[nmh-workers] FSF is changing Mailman list settings unless you opt out (fwd)
Everyone, I received this email, and I wanted to pass it along. The executive summary is: in the near future subject lines to nmh-workers will no longer be prefixed with "[nmh-workers]" and there won't be a footer at the end of the message anyone saying that this is the nmh-workers mailing list. You can read the details in the message for the complete technical reasons why this is happening; the other option is to do what is called "Munge From" and I personally think this is 100x worse (I am on a Yahoo mailing list where this is done and I hate it). If people think we should switch to "Munge From" for this mailing list, then please make your case here. --Ken --- Begin Message --- The Free Software Foundation is making changes to our GNU Mailman systems. You are being notified because you are listed as a Savannah administrator ( https://savannah.gnu.org/ or https://savannah.nongnu.org/ ) for the group(s) that have the following mailing list(s): nmh-workers We plan to change the list settings in about one week unless you or another savannah group administrator or someone who's email is listed in the Mailman list administration as list owner opts out by replying to sysad...@gnu.org and asking to opt out for those lists. The reason for the change is that messages sent from users with strict DMARC policy domains like yahoo.com were being rejected when sent to list subscribers by Mailman. DMARC adoption is growing. See the end of this email for a technical overview of DMARC and DKIM. There are two ways to fix the issue by changing Mailman list settings. The first option, and the preferable way for discussion lists, is what we call the "unmodified message fix." There are Mailman list settings which modify the messages by adding a subject prefix (e.g. [list-name]) or a footer. Modifying the message breaks DKIM message signatures and thus DMARC. Following this option, we will turn those settings off. Many lists are already this way. Instead of using the subject prefix to identify a list, subscribers should use the "List-Id" header, To, and Cc. List footer information can also be be put in the welcome email to subscribers and the list information page by list administrators. The second option is for lists which want or need to continue to modify the message, for example with subject prefix or footer settings. In this case, we set dmarc_moderation_action: "Munge From". With this setting, if a strict DMARC sender sends to the list, Mailman alters the headers of that message like so: A message sent to the list: To: alist@listdomain From: Anne Example Person Is modified and sent to subscribers as: To: alist@listdomain From: Anne Example Person via Alist Reply-To: Anne Example Person Without going into all of the details, here's a few points about why we concluded the unmodified message fix is better for discussion lists. Email clients don't all treat munged messages the same way as unmunged, and humans read these headers so it can confuse people, causing problems like replies not sent to the expected recipients and tripping up tools that read emailed patches. GNU Mailman has an option to do "Munge From" always, but does not recommend using it[1]. While we're not bound by what others do, it's worth noting that other very large free software communities like Debian GNU/Linux have adopted the unmodified message fix[2]. The unmodified messages fix avoids breaking DKIM cryptographic signatures, which show the message was authorized by the signing domain and that seems like a generally good thing for security. There are a few very rare messages where a DKIM signature is bad and we still do from munging through Exim: 1. messages from misconfigured email servers. 2. If a strict DMARC sender's message is modified by list content filtering settings (attachment removal, or plain-text conversion for html-only email). We applied the munge from fix recently as it is initially less disruptive, but now are switching discussion lists to unmodified messages unless they opt out. We will notify the list directly when we make the prefix & footer change. For any Mailman list administrator who wants to change or look over the relevant settings: The dmarc_moderation_action setting is under "Privacy Options" subsection "Sender Filters". The only options that should be selected are "Accept" or "Munge From", along with corresponding changes to the subject_prefix option under "General Options", and msg_footer is under "Non-digest options". Please send any questions that should be public to mail...@gnu.org. For private ones, just reply to sysad...@gnu.org. For the general announcement of these changes and more details, see https://lists.gnu.org/archive/html/savannah-hackers-public/2019-06/msg00018.html and https://lists.gnu.org/archive/html/savannah-hackers-public/2019-09/msg00016.html A short DMARC technical overview: DMARC policy is a DNS txt record at a _dmarc subdomain. For example: $ host -t txt _dmarc.yahoo.com _
Re: [nmh-workers] FSF is changing Mailman list settings unless you opt out (fwd)
Ken Hornstein wrote in <20190926163645.c801a82...@pb-smtp20.pobox.com>: |Everyone, | |I received this email, and I wanted to pass it along. The executive |summary is: in the near future subject lines to nmh-workers will no |longer be prefixed with "[nmh-workers]" and there won't be a footer |at the end of the message anyone saying that this is the nmh-workers |mailing list. You can read the details in the message for the complete |technical reasons why this is happening; the other option is to do |what is called "Munge From" and I personally think this is 100x worse |(I am on a Yahoo mailing list where this is done and I hate it). If |people think we should switch to "Munge From" for this mailing list, |then please make your case here. Yuck. As a purely rhetorical note, do they have a plan to upgrade from the TLS 1.0 they use. (And i hope this does not qualify as sexual harassment. It is not! I eat at home, like the Beatles.) --steffen | |Der Kragenbaer,The moon bear, |der holt sich munter he cheerfully and one by one |einen nach dem anderen runter wa.ks himself off |(By Robert Gernhardt) -- nmh-workers https://lists.nongnu.org/mailman/listinfo/nmh-workers
Re: [nmh-workers] FSF is changing Mailman list settings unless you opt out (fwd)
>Yuck. As a purely rhetorical note, do they have a plan to upgrade >from the TLS 1.0 they use. (And i hope this does not qualify as >sexual harassment. It is not! I eat at home, like the Beatles.) I ... do not know about the TLS 1.0 issues, nor do I see how it's relevant to this discussion. --Ken -- nmh-workers https://lists.nongnu.org/mailman/listinfo/nmh-workers
Re: [nmh-workers] FSF is changing Mailman list settings unless you opt out (fwd)
Ken Hornstein wrote in <20190926174635.3b44384...@pb-smtp20.pobox.com>: |>Yuck. As a purely rhetorical note, do they have a plan to upgrade |>from the TLS 1.0 they use. (And i hope this does not qualify as |>sexual harassment. It is not! I eat at home, like the Beatles.) | |I ... do not know about the TLS 1.0 issues, nor do I see how it's relevant |to this discussion. I am sorry, i was in galop and you had to suffer the consequences. It was also not meant to address you as "you", it is just that i always hit "r" and if there is no reply-to: or mail-followup-to: then the list is not the sole receiver. I am not a cryptographer therefore i also do not know about TLS 1.0 issues, except .. that diediedie IETF draft, that the money changers deprecated it to June 2018 at latest, and that the big companies deprecate it (and the different/newer 1.1) in .. spring (?) next year. And that i really would like to slim my vserver ssl/tls conf. (eggs.gnu.org is the _only_ mail service that i know that uses TLS1.0:DHE_RSA_AES_256_CBC_SHA1; i accidentally stumbled over this a few months ago, when looking into my archives.) And it is entirely unrelated to this thread of course. I personally feel sad because of the direction all this goes to. That From: rewriting is just sick, it makes me sick. Thank you. RFC 4871 on DKIM says at least A common practice among systems that are primarily redistributors of mail is to add a Sender header field to the message, to identify the address being used to sign the message. This practice will remove any preexisting Sender header field as required by [RFC2822]. The forwarder applies a new DKIM-Signature header field with the signature, public key, and related information of the forwarder. whereas the Yahoo! only RFC 7489 says It has been suggested in several message authentication efforts that the Sender header field be checked for an identifier of interest, as the standards indicate this as the proper way to indicate a re-mailing of content such as through a mailing list. 1. The main user protection approach is to be concerned with what the user sees when a message is rendered. There is no consistent behavior among MUAs regarding what to do with the content of the Sender field, if present. Accordingly, supporting checking of the end user might never actually see, which can create a vector for attack against end users by simply forging a Sender field containing some identifier that DMARC will like. For the MUA i maintain they at least can when they want. What the is that? People are too stupid to get this additional field right (look who they are voting!), so lets just not even consider this. This goes in line with the web browser community, they also do not get it right and do not show TLS status, content blocking, Unicode related lookalike thingies, or any such stuff. No, not me, Yahoo!, this is too exhausting, and i do not have any control over it!! 2. Although it is certainly true that this is what the Sender field is for, its use in this way is also unreliable, making it a poor candidate for inclusion in the DMARC evaluation algorithm. They break a field already present in RFC 822 from 1982. That is certainly true. They should just have followed the RFCs and maybe adjusted From: to also include the list address, then resign it (maybe), moving the original author to Sender:. Maybe. But hey the job is done, maybe they got a bonus. Sounds bitter. Baeh. Good night from Germany. --steffen | |Der Kragenbaer,The moon bear, |der holt sich munter he cheerfully and one by one |einen nach dem anderen runter wa.ks himself off |(By Robert Gernhardt) -- nmh-workers https://lists.nongnu.org/mailman/listinfo/nmh-workers
Re: [nmh-workers] FSF is changing Mailman list settings unless you opt out (fwd)
>And it is entirely unrelated to this thread of course. I mean, at least we're in agreement there :-/ And I'm not even sure WHY you care about what version of TLS that eggs.gnu.org supports, since it is handling messages for public mailing lists. >I personally feel sad because of the direction all this goes to. Sigh. Well, if you want to just scream at the void, ok ... I can understand that (I wish you wouldn't scream on nmh-workers, personally). But ... DKIM/SPF/DMARC all exist because of spam. While I don't agree with Yahoo's solution and if we had to do it all over we'd deal with things very differently, I understand and can sympathize with the decisions they have made. --Ken -- nmh-workers https://lists.nongnu.org/mailman/listinfo/nmh-workers
Re: [nmh-workers] FSF is changing Mailman list settings unless you opt out (fwd)
On Thu, 26 Sep 2019 12:36:41 -0400, Ken Hornstein said: > I received this email, and I wanted to pass it along. The executive > summary is: in the near future subject lines to nmh-workers will no > longer be prefixed with "[nmh-workers]" and there won't be a footer > at the end of the message anyone saying that this is the nmh-workers OK by me., my procmailrc already uses '*^(To:|cc:).*nmh-workers@nongnu.org' so it won't bother my set-up. > mailing list. You can read the details in the message for the complete > technical reasons why this is happening; the other option is to do > what is called "Munge From" and I personally think this is 100x worse Amen to that. Listserv also adopted a Munge-from solution, and the users rioted. In particular, the users whose From: got munged were incensed, because it makes 'reply from' very ugly and sometimes non-functional. (For the backstory of why this matters - if a Yahoo user (as opposed to a random non-Yahoo-using yahoo) sends a mail to a list, and the list modifies the Subject: line, then when it gets to the final recipient, their MTA looks at it, sees that Yahoo specifies very strict DMARC, which got borked by the change of the Subject: line. If the recipient MTA does DMARC checking on receipt, it potentially generates either a 5xx error inline or a bounce message that eventually get back to Mailman/Listserv/ whatever list management software. The end result is that if enough Yahoo users post to a list in a short time period, then you have a flurry of *NON*-Yahoo users being mysteriously unsubscribed from the list for no really immediately obvious reason. pgpKnrl8BOnkQ.pgp Description: PGP signature -- nmh-workers https://lists.nongnu.org/mailman/listinfo/nmh-workers
Re: [nmh-workers] FSF is changing Mailman list settings unless you opt out (fwd)
Thus said Ken Hornstein on Thu, 26 Sep 2019 12:36:41 -0400: > You can read the details in the message for the complete technical > reasons why this is happening; the other option is to do what is > called "Munge From" and I personally think this is 100x worse (I am on > a Yahoo mailing list where this is done and I hate it). I won't mind if the Subject stops being mangled (I use the list-post header for filtering). I also won't mind if the body stops being mangled with additional MIME parts; the same information is already available in the list-(un)?subscribe headers) and I'm of the opinion that list control mechanisms belong in headers. Besides, how often does someone accidentally get subscribed to a mailing list anymore? I don't think however, that "Munge From" sounds like a good idea. Thanks, Andy -- TAI64 timestamp: 40005d8d7d75 -- nmh-workers https://lists.nongnu.org/mailman/listinfo/nmh-workers
