On Thu, 2021-04-15 at 10:28 +0200, Alessandro Vesely wrote:
> Hi,
>
> I discovered this just today, after a list I'm subscribed to enabled it.
>
> I have a filter which tries to validate original signatures by removing
> footers
> and subject tags. Removing "X-Mailman-Original-" is going to be
On Sat, 2020-02-29 at 16:26 +0900, Stephen J. Turnbull wrote:
>
> As always in open source, everybody in general is invited, (almost)
> nobody gets a personal invitation.[1] It's unfortunate that the way
> things work folks like you and Jim don't find it so easy to pop over
> to mailman-developer
On Fri, 2019-08-09 at 17:10 +0900, Stephen J. Turnbull wrote:
> Abhilash Raj writes:
> > + Mailman Developers, since this seems like a general discussion topic.
> >
> > On Thu, Aug 8, 2019, at 2:01 AM, Mike Gabriel wrote:
> > > Hi Abhilash,
> > >
> > > I just looked into the two recent merg
On Fri, Jun 13, 2014 at 12:39 AM, Stephen J. Turnbull
wrote:
> Jim Popovitch writes:
>
> > > Do you have specific complaints?
> >
> > Yes. Unless it's not already understood... the original idea
> > behind DMARC centered around non-human transactio
On Thu, Jun 12, 2014 at 10:07 PM, Stephen J. Turnbull
wrote:
> John R Levine writes:
>
> > Honestly, Tough Noogies. Let list managers make their own security
> > decisions.
>
> Revealing a user password is not a list security decision, it's a user
> security decision. Asking users for their pa
On Thu, Jun 12, 2014 at 9:59 PM, Stephen J. Turnbull wrote:
> Jim Popovitch writes:
>
> > AND THEN, a (that very same senior admin?)
>
> All are the same person I suppose, Elizabeth Zwicky.
>
> > Yahoo! employee got involved in the DMARC spec and it became the
On Thu, Jun 12, 2014 at 6:02 PM, Stephen J. Turnbull wrote:
>
> A senior admin at Yahoo! was very clear on damrc@ietf that they want
> their vanilla users covered by "p=reject" because the threat model
> (which is not phishing, it's "recommended by friend" spam) involves user
> mailboxes.
Yeah,
On Thu, Jun 12, 2014 at 10:18 AM, John Levine wrote:
> * Forwarding signature
>
It seems to me that a non-DMARC subdomain, for users, would be easier and
better for all..
> * Submit and sign
>
Oh god, NO!
-Jim P.
___
Mailman-Developers mailing l
On Tue, May 6, 2014 at 1:37 PM, Mark Sapiro wrote:
> A critical incompatibility between the Mailman 2.1.18 final release and
> Python versions older than 2.6.5 or thereabouts affecting the DMARC Wrap
> Message action was discovered and fixed. This incompatibility also
> existed in the 2.1.16 and 2
. continued from the mailman-users list...
On Sun, Apr 13, 2014 at 10:12 PM, Barry Warsaw wrote:
> On Apr 14, 2014, at 11:03 AM, Stephen J. Turnbull wrote:
>
>>Given that the whole site is at risk, should it be an option for list
>>owners at all?
>
> This is a good point. It may make sense f
On Tue, Mar 25, 2014 at 12:34 PM, Ian Eiloart wrote:
> Hi,
>
> That's interesting. Is it a script that can be called from the command line?
It is exactly a script that is called from the command line. Postfix
"spawn" service listens on an IP and spawns a process, and returns the
output back to p
On Thu, Mar 20, 2014 at 1:10 PM, Jim Popovitch wrote:
> On Thu, Mar 20, 2014 at 9:17 AM, Ian Eiloart wrote:
>>
>> For me, the big win for spam prevention with mailing lists is the
>> restriction on posters: it's what keeps mailing lists relatively spam free.
>>
On Thu, Mar 20, 2014 at 9:17 AM, Ian Eiloart wrote:
>
> For me, the big win for spam prevention with mailing lists is the restriction
> on posters: it's what keeps mailing lists relatively spam free. Most sites
> don't like to bounce messages that they've previously accepted, so that means
> th
On Thu, Nov 7, 2013 at 8:11 PM, Franck Martin wrote:
>
> Then wait for the final cut before submitting patches...
The only reason there is a patch is because someone (ahem, cough
cough) implemented a trial spec into a production email address used
to send email to a spam fighting mailinglist whic
On Thu, Nov 7, 2013 at 7:44 PM, Franck Martin wrote:
>
> - Original Message -
>> From: "Jim Popovitch"
>> To: Mailman-Developers@python.org
>> Sent: Thursday, November 7, 2013 11:49:30 AM
>> Subject: Re: [Mailman-Developers] Mailman DMARC
On Thu, Nov 7, 2013 at 5:12 PM, J. Trent Adams wrote:
> should provide an option to participate in as secure communication as
> possible.
Randomly applying security distinctions, to RFC de'jour, is not really
helping. If you want true message security, then PGP/GPG is the only
universal way.
On Thu, Nov 7, 2013 at 1:23 PM, J. Trent Adams wrote:
>
> Jim -
>
> On 10/20/13 4:17 PM, Jim Popovitch wrote:
>> Hello,
>>
>> Having read the archives, I see that (at least 6 of) you are aware of
>> DMARC, or as I like to call it YAPFS. (Yet Another Panace
On Thu, Nov 7, 2013 at 1:27 PM, Franck Martin wrote:
> To be noted, the procedure, in this patch, to find the policy record in the
> DNS, is not in line with the best current practice specified in the DMARC
> spec, far from it.
Care to offer some insight?
> Also, what about p=quarantine?
I thin
Hello,
Having read the archives, I see that (at least 6 of) you are aware of
DMARC, or as I like to call it YAPFS. (Yet Another Panacea For Spam)
:-)
Earlier this year Mark asked me to run by MM-Dev a patch that Phil
Pennock and I collaborated on. Mark, thank you for your valuable
feedback, I ha
On Fri, Feb 18, 2011 at 11:01, Mark Sapiro wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> On 2/13/2011 1:58 PM, Mark Sapiro wrote:
>> An XXS vulnerability affecting Mailman 2.1.14 and prior versions has
>> recently been discovered. A patch has been developed to address this
>> issue.
Mark,
I just wanted to send a Thank You for the way this security patch was
handled. The heads-up email was perfect and very much appreciated.
Thank you also, to yourself, Barry, and ALL the Mailman Developers,
for the high quality of work that goes into Mailman.
-Jim P.
On Thu, Sep 9, 2010 at
21 matches
Mail list logo
