On 3/2/25 5:17 PM, Florian Weimer wrote:
* William Herrin:
On Sun, Mar 2, 2025 at 10:55 AM Niels Bakker <[email protected]> wrote:
| Subject: [NANOG]Re:
Congrats on completing the move to Mailman 3 but is this Subject line
mangling truly necessary?
It has been standard for mailing lists for a quarter of a century now.
Isn't it time NANOG caught up with mailing list best practices?
By default mailman 3 adds the list name as a subject prefix when you create a
list. The procedure used was to create a list and then import the mailman2
config to the new list. From the migration MOP:
- create the new list you want to migrate as the mailman user:
mailman create [email protected]
mailman import21 [email protected] ./nanog-config.pck
Looks like this is where it came from.
Doing some research it looks like we had the same prefixing of subjects in
april 2008 after the move from merit to nanog.org.
https://lists.nanog.org/archives/list/[email protected]/message/HOTH2SVU5T4XZPJQ2AET6X4ACN2ICJJD/
https://mailman.nanog.org/pipermail/nanog/2008-May/000782.html
I never noticed it before as I filter on List-ID into a "NANOG" folder. It
could be removed or modified.
Many mailing lists have moved away from Subject:/body rewriting
because it breaks DKIM signatures and may prevent successful message
delivery to recipients whose servers enforce the sender's DMARC
policy. The alternative is to rewrite the From: line, at least for
senders with restrictive DMARC policies,
Right now, and historically in the mm2 list config, if a sender had a DMARC
policy of reject or quarantine, mailman replaced the From: with the list
address. Example: "Bryan Fields via No-adv <[email protected]>"
Looking back at the mm2 list, DKIM was always a hit or miss, as the list would
filter/strip attachments and other email fluf. Unless you sent a plain text
message (as you should), it would cause the DKIM signature to fail.
btw I use https://github.com/lieser/dkim_verifier/wiki/ as a plugin in my MUA.
It's really good for DKIM debugging.
There are two other options:
1. Rewrite the from for all messages
2. Implement ARC https://arc-spec.org/
Option one is a bit like a shotgun approach, but it works across all
providers, and is well understood. A number of other lists in our industry do
it with little issue; the -nsp lists and outages to name a few. A receiver
can view the headers and see if it's signed/valid along the way.
Option two is outside the scope of migration, but arguably could be the best
as it directly solves the issue. Google does implement it.
The footer is a bit redundant, as mailman3 has the direct link in the
"Archived-At:" header now. I'd propose removing the footer and subject
prefix, and investigate implementing ARC now that we can support it on
mailman3. Keep in mind there's over 12k people on this list, so performance is
a bit of concern.
What do others think of this?
but this breaks other things.
What other things does it beak?
If someone needs to have their message received and validated there is a tool
for that in gpg/pgp. These mime types are accepted on this list and several
people use them.
--
Bryan Fields
727-409-1194 - Voice
http://bryanfields.net
_______________________________________________
NANOG mailing list
https://lists.nanog.org/archives/list/[email protected]/message/RS23BVTZ2YXWCBPAZJEQ6WUNJ46XUQZS/
