[Mailman-Users] Assistance with altering reply-to behaviours and DMARC

Will Yardley mailman at veggiechinese.net
Sat Aug 29 08:53:10 CEST 2015

On Fri, Aug 28, 2015 at 10:10:53AM -0500, Barry S. Finkel wrote:
> On 8/28/2015 3:03 AM, Will Yardley wrote:
> > On Fri, Aug 28, 2015 at 01:37:18PM +0900, Stephen J. Turnbull wrote:
> >> Mark writes:

> >> > First, apologies if this has been discussed before.  I run a
> >> > number of mailman lists on a Centos 6 platform and mailman
> >> > 2.1.12-25. This version was updated in July as follows:
> >> > https://rhn.redhat.com/errata/RHSA-2015-1417.html and included
> >> > fixes for a number of DMARC issues.

> >> Stock Mailman 2.1.12 doesn't do any DMARC detection.  This is quite
> >> bizarre that they would backport such a feature rather than update
> >> to 2.1.18-1 or later.  Mailman 2.1 is hardly an unstable package.

> > That's the way most "stable" Linux distributions do it. I think it
> > has a lot to do with keeping the complex web of interdependencies in
> > check, but probably also has to do with keeping features
> > predictable. Even with security issues, generally, they go to quite
> > a bit of work to backport things, rather than change versions.

> It appears to me that if someone were to back-port the DMARC changes
> from 2.1.18 back to 2.1.12, then there is a possibility that there
> will be problems with the back-port due to code changes between
> .12 and .18.

We've been running the RHEL5 one, which is an even older Mailman version
(2.1.9), with the DMARC stuff that Red Hat merged in, and has been
working fine for us (on a machine with thousands of lists, some of which
are fairly active).

It's not usual to merge in this kind of added feature, but I think in
this case, there was enough customer demand, and it was causing enough
problems for enough people, that they made the decision to devote the
resources to implement / test.


More information about the Mailman-Users mailing list