mailman-Users] moving mailman In-Reply-To: <87ha5bmpmi.fsf@uwakimon.sk.tsukuba.ac.jp> References: <535FC79A.3090809@free.fr> <535FD69B.9030004@msapiro.net> <1398790530.61040.20.camel@pudina.fmp.com> <535FE524.90202@free.fr> <87ha5bmpmi.fsf@uwakimon.sk.tsukuba.ac.jp> Message-ID: <53609C29.3000800@free.fr> Le 30/04/2014 06:02, Stephen J. Turnbull a ?crit : > I don't *expect* anybody to remember this advice, but it *might* save > somebody some hairpulling someday, so I mention it. :-) > yes, postconf -n is very usefull testing these applications is very difficult, because many apps are implicated in ther same process, postfix, procmail, fetchmail, mailman, inn, the firewall for example I sent a handfull of test message, anyone arrived after the completion of postfix setup, all at the same time :-) jdd -- http://www.dodin.org From sherwindu at att.net Wed Apr 30 08:56:41 2014 From: sherwindu at att.net (sherwin) Date: Wed, 30 Apr 2014 01:56:41 -0500 Subject: [Mailman-Users] Disappearing messages Message-ID: <53609EA9.1040509@att.net> Hi, I run a forum on Ibiblio and am seeing a strange phenomenon lately. Messages are dropping off for certain users like AT&T, sbcglobal, etc. Gmail users are seeing these messages as Spam, but others are seeing nothing. Strangely, these messages do appear in the Archives of Ibiblio. Many of these messages are sent from AOL subscribers and Yahoo. I am being told that AOL and Yahoo are appending certain things to their headers which makes them incompatible with standard practices. Whatever, Ibiblio seems to accept these messages and attempts to send them out. They either wind up in Spam folders or never appear, at all. Unfortunately, if these messages are being filtered by some server, some of our users are not aware that they were even sent and no error messages are generated. I would like to know what is happening to these missing messages that do not show up in Inbox's, Spam Folders, or Trash Folders. Do I tell our AOL users to stop sending messages to our forum? Sherwin Dubren Administrator of Midfex Forum on Ibiblio From stephen at xemacs.org Wed Apr 30 10:50:05 2014 From: stephen at xemacs.org (Stephen J. Turnbull) Date: Wed, 30 Apr 2014 17:50:05 +0900 Subject: [Mailman-Users] Disappearing messages In-Reply-To: <53609EA9.1040509@att.net> References: <53609EA9.1040509@att.net> Message-ID: <87bnvjmcaq.fsf@uwakimon.sk.tsukuba.ac.jp> sherwin writes: > I run a forum on Ibiblio and am seeing a strange phenomenon > lately. It's not a phenomenon, it's a policy of Yahoo! and AOL. The other services' users are "collateral damage", as the US DoD likes to say. > I would like to know what is happening to these missing messages that do > not show up For pointers to the full dope: http://www.mail-archive.com/mailman-users%40python.org/msg64211.html > in Inbox's, Spam Folders, or Trash Folders. Do I tell our AOL users to > stop sending messages to our forum? I can't *recommend* that as it's not really the users' fault (BTW, you'd also need to censor the Yahoo! users), but I'd love to see you do it. :-| From pshute at nuw.org.au Wed Apr 30 11:11:01 2014 From: pshute at nuw.org.au (Peter Shute) Date: Wed, 30 Apr 2014 19:11:01 +1000 Subject: [Mailman-Users] Excessive bounces to list members on my list In-Reply-To: <53603682.1070505@msapiro.net> References: <8D13134EDFA7104-3D5C-22371@webmail-d176.sysops.aol.com> <87iopsm5j2.fsf@uwakimon.sk.tsukuba.ac.jp> <1398802700.61040.23.camel@pudina.fmp.com> <9E0F600A2292D67CE4396497@sodor.cc.columbia.edu> <53603682.1070505@msapiro.net> Message-ID: <70300038-2EC1-4B53-AB6E-8F791A4FF0C9@nuw.org.au> > On 30 Apr 2014, at 9:32 am, "Mark Sapiro" wrote: > > They are also rewriting From: headers in outgoing googlegroups posts > whose original From: address is in a domain with DMARC p=reject. Is yahoo doing the same thing for yahoo groups? Peter Shute From jsetton at waycast.com Wed Apr 30 13:08:05 2014 From: jsetton at waycast.com (Jacques Setton) Date: Wed, 30 Apr 2014 13:08:05 +0200 Subject: [Mailman-Users] 'Undelivered Mail Returned to Sender' error when using an e-mail from a domain co-hosted with the one used for Mailman lists References: <53589A9C.4070802@msapiro.net> <53589EF5.6090205@msapiro.net> <5359962E.8030206@msapiro.net> <535AAC01.7040903@msapiro.net> Message-ID: <00c801cf6464$78a525f0$69ef71d0$@waycast.com> Following on my last below post, I'd wish to report a small additional problem that I encountered after applying the '$alias_maps' fix to the 'local_recipient_maps' parameter. Whereas it effectively solved the 'Undelivered Mail Returned to Sender' issue when using a mail account from say virtual 'domain.net' co-hosted with say virtual 'domain.org' on the same physical VPS, it didn't resolve it when using a mail account from the same domain attributed to Mailman (as declared in the 'mm_cf.py' file)... To illustrate this, here is the related case set-up : - domain.net and domain.org are co-resident on the same host VPS12345, - domain.org is the one we use for mailman lists - link : http://lists.domain.org/mailman/listinfo, - we get no mail rejection when using the account name1 at domain.net with a list created on 'lists.domain.org' (after the previous fix), - we get an 'Unknown User' mail rejection when using the name2 at domain.org with a list created on 'lists.domain.org' (new problem observed). The kind of rejection error notification we then get is depicted thereafter : ____________________________ *** POST SUBMISSION TO TESTLIST *** From : Admin Lists DomainORG [mailto:admin-lists at domain.org] Sent : tuesday 29 april 2014 20:11 To : testlist at domain.org Subject : < Some topic line... > < Some content to publication on the TestList list... > *** UNDELIVERED MAIL NOTIFICATION RESPONSE *** From : MAILER-DAEMON (Mail Delivery System) [mailto:MAILER-DAEMON (Mail Delivery System)] Sent : tuesday 29 april 2014 20:11 To : admin-lists at domain.org Subject : Undelivered Mail Returned to Sender This is the mail system at host vps12345.ovh.net. I'm sorry to have to inform you that your message could not be delivered to one or more recipients. It's attached below. For further assistance, please send mail to postmaster. If you do so, please include this problem report. You can delete your own text from the attached returned message. The mail system < testlist at domain.org > : user unknown _____________________________ Is there another Postfix parameter which govern the behavior of local 'unix:passwd.byname' versus 'virtual-mailman' type email accounts defined on the SAME DOMAIN as the one specifically used for Mailman ? If it turns out that there is a restriction on such particular usage, we could live with it by not using same domain-based email addresses as the one devoted to Mailman. Many thanks for any hint regarding such reported behavior... - - - Jacques Setton jsetton at waycast.com -----Message d'origine----- De?: Jacques Setton [mailto:jsetton at waycast.com] Envoy??: dimanche 27 avril 2014 21:05 ??: 'Mark Sapiro' Cc?: 'mailman-users at python.org' Objet?: RE: [Mailman-Users] 'Undelivered Mail Returned to Sender' error when using an e-mail from a domain co-hosted with the one used for Mailman lists >> By default, local_recipient_maps includes $alias_maps, and I *think* it should in your case. >> Why this lack would cause Postfix to use the virtual_transport rather >> than local in just this one case is really a question for >> postfix-users at postfix.org or some other Postfix resource, but you >> might try local_recipient_maps = unix:passwd.byname $alias_maps Very well spotted ! This is indeed the source of the mail rejection behavior that I have reported on when using a locally-hosted mail accounts on the same VPS which also hosts Mailman. The 'postconf -d' command output shows the following default setting : alias_maps = hash:/etc/aliases, nis:mail.aliases local_recipient_maps = proxy:unix:passwd.byname $alias_maps The 'postconf -n' command output shows the following (re)specified setting : alias_maps = hash:/etc/aliases, hash:/etc/mailman/aliases local_recipient_maps = unix:passwd.byname For some unclear reason, in the distribution we are using the '$allias_maps' parameter had been removed from the 'local_recipient_maps' setting in the Postfix 'main.cf' configuration file. After redefining the line as "local_recipient_maps = unix:passwd.byname $alias_maps" and doing a few test, it appears that we can now successfully use local mail accounts in relation with Mailman. >> or simply removing that line from main.cf and see if that helps. No need to do that as the above corrective action did fully resolve the problem. Many thanks, Mark, for your very effective guidance on this issue ! - - - Jacques Setton jsetton at waycast.com From jsetton at waycast.com Wed Apr 30 13:35:41 2014 From: jsetton at waycast.com (Jacques Setton) Date: Wed, 30 Apr 2014 13:35:41 +0200 Subject: [Mailman-Users] Q : Is there a possibility to localize / customize the standard Mailman lists home page / UI look ? Message-ID: Currently, when choosing a specific local language (French in our case) for Mailman' lists user interface, I have noticed that the standard home page (for example the one depicted by 'lists.domain.org/mailman/listinfo') remains in the English language. Would there be a possibility to localize that page as well ? While being on this topic, I'd like also to know if it is possible to customize the general look & feel of the display UI say, at the minimum, eventually replace or add a custom logo at the level of the Mailman/Python logos appearing at the bottom of each page ? Many thanks for any guidance on such localization/customization aspect of the UI. - - - Jacques Setton jsetton at wacyast.com From cgarch at sonic.net Tue Apr 29 22:17:52 2014 From: cgarch at sonic.net (Craig Gaevert) Date: Tue, 29 Apr 2014 13:17:52 -0700 Subject: [Mailman-Users] Excessive bounces to list members on my list In-Reply-To: References: <8D13134EDFA7104-3D5C-22371@webmail-d176.sysops.aol.com> <87iopsm5j2.fsf@uwakimon.sk.tsukuba.ac.jp> Message-ID: <9AAC2EF3-C5CC-4B8A-903C-89597744C4C1@sonic.net> It has been my experience that Yahoo is handling email for pacbell.net, sbcglobal.net, hotmail, and yes even Comcast, as well as a business domain hosted through sbcglobal - all based on a review of the bounce notices I?ve received for the lists I manage. Other info - my lists are hosted at Sonic.net which is still running 2.1.11. I?m a newb here, mostly trying to track what?s going on with the DMARC issues. Craig Gaevert srcc-c-owner at lists.sonic.net On 29 Apr 2014, at 12:55 , Conrad G T Yoder wrote: > On Apr 29, 2014, at 1:04 PM, Stephen J. Turnbull wrote: > >> Large services >> like Yahoo, AOL, and Hotmail seem to be respecting the policy despite >> the adverse effect on their users (ie, getting unsubscribed). > > Pretty sure Hotmail has not set their dmarc record to reject. Where are you seeing this? > > -Conrad > > -- > Be safe - be suspicious. > > ------------------------------------------------------ > Mailman-Users mailing list Mailman-Users at python.org > https://mail.python.org/mailman/listinfo/mailman-users > Mailman FAQ: http://wiki.list.org/x/AgA3 > Security Policy: http://wiki.list.org/x/QIA9 > Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ > Unsubscribe: https://mail.python.org/mailman/options/mailman-users/cgarch%40sonic.net > From finches at portadmiral.org Wed Apr 30 15:20:15 2014 From: finches at portadmiral.org (Larry Finch) Date: Wed, 30 Apr 2014 09:20:15 -0400 Subject: [Mailman-Users] Excessive bounces to list members on my list In-Reply-To: <70300038-2EC1-4B53-AB6E-8F791A4FF0C9@nuw.org.au> References: <8D13134EDFA7104-3D5C-22371@webmail-d176.sysops.aol.com> <87iopsm5j2.fsf@uwakimon.sk.tsukuba.ac.jp> <1398802700.61040.23.camel@pudina.fmp.com> <9E0F600A2292D67CE4396497@sodor.cc.columbia.edu> <53603682.1070505@msapiro.net> <70300038-2EC1-4B53-AB6E-8F791A4FF0C9@nuw.org.au> Message-ID: <607E588A-E1EF-480D-964E-9BA03FB82A00@portadmiral.org> On Apr 30, 2014, at 5:11 AM, Peter Shute wrote: >> On 30 Apr 2014, at 9:32 am, "Mark Sapiro" wrote: >> >> They are also rewriting From: headers in outgoing googlegroups posts >> whose original From: address is in a domain with DMARC p=reject. > > Is yahoo doing the same thing for yahoo groups? > Yahoo doesn?t have to. Mail from a Yahoo group already has a Yahoo domain in the From field - the group address. best regards, Larry -- Larry Finch finches at portadmiral.org From heller at deepsoft.com Tue Apr 29 20:14:54 2014 From: heller at deepsoft.com (Robert Heller) Date: Tue, 29 Apr 2014 14:14:54 -0400 Subject: [Mailman-Users] Excessive bounces to list members on my list In-Reply-To: <8D13134EDFA7104-3D5C-22371@webmail-d176.sysops.aol.com> References: <8D13134EDFA7104-3D5C-22371@webmail-d176.sysops.aol.com> Message-ID: <201404291814.s3TIEsY2017310@sharky2.deepsoft.com> At Mon, 28 Apr 2014 16:09:43 -0400 (EDT) "Gregori Kurtzman, DDS" wrote: > > Need some insight and help. I have recently taken over a list that is using > mailman v 2.1.14. And we are getting a lot of bounce notices regarding > members and de-activation's of their subscriptions due to this. In the > bounce notices I get as list manager I see the following 'This message > failed DMARC Evaluation" Also members are complaining they see no messages > coming from the list or even their own posts. I too have recently been having this problem with mailman 2.1.9 (stock version under CentOS 5). I belive it is due to the sort of measures AOL, Yahoo, and Hotmail have undertaken to deal with spam and phishing E-Mails. I *think* you need to upgrade to mailman 2.1.16 or later and then make use of DKIM and the the from_as_list feature of mailman 2.1.16. > > > Can any one guide me on this? > Greg > > > Gregori M. Kurtzman, DDS, MAGD, FPFA, FACD, FADI, DICOI, DADIA > General Practitioner > Leisure World Plaza Professional Building > 3801 International Drive, Suite 102 > Silver Spring, MD 20906 > 301-598-3500 > 301-598-9046 (fax) > email: drimplants at aol.com > www.maryland-implants.com > > ------------------------------------------------------ > Mailman-Users mailing list Mailman-Users at python.org > https://mail.python.org/mailman/listinfo/mailman-users > Mailman FAQ: http://wiki.list.org/x/AgA3 > Security Policy: http://wiki.list.org/x/QIA9 > Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ > Unsubscribe: https://mail.python.org/mailman/options/mailman-users/heller%40deepsoft.com > > -- Robert Heller -- 978-544-6933 / heller at deepsoft.com Deepwoods Software -- http://www.deepsoft.com/ () ascii ribbon campaign -- against html e-mail /\ www.asciiribbon.org -- against proprietary attachments From heller at deepsoft.com Tue Apr 29 22:39:51 2014 From: heller at deepsoft.com (Robert Heller) Date: Tue, 29 Apr 2014 16:39:51 -0400 Subject: [Mailman-Users] Excessive bounces to list members on my list In-Reply-To: References: <8D13134EDFA7104-3D5C-22371@webmail-d176.sysops.aol.com> <87iopsm5j2.fsf@uwakimon.sk.tsukuba.ac.jp> Message-ID: <201404292039.s3TKdpnn023308@sharky2.deepsoft.com> At Tue, 29 Apr 2014 15:55:21 -0400 Conrad G T Yoder wrote: > > On Apr 29, 2014, at 1:04 PM, Stephen J. Turnbull wrote: > > > Large services > > like Yahoo, AOL, and Hotmail seem to be respecting the policy despite > > the adverse effect on their users (ie, getting unsubscribed). > > Pretty sure Hotmail has not set their dmarc record to reject. Where are you > seeing this? When a @yahoo.com or @aol.com user posts something, @yahoo.com, @aol.com, @netscape.net, @hotmail.com and @live.com users get bounces and eventually get their subscriptions disabled. I don't think when someone *from* @hotmail.com causes problems. In the case of my list, there are *many* people with Yahoo addresses, so there are often *multiple* people posting from Yahoo addresses and they accumulate. > > -Conrad > > -- > Be safe - be suspicious. > > ------------------------------------------------------ > Mailman-Users mailing list Mailman-Users at python.org > https://mail.python.org/mailman/listinfo/mailman-users > Mailman FAQ: http://wiki.list.org/x/AgA3 > Security Policy: http://wiki.list.org/x/QIA9 > Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ > Unsubscribe: https://mail.python.org/mailman/options/mailman-users/heller%40deepsoft.com > > -- Robert Heller -- 978-544-6933 / heller at deepsoft.com Deepwoods Software -- http://www.deepsoft.com/ () ascii ribbon campaign -- against html e-mail /\ www.asciiribbon.org -- against proprietary attachments From heller at deepsoft.com Wed Apr 30 03:46:40 2014 From: heller at deepsoft.com (Robert Heller) Date: Tue, 29 Apr 2014 21:46:40 -0400 Subject: [Mailman-Users] Excessive bounces to list members on my list In-Reply-To: <53603682.1070505@msapiro.net> References: <8D13134EDFA7104-3D5C-22371@webmail-d176.sysops.aol.com> <87iopsm5j2.fsf@uwakimon.sk.tsukuba.ac.jp> <1398802700.61040.23.camel@pudina.fmp.com> <9E0F600A2292D67CE4396497@sodor.cc.columbia.edu> <53603682.1070505@msapiro.net> Message-ID: <201404300146.s3U1kelv032045@sharky2.deepsoft.com> At Tue, 29 Apr 2014 16:32:18 -0700 Mark Sapiro wrote: > > On 04/29/2014 01:25 PM, Joseph Brennan wrote: > > > > I think Gmail is doing the same. It's a touch evil to make mail from > > aol and yahoo less deliverable than your own... but it's what they asked > > for. > > > Gmail is honoring DMARC p=reject, but they have some magic for not > applying it to mail from some lists. How they recognize list mail is > probably a trade secret. Actually probably not. I think the giveaway is the presense of the various list specific headers (X-Mailman-Version:, List-Id:, List-Unsubscribe:, List-Archive:, List-Post:, List-Help:, and List-Subscribe:). In other words, they are using a *smart* filtering program, and not some dumb clueless test. > > They are also rewriting From: headers in outgoing googlegroups posts > whose original From: address is in a domain with DMARC p=reject. > -- Robert Heller -- 978-544-6933 / heller at deepsoft.com Deepwoods Software -- http://www.deepsoft.com/ () ascii ribbon campaign -- against html e-mail /\ www.asciiribbon.org -- against proprietary attachments From rpschwar at knology.net Wed Apr 30 04:43:38 2014 From: rpschwar at knology.net (Robert P. Schwartz) Date: Tue, 29 Apr 2014 21:43:38 -0500 Subject: [Mailman-Users] email to specific account Message-ID: <48603D97FF9843D28115AEC3DEC7C2B9@SchwartzDT> I am a member of multiple email lists from different sources and I have multiple email addresses set up. It appears that emails from my yahoo.com account are not receiving messages. I have checked with other and it appears that if they use yahoo, they are not getting the email either. It happens with multiple email lists from totally different sources. There is one source I know of the their yahoo users are getting the emails. It there a setting I can check or somewhere else I can look at? Robert P. Schwartz 206 Cedar Pond Drive Madison, AL 35757 Phone: 256.830.2933 Cell: 256.509.2981 E-mail: rpschwar at knology.net From rpschwar at knology.net Wed Apr 30 14:50:36 2014 From: rpschwar at knology.net (Robert P. Schwartz) Date: Wed, 30 Apr 2014 07:50:36 -0500 Subject: [Mailman-Users] Disappearing messages In-Reply-To: <53609EA9.1040509@att.net> References: <53609EA9.1040509@att.net> Message-ID: I am having a same problem with Yahoo messages. If I send a message from my Yahoo account and have "ack" set for the users, I get the acknowledgment that the message was sent but not the actual message. This has been happening for about the last month. -----Original Message----- From: Mailman-Users [mailto:mailman-users-bounces+rpschwar=knology.net at python.org] On Behalf Of sherwin Sent: Wednesday, April 30, 2014 1:57 AM To: mailman-users at python.org Subject: [Mailman-Users] Disappearing messages Hi, I run a forum on Ibiblio and am seeing a strange phenomenon lately. Messages are dropping off for certain users like AT&T, sbcglobal, etc. Gmail users are seeing these messages as Spam, but others are seeing nothing. Strangely, these messages do appear in the Archives of Ibiblio. Many of these messages are sent from AOL subscribers and Yahoo. I am being told that AOL and Yahoo are appending certain things to their headers which makes them incompatible with standard practices. Whatever, Ibiblio seems to accept these messages and attempts to send them out. They either wind up in Spam folders or never appear, at all. Unfortunately, if these messages are being filtered by some server, some of our users are not aware that they were even sent and no error messages are generated. I would like to know what is happening to these missing messages that do not show up in Inbox's, Spam Folders, or Trash Folders. Do I tell our AOL users to stop sending messages to our forum? Sherwin Dubren Administrator of Midfex Forum on Ibiblio ------------------------------------------------------ Mailman-Users mailing list Mailman-Users at python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/rpschwar%40knology.net ----- No virus found in this message. Checked by AVG - www.avg.com Version: 2013.0.3469 / Virus Database: 3722/7414 - Release Date: 04/29/14 From rpschwar at knology.net Wed Apr 30 14:53:01 2014 From: rpschwar at knology.net (Robert P. Schwartz) Date: Wed, 30 Apr 2014 07:53:01 -0500 Subject: [Mailman-Users] Disappearing messages In-Reply-To: <87bnvjmcaq.fsf@uwakimon.sk.tsukuba.ac.jp> References: <53609EA9.1040509@att.net> <87bnvjmcaq.fsf@uwakimon.sk.tsukuba.ac.jp> Message-ID: >From some mailing list, the yahoo user's are getting the messages. Obviously, there are some setting that they did that other's not have. What could it be? -----Original Message----- From: Mailman-Users [mailto:mailman-users-bounces+rpschwar=knology.net at python.org] On Behalf Of Stephen J. Turnbull Sent: Wednesday, April 30, 2014 3:50 AM To: sherwin Cc: mailman-users at python.org Subject: [Mailman-Users] Disappearing messages sherwin writes: > I run a forum on Ibiblio and am seeing a strange phenomenon > lately. It's not a phenomenon, it's a policy of Yahoo! and AOL. The other services' users are "collateral damage", as the US DoD likes to say. > I would like to know what is happening to these missing messages that do > not show up For pointers to the full dope: http://www.mail-archive.com/mailman-users%40python.org/msg64211.html > in Inbox's, Spam Folders, or Trash Folders. Do I tell our AOL users to > stop sending messages to our forum? I can't *recommend* that as it's not really the users' fault (BTW, you'd also need to censor the Yahoo! users), but I'd love to see you do it. :-| ------------------------------------------------------ Mailman-Users mailing list Mailman-Users at python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/rpschwar%40knology.net ----- No virus found in this message. Checked by AVG - www.avg.com Version: 2013.0.3469 / Virus Database: 3722/7414 - Release Date: 04/29/14 From finches at portadmiral.org Wed Apr 30 15:50:13 2014 From: finches at portadmiral.org (Larry Finch) Date: Wed, 30 Apr 2014 09:50:13 -0400 Subject: [Mailman-Users] Excessive bounces to list members on my list In-Reply-To: <9AAC2EF3-C5CC-4B8A-903C-89597744C4C1@sonic.net> References: <8D13134EDFA7104-3D5C-22371@webmail-d176.sysops.aol.com> <87iopsm5j2.fsf@uwakimon.sk.tsukuba.ac.jp> <9AAC2EF3-C5CC-4B8A-903C-89597744C4C1@sonic.net> Message-ID: <4EA05237-501B-4484-8FA6-98D3905D273F@portadmiral.org> On Apr 29, 2014, at 4:17 PM, Craig Gaevert wrote: > It has been my experience that Yahoo is handling email for pacbell.net, sbcglobal.net, hotmail, and yes even Comcast, as well as a business domain hosted through sbcglobal - all based on a review of the bounce notices I?ve received for the lists I manage. Other info - my lists are hosted at Sonic.net which is still running 2.1.11. I?m a newb here, mostly trying to track what?s going on with the DMARC issues. > > You need to be a little careful here. Yahoo does manage mail for other domains, but I don?t think the ones you listed are among them. However, those domains DO respect the ?reject? status in Yahoo?s DMARC record. This means that messages from Yahoo (and now AOL) will be blocked by those domains, but mail from those domains will not be blocked. -- Larry Finch finches at portadmiral.org From mark at msapiro.net Wed Apr 30 16:22:48 2014 From: mark at msapiro.net (Mark Sapiro) Date: Wed, 30 Apr 2014 07:22:48 -0700 Subject: [Mailman-Users] Disappearing messages In-Reply-To: References: <53609EA9.1040509@att.net> <87bnvjmcaq.fsf@uwakimon.sk.tsukuba.ac.jp> Message-ID: <53610738.3040404@msapiro.net> On 04/30/2014 05:53 AM, Robert P. Schwartz wrote: >>From some mailing list, the yahoo user's are getting the messages. > Obviously, there are some setting that they did that other's not have. What > could it be? It is not a Yahoo user's setting. They can't control it. Yahoo users will receive posts From: users with addresses not at (currently) yahoo.com or aol.com. Many users in domains which honor Yahoo's and AOL's DMARC p=reject, which is more than just Yahoo and AOL, will not receive posts From: yahoo.com or aol.com. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From mark at msapiro.net Wed Apr 30 16:24:06 2014 From: mark at msapiro.net (Mark Sapiro) Date: Wed, 30 Apr 2014 07:24:06 -0700 Subject: [Mailman-Users] Disappearing messages In-Reply-To: References: <53609EA9.1040509@att.net> Message-ID: <53610786.4040909@msapiro.net> On 04/30/2014 05:50 AM, Robert P. Schwartz wrote: > I am having a same problem with Yahoo messages. If I send a message from my > Yahoo account and have "ack" set for the users, I get the acknowledgment > that the message was sent but not the actual message. This has been > happening for about the last month. See the FAQ at . If you have a lot of time go to and read threads with DMARC, yahoo or Excessive bounces in the subject. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From finches at portadmiral.org Wed Apr 30 16:26:24 2014 From: finches at portadmiral.org (Larry Finch) Date: Wed, 30 Apr 2014 10:26:24 -0400 Subject: [Mailman-Users] Disappearing messages In-Reply-To: References: <53609EA9.1040509@att.net> <87bnvjmcaq.fsf@uwakimon.sk.tsukuba.ac.jp> Message-ID: On Apr 30, 2014, at 8:53 AM, Robert P. Schwartz wrote: > From some mailing list, the yahoo user's are getting the messages. > Obviously, there are some setting that they did that other's not have. What > could it be? > You need to clarify here. Yahoo users will get email posted from non-Yahoo and non-AOL addresses unless the sender?s domain has DMARC p=reject set. Most ISPs do not. Yahoo users will NOT get mail from other Yahoo users or AOL users, unless the list software rewrites the From field to reflect the domain of the list server (rather than the original sender). L-Soft has just released a patch for listserv that does this for v16. -- Larry Finch finches at portadmiral.org From larry at qhpress.org Wed Apr 30 16:20:15 2014 From: larry at qhpress.org (Larry Kuenning) Date: Wed, 30 Apr 2014 10:20:15 -0400 Subject: [Mailman-Users] Excessive bounces to list members on my list In-Reply-To: <607E588A-E1EF-480D-964E-9BA03FB82A00@portadmiral.org> References: <8D13134EDFA7104-3D5C-22371@webmail-d176.sysops.aol.com> <87iopsm5j2.fsf@uwakimon.sk.tsukuba.ac.jp> <1398802700.61040.23.camel@pudina.fmp.com> <9E0F600A2292D67CE4396497@sodor.cc.columbia.edu> <53603682.1070505@msapiro.net> <70300038-2EC1-4B53-AB6E-8F791A4FF0C9@nuw.org.au> <607E588A-E1EF-480D-964E-9BA03FB82A00@portadmiral.org> Message-ID: <5361069F.1090507@qhpress.org> On 4/30/2014 9:20 AM, Larry Finch wrote: >>> They are also rewriting From: headers in outgoing googlegroups posts >>> whose original From: address is in a domain with DMARC p=reject. >> >> Is yahoo doing the same thing for yahoo groups? > > Yahoo doesn?t have to. Mail from a Yahoo group already has a Yahoo domain in the From field - the group address. Yahoo doesn't have to, but not for that reason. Yahoo groups don't put the Yahoo domain into the From line. They leave the original sender's address there (whether it's a Yahoo address or not). Or at least that's how they were handling it the last time anyone posted to a Yahoo group I'm subscribed to, though that was before this DMARC p=reject business started. I think the reason Yahoo groups don't have to rewrite the From line is that even if the original sender uses an @yahoo address, passing the message through a Yahoo groups server won't break the DMARC tests because it's still a yahoo server and therefore "aligns" with the original From address. Or so I understand it: Mark or somebody correct me if I'm wrong? But now I wonder what happens if a user with an @aol address posts to a Yahoo group. Will it run afoul of AOL's p=reject policy? If I still had an AOL address I'd be tempted to try this just to see what happens. -- Larry Kuenning larry at qhpress.org From mark at msapiro.net Wed Apr 30 16:47:10 2014 From: mark at msapiro.net (Mark Sapiro) Date: Wed, 30 Apr 2014 07:47:10 -0700 Subject: [Mailman-Users] Excessive bounces to list members on my list In-Reply-To: <607E588A-E1EF-480D-964E-9BA03FB82A00@portadmiral.org> References: <8D13134EDFA7104-3D5C-22371@webmail-d176.sysops.aol.com> <87iopsm5j2.fsf@uwakimon.sk.tsukuba.ac.jp> <1398802700.61040.23.camel@pudina.fmp.com> <9E0F600A2292D67CE4396497@sodor.cc.columbia.edu> <53603682.1070505@msapiro.net> <70300038-2EC1-4B53-AB6E-8F791A4FF0C9@nuw.org.au> <607E588A-E1EF-480D-964E-9BA03FB82A00@portadmiral.org> Message-ID: <53610CEE.2060400@msapiro.net> On 04/30/2014 06:20 AM, Larry Finch wrote: > > On Apr 30, 2014, at 5:11 AM, Peter Shute wrote: >> >> Is yahoo doing the same thing for yahoo groups? >> > > Yahoo doesn?t have to. Mail from a Yahoo group already has a Yahoo domain in the From field - the group address. To be more precise, mail from yahoo groups has an envelope sender @returns.groups.yahoo.com so it passes SPF with a domain aligned with a yahoo.com From:. I don't know what Yahoo groups is doing with mail From: aol.com or others with p=reject. A subject for further testing ... -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From mark at msapiro.net Wed Apr 30 17:06:12 2014 From: mark at msapiro.net (Mark Sapiro) Date: Wed, 30 Apr 2014 08:06:12 -0700 Subject: [Mailman-Users] Excessive bounces to list members on my list In-Reply-To: <5361069F.1090507@qhpress.org> References: <8D13134EDFA7104-3D5C-22371@webmail-d176.sysops.aol.com> <87iopsm5j2.fsf@uwakimon.sk.tsukuba.ac.jp> <1398802700.61040.23.camel@pudina.fmp.com> <9E0F600A2292D67CE4396497@sodor.cc.columbia.edu> <53603682.1070505@msapiro.net> <70300038-2EC1-4B53-AB6E-8F791A4FF0C9@nuw.org.au> <607E588A-E1EF-480D-964E-9BA03FB82A00@portadmiral.org> <5361069F.1090507@qhpress.org> Message-ID: <53611164.6010308@msapiro.net> On 04/30/2014 07:20 AM, Larry Kuenning wrote: > > I think the reason Yahoo groups don't have to rewrite the From line is > that even if the original sender uses an @yahoo address, passing the > message through a Yahoo groups server won't break the DMARC tests > because it's still a yahoo server and therefore "aligns" with the > original From address. Or so I understand it: Mark or somebody correct > me if I'm wrong? More or less correct. Yahoo groups DKIM signs with d=yahoogroups.com, so that doesn't align with the sender's From: @yahoo.com, but as I noted in another reply, they set the envelope sender to ... at returns.groups.yahoo.com and that passes SPF and does align. > But now I wonder what happens if a user with an @aol address posts to a > Yahoo group. Will it run afoul of AOL's p=reject policy? If I still > had an AOL address I'd be tempted to try this just to see what happens. I will test this when I get time. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From mark at msapiro.net Wed Apr 30 17:20:14 2014 From: mark at msapiro.net (Mark Sapiro) Date: Wed, 30 Apr 2014 08:20:14 -0700 Subject: [Mailman-Users] Q : Is there a possibility to localize / customize the standard Mailman lists home page / UI look ? In-Reply-To: References: Message-ID: <536114AE.8030201@msapiro.net> On 04/30/2014 04:35 AM, Jacques Setton wrote: > Currently, when choosing a specific local language (French in our case) for > Mailman' lists user interface, I have noticed that the standard home page > (for example the one depicted by 'lists.domain.org/mailman/listinfo') > remains in the English language. Would there be a possibility to localize > that page as well ? Set DEFAULT_SERVER_LANGUAGE = 'fr' in mm_cfg.py. > While being on this topic, I'd like also to know if it is possible to > customize the general look & feel of the display UI say, at the minimum, > eventually replace or add a custom logo at the level of the Mailman/Python > logos appearing at the bottom of each page ? See Mailman/htmlformat.py, in particular the section beginning with # Logo constants -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From mark at msapiro.net Wed Apr 30 17:45:54 2014 From: mark at msapiro.net (Mark Sapiro) Date: Wed, 30 Apr 2014 08:45:54 -0700 Subject: [Mailman-Users] 'Undelivered Mail Returned to Sender' error when using an e-mail from a domain co-hosted with the one used for Mailman lists In-Reply-To: <00c801cf6464$78a525f0$69ef71d0$@waycast.com> References: <53589A9C.4070802@msapiro.net> <53589EF5.6090205@msapiro.net> <5359962E.8030206@msapiro.net> <535AAC01.7040903@msapiro.net> <00c801cf6464$78a525f0$69ef71d0$@waycast.com> Message-ID: <53611AB2.7080008@msapiro.net> On 04/30/2014 04:08 AM, Jacques Setton wrote: > > To illustrate this, here is the related case set-up : > - domain.net and domain.org are co-resident on the same host VPS12345, > - domain.org is the one we use for mailman lists - link : > http://lists.domain.org/mailman/listinfo, > - we get no mail rejection when using the account name1 at domain.net with a > list created on 'lists.domain.org' (after the previous fix), > - we get an 'Unknown User' mail rejection when using the name2 at domain.org > with a list created on 'lists.domain.org' (new problem observed). > > The kind of rejection error notification we then get is depicted thereafter > : What you posted doesn't help. What is needed is the relevant Postfix log messages, but based on your prior issue, I'm sure that *this* massage is being relayed via the 'dovecot LDA rather than Postfix's 'local' LDA. > Is there another Postfix parameter which govern the behavior of local > 'unix:passwd.byname' versus 'virtual-mailman' type email accounts defined on > the SAME DOMAIN as the one specifically used for Mailman ? So the issue appears to be that name2 at domain.org is not a real address, but only a virtual one. I.e. mane2 is not in the unix passwd file. > If it turns out that there is a restriction on such particular usage, we > could live with it by not using same domain-based email addresses as the one > devoted to Mailman. Do you know why your Postfix configuration has virtual_transport = dovecot If you don't need that, I think removing it will solve this, but it is likely required for dome other functionality having to do with your virtual_mailbox_domains. In any case, this is a Postfix issue. The only Mailman involvement is that for mail to a Mailman list from *some* addresses, the 'dovecot' relay is used rather than the 'local' You could try appending $virtual_mailbox_maps to local_recipient_maps, but that would probably have the same effect as removing virtual_transport = dovecot. > Many thanks for any hint regarding such reported behavior... I'm sure there are people much more knowledgeable about Postfix than I, and those people probably are reachable through Postfix support resources. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From fmouse at fmp.com Wed Apr 30 18:10:17 2014 From: fmouse at fmp.com (Lindsay Haisley) Date: Wed, 30 Apr 2014 11:10:17 -0500 Subject: [Mailman-Users] Disappearing messages In-Reply-To: <53610738.3040404@msapiro.net> References: <53609EA9.1040509@att.net> <87bnvjmcaq.fsf@uwakimon.sk.tsukuba.ac.jp> <53610738.3040404@msapiro.net> Message-ID: <1398874217.8417.12.camel@pudina.fmp.com> On Wed, 2014-04-30 at 07:22 -0700, Mark Sapiro wrote: > On 04/30/2014 05:53 AM, Robert P. Schwartz wrote: > >>From some mailing list, the yahoo user's are getting the messages. > > Obviously, there are some setting that they did that other's not have. What > > could it be? > > > It is not a Yahoo user's setting. They can't control it. And just to be clear here, I don't believe that it's possible for a cooperating ESP to make rejection a per-user choice either. Consider an email with multiple recipients served by the same SMTP server. Because of the way SMTP works, all recipients have to be approved or rejected _before_ the From body header is received, so instead of rejecting a post during the initial transaction with the list server, the post must be accepted and then a NDR sent back from the MDA or some other component. Someone correct me if I'm wrong on this. I know that this is an issue with our mail server here when any kind of per-user content filtering is applied to inbound email. I'm not sure how Mailman handles this - if it counts a bounce if the initial SMTP transaction is successful but subsequently receives a NDR for a recipient address from some other component of the recipient's mail system. > -- Lindsay Haisley | "Everything works if you let it" FMP Computer Services | 512-259-1190 | --- The Roadie http://www.fmp.com | From mark at msapiro.net Wed Apr 30 18:24:18 2014 From: mark at msapiro.net (Mark Sapiro) Date: Wed, 30 Apr 2014 09:24:18 -0700 Subject: [Mailman-Users] Disappearing messages In-Reply-To: <1398874217.8417.12.camel@pudina.fmp.com> References: <53609EA9.1040509@att.net> <87bnvjmcaq.fsf@uwakimon.sk.tsukuba.ac.jp> <53610738.3040404@msapiro.net> <1398874217.8417.12.camel@pudina.fmp.com> Message-ID: <536123B2.3090801@msapiro.net> On 04/30/2014 09:10 AM, Lindsay Haisley wrote: > > And just to be clear here, I don't believe that it's possible for a > cooperating ESP to make rejection a per-user choice either. Consider an > email with multiple recipients served by the same SMTP server. Because > of the way SMTP works, all recipients have to be approved or rejected > _before_ the From body header is received, so instead of rejecting a > post during the initial transaction with the list server, the post must > be accepted and then a NDR sent back from the MDA or some other > component. Only partially correct. You can reject based on RCPT TO not being an acceptable address, but as you say, for DMARC you have to wait until the end of DATA because you have to have the entire message before you can check the DKIM sig and the From: alignment. But you do not have to accept at this point. You can still reject in response to end of DATA, but if there were multiple RCPT TO addresses, you can't now go back and just reject some of them. > I'm not sure how Mailman handles this - if it counts a bounce if the > initial SMTP transaction is successful but subsequently receives a NDR > for a recipient address from some other component of the recipient's > mail system. Mailman scores bounces both for recipients rejected at SMTP time and for recognized DSNs (NDRs) later received. That's why the posts from Maiman have envelope from LISTNAME-bounces (+ possible VERP). -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From heller at deepsoft.com Wed Apr 30 20:30:37 2014 From: heller at deepsoft.com (Robert Heller) Date: Wed, 30 Apr 2014 14:30:37 -0400 Subject: [Mailman-Users] Mailman error (2.1.16): "low level unrecoverable exception" Message-ID: <201404301830.s3UIUbxo003489@sharky2.deepsoft.com> What does this error message mean? "low level unrecoverable exception" I just installed my own build of mailman 2.1.16 (built under CentOS 5 x84_64) as an upgrade over the stock 2.1.9 that comes with CentOS 5 and I am getting this error. What should I be looking for? -- Robert Heller -- 978-544-6933 / heller at deepsoft.com Deepwoods Software -- http://www.deepsoft.com/ () ascii ribbon campaign -- against html e-mail /\ www.asciiribbon.org -- against proprietary attachments From superuser at gmail.com Wed Apr 30 20:58:41 2014 From: superuser at gmail.com (Murray S. Kucherawy) Date: Wed, 30 Apr 2014 11:58:41 -0700 Subject: [Mailman-Users] Issue approving subscription requests In-Reply-To: <535FF1AF.6040606@msapiro.net> References: <535FD5C4.9020206@msapiro.net> <535FF1AF.6040606@msapiro.net> Message-ID: On Tue, Apr 29, 2014 at 11:38 AM, Mark Sapiro wrote: > > See the script at . > > Tried that, got this: ./list_requests -H -l
(name) (S)kip, (A)ccept, (R)eject, (D)iscard [sard] A Traceback (most recent call last): File "./list_requests", line 216, in main() File "./list_requests", line 128, in main changed += handle_req(mlist, id) File "./list_requests", line 204, in handle_req mlist.HandleRequest(id, mm_cfg.APPROVE) File "/usr/local/mailman/Mailman/ListAdmin.py", line 172, in HandleRequest status = self.__handlesubscription(data, value, comment) File "/usr/local/mailman/Mailman/ListAdmin.py", line 428, in __handlesubscription assert value == mm_cfg.SUBSCRIBE From heller at deepsoft.com Wed Apr 30 21:40:01 2014 From: heller at deepsoft.com (Robert Heller) Date: Wed, 30 Apr 2014 15:40:01 -0400 Subject: [Mailman-Users] Mailman 2.1.16: where is the from_is_list option? Message-ID: <201404301940.s3UJe1At006234@sharky2.deepsoft.com> I can't seem to find this option! I have mailman 2.1.16 setup on a test server, but I cannot find the from_is_list option. Is there some special config magic that is needed for this? -- Robert Heller -- 978-544-6933 / heller at deepsoft.com Deepwoods Software -- http://www.deepsoft.com/ () ascii ribbon campaign -- against html e-mail /\ www.asciiribbon.org -- against proprietary attachments From pshute at nuw.org.au Wed Apr 30 21:43:28 2014 From: pshute at nuw.org.au (Peter Shute) Date: Thu, 1 May 2014 05:43:28 +1000 Subject: [Mailman-Users] Excessive bounces to list members on my list In-Reply-To: <53610CEE.2060400@msapiro.net> References: <8D13134EDFA7104-3D5C-22371@webmail-d176.sysops.aol.com> <87iopsm5j2.fsf@uwakimon.sk.tsukuba.ac.jp> <1398802700.61040.23.camel@pudina.fmp.com> <9E0F600A2292D67CE4396497@sodor.cc.columbia.edu> <53603682.1070505@msapiro.net> <70300038-2EC1-4B53-AB6E-8F791A4FF0C9@nuw.org.au> <607E588A-E1EF-480D-964E-9BA03FB82A00@portadmiral.org> <53610CEE.2060400@msapiro.net> Message-ID: <9F576395-55BF-420D-B000-344B304F1BFB@nuw.org.au> > On 1 May 2014, at 12:47 am, "Mark Sapiro" wrote: > >> On 04/30/2014 06:20 AM, Larry Finch wrote: >> >>> On Apr 30, 2014, at 5:11 AM, Peter Shute wrote: >>> >>> Is yahoo doing the same thing for yahoo groups? >> >> Yahoo doesn?t have to. Mail from a Yahoo group already has a Yahoo domain in the From field - the group address. > > > To be more precise, mail from yahoo groups has an envelope sender > @returns.groups.yahoo.com so it passes SPF with a domain aligned with a > yahoo.com From:. > > I don't know what Yahoo groups is doing with mail From: aol.com or > others with p=reject. A subject for further testing ... Another question is what happens if yahoo groups receive aol bounces. They might not use them to disable or unsubscribe members, which would limit the damage to just non delivery. Peter Shute From fmouse at fmp.com Wed Apr 30 21:56:47 2014 From: fmouse at fmp.com (Lindsay Haisley) Date: Wed, 30 Apr 2014 14:56:47 -0500 Subject: [Mailman-Users] 2.1.18 internal documentation suggestions Message-ID: <1398887807.8417.36.camel@pudina.fmp.com> The internal documentation in the admin screens for 2.1.18 is a bit confusing with regard to Reply-To munging. In the doc for the from_is_list option we have "It replaces the poster's address in the From: header with the list address and adds the poster to the Reply-To: header, but the anonymous_list and Reply-To: header munging settings below take priority." Which Reply-To: header munging settings take priority, and how should one set them so that they don't override from_is_list? If dmarc_moderation_action overrides from_is_list, as the doc for it says it does, is it also overridden by Reply-To: header munging settings? Also, in the doc for reply_goes_to_list, we see "When set to Poster [the default], no Reply-To: header is added by Mailman". Does this mean that this overrides from_is_list, which if set says that it causes the original From header to be inserted into the Reply-To header? I can probably figure this out, but it might be good to explain this a bit more completely in the Mailman internal docs. It's not really clear exactly how these options relate, and how the precedence of settings is organized. These may be stupid questions, but I can just about guarantee you that all my list admins will trip on them :( -- Lindsay Haisley | "Everything works if you let it" FMP Computer Services | 512-259-1190 | --- The Roadie http://www.fmp.com | From brian at emwd.com Wed Apr 30 21:44:28 2014 From: brian at emwd.com (Brian Carpenter) Date: Wed, 30 Apr 2014 15:44:28 -0400 Subject: [Mailman-Users] Mailman 2.1.16: where is the from_is_list option? In-Reply-To: <201404301940.s3UJe1At006234@sharky2.deepsoft.com> References: <201404301940.s3UJe1At006234@sharky2.deepsoft.com> Message-ID: <35f601cf64ac$997751c0$cc65f540$@emwd.com> > -----Original Message----- > From: Mailman-Users [mailto:mailman-users- > bounces+brian=emwd.com at python.org] On Behalf Of Robert Heller > Sent: Wednesday, April 30, 2014 3:40 PM > To: Mailman Users > Subject: [Mailman-Users] Mailman 2.1.16: where is the from_is_list option? > > I can't seem to find this option! > > I have mailman 2.1.16 setup on a test server, but I cannot find the > from_is_list option. Is there some special config magic that is needed for > this? > > -- > Robert Heller -- 978-544-6933 / heller at deepsoft.com > Deepwoods Software -- http://www.deepsoft.com/ > () ascii ribbon campaign -- against html e-mail > /\ www.asciiribbon.org -- against proprietary attachments > > Put the following at the bottom of your mm_cfg.py file and then restart mailman: ALLOW_FROM_IS_LIST = Yes Please see: http://wiki.list.org/pages/viewpage.action?pageId=17891458 Brian Carpenter EMWD.com Providing Cloud Services and more for over 15 years. T: 336.755.0685 E: brian at emwd.com www.emwd.com From mark at msapiro.net Wed Apr 30 23:34:51 2014 From: mark at msapiro.net (Mark Sapiro) Date: Wed, 30 Apr 2014 14:34:51 -0700 Subject: [Mailman-Users] Mailman error (2.1.16): "low level unrecoverable exception" In-Reply-To: <201404301830.s3UIUbxo003489@sharky2.deepsoft.com> References: <201404301830.s3UIUbxo003489@sharky2.deepsoft.com> Message-ID: <53616C7B.4080109@msapiro.net> On 04/30/2014 11:30 AM, Robert Heller wrote: > What does this error message mean? "low level unrecoverable exception" It means something really bad happened. One of the Mailman web CGIs threw an exception and the CGI driver script encountered another exception while trying to log a traceback and the environment info. > I just installed my own build of mailman 2.1.16 (built under CentOS 5 x84_64) > as an upgrade over the stock 2.1.9 that comes with CentOS 5 and I am getting > this error. What should I be looking for? Did you restart Mailman or stop before, start after? Did you totally remove the Centos package or try to 'upgrade' it. The latter is not at all straightforward. See the FAQ at . There was an issue a while back, see , but this was due to a SuSE patch that referenced a Python xml library that wasn't installed. The specifics aren't relevant to your issue, but it could indicate there's something missing in your python. Have you installed the python-dev package? -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From mark at msapiro.net Wed Apr 30 23:46:38 2014 From: mark at msapiro.net (Mark Sapiro) Date: Wed, 30 Apr 2014 14:46:38 -0700 Subject: [Mailman-Users] Issue approving subscription requests In-Reply-To: References: <535FD5C4.9020206@msapiro.net> <535FF1AF.6040606@msapiro.net> Message-ID: <53616F3E.1090608@msapiro.net> On 04/30/2014 11:58 AM, Murray S. Kucherawy wrote: > On Tue, Apr 29, 2014 at 11:38 AM, Mark Sapiro > wrote: > > > See the script at . > > > Tried that, got this: > > ./list_requests -H -l >
(name) > (S)kip, (A)ccept, (R)eject, (D)iscard [sard] A > Traceback (most recent call last): > File "./list_requests", line 216, in > main() > File "./list_requests", line 128, in main > changed += handle_req(mlist, id) > File "./list_requests", line 204, in handle_req > mlist.HandleRequest(id, mm_cfg.APPROVE) > File "/usr/local/mailman/Mailman/ListAdmin.py", line 172, in HandleRequest > status = self.__handlesubscription(data, value, comment) > File "/usr/local/mailman/Mailman/ListAdmin.py", line 428, in > __handlesubscription > assert value == mm_cfg.SUBSCRIBE I guess I never tested accepting a subscription :( I have the same issue. I'll fix and post when I have. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From tomasbabej at gmail.com Wed Apr 30 16:33:43 2014 From: tomasbabej at gmail.com (Tomas Babej) Date: Wed, 30 Apr 2014 16:33:43 +0200 Subject: [Mailman-Users] Private mailing list reply watcher Message-ID: <536109C7.70200@gmail.com> Hi, for our organization, we do host several mailing lists that serve two purposes: * for our internal communication * for people outside our organization to contact us However, it sometimes happens that a person that is not a member (and thus not subscribed to the list) writes us an email and we do reply, but to the list only (by mistake), not delivering the message to the intended participant. I plan to write a script that will handle such cases in a generic way, however, I don't like reinventing the wheel. Does anybody know if this problem has already been solved? Thanks, Tomas