Re: [Mailman-Users] Advantages
On 12/03/14 03:09, Stephen J. Turnbull wrote: r...@rexgoode.com writes: > I can think of a lot of advantages myself, but I'm wondering if anyone > has seen a good list somewhere. There may be one on the wiki somewhere. Besides the points Barry made, I would add: 1. Easier personal filtering. Geeks can use the List-* headers, non-geeks the Subject tags. 2. Common spam filtering (including vacation messages :-). 3. Common attachment filtering and storage. 4. Vacation functionality (for those who are willing to log in and set no-mail). 5. Dupe filtering (for those who are willing to log in and set not-me-too). 6. Advanced distribution and archive functionality (coming in Mailman 3). -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/gaa%40ulticom.com I would add that mailing lists can hide all the members email addresses. If someone is using Outlook and has it capturing email addresses of senders and other recipients in a "Suggested Contacts" address book and then they get hit by some malware that harvests these addresses, they will get all the individual list members and they can start sending Spam to these people. If a mailing list is used, only senders and the list address appear. You can even hide the sender behind the list keeping everyone anonymous. The list can better deal with any Spam than what most individuals can. -- Gary Algier, WB2FWZg...@ulticom.com +1 856 787 2758 Ulticom Inc., 1020 Briggs Rd, Mt. Laurel, NJ 08054 Fax:+1 856 866 2033 -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] Executive summary of DMARC issues
On 05/15/14 11:15, Larry Finch wrote:
On May 15, 2014, at 10:53 AM, Gary Algier wrote:
On 05/14/14 23:47, Stephen J. Turnbull wrote:
I then sent an email to the list and to my work sendmail address. It was
delivered to both work addresses and the iCloud address.
Gmail put it in my Spam folder with the warning:
---
Be careful with this message. Our systems couldn't verify that this message was
really sent by yahoo.com. You might want to avoid clicking links or replying
with personal information.
---
There is also a link to their "Why messages are marked as Spam" page.
On Yahoo I found the bounce in my Spam folder with the following:
---
This is an automated message from the Extensible Content Security
at host wg.ulticom.com.
The message returned below could not be delivered to its intended
destinations.
It seems that in the case of a simple Exchange distribution list, the Yahoo
members will fail (into their Spam folder!), some others may fail depending
upon their service's SPF fussiness, and others may have to root around in their
Spam folders for the content.
On the lists that I manage on listserv I’ve discovered that many ISPs honor Yahoo
and AOL’s p=reject, and will not even put the message in the spam folder. Among
them are: Comcast, SBCGlobal, AT&T, AOL, Rogers, Earthlink, Hotmail and a few
others I don’t recall. So essentially half of my list members will not get posts
from Yahoo or AOL.
best regards,
Larry
--
Larry Finch
finc...@portadmiral.org
Apparently, simple Exchange distribution lists do not rewrite headers or touch
the body so DKIM passes. However, the distribution lists also do not change
the envelope sender so the SPF fails. In order to get through DKIM, the
internal author address ("From: ") and a bunch of other headers must stay the
same, which Exchange does. Most mailing list software rewrites something,
which makes DKIM fail. However, the mailing list software will use an
envelope address from the list so SPF should not fail.
Summary:
Can't use Exchange distribution lists: SPF will fail.
Can't use mailing list software without changing the author, etc.: DKIM will
fail.
Time for sendmail aliases? Or perhaps, SPF will fail?
--
Gary Algier, WB2FWZg...@ulticom.com +1 856 787 2758
Ulticom Inc., 1020 Briggs Rd, Mt. Laurel, NJ 08054 Fax:+1 856 866 2033
Nielsen's First Law of Computer Manuals:
People don't read documentation voluntarily.
--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe:
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] Executive summary of DMARC issues
On 05/14/14 23:47, Stephen J. Turnbull wrote: Peter Shute writes: > When MS365 forwards the mails sent to the distribution list, should > that make the DMARC authentication fail? I thought that only > happened if you made changes like adding a prefix to the subject > line like Mailman does. If it forwards verbatim *and* the sending domain signs the mail with DKIM (the common case), DMARC validation will succeed. Without DKIM, DMARC validation is guaranteed to fail. However, even in the sender uses DKIM, *any* change *whatsoever* to the body will cause validation to fail, and there are several changes to the header that could cause it to fail. Furthermore, which parts of the header are protected by the DKIM signature are determined by the sender, not by DMARC AFAIK. If distribution lists are pure forwards, MS365 will be OK. But I find it hard to believe that that level of functionality is popular with users -- there's a reason why all popular MLMs implement subject prefixes, body headers and body footers, and it isn't "because it's the Microsoft way". I ran some tests this morning. I created an Exchange distribution list here and added myself five ways on the list: 1. On our Exchange server (how I receive internal emails) 2. On a local Linux server running sendmail and dovecot (how I receive "real mail") 3. A Yahoo address. 4. A Gmail address. 5. An iCloud address. I then sent an email to the list and to my work sendmail address. It was delivered to both work addresses and the iCloud address. Gmail put it in my Spam folder with the warning: --- Be careful with this message. Our systems couldn't verify that this message was really sent by yahoo.com. You might want to avoid clicking links or replying with personal information. --- There is also a link to their "Why messages are marked as Spam" page. On Yahoo I found the bounce in my Spam folder with the following: --- This is an automated message from the Extensible Content Security at host wg.ulticom.com. The message returned below could not be delivered to its intended destinations. For further assistance, please send mail to . If you do so, please include this problem report. You can delete your own text from the message returned below. Reason: : host mta7.am0.yahoodns.net[98.138.112.34] said: 554 5.7.9 Message not accepted for policy reasons. See http://postmaster.yahoo.com/errors/postmaster-28.html (in reply to end of DATA command) --- The server wg.ulticom.com is our WatchGuard Anti-Spam appliance. It had no trouble accepting it when it came in the first time (it does not do DMARC checks), but when it tried to delivery the email to Yahoo, they rejected it. Of course, the reject went to Yahoo anyway, but with a MAILER-DAEMON sender address. I saved the two copies from my sendmail address and compared them: % h=$(sed -n -e 'y/:/|/' -e '/DKIM-Signature|/s/.* h=\([^;]*\).*/\1/p' direct.eml) % diff -s -u <(egrep -i "^($h):" direct.eml) <(egrep -i "^($h)" list.eml) Files /dev/fd/4 and /dev/fd/5 are identical % diff -s -u <(sed '1,/^$/d' direct.eml) <(sed '1,/^$/d' list.eml) Files /dev/fd/4 and /dev/fd/5 are identical The first diff compares only the headers in the DKIM Signature. The second diff compares the body. The DKIM checks seem to be good. So, it seems that nothing has changed in the content or checked header. It must be SPf. % dig +short TXT _spf.mail.yahoo.com "v=spf1 ptr:yahoo.com ptr:yahoo.net ip4:206.108.40.0/27 ip4:199.16.139.0/26 ?all" It seems that in the case of a simple Exchange distribution list, the Yahoo members will fail (into their Spam folder!), some others may fail depending upon their service's SPF fussiness, and others may have to root around in their Spam folders for the content. -- Gary Algier, WB2FWZg...@ulticom.com +1 856 787 2758 Ulticom Inc., 1020 Briggs Rd, Mt. Laurel, NJ 08054 Fax:+1 856 866 2033 Nielsen's First Law of Computer Manuals: People don't read documentation voluntarily. -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
[Mailman-Users] Executive summary of DMARC issues
Hello,
I have been following the discussion of the DMARC issues and Mailman's
attempts to live with it. I was wondering if anyone has an "Executive
Summary" of the DMARC issue in a general sense.
The information on the wiki talks about the impact on Mailman, but I need a
generic explanation that can be presented to our CFO. Our management wants to
move our email from an in-house Exchange environment (with Mailman on the side
for mailing lists) to a totally MS365 solution. We have been told that
everything we do with Mailman can be done with Exchange distribution lists,
etc. I know all the reasons this is really a poor statement, but distribution
lists have the same DMARC problem.
I created a test distribution list here. I created local contacts that
forward to my personal gmail.com and icloud.com addresses. I added these and
my work address to the list. Email from gmail and icloud works fine, however
the author address ("From:") carries the original address. When I sent an
email from my yahoo.com account, it was not delivered to gmail. I never saw a
bounce, though, so I don't know who, if anyone, gets notified.
I am hoping that I can make this issue plain at an executive level so we can
get them to stay with a Mailman solution as we "go to the cloud".
Of course if someone says that the current MS365 implementation has addressed
this, then that's a different (unfortunate) story.
--
Gary Algier, WB2FWZg...@ulticom.com +1 856 787 2758
Ulticom Inc., 1020 Briggs Rd, Mt. Laurel, NJ 08054 Fax:+1 856 866 2033
Nielsen's First Law of Computer Manuals:
People don't read documentation voluntarily.
--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe:
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] building a new mailman server
On 03/27/14 04:26, Stephen J. Turnbull wrote: Sajan Parikh writes: > sendmail is still widely used, and if I were you, I'd just stick with > what works unless you have you a particular need that sendmail wasn't > filling. +1 with caveat: Exim and Postfix both have recipes for working with Mailman 3. It seems likely to me that it "won't be hard" to get Mailman 3 and Sendmail to work and play well together -- but nobody has done it yet. I have it working fine. I recently replaced a very old implementation of sendmail and Mailman on Solaris with a new one on CentOS 6. When I did so, I used the POSTFIX_ALIAS_CMD mechanism to automatically process the aliases. See: https://mail.python.org/pipermail/mailman-users/2004-June/037518.html In mm_cfg.py: MTA='Postfix' POSTFIX_ALIAS_CMD = '/usr/bin/sudo /etc/mail/import-mailman-aliases' /etc/mail/import-mailman-aliases contains: #! /bin/sh /bin/cp /etc/mailman/aliases /etc/mail/mailman.aliases /usr/bin/newaliases In /etc/sudoers.d/mailman: Cmnd_Alias IMPORT_MAILMAN_ALIASES = /etc/mail/import-mailman-aliases apache ALL= NOPASSWD: IMPORT_MAILMAN_ALIASES mailman ALL= NOPASSWD: IMPORT_MAILMAN_ALIASES Defaults!IMPORT_MAILMAN_ALIASES !requiretty In the sendmail.mc file I changed: define(`ALIAS_FILE', `/etc/aliases')dnl to: define(`ALIAS_FILE', `/etc/aliases,/etc/mail/mailman.aliases')dnl so that the Mailman aliases would be in a separate file. Warning: You need to have Mailman 2.1.15 or better (or patch it). See this bug: https://bugs.launchpad.net/mailman/+bug/266408. A fix is here: http://bazaar.launchpad.net/~mailman-coders/mailman/2.1/revision/1291 (Thanks to Mark Sapiro) I stayed with sendmail because I am using LDAP for aliases and routing and I did not want to figure out how to do it with Postfix. My one exposure to Postfix was a disaster trying to fix the email services on our marketing department's web server at a hosting provider that did not support sendmail. Perhaps with time, I could have made it work for our mail server, but the duckling syndrome may have set in (yes, I still use vi and sometimes ed). -- Gary Algier, WB2FWZg...@ulticom.com +1 856 787 2758 Ulticom Inc., 1020 Briggs Rd, Mt. Laurel, NJ 08054 Fax:+1 856 866 2033 Nielsen's First Law of Computer Manuals: People don't read documentation voluntarily. -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] Why does iOS's Safari log out the moderator web page?
On 02/05/14 16:12, Peter Shute wrote: On 6 Feb 2014, at 5:22 am, "Peter Shute" wrote: My experience with Firefox mostly on various Linux, Mac and Windows platforms is that it does not always offer to save passwords, particularly those from financial institution websites, but it does always offer to save Mailman passwords. This can because the web sites have a setting on the form: autocomplete="off". I know Safari honors this. I don't think Mailman uses this. Firefox offers to save the passwords to the same pages on a PC. I guess that means it's totally an iOS problem. It's interesting though that none of the other iOS apps I've tried offer to save it either - Atomic Lite, Chrome, Dolphin and Opera. Unless each of these uses the same faulty API to determine whether to offer to save the password or not, there must be something different about the mailman page that's fooling them. Maybe the lack of a username field? Can anyone confirm whether they've had the same experience? It's happening for me on two different servers, so I'm assuming it's universal. I use a password management plugin with Firefox (and IE8) and it does not handle the Mailman code well. I assumed it was because of the lack of a user field. I had the same problem when managing our VoIP PBX that only had a password field without a user name. When a recent upgrade included a user name field my problems went away. -- Gary Algier, WB2FWZg...@ulticom.com +1 856 787 2758 Ulticom Inc., 1020 Briggs Rd, Mt. Laurel, NJ 08054 Fax:+1 856 866 2033 Nielsen's First Law of Computer Manuals: People don't read documentation voluntarily. -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
[Mailman-Users] POSTFIX_ALIAS_CMD run once?
Hi, I just installed a new Mailman (2.1.12) server on Centos 6.4. I used the POSTFIX_ALIAS_CMD mechanism to automatically process the aliases even though I am using Sendmail (8.14.4). I have it invoking: /usr/bin/sudo /etc/mail/import-mailman-aliases which runs: /bin/cp /etc/mailman/aliases /etc/mail/mailman.aliases /usr/bin/newaliases (This idea came from: http://wiki.list.org/display/DOC/Integrating+Mailman+with+Sendmail+-+Method+2) This works, but I noticed that it invokes newalias once for each Mailman list. This seems to be because genaliases runs the command once with one list, then again with two lists, again with three, etc. until all the lists are processed. I am concerned that if I add a new list to Mailman just as email is coming in then it could be rejected because many of the aliases will not exist for a short time. Does anyone know of a way to only do the newalias command when the supplied file is complete? Or can the genaliases mechanism build the whole file before calling the POSTFIX_ALIAS_CMD just once at the end? -- Gary Algier, WB2FWZ gaa at ulticom.com +1 856 787 2758 Ulticom Inc., 1020 Briggs Rd, Mt. Laurel, NJ 08054 Fax:+1 856 866 2033 Nielsen's First Law of Computer Manuals: People don't read documentation voluntarily. -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] The Mysterious Disappearing Disk Space (fwd)
s should be the same, within a few k. If different, then the used space is not reflected in any directory. If this is the case, you may be able to find out which process has the open, unlinked file using "lsof". Run it as "lsof -s -p PID" once for each Mailman process. The offender should report open files that either it can't resolve the name or it will show a name that does not exist. The flag "-s" tells it to report the size. This may help identify a large file. The ability of lsof to report the name of open files may very by OS, however. Rereading the man page for lsof, I just noticed the "+L" option. Using "+aL1" (that is plus aye ell one) causes it to select unlinked open files. Perhaps this will help. I hope this will help ID which process, at least. Perhaps that will give clues. I spent a few hours mucking around with the pickles trying to figure what broke, and finally gave up due to screaming users: I rebuilt. The new build acts *just* like the last one (the reason for the delay in answering your kind reply was to see if the rebuild would get rid of this). Ive lost about a gig over 24 hours, and I have NO idea where its going. I stopped the job while writing this paragraph just to double check, and yes, I get it all back when the job is terminated. Very odd indeed. Im not comfy with debuggers, so Im at the mercy of others. Have I missed any log files? Is there somewhere specific I should be looking? Is there some way to (easily) increase logging details to try and track this down? The answers to this and other important questions await. On the next episode of MailSoap. Seriously though, I appreciate your response, and the time spent on this. All the best, //Alif -- Gary Algier, WB2FWZ gaa at ulticom.com +1 856 787 2758 Ulticom Inc., 1020 Briggs Rd, Mt. Laurel, NJ 08054 Fax:+1 856 866 2033 Nielsen's First Law of Computer Manuals: People don't read documentation voluntarily. -- Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9
Re: [Mailman-Users] Mailman Question
Jeff Kopp wrote: I have a question about the Mailman message archives. Is there a patch or something that will allow users the ability to search the message archives on the Web? Look here: http://sourceforge.net/tracker/index.php?func=detail&aid=444884&group_id=103&atid=300103 If you go to: http://sourceforge.net/projects/mailman/ and follow the links to Tracker/Patches you will find a lot of other feature patches. I searched for "htdig" to find this one. Thanks, Jeff Kopp St. Louis, MO Your welcome. -- Gary Algier, WB2FWZ gaa at ulticom.com +1 856 787 2758 Ulticom Inc., 1020 Briggs Rd, Mt. Laurel, NJ 08054 Fax:+1 856 866 2033 Nielsen's First Law of Computer Manuals: People don't read documentation voluntarily. -- Mailman-Users mailing list [EMAIL PROTECTED] http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
[Mailman-Users] Command line interface to "mod" and "nomail" bits?
Is there a command line interface to get and set the per-user bits? In particular, I need to access the "Mod" and "Nomail" bits. I use sync_members to syncronize some lists with our LDAP server and I don't want to have to set these bits via a browser after the fact. -- Gary Algier, WB2FWZ gaa at ulticom.com +1 856 787 2758 Ulticom Inc., 1020 Briggs Rd, Mt. Laurel, NJ 08054 Fax:+1 856 866 2033 Nielsen's First Law of Computer Manuals: People don't read documentation voluntarily. -- Mailman-Users mailing list [EMAIL PROTECTED] http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Re: [Mailman-Users] TrendMicro Interscan Virus Wall for Linux
We're using Trend Micro Viruswall just fine. What I did was to have Viruswall get the email first and pass it to the real sendmail that is running on port 2525. This way, Viruswall does nothing but scan the emails. Sendmail does all the email work. Mailman works just fine. BTW: I have yet another system (in our DMZ) that actually receives the emails from outside (MX points to the external system). I do this because Viruswall does not have all the proper anti-relay preventions, etc. that I wanted. This email relay system just does the anti-relay checks then forwards everything to an internal system with Viruswall and the "real" sendmail. Vania Lolham wrote: > Hello, > > OS RH7.1 > Mailman 2.0.6-1u70_1cl.i386.rpm > > After fiddling with everything in Mailman and reading every > python scripts and checking for typo and so on, > I found no problem at all with the mailman, In fact the > python source files are written so cool and informative. > Now to the problem; > All the subscription from internal network for internal > users were accepted > All the subscription from outside network for outside users > were rejected. > Sendmail Mail log was telling me error 554 mail relay > rejected. > All that is cool I can live with it, > After getting deep involved in the way wrapper, post and > mailcmd are treating the package I was convinced that there > isn't any problem with any of them. > Last think I could think of was to disable the Interscan > VirusWall from (Trend Micro). > This time everything worked well. > No is there anyone out there using Interscan? > I called tech Trend Micro support and so far there is no > work around. > Do you know of any? > As far as I can comprehend; when Interscan is active, it > disable the domaintable, access.db, trusted-users.db, > IP_allow and mailertable.db > and instead uses it's own intscan.ini file to recognise > domains, mailertable, trusted-users and ip_allow. > I don't see anywhere talking about access. > In the access file there are hosts that are allowed to > RELAY. > > okay, end of my gasbagging :)) > > Please let me know if there is other approach. > > Thanks. > > Vania > > > > > > > -- > Mailman-Users maillist - [EMAIL PROTECTED] > http://mail.python.org/mailman/listinfo/mailman-users > -- Gary Algier, WB2FWZ [EMAIL PROTECTED] +1 856 787 2758 Ulticom Inc., 1020 Briggs Rd, Mt. Laurel, NJ 08054 Fax:+1 856 866 2033 A self-addressed envelope would be addressed "envelope." -- Mailman-Users maillist - [EMAIL PROTECTED] http://mail.python.org/mailman/listinfo/mailman-users
