[Mailman-Users] Filtering Reply to list with informative rejection message

[Mark Sapiro]

On 04/04/2016 10:36 AM, francis picabia wrote:
> We already have settings under General for stripping the original Reply-To
> and reply goes to list is set as Poster.


This is arguably wrong. reply_goes_to_list = Poster means only don't add
anything to Reply-To:. Normally, this means mail from the list looks
like mail directly received with the same To:, From: and Reply-To: as
sent. But, you have first_strip_reply_to = Yes which means when I post
to your list

From: <my_never_read_web_mail at example.com>
Reply-To: <my_preferred_address at example.com>

your list will strip my Reply-To: and a 'reply' will go to
<my_never_read_web_mail at example.com> which is not what I want.

Reply-To: munging is generally not good for exactly the reason in your
next paragraph (but first_strip_reply_to didn't cause that), but
generally, first_strip_reply_to should only be Yes if reply_goes_to_list
= This list or Explicit address.


> We have experienced a case where nominations were solicited from the list
> members, and there was a response with confidential information which went
> to the list rather than the poster.


So how did this happen? Was it a 'reply-all' or a 'reply-list' or a
broken MUA generating the reply.

Was the From: munged for DMARC?

Normally if reply_goes_to_list = Poster, a 'reply' will not go to the
list unless something is broken, but there are multiple ways in which a
user can intentionally or otherwise reply to the list.


> There is a possibility management will want to block all replys to the
> mailing list.  One could work around it by making a fresh email to the list.


And exactly how would management do this?


> The Spam Filter rule to Reject based on finding "^In-Reply-To:" works well,
> but the simple rejection is not going to be understood by our users:


Plus, it precludes my replying to an off-list message with Cc: to the
list and it doesn't stop replies from users with MUAs that don't insert
In-Reply-To:.


> Message rejected by filter rule match
> 
> We can customize that in the source, but it would impact all lists.


You could also modify the source to use the custom message only for this
list, but what I would be inclined to do is implement a custom handler
(see <http://wiki.list.org/x/4030615>) for this list only to do a more
sophisticated analysis of the message and supply a nice reason when
rejecting. See the MyHandler.py example attached to the wiki article for
a start.


> ...
> Is there another option I have not covered or I have misunderstood
> something here?


There is the custom handler I describe above, but there is a deeper
issue. I'm guessing that it was a manager that sent the confidential
info to the list, and she wants to be protected from herself in the
future. No matter what you do, she will find a way to do the unintended.

If people want to reply to the list, they will figure out ways to do
this, these ways will become habit, and ultimately be followed when the
reply shouldn't go to the list.

This situation is exactly why Mailman developers are strongly biased
against reply_goes_to_list = This list, but that doesn't help with the
person who says "but I always reply-all, it's habit, your list has to
protect me from my mistake".

Other things you might try are setting include_list_post_header = No so
no MUA offers 'reply-list'.

I might have other ideas if I knew exactly what caused the reply to go
to the list

-- 
Mark Sapiro <mark at msapiro.net>        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan