Re: [Mailman-Developers] Group Photo from PyCon Mailman sprint last year

[Terri Oda]

On 2015-03-06 5:31 PM, Mark Sapiro wrote:

Toshio (Toshi) Kuratomi - Hyperkitty
Barry Warsaw - MM3 core
Piotr (Peter) Kasprzyk - i18n
Aurélien Bompard - Postorius
John - with Terri


John Hawley's main activity for Mailman involves fetching bagels for us 
and driving us to dinner at the sprints. ;)  (He did also help with some 
testing of the integration scripts, to be fair, and has repeatedly 
threatened to switch LKML to using Mailman 3 if we don't release soon.)



Mark Sapiro - MM 2.1 (Really wants MM3 core, but somebody has to do it)
Florian Fuchs - Postorius
Terri Oda - Postorius, GSoC



___
Mailman-Developers mailing list
Mailman-Developers@python.org
https://mail.python.org/mailman/listinfo/mailman-developers
Mailman FAQ: http://wiki.list.org/x/AgA3
Searchable Archives: 
http://www.mail-archive.com/mailman-developers%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-developers/archive%40jab.org

Security Policy: http://wiki.list.org/x/QIA9

Re: [Mailman-Developers] Approach for Post-Throttling

[Stephen J. Turnbull]

Aanand Shekhar Roy writes:

 > > I think you should provide an option to just throttle the user on a
 > given list, too.  >Possibly with different default throttling
 > parameters.
 > 
 > Should I provide an option to combine both of these options into one ? Or
 > an option to use any one of the two throttlings?

I haven't thought about that.  Anyway, it's your job to do that first,
then the mentors will discuss it in terms of their experience and
implementation knowledge.

 > > I don't see why you would have a separate table for messages.  Just add
 > the post_after_time >attribute to the message's metadata.
 > 
 > Yes, since we will make changes in the msg metadata so now we will not
 > require database 2,

OK.

 > database 1 will be required for counting post on threads, also,
 > whether the threads are same or not will be decided according to
 > the subject header.  For a subject header "abc" we consider the
 > following subjects as the same: Re: abc Fwd: abc abc We will strip
 > the prefixes Re, Fwd off before adding them to database 1.

We already have code to do that kind of thing, if not in Mailman 3, in
Mailman 2 (pipermail) and in HyperKitty.  Make sure you consider
existing implementations, possibly including those outside of Mailman
if they do a better job.

 > Also I had to ask, would it be good if we provide the list-admin
 > with an option to bypass this throttling for some people? Like the
 > mailman-developers in this case, we may allow few mailman
 > developers bypass this throttling effect and those developers will
 > be decided by the list-admin.

Don't know.  On the developer lists I know of, I would just moderate
abusers and be done with it.  Non-core people rarely post enough to
cause issues.  Discussion lists are a little bit different but again
in my experience it has never happened that enough people cause
problems that a throttle was useful, anyway.  Typically when traffic
gets too large lists split topically.

That doesn't mean that this feature isn't useful, it just means I
can't be very helpful in telling you what the uses are.

___
Mailman-Developers mailing list
Mailman-Developers@python.org
https://mail.python.org/mailman/listinfo/mailman-developers
Mailman FAQ: http://wiki.list.org/x/AgA3
Searchable Archives: 
http://www.mail-archive.com/mailman-developers%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-developers/archive%40jab.org

Security Policy: http://wiki.list.org/x/QIA9

[Mailman-Developers] GSOC, Anonymous Lists

[Stephen J. Turnbull]

Pavan Koli writes:

 > I have a doubt, while implementing anonymous lists do we have to store the
 > email ids in encrypted form in the database.

I have the same doubt.  You need to define "anonymous list".  In
particular, specify who is, and who is not, supposed to be able to

1.  See email addresses of subscribers.
2.  Figure out whether two posts are from the same person.

as well whether you need to

3.  Ensure that subscribers' posts can't be spoofed.

 > As people having access to database can view the original email
 > ids.

It's worse than that.  People who have access to the MTA's mail queue
or can change its configuration files can see them too, as well as
those who have access to MTAs on relay MX hosts and the posters' MX.
___
Mailman-Developers mailing list
Mailman-Developers@python.org
https://mail.python.org/mailman/listinfo/mailman-developers
Mailman FAQ: http://wiki.list.org/x/AgA3
Searchable Archives: 
http://www.mail-archive.com/mailman-developers%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-developers/archive%40jab.org

Security Policy: http://wiki.list.org/x/QIA9

Re: [Mailman-Developers] Discussion about Mailman plugins(GSOC 2015)

[Prakash kumar]

Dear sir

Thanks for your kind reponse. I think I should start looking for any other
idea other than plugins.

Thank You
Prakash Kumar

On Tue, Mar 10, 2015 at 10:10 AM, Stephen J. Turnbull 
wrote:

> Prakash kumar writes:
>
>  > I am very sorry but I could not fully understand our last
>  > discussion. Are you trying to say that I should work on sanitizing
>  > the message and building a spam filter?
>
> There are two possible responses to a message that contains content
> that we suspect the user doesn't want distributed.  (1) Don't send the
> message (this is what I meant by stop/hold).  (2) Remove or obscure
> the sensitive information (this is what I meant by body filtering,
> that is, filter out sensitive terms but let the rest of the message go
> through).
>
> It is not obvious to me that sanitizing the message is a good idea,
> although it's probably easy to implement (just substitute "[redacted]"
> or a similar string for each occurance of sensitive information
> detected) once you have a good filter.  However, probably these
> filters will be built by "ordinary folks" who don't specialize in
> natural language processing, and they are unlikely to be able to write
> appropriate regexps.
>
> As for writing a spam filter, no, that's not appropriate for Mailman
> org.  There are plenty of good ones (SpamAssassin, SpamBayes) already,
> so writing a handler to integrate one or more of them would be the
> right way to go.
>
> I'm still not happy[1] with the idea of multiple "plugins" as a single
> project, but it might be reasonable to assemble a battery of pluging
> that handle several kinds of abuse (the body content filter, plus
> SpamAssassin, plus ClamAV) for example.
>
>
>
>
> Footnotes:
> [1]  That means that given a choice of a single-task proposal and a
> multi-plugin proposal of similar quality, I would definitely choose
> the single-task proposal to mentor.  Other mentors may feel
> differently.
>
>
>
___
Mailman-Developers mailing list
Mailman-Developers@python.org
https://mail.python.org/mailman/listinfo/mailman-developers
Mailman FAQ: http://wiki.list.org/x/AgA3
Searchable Archives: 
http://www.mail-archive.com/mailman-developers%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-developers/archive%40jab.org

Security Policy: http://wiki.list.org/x/QIA9

Re: [Mailman-Developers] Discussion about Mailman plugins(GSOC 2015)

[Stephen J. Turnbull]

Prakash kumar writes:

 > I am very sorry but I could not fully understand our last
 > discussion. Are you trying to say that I should work on sanitizing
 > the message and building a spam filter?

There are two possible responses to a message that contains content
that we suspect the user doesn't want distributed.  (1) Don't send the
message (this is what I meant by stop/hold).  (2) Remove or obscure
the sensitive information (this is what I meant by body filtering,
that is, filter out sensitive terms but let the rest of the message go
through).

It is not obvious to me that sanitizing the message is a good idea,
although it's probably easy to implement (just substitute "[redacted]"
or a similar string for each occurance of sensitive information
detected) once you have a good filter.  However, probably these
filters will be built by "ordinary folks" who don't specialize in
natural language processing, and they are unlikely to be able to write
appropriate regexps.

As for writing a spam filter, no, that's not appropriate for Mailman
org.  There are plenty of good ones (SpamAssassin, SpamBayes) already,
so writing a handler to integrate one or more of them would be the
right way to go.

I'm still not happy[1] with the idea of multiple "plugins" as a single
project, but it might be reasonable to assemble a battery of pluging
that handle several kinds of abuse (the body content filter, plus
SpamAssassin, plus ClamAV) for example.




Footnotes: 
[1]  That means that given a choice of a single-task proposal and a
multi-plugin proposal of similar quality, I would definitely choose
the single-task proposal to mentor.  Other mentors may feel
differently.


___
Mailman-Developers mailing list
Mailman-Developers@python.org
https://mail.python.org/mailman/listinfo/mailman-developers
Mailman FAQ: http://wiki.list.org/x/AgA3
Searchable Archives: 
http://www.mail-archive.com/mailman-developers%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-developers/archive%40jab.org

Security Policy: http://wiki.list.org/x/QIA9

Re: [Mailman-Developers] Approach for Post-Throttling

[Aanand Shekhar Roy]

> I think you should provide an option to just throttle the user on a
given list, too.  >Possibly with different default throttling
parameters.

Should I provide an option to combine both of these options into one ? Or
an option to use any one of the two throttlings?

> I don't see why you would have a separate table for messages.  Just add
the post_after_time >attribute to the message's metadata.

Yes, since we will make changes in the msg metadata so now we will not
require database 2, database 1 will be required for counting post on
threads, also, whether the threads are same or not will be decided
according to the subject header.
For a subject header "abc" we consider the following subjects as the same:
Re: abc
Fwd: abc
abc
We will strip the prefixes Re, Fwd off before adding them to database 1.

Also I had to ask, would it be good if we provide the list-admin with an
option to bypass this throttling for some people? Like the
mailman-developers in this case, we may allow few mailman developers
bypass this throttling effect and those developers will be decided by the
list-admin.


Regards
Aanand
___
Mailman-Developers mailing list
Mailman-Developers@python.org
https://mail.python.org/mailman/listinfo/mailman-developers
Mailman FAQ: http://wiki.list.org/x/AgA3
Searchable Archives: 
http://www.mail-archive.com/mailman-developers%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-developers/archive%40jab.org

Security Policy: http://wiki.list.org/x/QIA9

[Mailman-Developers] GSOC, Anonymous Lists

[Pavan Koli]

I have a doubt, while implementing anonymous lists do we have to store the
email ids in encrypted form in the database.
As people having access to database can view the original email ids. But if
we do encryption and decryption it'll add an extra overhead and slow down
many operations.
___
Mailman-Developers mailing list
Mailman-Developers@python.org
https://mail.python.org/mailman/listinfo/mailman-developers
Mailman FAQ: http://wiki.list.org/x/AgA3
Searchable Archives: 
http://www.mail-archive.com/mailman-developers%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-developers/archive%40jab.org

Security Policy: http://wiki.list.org/x/QIA9

Re: [Mailman-Developers] SpamAssassin integration in mm3

[Mark Sapiro]

On 03/09/2015 12:41 PM, Prakash kumar wrote:
> 
> I want to work on the plugin for SpamAssassin integration in mm3. I have
> installed SpamAssassin.
> Do we need to add it as a rule in chains?
> I saw that SpamAssassin's code is in perl, so what type of integration is
> actually expected?


I'm not a GSoC mentor, so my opinion is not authoritative, but this is
much too small for a GSoC project.

See  for a Mailman 2.1
handler that calls spamd to scan the mail and
https://bugs.launchpad.net/mailman/+bug/558094> for a handler that looks
ad headers added by SpamAssassin running ahead of Mailman.

-- 
Mark Sapiro The highway is for gamblers,
San Francisco Bay Area, Californiabetter use your sense - B. Dylan
___
Mailman-Developers mailing list
Mailman-Developers@python.org
https://mail.python.org/mailman/listinfo/mailman-developers
Mailman FAQ: http://wiki.list.org/x/AgA3
Searchable Archives: 
http://www.mail-archive.com/mailman-developers%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-developers/archive%40jab.org

Security Policy: http://wiki.list.org/x/QIA9

[Mailman-Developers] SpamAssassin integration in mm3

[Prakash kumar]

Hello,

I want to work on the plugin for SpamAssassin integration in mm3. I have
installed SpamAssassin.
Do we need to add it as a rule in chains?
I saw that SpamAssassin's code is in perl, so what type of integration is
actually expected?

Thank You
Prakash Kumar
___
Mailman-Developers mailing list
Mailman-Developers@python.org
https://mail.python.org/mailman/listinfo/mailman-developers
Mailman FAQ: http://wiki.list.org/x/AgA3
Searchable Archives: 
http://www.mail-archive.com/mailman-developers%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-developers/archive%40jab.org

Security Policy: http://wiki.list.org/x/QIA9

Re: [Mailman-Developers] GSoC

[Vlad Shablinsky]

>
> Do you have something running on your `9001` port? This error means
> mailman test server has problems binding to your local 9001 port as
> evident from the error message.
>
> > 2. The second issue is that I get NameError when trying `dump_list` in
> > `mailman shell` (I follow these instructions
> >
> http://gnu-mailman.readthedocs.org/en/latest/src/mailman/model/docs/addresses.html
> > )
> >
>
> First you need to import the `dump_list` function to be able to use it.
> try:
>
> from mailman.testing.documentation import dump_list
>
> > ">>> dump_list(user.display_name for user in user_manager.users)
> > Traceback (most recent call last):
> >   File "", line 1, in 
> > NameError: name 'dump_list' is not defined"
> >
> >
> > 3. I've registed a user via Mozilla Persona and I'm able to log in, but I
> > don't know what to do with it. I just have one field filled with email of
> > my registred user. Everything is blank. Are the lists added using mailman
> > shell?
>
> When you did `python manage.py syncdb` in postorius_standalone, did you
> create a superuser? If yes, then use that email address to login and
> you'd have lots of others options to play with. If not, then simply go
> to postorius_standlaone directory and execute the command:
>
> python manage.py createsuperuser
>
> > I havent't started fixing a bug yet, but I suppose I have to use web UI
> or
> > the `mailman shell` to see if the bug is fixed or not. I'm supposed to be
> > able to reproduce the state that causes the bug. I'm not sure that
> > everything works fine since I have errors described above. Could you
> guide
> > me on that?
>
> The usual debugging process after fixing a bug varies from person to
> person. There may be a lot of things that you won't be able to find in
> Postorius. We generally use a combination of both shell and
> mailman.client for our purposes.


1. When I start tox I have

sudo lsof -i tcp:9001
COMMAND PID USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
python3.4 12874 vlad   22u  IPv4 0x1f87e35d769a88e9  0t0  TCP
localhost:etlservicemgr (LISTEN)

then when an the error occurs I have

Traceback (most recent call last):
  File "/Users/vlad/Projects/GSoC/Mailman/mailman/.tox/py34/bin/runner",
line 9, in 
load_entry_point('mailman==3.0.0b6', 'console_scripts', 'runner')()
  File
"/Users/vlad/Projects/GSoC/Mailman/mailman/src/mailman/bin/runner.py", line
200, in main
runner = make_runner(*args.runner, once=args.once)
  File
"/Users/vlad/Projects/GSoC/Mailman/mailman/src/mailman/bin/runner.py", line
100, in make_runner
return runner_class(name, slice)
  File
"/Users/vlad/Projects/GSoC/Mailman/mailman/src/mailman/runners/lmtp.py",
line 164, in __init__
smtpd.SMTPServer.__init__(self, localaddr, remoteaddr=None)
  File
"/usr/local/Cellar/python3/3.4.2_1/Frameworks/Python.framework/Versions/3.4/lib/python3.4/smtpd.py",
line 589, in __init__
self.bind(localaddr)
  File
"/usr/local/Cellar/python3/3.4.2_1/Frameworks/Python.framework/Versions/3.4/lib/python3.4/asyncore.py",
line 334, in bind
return self.socket.bind(addr)
OSError: [Errno 48] Address already in use

and when I look for processes:

sudo lsof -i tcp:9001
COMMAND PID USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
python3.4 12874 vlad   22u  IPv4 0x1f87e35d769a88e9  0t0  TCP
localhost:etlservicemgr (LISTEN)
python3.4 19844 vlad   23u  IPv4 0x1f87e35d71e828e9  0t0  TCP
localhost:56728->localhost:etlservicemgr (SYN_SENT)

when some time passes I have this in my terminal:

Traceback (most recent call last):
  File "/Users/vlad/Projects/GSoC/Mailman/mailman/.tox/py34/bin/runner",
line 9, in 
load_entry_point('mailman==3.0.0b6', 'console_scripts', 'runner')()
  File
"/Users/vlad/Projects/GSoC/Mailman/mailman/src/mailman/bin/runner.py", line
200, in main
runner = make_runner(*args.runner, once=args.once)
  File
"/Users/vlad/Projects/GSoC/Mailman/mailman/src/mailman/bin/runner.py", line
100, in make_runner
return runner_class(name, slice)
  File
"/Users/vlad/Projects/GSoC/Mailman/mailman/src/mailman/runners/rest.py",
line 55, in __init__
self._server = make_server()
  File
"/Users/vlad/Projects/GSoC/Mailman/mailman/src/mailman/rest/wsgiapp.py",
line 163, in make_server
handler_class=AdminWebServiceWSGIRequestHandler)
  File
"/usr/local/Cellar/python3/3.4.2_1/Frameworks/Python.framework/Versions/3.4/lib/python3.4/wsgiref/simple_server.py",
line 153, in make_server
server = server_class((host, port), handler_class)
  File
"/usr/local/Cellar/python3/3.4.2_1/Frameworks/Python.framework/Versions/3.4/lib/python3.4/socketserver.py",
line 429, in __init__
self.server_bind()
  File
"/usr/local/Cellar/python3/3.4.2_1/Frameworks/Python.framework/Versions/3.4/lib/python3.4/wsgiref/simple_server.py",
line 50, in server_bind
HTTPServer.server_bind(self)
  File
"/usr/local/Cellar/python3/3.4.2_1/Frameworks/Python.framework/Versions/3.4/lib/python3.4/http/server.py",
line 133, in se

Re: [Mailman-Developers] Discussion about Mailman plugins(GSOC 2015)

[Prakash kumar]

Sir
I am very sorry but I could not fully understand our last discussion. Are
you trying to say that I should work on sanitizing the message and building
a spam filter?

Thank You
Prakash Kumar

On Mon, Mar 9, 2015 at 2:40 AM, Stephen J. Turnbull 
wrote:

> Prakash kumar writes:
>
>  >1. Using regex for filtering texts ( personal information eg: phone
>  >number, address ).
>
> What do you mean by "filter"?  Stop or hold delivery, or "sanitize"
> the message?  If the former, I would drop the motivation about
> "personal" information, because body filtering is also desired for
> spam-filtering and avoiding flame-war reasons.
>
>  >2. Checking type of files that can be attached to the mails. For eg:
>  >.exe not allowed.
>
> This is right out as it's already implemented.
>
>  >3. If there are multiple attachments in the email
>  >
>  > If (multiple attachments) then
>  > > for each attachment
>  > >  if(not appropriate) then
>  > >  discard
>  > > notify sender that this part is removed from email body and why
>  > > else
>  > > continue
>
> Also already done (except for the notification part.
>
>  >  Is it big enough for a gsoc proposal?
>
> I don't think writing multiple unrelated plugins is a good proposal.
> AFAIK GSoC is intended to be a single project with enough scope to
> require a certain amoung of design and planning.
>
>
___
Mailman-Developers mailing list
Mailman-Developers@python.org
https://mail.python.org/mailman/listinfo/mailman-developers
Mailman FAQ: http://wiki.list.org/x/AgA3
Searchable Archives: 
http://www.mail-archive.com/mailman-developers%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-developers/archive%40jab.org

Security Policy: http://wiki.list.org/x/QIA9