Re: [Mailman-Users] Add PayPal to DNs publishing DMARC p=reject
>$ dig +short -t txt _dmarc.paypal.com >"v=DMARC1\; p=reject\; rua=mailto:d...@rua.agari.com\; >ruf=mailto:d...@bounce.paypal.com,mailto:d...@ruf.agari.com"; I'm on lots of lists with Paypal employees, who consistently use paypal-inc.com addresses, specicially to avoid DMARC problems. They realized it was a problem about a year ago, and dealt with it in a reasonable way. R's, John -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] Add PayPal to DNs publishing DMARC p=reject
>> I'm on lots of lists with Paypal employees, who consistently use >> paypal-inc.com addresses, specicially to avoid DMARC problems. > >$ dig +short -t txt _dmarc.paypal-inc.com >"v=DMARC1\; p=reject\; rua=mailto:d...@rua.agari.com\; >ruf=mailto:d...@bounce.paypal.com,mailto:d...@ruf.agari.com"; > >No joy :( Phoo. That's new, and surprisingly foolish of them. Perhaps this is management's way of telling the staff not to waste time on mailing lists while they're at work. R's, John -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] DMARC and Reply-To lines with from_is_list munging.
>Arguably, the correct response to DMARC filtering _should_ be the MIME >encapsulation of list mail, with appropriate RFC 2369 headers added to >the enclosing MIME structure leaving the content un-munged, with all >information from the original poster intact. Arguably, MUAs should be >transparent to this. Arguably, this would have been the best design for >the operation of mailing lists in email-space from the git-go. Unfortunately, this argument falls over when you note that spammers and phishers can encapsulate their paypal.com phishes and add list headers, too. The correct response is either for senders to stop publishing DMARC policies that don't match the way their users use mail (fat chance), or for recipient systems to skip the DMARC checks on mail from sources that are known to send mail that recipients want but that doesn't match DMARC's narrow authentication model, e.g., mailing lists and the Wall Street Journal's mail-an-article button. Failing that, all we have left is hacks, none of which are satisfactory. R's, John -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] Executive summary of DMARC issues
>Actually, From: domains can request reports even if DMARC p=none. It is >unclear what might be done with these reports, but given what some >domains have done with DMARC already, I for one would not be surprised >if this information was used to color the reputation of the sending server. > >Note that currently, Yahoo.com only requests aggregate reports which *I >think* do not identify the sending server, but AOL.com requests failure >reports as well which are intended to identify servers and actual senders. I've been collecting DMARC aggregate reports for over two years and have over 40,000 of them. I use some scripts that decompress and parse the reports and put the interesting bits into a mysql database. I also have 22,000 failure reports (fewer providers send them.) The aggregate reports do indeed identify the sending server and are pretty interesting. For some of the larger mail systems, it's clear from the tags in the reports that they have a pretty good idea where the mailing lists are, which makes me wonder why they don't use that info to whitelist around the DMARC damage. I don't see any evidence that DMARC failures alone are likely to get a server blacklisted, although I wouldn't be surprised if it were a factor along with user complaints and spam filter statistics. R's, John PS: The scripts are at http://www.taugh.com/rddmarc/ if you want to play along on your own system. You can (and should) collect DMARC stats without publishing any DMARC policies. -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] Who authored the message?
>So, addresses get rewritten as: > >From: yahoousername-at-yahoo@mydomain.com >My sense is that someone could come up with arguments as to why this is >a bad idea, ... It's a bad idea for the same reason that all of the other anti-DMARC hacks are a bad idea, they break the existing usage of mail. Under the current unpleasant circumstances, it's not much worse than any other, give or take what you do with the replies. Do you forward them back to the original user? Reject with a mysterious failure code? Discard them? RFC nitpick: the mailbox part of an address is limited to 64 characters, so this has some risk of violating that limit, and there are a few MTAs that care. The domain part can be up to 256 which is why I put my noise there. R's, John -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] Who authored the message?
>>> From: yahoousername-at-yahoo@mydomain.com >> Under the current unpleasant circumstances, it's not much worse than >> any other, give or take what you do with the replies. Do you forward >> them back to the original user? Reject with a mysterious failure >> code? Discard them? > >Thank you for your feedback. I'm most inclined to handle replies based >on the needs of the particular list. ... No, I mean what will you do when people respond to your synthesized names? At some point you'll get mail at the server for mydomain.com for yahoousername-at-yahoo@mydomain.com. What will you do with it? One of the reasons I did the .invalid hack (which you can do with essentially the same code you're using) is that it's clear that the address isn't deliverable so there's no question of what happens to it. R's, John -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] Digest option for Yahoo and AOL subscribers?
> > I just realized that setting the digest option could be a temporary > > solution for my Yahoo and AOL subscribers > >Just make sure you set it for *all* users, not just those using Yahoo! >and AOL. You only need to implement it for subscribers using mail systems that implement DMARC rejections. Currently those include AOL, Yahoo, Comcast, and SBC. Gmail sort of does, putting it in the spam folder rather than rejecting. -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] Digest option for Yahoo and AOL subscribers?
>My understanding is that DMARC WAS going through the standardization >process, and actually was to the state where experimental use was >justified (and in some sense actually required). ... No, not at all. DMARC was designed and implemented by a small closed group of large companies listed on the DMARC web site at http://www.dmarc.org/about.html It had been running for about two years at various ISPs with little trouble until AOL and Yahoo jumped the shark last month. There are free libraries which work pretty well, and I've been collecting DMARC reports on my various domains since Feb 2012 (but not, of course, paying attention to anyone's published policies on inbound mail.) The DMARC group has asked the RFC Editor to publish the spec as a non-standards-track non-IETF independent submission. There was briefly talk of making it standards track until the DMARC group realized that gave the IETF change control, and we likely would change it, which they didn't want. The RFC Editor is currently thinking about it, and probably will publish on the theory that even if it's a bad idea, it might as well be documented. R's, John PS: This is first hand. I know the people involved. -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] Yahoo Groups' From munging and X-Original-From
>Until spammers figure out they can send mail > >From: spam...@evildomain.com >X-Original-From: whate...@yahoo.com This is one of the most annoying things about Yahoo and AOL's misuse of DMARC -- they're practically forcing people to use hacks to show unauthenticated fake From: lines. R's, John -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] Yahoo Groups' From munging and X-Original-From
>a) It seems to me that this or something like it (i.e. new de facto >standard headers to work around the problem) is surely an almost >inevitable outcome anyway. I wouldn't count on it. The reasonable approach to this kind of nonsense is for the relatively small set of ISPs using DMARC policy to whitelist the mail they already know it mishandles. >b) The way things are going all domains will sooner or later publish a >DMARC policy if they want their mail to be accepted anywhere. No, not at all. Comcast sent out a press release specifically saying that they have no plans to publish a DMARC policy record. Remember that AOL and Yahoo had huge security breaches in which crooks stole customer info including address books, and they're misusing DMARC as as panic reaction to try to compensate, sort of. Let's just say this move hasn't made any them friends in the industry. R's, John -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] DMARC handler
>I was wondering about asking someone to make a Mailman handler that >would re-write the From: address after munging to: > >From: Jane Doe (j...@example.com) via listname > >My question now is, is there any reason why re-writing it this way would >be a bad idea? Well, of course, it's a bad idea for all the reasons we know that address munging in general is a bad idea. By my reading of RFC 5322, this is syntactically valid, but it's fairly unsusual to put a parenthesized comment into the display name preceding the angle-addr. Also, if Jane's name happens to have a dot or other punctuation in it, that's not valid, e.g. this is wrong: From: Jane Q. Doe (j...@example.com) via listname You can quote the whole thing to make it OK: From: "Jane Q. Doe j...@example.com via listname" R's, John -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] DMARC handler
>> Yahoo Groups also add something like this in a footer: >> "Posted by: a real name a-n...@a-domain.co.uk" >> and a series of mailto links below that for replying to the original sender >> or to the group. > >Well, won't this break DKIM? Yes, but if it also takes the real author address out of the From: line, it'll avoid DMARC problems. Lists should put their own DKIM signature on outgoing mail, so recipient systems can recognize it as being from the list. That's how it's supposed to work. R's, John -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] Redacted Email Address in Feedback Loop
>I think munging the headers is a sensible practice, as it makes it >a little harder to listwash; the main idea of the FBL as I understand it >is to give you an idea when there's some kind of gross abuse, not that >you are required to unsubscribe anyone who complains about your mail. Munging FBLs is actually fairly stupid, since everyone knows that any sender can hide coded versions of the recipient address somewhere in the message, and most ESPs do. The ISPs I've talked to have told me that their lawyers say they have to do it because the party getting the FBL might not be the same as the sender, or something. As far as what recipients are supposed to do, they want the complaints to stop. They don't care how you do it. R's, John -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] AOL screening Reply-To header thru DMARC ?
>I have a somewhat different issue. I am using dmarc_moderation_action = >Munge From, and when an AOL user posts to the list, the list message >sent back to the user bounces with "521 5.2.1 : AOL will not accept >delivery of this message. (in reply to end of DATA command))". The same >messages sent to other AOL users are accepted by AOL. If you're munging with .INVALID or the like, I have observed that AOL and some other ISPs now refuse mail if the From: domain doesn't resolve. I've changed my hack so it now append a suffix that does resolve (I snagged dmarc.fail) and overimplemented it so the munged addresses actually work. I would be surprised if AOL were doing DMARC checks on Reply-To, and agree that it's not a problem worth solving. But I'll ask around. R's, John -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] All AOL unsubscribed
In article you write: >This morning all of my subscribers with aol addresses were automatically >unsubscribed from my list. > >Why today? I thought all the DMARC issues had been resolved in the latest >mailman version, and it's been 8 months now since the changes at AOL. > >--Any suggestions? AOL has been having serious delivery problems. It's not just you. My suggestion would be to sigh wearily and add the subscribers back in. R's, John -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] Which from, reply and DMARC settings for a discussion group?
># 1) as long as the list is not anonymous, the original From: address >#should be obviously exposed, i.e. not just in a header that MUAs >#don't display. Have you tried any sort of reversible rewriting? On my lists, sending addresses in dmarc'ed domains get a local domain appended on the From: line, e.g. mail From: mari...@yahoo.com -> mari...@yahoo.com.dmarc.fail. (Yes, that's a real domain.) Then I do some local magic so the rewritten addresses work for a few days in case people write back to them. It's gross and disgusting, but no worse than any other dmarc workaround. R's, John -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] List posts sent to AOL list subscribers bounce as undeliverable (v. 2.1.20)
>The issue is that list posts sent to AOL subscriber addresses are now bouncing >as undeliverable with the bounce code: "521 >5.2.1 : AOL will not accept delivery of this message." I see that you have a yahoo.com address. If there's a yahoo.com address on the From: line of the list mail, AOL and Yahoo's well documented abuse of DMARC will cause the failure you're seeing. If you're running a recent version of Mailman, there are some DMARC workarounds you can use. Other than that, I'd find a different address to mail from, not at Yahoo, not at AOL, and preferably not at Gmail. R's, John -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] List posts sent to AOL list subscribers bounce as undeliverable (v. 2.1.20)
>As Mark related, I suspect the issue is DNS related, and AOL is just finally >cracking down on mail sent from this particular list server. If you told us what the domain was, we could provide a lot more help. Really, we don't bite, if you want help, provide the information that will let people help you. R's, John -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] illegible message in moderation approval queue
In article <57e49a8d.1030...@sgeinc.com> you write: > From a quick look, it looks like base64 encoding. Invented back in the >dialup/uucp days when transport was not always 8bit clean so things were >encoded to make sure only transportable characters were used. Well, actually, we uucp users used something called uuencode, and base64 was invented for Internet MIME messages in the 1990s. But if you can forward the message to your mail program, it can probably decode the base64 and you can see what it is. Your hint about the different character set is spot on, that's likely why it's base64 encoded. R's, John > >On 9/22/2016 9:58 PM, Matt Morgan wrote: >> I have a message in a moderation queue. It's from a member (everyone is >> moderated on this list) so I think it's not spam or other junk. But when I >> click to review it, it's not legible. This is all I see in the message >> excerpt: >> >> IENvbnNkaXNsaXN0DQoNCrOqwMcgaVBob25lv6G8rSC6uLO/ >> >> I feel like I've seen other messages that look encoded/illegible in >> moderation, though I don't have other examples right now. What can cause >> this? >> >> For what it's worth, the sender is a speaker of a language that uses a >> different character set, so if that's possible cause, that might be the >> reason here. -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] Find a smtp server to send out emails
>subscriber. Are there smtp service providers allowing unverified email >address to send out emails, or do I have other solutions? There are cloud hosting providers that let you send mail directly, although I can't vouch for the deliverability, since you're typically on a network full of dusty compromised php scripts. Digital Ocean and Tektonic have linux VPS images that should be adequate for modest mailman lists starting at $5/mo. I'd try Tektonic since they do a slightly less bad job of managing outgoing spam. R's, John -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] Authenticated Received Chain in Mailman?
In article <20170608234027.gu8...@nntp.aegisinfosys.com> you write: >Do you think your analysis will change now that AOL and Yahoo! are >now both part of Verizon? Probably not. Verizon's folded their legacy mail system into AOL's. Maybe they'll merge the AOL and Yahoo mail systems, but I would be surprised since they're technically quite different and their users expect different features. R's, John -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] Users being unsubscribed without requesting it.
In article <201708210145.v7l1io7x003...@fire.js.berklix.net> you write: >> Maybe this would foil ISPs who are automatically following this link to >> unsubscribe people. Do ISPs really do this? There are plenty of anti-spam schemes that fetch all the URLs in a message to see whether they're malicious. That's why ESPs usually have a landing page with a confirm link, and why we wrote RFC 8058 which defines a one-click opt-out link that uses POST rather than GET, since the URL malware fetchers all do GETs. R's, John -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] Users being unsubscribed without requesting it.
In article <7e0bd0e4-b837-4d76-3c14-a0b6dfda9...@tnetconsulting.net> you write: >-=-=-=-=-=- >-=-=-=-=-=- > >On 08/21/2017 02:08 PM, John Levine wrote: >> which defines a one-click opt-out link that uses POST rather than GET, >> since the URL malware fetchers all do GETs. > >Why do single click? Why not do confirmed? You can read RFC 8058 and find out about the specific problem it addresses. https://www.rfc-editor.org/info/rfc8058 R's, John -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
[Mailman-Users] Suppress moderation message in mailman 2.1 ?
I run a two-way usenet <-> mailman gateway. When I forward someting from the usenet group to mailman, it gets moderated, which is what I want since a fair amount of the stuff in the usenet group is spam. When mailman mdoerates the message, it sends the usual moderation message to the usenet poster, which many posters find confusing. Even worse, since many usenet posters use fake addresses, the moderation messages can go to random strangers. Is there something I can put in the message header to say not to send the moderation messages? I don't want to turn them off globally since they're fine for people who send mail directly to the list. R's, John -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] Suppress moderation message in mailman 2.1 ?
In article <851008d1-e6dd-bafe-9e85-e1ebaf1b8...@msapiro.net> you write: >So my first question is how/why are the posts being held? Because the people posting from usenet aren't list subscribers. They read the messages on usenet. >> When mailman mdoerates the message, it sends the usual moderation >> message to the usenet poster, which many posters find confusing. > >This should not happen. The code that sends the user notice of a held >post specifically exempts posts from usenet. Clearly it is expecting something that my gateway isn't including. How does it try to guess that a message came from a usenet gateway? R's, John -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] Suppress moderation message in mailman 2.1 ?
In article <8d629943-93d6-2546-71f9-4484d8ecf...@msapiro.net> you write: >cron/gate_news I'm not using that. My news server isn't on the same network as the mailman system, and the gateway is basically a few lines of procmail and formail I've been using for a decade to splice usenet groups to various mailing lists. I don't know what version of mailman they use, it's ntp.org. R's, John -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] options for dealing with DMARC
In article you write: >On 12/28/2017 12:57 PM, Jordan Brown wrote: >> Wikipedia tells me that DMARC passes if either SPF or DKIM passes. That is correct. >Sending domain administrators can require that *both* SPF /and/ DKIM >must pass for DMARC to pass. So your /or/ premise is likely not going >to work out as well as you had hoped. That is wrong. See RFC 7489. R's, John -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] non-subscribers getting through--email address in "Real Name"
In article you write: >Yes. Just about everything can be spoofed to some degree. It really >depends on what information the owner of the purported sending domain >publishes and what filtering / consumption of said information the >receiving server exercises. Well, you know, this is what DMARC is intended to address. While DMARC checks on mail that has passed through mailing lists has all sorts of well known problems, doing DMARC checks on mail that arrives at a list server would be pretty benign. It's pretty rare for the path from a user to the mailman server to do things that would cause DMARC fails. If you want to reinvent DMARC, you could add an option to say that all submissions from me must have a DKIM signature or validated SPF from domain X, where X would usually default to the domain in your e-mail address. R's, John -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] non-subscribers getting through--email address in "Real Name"
In article <1ca714d0-da89-aa23-d247-4faa2133b...@msapiro.net> you write: >DMARC checks won't help prevent posts that spoof a member address unless >every list member's domain publishes a DMARC policy of quarantine or >reject, and even then it only checks the From: domain and not the domain >of other addresses Mailman might use to determine list membership. > >Further, a post with spoofed local part sent by someone in the same >domain might pass DMARC if sent via the domain's servers. That's all true, and if you want bullet proof spoof resistance, you'd have to register PGP or S/MIME keys for the subscriber and require that she sign all her mail. On the other hand, a lot of domains do DKIM signing or publish SPF, and the vast majority of fake From: headers I see are from botnets, not malicious users down the hall from the victim. So if someone is experiencing a lot of botnet spoofage, a setting to say that a user's mail will be authenticated by SPF or DKIM from domain X would get you about 90% of the effect of S/MIME signing everything with 10% of the grief. R's, John -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] non-subscribers getting through--email address in "Real Name"
In article you write: >On 07/19/18 17:11, John Levine wrote: >> In article >> you write: >>> Yes. Just about everything can be spoofed to some degree. It really >>> depends on what information the owner of the purported sending domain >>> publishes and what filtering / consumption of said information the >>> receiving server exercises. >> >> Well, you know, this is what DMARC is intended to address. While >> DMARC checks on mail that has passed through mailing lists has all >> sorts of well known problems, doing DMARC checks on mail that arrives >> at a list server would be pretty benign. It's pretty rare for the >> path from a user to the mailman server to do things that would cause >> DMARC fails. > >Actually, mailing lists and other redistribution are among the places >DMARC notably breaks. The real answer, which was created for this >purpose, is ARC (Authenticated Received Chain). That is designed from >the start to pass through mailing lists unbroken. > >(Or so I'm told.) You missed a key point. I was suggesting DMARC-ish checks on mail *to* a maiing list, where they should work fine. Mail *from* a mailing list is indeed screwed up by DMARC which is why I've been working on ARC libraries. R's, John -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] ARC, was non-subscribers getting through--email address in "Real Name"
In article you write: >On 07/19/2018 05:27 PM, Mark Sapiro wrote: >> The problem is downstream has to trust me. If I'm gmail.com, I'll probably >> be trusted. If I'm msapiro.net, probably not. Python.org, who knows. > >Yep. > >I've not yet seen any indication that there will be any good way to >establish this trust relationship, save for traditional >Business-to-Business methods. At least I'm not aware of anything more >automatic. > >Thus I question how useful ARC will be for small operators. :-/ I know people working on whiteish lists to use with ARC, to say that these domain are known to host real mailing lists so you should believe their ARC assertions. R's, John -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] non-subscribers getting through--email address in "Real Name"
In article <0590fe51-3f96-754d-d155-af0eb9ca4...@spamtrap.tnetconsulting.net> you write: >-=-=-=-=-=- >-=-=-=-=-=- > >On 07/19/2018 04:59 PM, Phil Stracchino wrote: >> Actually, mailing lists and other redistribution are among the places >> DMARC notably breaks. > >Does DMARC actually break or otherwise behave in a manner contrary to >it's specification? No, it was specified in full knowledge that it would break pretty much every mailing list on the planet if used on domains with human users, instead of its intended target of notices from robot domains like paypal.com. That's why we have ARC, once AOL and Yahoo abused it to solve the problem they created when they let crooks steal their users' address books. R's, John PS: This isn't conspiracy theorizing, I know the people involved. -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] ARC, was non-subscribers getting through--email address in "Real Name"
In article <1fb88a39-0acd-f34f-c504-9eb217a75...@spamtrap.tnetconsulting.net> you write: >Is there some place that I can find out more about these people and / or >their projects? See the archives of the ARC mailing lists. >Aside: What does hosting mailing lists or not have to do with believing >their ARC assertions? - I would hope that the ARC white lists state >that these senders are probably trust worthy, independent of mailing >lists or not. Every domain added to a whitelist like this involves manual work. Why would you waste time on domains that aren't likely to send mail with ARC headers? R's, John -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] non-subscribers getting through--email address in "Real Name"
In article you write: >-=-=-=-=-=- >-=-=-=-=-=- > >On 07/22/2018 02:03 PM, John Levine wrote: >> No, it was specified in full knowledge that it would break pretty much >> every mailing list on the planet if used on domains with human users, >> instead of its intended target of notices from robot domains like >> paypal.com. > >I choose to believe the mailing lists were behaving improperly. Oh, OK, sorry to disturb you. R's, John -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] ARC, was non-subscribers getting through--email address in "Real Name"
In article you write: >On Sun, Jul 22, 2018 at 3:18 PM Grant Taylor via Mailman-Users < >mailman-users@python.org> wrote: > >> On 07/21/2018 02:24 PM, John Levine wrote: >> > I know people working on whiteish lists to use with ARC, to say that >> > these domain are known to host real mailing lists so you should believe >> > their ARC assertions. > >Why not just have that list, and a X-Trust-Me: YES header? It would be much >simpler to implement than ARC. There turns out to be an actual answer to this question, which I have asked people from Google. When someone gets his address book stolen from his botted PC, spamware will send spam to everyone in his address book using his address on the From: line. If some of those addresses are lists, those lists will generally forward the spam even though they are otherwise legit. Google tells me this happens often enough that they can't just whitelist mailing lists, and ARC gives them the clues to tell forwarded bot spam from forwarded real mail. I've certainly seen it both on lists I run and lists I subscribe to. As I said a few messages ago, if lists did more stringent tests on incoming mail, a lot of this complexity could be avoided, but they don't so it can't. R's, John -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] non-subscribers getting through--email address in "Real Name"
In article <78baab65-f7d3-ce56-bc36-a16a15118...@spamtrap.tnetconsulting.net> you write: >> If AOL and Yahoo just used the quarantine option for DMARC, it wouldn’t >> have been quite as bad. But they ABUSED DMARC by their settings. > >I still don't grok what you are considering "abuse" in this context? > >Rather than speculating, please clarify what the abusive activity was. Turning it on for aol.com, yahoo.com, and other domains with user mailboxes, to outsource the pain of the spam they were getting due to letting user address books be stolen. >My understanding is that AOL and Yahoo leveraged DMARC to expressly >identify messages that originated from AOL and Yahoo. Or said another >way, they leveraged DMARC to make it easy for receiving servers to >identify messages that are not being sent from AOL or Yahoo servers >/during/ that current SMTP transaction. Right, thereby causing a great deal of entirely legitimate mail that DMARC cannot describe to go missing, along with a certain amount of spam. We've been cleaning up their mess ever since. R's, John PS: >Did they do so knowing that there would likely be a problem with >traditional .forward(ing) and mailing lists? Quite likely. Was an >internal business decision made that publishing such information and >dealing with the ramifications of .forward(ing) and mailing lists more >important than allowing bad actors to continue pretending to be AOL or >Yahoo? Extremely likely. Yes, they explicitly decided that the costs they imposed on innocent bystanders were Not Their Problem. -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] non-subscribers getting through--email address in "Real Name"
In article <88902b3b-7cb3-7991-15c4-4dbc10762...@msapiro.net> you write: >In that sense, many of us think that the person who wrote the post is >still the author even if the list made a few simple changes that didn't >alter the basic text of the original message while the list is a Sender: > >That's why we believe that Munge From is non-compliant. ... Quite right. Beyond the standards theology, there is the practical problem that where the message list in your inbox used to tell you who wrote the list messages, now it all seems to come from the list alias. In my world, some people's contributions are a lot more interesting than others, and losing the info about who wrote what makes all lists less useful. R's, John -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] non-subscribers getting through--email address in "Real Name"
In article <885f93f0-36ec-d74f-7c5f-52b42f2d6...@jordan.maileater.net> you write: >Hmm. It would take MUA changes to be fully effective, but a possibility >that comes to mind is to have mailing lists leave the original message >absolutely unmodified, but wrap it in a message that comes "from" the >mailing list. That way everything about the message is verifiably true. Yeah, we've tried that. It would in effect make each message a one-message digest. Let me just say that it would take a LOT of changes to a lot of MUAs to make that work acceptably. R's, John -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] non-subscribers getting through--email address in "Real Name"
In article <885f93f0-36ec-d74f-7c5f-52b42f2d6...@jordan.maileater.net> you write: >Hmm. It would take MUA changes to be fully effective, but a possibility >that comes to mind is to have mailing lists leave the original message >absolutely unmodified, but wrap it in a message that comes "from" the >mailing list. That way everything about the message is verifiably true. Please see other messages in this thread. Wrapping messages is an old idea, effectively making each message into a one-message digest, something Mailman can already do. The problem is that MUAs vary from so-so to awful when displaying them. -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] Undelivered Mail Returned to Sender
In article <20180804141855.7510026c1...@sharky3.deepsoft.com> you write: >-=-=-=-=-=- > >Do you have access to your inbound mail server? If so, you need to arrange for >that server to *reject* all mail connections from qq.com. qq.com is a >*notorious* source of spam (there are no legitimate E-Mail addresses @qq.com). >You might also want to firewall Chinese IP addresses as well. Actually, there are millions of legitimate e-mail addrsses at qq.com. It's Tencent, the giant Chinese company that owns Wechat, which has 900 million active users, all with an e-mail address linked to their Wechat accounts. Nearly all of the users are in China, so if you don't expect anyone from China to subscribe to your lists, I suppose you can block them. -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] gmail
In article <5b99c857.19328.61f1d...@bernie.fantasyfarm.com> you write: >Well, something changed between Thursday and Friday, because posts to the list >were fine and this one generated a bounce for every gmail member. Any chance that the message in question had a From: address in a domain that publishes a restrictive DMARC policy? That can cause bounces all over the place. The usual suspects here are aol.com and yahoo.com, but a lot of companies that believe (usually wrongly) that they have a problem that DMARC can solve set DMARC policies, too. R's, John -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
[Mailman-Users] Mailman consultants ?
An organization I know runs a bunch of Mailman lists for their members, and the last person who understood Mailman recently quit. It's a few dozen lists, none more than about 500 members. They're looking for someone to do the tech work, install updates, set up configuration arcana, stuff like that. The lists all have members who manage them, no dealing with actual users expected. They're in Boston MA but remote work is fine. It'd be very part time, probably paying a fixed monthly fee. Is there a list of people who do this kind of stuff? Or is there some other place I should inquire? Regards, John Levine, jo...@iecc.com, Primary Perpetrator of "The Internet for Dummies", Please consider the environment before reading this e-mail. https://jl.ly -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] Microsoft blocking our Mailman lists
In article you write: >Hi, > >Unfortunately, yes, I have seen this behavior from Microsoft. I have no >idea what triggers it, but my Linode IP has been blocklisted twice, once >a bit over three years ago, and another time less than two weeks ago. It may well not be you. Linode does a poor job of keeping their network clean of spammers and other miscreants. They always kick them off when you report it, but by then it's too late, so their whole network has an iffy reputation. Linode's hosting is nothing special, either in features or price. You might consider moving your system somewhere else that manages their network better. -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] email to sms?
In article <5a065a2d-14cb-3f60-7175-0f2b81ed4...@spamtrap.tnetconsulting.net> you write: >The only free services that I've seen have been operated by the cellular >networks for their customers. Agreed. They are heavily rate limited to deter spam so they're not great for mailing lists. >I don't see how to overcome either of these limitations. Maybe there is >a way. If you actually want to send SMS, you need to pay for it through one of the many SMS API services. It costs on the order of 0.7c/message to US numbers which seems pretty cheap to me, but I suppose that depends how valuable you think your lists are. Trying to integrate directly with mailman would be a nightmare, but you could easily set up a kludge where people subscribed separately to the SMS forwarder, subscribe a special local forwarder address to the mailman list, and then tie a script to that address that takes the contents of the messages and passes it to the SMS API. (Stripping out all the extra cruft, of course.) -- Regards, John Levine, jo...@iecc.com, Primary Perpetrator of "The Internet for Dummies", Please consider the environment before reading this e-mail. https://jl.ly -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] What to do about SPF rejection?
In article you write: >Dear all, > >I today saw three bounces where the receiving mail server had said: > >host mail.gfbv.de[185.199.217.16] said: 550 external MTA >sending our header From: (in reply to >end of DATA command) > >The SPF record for gfbv.de is > >gfbv.de. 86400 IN TXT "v=spf1 mx >a:epicmail1.newsaktuell.net ~all" > >I am not sure, whether mailman 2 has any workaround for this like for >the DMARC issue > >Can anyone spot, whether there is something wrong with the SPF record? >Whose fault is it? Theirs. That message says they apparently have a policy of rejecting any incoming mail with their domain on the From: line. They can do that if they want, but it means that none of their users can participate in mailing lists. I suppose you could further screw up your list and do DMARC rewrites even for domains without DMARC policies, but I'd suggest contacting whoever is subscribed there and encourage him or her to subscribe from an address that isn't gratuitiously hostile to mailing lists. Regards, John Levine, jo...@iecc.com, Primary Perpetrator of "The Internet for Dummies", Please consider the environment before reading this e-mail. https://jl.ly -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
[Mailman-Users] Re: AT&T RBL again
It appears that Mark Sapiro said: >> FWIW, a couple of my regular correspondents have said that DO generally >> does not have a great email reputation, and that they're moving lists to >> other platforms. > >That's probably correct, but are there other cloud VPS providers that >are better at hosting MTAs? DO really is bad, and I block most of their IP ranges, poking the occasional hole for mail I really want. There are better hosting providers. There are some that don't enable outgoing mail unless you ask and some that do some sort of filtering on outgoing port 25. I use tektonic.net which does the latter but the filters are mild enough that outgoing STARTTLS works fine. R's, John -- Mailman-Users mailing list -- mailman-users@python.org To unsubscribe send an email to mailman-users-le...@python.org https://mail.python.org/mailman3/lists/mailman-users.python.org/ Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/ https://mail.python.org/archives/list/mailman-users@python.org/
