[nmh-workers] FSF is changing Mailman list settings unless you opt out (fwd)

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
29 messages Options
12
Reply | Threaded
Open this post in threaded view
|

[nmh-workers] FSF is changing Mailman list settings unless you opt out (fwd)

Ken Hornstein-2
Everyone,

I received this email, and I wanted to pass it along.  The executive
summary is: in the near future subject lines to nmh-workers will no
longer be prefixed with "[nmh-workers]" and there won't be a footer
at the end of the message anyone saying that this is the nmh-workers
mailing list.  You can read the details in the message for the complete
technical reasons why this is happening; the other option is to do
what is called "Munge From" and I personally think this is 100x worse
(I am on a Yahoo mailing list where this is done and I hate it).  If
people think we should switch to "Munge From" for this mailing list,
then please make your case here.

--Ken

The Free Software Foundation is making changes to our GNU Mailman
systems.

You are being notified because you are listed as a Savannah
administrator ( https://savannah.gnu.org/ or
https://savannah.nongnu.org/ ) for the group(s) that have the following
mailing list(s):

nmh-workers

We plan to change the list settings in about one week unless you or
another savannah group administrator or someone who's email is listed in
the Mailman list administration as list owner opts out by replying to
[hidden email] and asking to opt out for those lists.

The reason for the change is that messages sent from users with strict
DMARC policy domains like yahoo.com were being rejected when sent to
list subscribers by Mailman. DMARC adoption is growing. See the end of
this email for a technical overview of DMARC and DKIM. There are two
ways to fix the issue by changing Mailman list settings.

The first option, and the preferable way for discussion lists, is what
we call the "unmodified message fix." There are Mailman list settings
which modify the messages by adding a subject prefix (e.g. [list-name])
or a footer. Modifying the message breaks DKIM message signatures and
thus DMARC. Following this option, we will turn those settings off. Many
lists are already this way. Instead of using the subject prefix to
identify a list, subscribers should use the "List-Id" header, To, and
Cc.  List footer information can also be be put in the welcome email to
subscribers and the list information page by list administrators.

The second option is for lists which want or need to continue to modify
the message, for example with subject prefix or footer settings.  In
this case, we set dmarc_moderation_action: "Munge From". With this
setting, if a strict DMARC sender sends to the list, Mailman alters the
headers of that message like so:

A message sent to the list:

To: alist@listdomain
From: Anne Example Person <[hidden email]>

Is modified and sent to subscribers as:

To: alist@listdomain
From: Anne Example Person via Alist <alist@listdomain>
Reply-To: Anne Example Person <[hidden email]>

Without going into all of the details, here's a few points about why we
concluded the unmodified message fix is better for discussion
lists. Email clients don't all treat munged messages the same way as
unmunged, and humans read these headers so it can confuse people,
causing problems like replies not sent to the expected recipients and
tripping up tools that read emailed patches. GNU Mailman has an option
to do "Munge From" always, but does not recommend using it[1]. While
we're not bound by what others do, it's worth noting that other very
large free software communities like Debian GNU/Linux have adopted the
unmodified message fix[2]. The unmodified messages fix avoids breaking
DKIM cryptographic signatures, which show the message was authorized by
the signing domain and that seems like a generally good thing for
security.

There are a few very rare messages where a DKIM signature is bad and we
still do from munging through Exim: 1. messages from misconfigured email
servers. 2. If a strict DMARC sender's message is modified by list
content filtering settings (attachment removal, or plain-text conversion
for html-only email).

We applied the munge from fix recently as it is initially less
disruptive, but now are switching discussion lists to unmodified
messages unless they opt out. We will notify the list directly when we
make the prefix & footer change.

For any Mailman list administrator who wants to change or look over the
relevant settings: The dmarc_moderation_action setting is under "Privacy
Options" subsection "Sender Filters". The only options that should be
selected are "Accept" or "Munge From", along with corresponding changes
to the subject_prefix option under "General Options", and msg_footer is
under "Non-digest options".

Please send any questions that should be public to [hidden email]. For
private ones, just reply to [hidden email].

For the general announcement of these changes and more details, see
https://lists.gnu.org/archive/html/savannah-hackers-public/2019-06/msg00018.html
and
https://lists.gnu.org/archive/html/savannah-hackers-public/2019-09/msg00016.html


A short DMARC technical overview:

DMARC policy is a DNS txt record at a _dmarc subdomain. For example:

$ host -t txt _dmarc.yahoo.com
_dmarc.yahoo.com descriptive text "v=DMARC1; p=reject; pct=100;
rua=mailto:address@hidden;";

The only important thing there for our purpose is p=reject. p=reject
means that conforming mail servers that receive mail with a from header
of *@yahoo.com will reject that email unless it was either 1. sent from
Yahoo's email servers, or 2. its DKIM signature is verified. A DKIM
signature[5] is a public key cryptographic signature of the email body
and some headers included in the message header "DKIM-Signature". A
verified DKIM signature means that email body and signed headers have
not been modified.

Comprehensive resources about DMARC tend to downplay or ignore its
problems, but some that have helped me are Wikipedia[6], the Mailman
wiki[1], dmarc.org wiki[7], and the DMARC rfc[8].



[1]: https://wiki.list.org/DEV/DMARC
[2]: https://lists.debian.org/debian-devel-announce/2015/08/msg00003.html
[5]: https://en.wikipedia.org/wiki/DomainKeys_Identified_Mail
[6]: https://en.wikipedia.org/wiki/DMARC
[7]: https://dmarc.org/wiki/FAQ#senders
[8]: https://tools.ietf.org/html/rfc7489

Ian Kelling | Senior Systems Administrator, Free Software Foundation
GPG Key: B125 F60B 7B28 7FF6 A2B7  DF8F 170A F0E2 9542 95DF
https://fsf.org | https://gnu.org


--
nmh-workers
https://lists.nongnu.org/mailman/listinfo/nmh-workers
Reply | Threaded
Open this post in threaded view
|

Re: FSF is changing Mailman list settings unless you opt out (fwd)

Steffen Nurpmeso
Ken Hornstein wrote in <[hidden email]>:
 |Everyone,
 |
 |I received this email, and I wanted to pass it along.  The executive
 |summary is: in the near future subject lines to nmh-workers will no
 |longer be prefixed with "[nmh-workers]" and there won't be a footer
 |at the end of the message anyone saying that this is the nmh-workers
 |mailing list.  You can read the details in the message for the complete
 |technical reasons why this is happening; the other option is to do
 |what is called "Munge From" and I personally think this is 100x worse
 |(I am on a Yahoo mailing list where this is done and I hate it).  If
 |people think we should switch to "Munge From" for this mailing list,
 |then please make your case here.

Yuck.  As a purely rhetorical note, do they have a plan to upgrade
from the TLS 1.0 they use.  (And i hope this does not qualify as
sexual harassment.  It is not!  I eat at home, like the Beatles.)

--steffen
|
|Der Kragenbaer,                The moon bear,
|der holt sich munter           he cheerfully and one by one
|einen nach dem anderen runter  wa.ks himself off
|(By Robert Gernhardt)

--
nmh-workers
https://lists.nongnu.org/mailman/listinfo/nmh-workers
Reply | Threaded
Open this post in threaded view
|

Re: FSF is changing Mailman list settings unless you opt out (fwd)

Ken Hornstein-2
>Yuck.  As a purely rhetorical note, do they have a plan to upgrade
>from the TLS 1.0 they use.  (And i hope this does not qualify as
>sexual harassment.  It is not!  I eat at home, like the Beatles.)

I ... do not know about the TLS 1.0 issues, nor do I see how it's relevant
to this discussion.

--Ken

--
nmh-workers
https://lists.nongnu.org/mailman/listinfo/nmh-workers
Reply | Threaded
Open this post in threaded view
|

Re: FSF is changing Mailman list settings unless you opt out (fwd)

Steffen Nurpmeso
Ken Hornstein wrote in <[hidden email]>:
 |>Yuck.  As a purely rhetorical note, do they have a plan to upgrade
 |>from the TLS 1.0 they use.  (And i hope this does not qualify as
 |>sexual harassment.  It is not!  I eat at home, like the Beatles.)
 |
 |I ... do not know about the TLS 1.0 issues, nor do I see how it's relevant
 |to this discussion.

I am sorry, i was in galop and you had to suffer the consequences.
It was also not meant to address you as "you", it is just that
i always hit "r" and if there is no reply-to: or mail-followup-to:
then the list is not the sole receiver.

I am not a cryptographer therefore i also do not know about TLS
1.0 issues, except .. that diediedie IETF draft, that the money
changers deprecated it to June 2018 at latest, and that the big
companies deprecate it (and the different/newer 1.1) in
.. spring (?) next year.  And that i really would like to slim my
vserver ssl/tls conf.  (eggs.gnu.org is the _only_ mail service
that i know that uses TLS1.0:DHE_RSA_AES_256_CBC_SHA1;
i accidentally stumbled over this a few months ago, when looking
into my archives.)

And it is entirely unrelated to this thread of course.
I personally feel sad because of the direction all this goes to.
That From: rewriting is just sick, it makes me sick.  Thank you.
RFC 4871 on DKIM says at least

   A common practice among systems that are primarily redistributors of
   mail is to add a Sender header field to the message, to identify the
   address being used to sign the message.  This practice will remove
   any preexisting Sender header field as required by [RFC2822].  The
   forwarder applies a new DKIM-Signature header field with the
   signature, public key, and related information of the forwarder.

whereas the Yahoo! only RFC 7489 says

   It has been suggested in several message authentication efforts that
   the Sender header field be checked for an identifier of interest, as
   the standards indicate this as the proper way to indicate a
   re-mailing of content such as through a mailing list.

   1.  The main user protection approach is to be concerned with what
       the user sees when a message is rendered.  There is no consistent
       behavior among MUAs regarding what to do with the content of the
       Sender field, if present.  Accordingly, supporting checking of
       the end user might never actually see, which can create a vector
       for attack against end users by simply forging a Sender field
       containing some identifier that DMARC will like.

For the MUA i maintain they at least can when they want.
What the .... is that?  People are too stupid to get this
additional field right (look who they are voting!), so lets just
not even consider this.
This goes in line with the web browser community, they also do not
get it right and do not show TLS status, content blocking, Unicode
related lookalike thingies, or any such stuff.  No, not me,
Yahoo!, this is too exhausting, and i do not have any control over
it!!

   2.  Although it is certainly true that this is what the Sender field
       is for, its use in this way is also unreliable, making it a poor
       candidate for inclusion in the DMARC evaluation algorithm.

They break a field already present in RFC 822 from 1982.  That is
certainly true.  They should just have followed the RFCs and maybe
adjusted From: to also include the list address, then resign it
(maybe), moving the original author to Sender:.  Maybe.  But hey
the job is done, maybe they got a bonus.  Sounds bitter.  Baeh.

Good night from Germany.

--steffen
|
|Der Kragenbaer,                The moon bear,
|der holt sich munter           he cheerfully and one by one
|einen nach dem anderen runter  wa.ks himself off
|(By Robert Gernhardt)

--
nmh-workers
https://lists.nongnu.org/mailman/listinfo/nmh-workers
Reply | Threaded
Open this post in threaded view
|

Re: FSF is changing Mailman list settings unless you opt out (fwd)

Ken Hornstein-2
>And it is entirely unrelated to this thread of course.

I mean, at least we're in agreement there :-/  And I'm not even sure
WHY you care about what version of TLS that eggs.gnu.org supports, since
it is handling messages for public mailing lists.

>I personally feel sad because of the direction all this goes to.

Sigh.  Well, if you want to just scream at the void, ok ... I can
understand that (I wish you wouldn't scream on nmh-workers, personally).
But ... DKIM/SPF/DMARC all exist because of spam.  While I don't agree
with Yahoo's solution and if we had to do it all over we'd deal with
things very differently, I understand and can sympathize with the
decisions they have made.

--Ken

--
nmh-workers
https://lists.nongnu.org/mailman/listinfo/nmh-workers
Reply | Threaded
Open this post in threaded view
|

Re: FSF is changing Mailman list settings unless you opt out (fwd)

Valdis Klētnieks
In reply to this post by Ken Hornstein-2
On Thu, 26 Sep 2019 12:36:41 -0400, Ken Hornstein said:

> I received this email, and I wanted to pass it along.  The executive
> summary is: in the near future subject lines to nmh-workers will no
> longer be prefixed with "[nmh-workers]" and there won't be a footer
> at the end of the message anyone saying that this is the nmh-workers

OK by me., my procmailrc already uses '*^(To:|cc:).*[hidden email]'
so it won't bother my set-up.

> mailing list.  You can read the details in the message for the complete
> technical reasons why this is happening; the other option is to do
> what is called "Munge From" and I personally think this is 100x worse

Amen to that. Listserv also adopted a Munge-from solution, and the users
rioted.  In particular, the users whose From: got munged were incensed,
because it makes 'reply from' very ugly and sometimes non-functional.

(For the backstory of why this matters - if a Yahoo user (as opposed to a
random non-Yahoo-using yahoo) sends a mail to a list, and the list modifies the
Subject: line, then when it gets to the final recipient, their MTA looks at it,
sees that Yahoo specifies very strict DMARC, which got borked by the change of
the Subject: line. If the recipient MTA does DMARC checking on receipt, it
potentially generates either a 5xx error inline or a bounce message that
eventually get back to Mailman/Listserv/ whatever list management software.

The end result is that if enough Yahoo users post to a list in a short time
period, then you have a flurry of *NON*-Yahoo users being mysteriously
unsubscribed from the list for no really immediately obvious reason.



--
nmh-workers
https://lists.nongnu.org/mailman/listinfo/nmh-workers

attachment0 (849 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: FSF is changing Mailman list settings unless you opt out (fwd)

Andy Bradford-2
In reply to this post by Ken Hornstein-2
Thus said Ken Hornstein on Thu, 26 Sep 2019 12:36:41 -0400:

> You can  read the details  in the  message for the  complete technical
> reasons  why this  is happening;  the other  option is  to do  what is
> called "Munge From" and I personally think this is 100x worse (I am on
> a Yahoo mailing list where this is done and I hate it).

I won't  mind if the  Subject stops being  mangled (I use  the list-post
header for filtering). I also won't mind if the body stops being mangled
with additional MIME parts; the same information is already available in
the  list-(un)?subscribe  headers) and  I'm  of  the opinion  that  list
control mechanisms  belong in headers.  Besides, how often  does someone
accidentally get subscribed to a mailing list anymore?

I don't think however, that "Munge From" sounds like a good idea.

Thanks,

Andy
--
TAI64 timestamp: 400000005d8d7d75



--
nmh-workers
https://lists.nongnu.org/mailman/listinfo/nmh-workers
Reply | Threaded
Open this post in threaded view
|

Re: FSF is changing Mailman list settings unless you opt out (fwd)

Ralph Corderoy
In reply to this post by Ken Hornstein-2
Hi Ken,

> the other option is to do what is called "Munge From"

That's one other option.

Note, nmh-workers has been configured with
dmarc_moderation_action="Munge From" for ages and no one here has
grumbled.  It typically only munges Froms from Yahoo!  I expect the
other two nmh lists match this as I went through all their options on
becoming list admin.

Another option supported by this Mailman is, in the Yahoo! case, to

    Wrap Message
        Just wrap the message in an outer message with the From: header
        containing the list's posting address and with the original
        From: address added to the addresses in the original Reply-To:
        header and with Content-Type: message/rfc822.  This is
        effectively a one message MIME format digest.

but that installs a Reply-To that doesn't include the list.

--
Cheers, Ralph.

--
nmh-workers
https://lists.nongnu.org/mailman/listinfo/nmh-workers
Reply | Threaded
Open this post in threaded view
|

Re: FSF is changing Mailman list settings unless you opt out (fwd)

Paul Vixie-2
In reply to this post by Ken Hornstein-2


Ken Hornstein wrote on 2019-09-26 09:36:

> Everyone,
>
> I received this email, and I wanted to pass it along.  The executive
> summary is: in the near future subject lines to nmh-workers will no
> longer be prefixed with "[nmh-workers]" and there won't be a footer
> at the end of the message anyone saying that this is the nmh-workers
> mailing list.  You can read the details in the message for the complete
> technical reasons why this is happening; the other option is to do
> what is called "Munge From" and I personally think this is 100x worse
> (I am on a Yahoo mailing list where this is done and I hate it).  If
> people think we should switch to "Munge From" for this mailing list,
> then please make your case here.
>
> --Ken

yahoo is way off the reservation with this. they aren't growing fast
enough for me to care which of their users can't join mailing lists i
operate -- so my first mover advantage dominates the outcome.

anyone who wants me to change a protocol or a norm so that more of the
internet can be centralized by monetizers can go pound sand. (same for
EDNS client subnet.)

--
P Vixie


--
nmh-workers
https://lists.nongnu.org/mailman/listinfo/nmh-workers
Reply | Threaded
Open this post in threaded view
|

Re: FSF is changing Mailman list settings unless you opt out (fwd)

hymie
On Fri, Sep 27, 2019 at 02:54:14AM -0700, Paul Vixie wrote:

>
> Ken Hornstein wrote on 2019-09-26 09:36:
> > Everyone,
> >
> > I received this email, and I wanted to pass it along.  The executive
> > summary is: in the near future subject lines to nmh-workers will no
> > longer be prefixed with "[nmh-workers]" and there won't be a footer
> > at the end of the message anyone saying that this is the nmh-workers
> > mailing list.
> >
> > --Ken
>
> yahoo is way off the reservation with this. they aren't growing fast enough
> for me to care which of their users can't join mailing lists i operate -- so
> my first mover advantage dominates the outcome.
>
> --
> P Vixie
 
Unfortunately, Yahoo isn't the only culrpit. More and more servers are
honoring DMARC.  I, for example, keep my email on my own server at home,
but because my ISP blocks port 25, I have to hire a third party to
receive and re-send my email for me, both incoming and outgoing.  I'm
(mostly) at their mercy for things like spam filters and DMARC, and
(at least right now) I'm not in a position to find a new company
if I decide I'm not crazy about their policies.

I appreciate your opinion, but remember to look at it from the other
side -- what is the point of a mailing list if you're the only person
left who can access it?

--hymie!     http://lactose.homelinux.net/~hymie    [hidden email]

--
nmh-workers
https://lists.nongnu.org/mailman/listinfo/nmh-workers
Reply | Threaded
Open this post in threaded view
|

Re: FSF is changing Mailman list settings unless you opt out (fwd)

Michael Richardson-5
In reply to this post by Ken Hornstein-2

Ken Hornstein <[hidden email]> wrote:
    > I received this email, and I wanted to pass it along.  The executive
    > summary is: in the near future subject lines to nmh-workers will no
    > longer be prefixed with "[nmh-workers]" and there won't be a footer
    > at the end of the message anyone saying that this is the nmh-workers
    > mailing list.

This is one of several choice. This choice preserves the DKIM signature on
the headers and body.

    > You can read the details in the message for the complete
    > technical reasons why this is happening; the other option is to do
    > what is called "Munge From" and I personally think this is 100x worse
    > (I am on a Yahoo mailing list where this is done and I hate it).  If
    > people think we should switch to "Munge From" for this mailing list,
    > then please make your case here.

There is also the option to encapsulate.

Having tried all three, I relunctantly say that the Munge From is the least
annoying.

--
]               Never tell me the odds!                 | ipv6 mesh networks [
]   Michael Richardson, Sandelman Software Works        |    IoT architect   [
]     [hidden email]  http://www.sandelman.ca/        |   ruby on rails    [


--
nmh-workers
https://lists.nongnu.org/mailman/listinfo/nmh-workers

signature.asc (497 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: FSF is changing Mailman list settings unless you opt out (fwd)

Michael Richardson-5
In reply to this post by Andy Bradford-2
Andy Bradford <[hidden email]> wrote:
    > I won't  mind if the  Subject stops being  mangled (I use  the list-post
    > header for filtering). I also won't mind if the body stops being
    > mangled

I do, so let me ask:

can I get List-Id easily inserted into scan output in a way that will make
mh-e happy?

--
]               Never tell me the odds!                 | ipv6 mesh networks [
]   Michael Richardson, Sandelman Software Works        |    IoT architect   [
]     [hidden email]  http://www.sandelman.ca/        |   ruby on rails    [


--
nmh-workers
https://lists.nongnu.org/mailman/listinfo/nmh-workers
Reply | Threaded
Open this post in threaded view
|

Re: FSF is changing Mailman list settings unless you opt out (fwd)

Paul Vixie-2
In reply to this post by hymie


hymie! wrote on 2019-09-27 07:21:> Unfortunately, Yahoo isn't the only
culrpit. More and more servers are
> honoring DMARC.

yes, i know.

> I, for example, keep my email on my own server at home,
> but because my ISP blocks port 25, I have to hire a third party to
> receive and re-send my email for me, both incoming and outgoing.  I'm
> (mostly) at their mercy for things like spam filters and DMARC, and
> (at least right now) I'm not in a position to find a new company
> if I decide I'm not crazy about their policies.

i see what you mean. i think i would rent a VPS before i would put my
e-mail server behind an ISP who filters anything at all, but that's
privilege speaking.
> I appreciate your opinion, but remember to look at it from the other
> side -- what is the point of a mailing list if you're the only person
> left who can access it?

these e-mail filtering techniques ought to be applied to the envelope
and to the Sender: header, not to From:. nothing we can do about that?

--
P Vixie


--
nmh-workers
https://lists.nongnu.org/mailman/listinfo/nmh-workers
Reply | Threaded
Open this post in threaded view
|

Re: FSF is changing Mailman list settings unless you opt out (fwd)

Steffen Nurpmeso
In reply to this post by Ken Hornstein-2
Ken Hornstein wrote in <[hidden email]>:
 |>And it is entirely unrelated to this thread of course.
 |
 |I mean, at least we're in agreement there :-/  And I'm not even sure
 |WHY you care about what version of TLS that eggs.gnu.org supports, since
 |it is handling messages for public mailing lists.

That is a rabbit starter.  You know, if it would be me then TLS
would not be needed at all.  That entire complex bores me to
paralysis.  But there are bad people, everywhere, so this stacks
up from and to governments from and to industry and even from and
to science.  Maybe that is why people then enlighten their ripped
backsides by publishing their (maybe) deep(est) inside on some
public maybe social media, including photos.  I don't know.

 |>I personally feel sad because of the direction all this goes to.
 |
 |Sigh.  Well, if you want to just scream at the void, ok ... I can
 |understand that (I wish you wouldn't scream on nmh-workers, personally).
 |But ... DKIM/SPF/DMARC all exist because of spam.  While I don't agree

Hm.

 |with Yahoo's solution and if we had to do it all over we'd deal with
 |things very differently, I understand and can sympathize with the
 |decisions they have made.

Oh.  I can go up the wall on occasions, really.  That is certainly
true.  I cannot, absolutely not.  Maybe they should have invented
or reused the MIME types which exist for signed and encrypted data
instead.  (I know of two, S/MIME and OpenPGP.)

  ...
 --End of <[hidden email]>

Valdis Klētnieks wrote in <73912.1569546833@turing-police>:
 |On Thu, 26 Sep 2019 12:36:41 -0400, Ken Hornstein said:
 |> I received this email, and I wanted to pass it along.  The executive
 |> summary is: in the near future subject lines to nmh-workers will no
 |> longer be prefixed with "[nmh-workers]" and there won't be a footer
 |> at the end of the message anyone saying that this is the nmh-workers
 |
 |OK by me., my procmailrc already uses '*^(To:|cc:).*[hidden email]'
 |so it won't bother my set-up.

I for one archive this list among others in a box called "track".
It is nice to see what is what from a glance, like, e.g.,

  Re: [art] Auto-configuring Email Clients via WebFinger
  Re: [Resolverless-dns] Paper on Resolver-less DNS

Since many discussions or topics actually spread several lists,
not only on IETF but everywhere, it is nice to see them
altogether (at least in date sorted mode).  For example in
a heritage site something comes up and reminds someone of
something else, which then leads to a thread in a different
heritage side.  I store those in one box, and then you get the
brainwaves a bit.  And at a glance.  I like this.

  ...
 --End of <73912.1569546833@turing-police>

Andy Bradford wrote in <[hidden email]\
.org>:
 |Thus said Ken Hornstein on Thu, 26 Sep 2019 12:36:41 -0400:
 |> You can  read the details  in the  message for the  complete technical
 |> reasons  why this  is happening;  the other  option is  to do  what is
 |> called "Munge From" and I personally think this is 100x worse (I am on
 |> a Yahoo mailing list where this is done and I hate it).
 |
 |I won't  mind if the  Subject stops being  mangled (I use  the list-post
 |header for filtering). I also won't mind if the body stops being mangled
 |with additional MIME parts; the same information is already available in
 |the  list-(un)?subscribe  headers) and  I'm  of  the opinion  that  list
 |control mechanisms  belong in headers.  Besides, how often  does someone
 |accidentally get subscribed to a mailing list anymore?

I agree with the headers, and i do not inject footers in the ML
myself.  That has much to do with that i am or was subscribed to
MLs where, if MIME mails come in, the ML software was not smart
enough to inject the footer in the text part, but simply added
a MIME part with nothing but the footer, and that was an outcome
that i really disliked.  (Have not seen that behaviour in a while,
consciously at least.)

 |I don't think however, that "Munge From" sounds like a good idea.

Yeah.

  ...
 --End of <[hidden email]>

Ralph Corderoy wrote in <[hidden email]>:
 |> the other option is to do what is called "Munge From"
 |
 |That's one other option.
 |
 |Note, nmh-workers has been configured with
 |dmarc_moderation_action="Munge From" for ages and no one here has
 |grumbled.  It typically only munges Froms from Yahoo!  I expect the
 |other two nmh lists match this as I went through all their options on
 |becoming list admin.
 |
 |Another option supported by this Mailman is, in the Yahoo! case, to
 |
 |    Wrap Message
 |        Just wrap the message in an outer message with the From: header
 |        containing the list's posting address and with the original
 |        From: address added to the addresses in the original Reply-To:
 |        header and with Content-Type: message/rfc822.  This is
 |        effectively a one message MIME format digest.
 |
 |but that installs a Reply-To that doesn't include the list.

My ML strips them.  Any user has the opportunity to use signing
for his own mail.  If you want more, place the untouched envelope
inside a new envelope, that is how it is done for hundreds of
years, or maybe longer, and i do not know what is bad about it.
Good MUAs can then react upon MIME types and adjust the display.
(Mine cannot truly, yet, you just get sequential envelope infos.)
Any user will see, there is an enwrapped envelope.  Ach, i don't
know.  But blowing up an infrastructure like that, because it just
has to be done that very, and no other way, that is bitter.

 --End of <[hidden email]>

--steffen
|
|Der Kragenbaer,                The moon bear,
|der holt sich munter           he cheerfully and one by one
|einen nach dem anderen runter  wa.ks himself off
|(By Robert Gernhardt)

--
nmh-workers
https://lists.nongnu.org/mailman/listinfo/nmh-workers
Reply | Threaded
Open this post in threaded view
|

Re: FSF is changing Mailman list settings unless you opt out (fwd)

Steffen Nurpmeso
In reply to this post by Paul Vixie-2
Paul Vixie wrote in <[hidden email]>:
 |Ken Hornstein wrote on 2019-09-26 09:36:
 |> Everyone,
 |>
 |> I received this email, and I wanted to pass it along.  The executive
 |> summary is: in the near future subject lines to nmh-workers will no
 |> longer be prefixed with "[nmh-workers]" and there won't be a footer
 |> at the end of the message anyone saying that this is the nmh-workers
 |> mailing list.  You can read the details in the message for the complete
 |> technical reasons why this is happening; the other option is to do
 |> what is called "Munge From" and I personally think this is 100x worse
 |> (I am on a Yahoo mailing list where this is done and I hate it).  If
 |> people think we should switch to "Munge From" for this mailing list,
 |> then please make your case here.
 |>
 |> --Ken
 |
 |yahoo is way off the reservation with this. they aren't growing fast
 |enough for me to care which of their users can't join mailing lists i
 |operate -- so my first mover advantage dominates the outcome.
 |
 |anyone who wants me to change a protocol or a norm so that more of the
 |internet can be centralized by monetizers can go pound sand. (same for
 |EDNS client subnet.)

YEAH.  Guess that was what i was trying to say.

--steffen
|
|Der Kragenbaer,                The moon bear,
|der holt sich munter           he cheerfully and one by one
|einen nach dem anderen runter  wa.ks himself off
|(By Robert Gernhardt)

--
nmh-workers
https://lists.nongnu.org/mailman/listinfo/nmh-workers
Reply | Threaded
Open this post in threaded view
|

Re: FSF is changing Mailman list settings unless you opt out (fwd)

Steffen Nurpmeso
In reply to this post by hymie
hymie! wrote in <[hidden email]>:
 |On Fri, Sep 27, 2019 at 02:54:14AM -0700, Paul Vixie wrote:
 |> Ken Hornstein wrote on 2019-09-26 09:36:
 |>> I received this email, and I wanted to pass it along.  The executive
 |>> summary is: in the near future subject lines to nmh-workers will no
 |>> longer be prefixed with "[nmh-workers]" and there won't be a footer
 |>> at the end of the message anyone saying that this is the nmh-workers
 |>> mailing list.
 |>
 |> yahoo is way off the reservation with this. they aren't growing fast \
 |> enough
 |> for me to care which of their users can't join mailing lists i operate \
 |> -- so
 |> my first mover advantage dominates the outcome.
 |
 |Unfortunately, Yahoo isn't the only culrpit. More and more servers are
 |honoring DMARC.  I, for example, keep my email on my own server at home,
 |but because my ISP blocks port 25, I have to hire a third party to
 |receive and re-send my email for me, both incoming and outgoing.  I'm
 |(mostly) at their mercy for things like spam filters and DMARC, and
 |(at least right now) I'm not in a position to find a new company
 |if I decide I'm not crazy about their policies.
 |
 |I appreciate your opinion, but remember to look at it from the other
 |side -- what is the point of a mailing list if you're the only person
 |left who can access it?

But that makes me wonder a bit: how much does that cost?
Isn't it cheaper to rent the smallest possible vserver, and simply
mirror the local server, then adjust one line of configuration, or
two?

--steffen
|
|Der Kragenbaer,                The moon bear,
|der holt sich munter           he cheerfully and one by one
|einen nach dem anderen runter  wa.ks himself off
|(By Robert Gernhardt)

--
nmh-workers
https://lists.nongnu.org/mailman/listinfo/nmh-workers
Reply | Threaded
Open this post in threaded view
|

Re: FSF is changing Mailman list settings unless you opt out (fwd)

Ken Hornstein-2
In reply to this post by Michael Richardson-5
>    > I won't mind if the Subject stops being mangled (I use the
>    > list-post header for filtering). I also won't mind if the body
>    > stops being mangled
>
>I do, so let me ask:
>
>can I get List-Id easily inserted into scan output in a way that will
>make mh-e happy?

Given the current format language lacks string manipulation, it's a bit
hard to do it generically.  But ... I use scan.size, which is currently:

%4(msg)%<(cur)+%| %>%<{replied}-%?{encrypted}E%| %>\
%02(mon{date})/%02(mday{date})%<{date} %|*%>\
%5(size) \
%<(mymbox{from})%<{to}To:%14(unquote(decode(friendly{to})))%>%>\
%<(zero)%17(unquote(decode(friendly{from})))%>  \
%(decode{subject})%<{body}<<%{body}%>

This does close to what you want:

%4(msg)%<(cur)+%| %>%<{replied}-%?{encrypted}E%| %>\
%02(mon{date})/%02(mday{date})%<{date} %|*%>\
%5(size) \
%<(mymbox{from})%<{to}To:%14(unquote(decode(friendly{to})))%>%>\
%<(zero)%17(unquote(decode(friendly{from})))%>  \
%<{list-id}%<(match nmh-workers)[nmh-workers] %>%>\
%(decode{subject})%<{body}<<%{body}%>

The key is this line:

%<{list-id}%<(match nmh-workers)[nmh-workers] %>%>\

What that means is:

If the list-id header is set, AND it contains the string nmh-workers,
then output the string "[nmh-workers] ".  You might find that objectionable
if the current subject string contains [nmh-workers], but fixing that is
left as an exercise to the reader.  Remember that fmttest exists now and
is your friend.

--Ken

--
nmh-workers
https://lists.nongnu.org/mailman/listinfo/nmh-workers
Reply | Threaded
Open this post in threaded view
|

Re: FSF is changing Mailman list settings unless you opt out (fwd)

Michael Richardson-5
Ken Hornstein <[hidden email]> wrote:
    > The key is this line:

    > %<{list-id}%<(match nmh-workers)[nmh-workers] %>%>\

    > What that means is:

    > If the list-id header is set, AND it contains the string nmh-workers,
    > then output the string "[nmh-workers] ".  You might find that
    > objectionable

yes, but that's too specific.  I'd like it generically for all lists :-)

    > if the current subject string contains [nmh-workers], but fixing that is
    > left as an exercise to the reader.  Remember that fmttest exists now and
    > is your friend.

Right. Thank you.

--
]               Never tell me the odds!                 | ipv6 mesh networks [
]   Michael Richardson, Sandelman Software Works        |    IoT architect   [
]     [hidden email]  http://www.sandelman.ca/        |   ruby on rails    [



--
nmh-workers
https://lists.nongnu.org/mailman/listinfo/nmh-workers
Reply | Threaded
Open this post in threaded view
|

Re: FSF is changing Mailman list settings unless you opt out (fwd)

Ken Hornstein-2
In reply to this post by Paul Vixie-2
>these e-mail filtering techniques ought to be applied to the envelope
>and to the Sender: header, not to From:. nothing we can do about that?

Sigh.  I hate to wade into this, but ... I understand where people are
coming from.  Current MUAs don't display the Sender: by default (and I
suspect other than nmh, most cannot), and essentially MUAs don't have
access to the SMTP envelope address in any standardized way.  So dumb
humans are assuming that the "From" header is actually meaningful.

Getting back to the ORIGINAL point ... I am assuming that we are fine with
the "don't modify the message" setting for this mailing list (other than
Michael Richardson, no one has voiced an objection).

--Ken

--
nmh-workers
https://lists.nongnu.org/mailman/listinfo/nmh-workers
Reply | Threaded
Open this post in threaded view
|

Re: FSF is changing Mailman list settings unless you opt out (fwd)

Ken Hornstein-2
In reply to this post by Michael Richardson-5
>yes, but that's too specific.  I'd like it generically for all lists :-)

Sigh.  I KNEW you were going to say that, but ... certainly you SOMEHOW
managed to live without this feature UP UNTIL NOW.  I have given you a
solution that works for the upcoming changes to THIS mailing list.  You
can expand on it as you need.  It's not perfect, but what is?

--Ken

--
nmh-workers
https://lists.nongnu.org/mailman/listinfo/nmh-workers
12