Re: [Mailman-Users] Squirrelmail and wrapped messages
Peter Shute writes: I can't see how wrapping would work for us, there are just too many different mail clients involved, and I assume the same would apply to lots of lists. Agreed. I wrap because I *can*; my XEmacs lists have no Yahoo! or AOL posters who would cause complaints, and my student list members wouldn't dare complain. :-) Practically speaking, wrapping is an option only because we (I know Mark agrees with me, at least) want to provide a fully RFC-compliant workaround, even if in practice the MUAs force lists to use munging. I also can't see it working to let the sender choose how their emails will be treated. I don't think anybody is thinking of that. -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
[Mailman-Users] Squirrelmail and wrapped messages
Ed Ravin writes: How have other Mailman admins dealt with this? The only ways to deal with deficient MUAs are Plan A = pander and Plan B = tell their users to suck it up and shut up. I won't do Plan A and have the power to do Plan B, so Plan B is what I use. That doesn't work for everybody, probably does not for a majority of list owners (eg, where the users of deficient MUAs are customers). The situation is not ideal. Yahoo! and AOL knew that going in, they thought about it, and chose to do it anyway. So *we* have to suck it up. There is ongoing work at the IETF to see if we can mitigate the problem better in the future (and Yahoo! at least seems willing to work with those Yahoo!-side mitigations -- AOL has not yet demonstrated an understanding of the issues), but for now we list owners have an unpleasant choice to make. I wonder if it's possible to to make wrapped messages a user preference, or have them only turned on for certain domains as discussed previously. Is this a patch that would be accepted in the future? As Mark mentioned, applying only to posts From domains that use p=reject is possible in 2.1.18-1. Acceptance of a patch to make it a user preference might be acceptable (that's entirely up to Mark), but it would have to be carefully done to ensure that *some* mitigation (probably From-munging) would be applied if the list owner specified she wants mitigation. That's because failure to apply to mitigation to messages that would be DMARC rejected affects third parties (to the extent that the bounces can't be identified as DMARC rejects, they will be scored as bounces from those subscribers, and innocent[1] subscribers could have their subscriptions disabled). Footnotes: [1] Though not entirely so. Concealing the fact that the reject was a DMARC policy reject is not useful since it says very little about *destination* policy, even if the destination prefers to conceal its own security policy to present a smaller attack surface. -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] Squirrelmail and wrapped messages
On 10/25/2014 07:42 PM, Ed Ravin wrote: I've converted a list to Mailman, and as I posted previously, I decided to use wrapped messages to keep AOL's hairtrigger spam filters from discarding incoming messages from AOL users. I'm not sure what your specific AOL issue is, but as I posted previously https://mail.python.org/pipermail/mailman-users/2014-October/077908.html, I don't see it, at least not in the form that you appear to. Now I'm getting complaints from Outlook 2007 and Squirrelmail users that the messages from Mailman show up as text attachments that aren't automatically displayed or previewed. That is a problem with some MUAs. Some are just plain bad at rendering messages with message/rfc822 subparts like the DMARC wrapped messages and MIME format digests. It looks like Outlook 2007 users can turn previewing on, but I don't see any such options for Squirrelmail. There probably aren't any in Squirrelmail. How have other Mailman admins dealt with this? Ultimately, I relented and set dmarc_moderation_action to Munge From. I didn't want to, but there were too many complaints about the wrapped messages. If I understand correctly, you at least think that AOL doesn't like your messages with munged from because of the address in Reply-To:. Note that the AOL SMTP response you posted earlier was a 421 status that is a retryable error. Did the retry succeed. If so, this is more like greylisting than rejection. I wonder if it's possible to to make wrapped messages a user preference, or have them only turned on for certain domains as discussed previously. Is this a patch that would be accepted in the future? Mailman 2.1.18-1 has the ability to only apply DMARC mitigations to messages From: domains that publish DMARC p=reject and optionally p=quarantine policies. But, I think what you mean by certain domains is messages To: a certain domain like aol.com, and Mailman doesn't do that. It wouldn't be too difficult to patch Mailman to do that, but I have no plan to do that. There is no plan to make the choice between wrapping vs. munging From: a user option, but it could be considered for a future release. The bottom line is DMARC forces choices on a list manager, none of which are totally transparent to the list user experience. You can always set dmarc_moderation_action to reject and provide a rejection message which tells the poster that posts from domains with DMARC p=reject (or quarantine) policies are not accepted and they need to find another freemail ESP to use for posting. On the other hand, As I posted before, I don't see that your issue with AOL is a DMARC issue at all. -- Mark Sapiro m...@msapiro.netThe highway is for gamblers, San Francisco Bay Area, Californiabetter use your sense - B. Dylan -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
[Mailman-Users] Squirrelmail and wrapped messages
I've converted a list to Mailman, and as I posted previously, I decided to use wrapped messages to keep AOL's hairtrigger spam filters from discarding incoming messages from AOL users. Now I'm getting complaints from Outlook 2007 and Squirrelmail users that the messages from Mailman show up as text attachments that aren't automatically displayed or previewed. It looks like Outlook 2007 users can turn previewing on, but I don't see any such options for Squirrelmail. How have other Mailman admins dealt with this? I wonder if it's possible to to make wrapped messages a user preference, or have them only turned on for certain domains as discussed previously. Is this a patch that would be accepted in the future? -- Ed -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org