Re: [Mailman-Users] Our list serv host is threatening to shut us down for spam abuse

[Mark Sapiro]

On 06/17/2016 01:21 PM, Andrew Hodgson wrote:

> With
> AOL it is difficult as they remove the original email address who is
> complaining, Hotmail is OK and now Yahoo reports get sent to me
> directly.


AOL's redaction is both overkill and ineffective if you use VERP. I.e,
with VERP, the envelope is from
LISTNAME-bounces+screenname=aol@your.host. This appears in a Sender:
and Errors-To: header and the delivery agent's Return-Path: header. In
all three cases, AOL 'redacts' this by changing
LISTNAME-bounces+screenname=aol@your.host to
redacted-bounces+screenname=aol@your.host. Here are partial headers
from an AOL feedback report. All addresses are unchanged from AOL's
report except I changed the AOL screen name in the VERPed headers to
x, and deleted the From: address.

Return-Path: 
Received: from mail.python.org (mail.python.org [188.166.95.178])
(using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
(No client certificate requested)
by mtaig-mca01.mx.aol.com (Internet Inbound) with ESMTPS id 
876CD70AA
for ; Sat, 21 May 2016 16:51:44 -0400 (EDT)
Received: from mail.python.org (mail1.ams1.psf.io [127.0.0.1])
by mail.python.org (Postfix) with ESMTP id 3rBxmv4BcRzFqPm
for ; Sat, 21 May 2016 16:51:43 -0400 (EDT)
DKIM-Signature: ...
X-Original-To: redac...@python.org
Delivered-To: redac...@mail.python.org
Received: from mail.python.org (mail1.ams1.psf.io [127.0.0.1])
 by mail.python.org (Postfix) with ESMTP id 3rBxmP4lrNzFqPm
 for ; Sat, 21 May 2016 16:51:17 -0400 (EDT)
...
Received: from mail1.ams1.psf.io (HELO mail.python.org) (127.0.0.1)
 by mail.python.org with SMTP; 21 May 2016 16:51:17 -0400
Received: from avasout03.plus.net (avasout03.plus.net [84.93.230.244])
 (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits))
 (No client certificate requested)
 by mail.python.org (Postfix) with ESMTPS
 for ; Sat, 21 May 2016 16:51:17 -0400 (EDT)
Received: from [192.168.1.63] ([80.189.231.201]) by avasout03 with smtp
 id x8o91s0094MNSaw018oAUk; Sat, 21 May 2016 21:48:11 +0100
X-CM-Score: 0.00
X-CNFS-Analysis: v=2.1 cv=KLCndwxo c=1 sm=1 tr=0
 a=2lUcMO59U90xkKzxSzK6mw==:117 a=2lUcMO59U90xkKzxSzK6mw==:17
 a=L9H7d07YOLsA:10 a=9cW_t1CCXrUA:10 a=s5jvgZ67dGcA:10 a=N659UExz7-8A:10
 a=sAxD9uHJ85yeiWqiGbQA:9 a=pILNOxqGKmIA:10
Subject: Re: for / while else doesn't make sense
To: redac...@python.org
References:

Re: [Mailman-Users] Our list serv host is threatening to shut us down for spam abuse

[Andrew Hodgson]

Hi,

I would work with the provider in this situation.  In my case I run several 
lists which are all opt-in, but people click on the report as spam button in 
Yahoo and AOL, causing issues.  I have an agreement with the hosting provider 
who run the network that if they get any complaints from AOL or Hotmail that 
come through this route, that they forward them onto me and I unsubscribe them 
from the list.  With AOL it is difficult as they remove the original email 
address who is complaining, Hotmail is OK and now Yahoo reports get sent to me 
directly.

I send the list traffic through specific servers so that it doesn't affect 
anything else.

Andrew.
--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Re: [Mailman-Users] Having searchable archives

[Mark Sapiro]

On 06/17/2016 07:22 PM, Fabian Santiago wrote:
> 
> Now, any chance you could give me a hand with mm3? Hehe...


I have recently installed 2 'production' instances of MM 3 basically
starting with mailman-bundler, but upgrading all the Mailman components
to the heads of their respective branches. I will be writing up what
I've done, but in the mean time, the mailman-us...@mailman3.org list

is there for questions and support.

-- 
Mark Sapiro The highway is for gamblers,
San Francisco Bay Area, Californiabetter use your sense - B. Dylan



signature.asc
Description: OpenPGP digital signature
--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Re: [Mailman-Users] Having searchable archives

[Fabian Santiago]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Thank you Sir!

Now, any chance you could give me a hand with mm3? Hehe...

On June 17, 2016 9:13:29 PM EDT, Mark Sapiro  wrote:
>On 06/17/2016 04:50 PM, Fabian Santiago wrote:
>> I run 2.1.22; that ok to install on top of?
>
>
>If you installed 2.1.22 from source, you can just bzr branch that
>branch
>and configure it with exactly the same configure command you used for
>2.1.22 and make install it to upgrade.
>
>There should be no problems, but you will have to have a working
>ht://Dig before you enable searching by setting
>
>USE_HTDIG = 1 (or Yes or True)
>
>and other things in mm_cfg.py. Be sure to read the docs in
>INSTALL.htdig-mm or INSTALL.htdig-mm.html.
>
>--
>Mark Sapiro The highway is for gamblers,
>San Francisco Bay Area, Californiabetter use your sense - B. Dylan
>
>
>
>
>
>
>--
>Mailman-Users mailing list Mailman-Users@python.org
>https://mail.python.org/mailman/listinfo/mailman-users
>Mailman FAQ: http://wiki.list.org/x/AgA3
>Security Policy: http://wiki.list.org/x/QIA9
>Searchable Archives:
>http://www.mail-archive.com/mailman-users%40python.org/
>Unsubscribe:
>https://mail.python.org/mailman/options/mailman-users/fsantiago%40garbage-juice.com

- --
Sent from my Android device with K-9 Mail. Please excuse my brevity.
-BEGIN PGP SIGNATURE-
Version: APG v1.1.1

iQFLBAEBCgA1BQJXZLBTLhxGYWJpYW4gU2FudGlhZ28gPGZzYW50aWFnb0BnYXJi
YWdlLWp1aWNlLmNvbT4ACgkQW0YwXn4gDNWo5Qf/dgNEJxwvnFGQbcTxjXYuxZSP
paR+MtNIjDx6pJxdIWFlwBYsV6Ne6vt/z9hUvzTI/9RZKTcMUUlarHRl2AhRO54M
jroPfFOe+52cGHg2r96ebFHGJo7DfdCeDfedTJSkWoox13zuJSQp7QzRLJSgWMJD
8L71AA91CrTAWpDeQePcbtDgIVeFaRnDiyYpmy2W49S4aaDihcOS1NsAiqEp+mi7
ZW16I1pIBVH/pnqvYChWcBMeo1+TRzqjtlcjS9+FEnj8GNkNuy35ppWe7/1C126B
Uemwjj+Nw+2YTd1btqdC3qyCF80hdCgEJ+eBYUcbZtpfeAW4RdNs256YOXDSjA==
=OobF
-END PGP SIGNATURE-

--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Re: [Mailman-Users] moderator page behind nginx with SSL

[Andrew Hodgson]

Hi,

I have the same setup and the moderation pages work fine with my setup.  I 
would recommend ensuring your hosts are set up correctly in mm_cfg.py so that 
HTTPS is used.

Andrew.

-Original Message-
From: Mailman-Users 
[mailto:mailman-users-bounces+andrew=hodgsonfamily@python.org] On Behalf Of 
John Griessen
Sent: 17 June 2016 15:58
To: mailman-users@python.org
Subject: [Mailman-Users] moderator page behind nginx with SSL

The rest of mailman version 2.1.22
is working fine with SSL and some rewriting by nginx and yet 
https://cibolo.us/mailman/admindb/open_electroporator  gives a message "will be 
sent over an insecure connection" when I seta button to discard and then do the 
submit all data button.

Is there a way to use SSL here?

Or... will I need to disable SSL for this page to get that submit to work?
--
Mailman-Users mailing list Mailman-Users@python.org 
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: 
http://wiki.list.org/x/QIA9 Searchable Archives: 
http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/andrew%40hodgsonfamily.org
--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Re: [Mailman-Users] mail cron jobs not running

[Mark Sapiro]

On 06/17/2016 06:36 PM, Jason Fayre wrote:
> 
> I administer a server that is running cPanel. The version of Mailman on
> the server is 2.1.20. We're having an issue where the mailman cron jobs
> don't seem to be running. Everything was working until cPanel did a
> reinstall of mailman. Specifically, the daily digests aren't going out.
> Everything in the crontab looks right. We do have one cron job that is
> throwing an error, but that is for root, not the mailman user.
> If I run the senddigest script manually, everything works.
> Any ideas


First of all, output from Mailman's crons (errors) is probably sent to
the mailman user which is actually the mailman site list. You should
ensure that your 'mailman' list has the site admins subscribed and
accepts non-member posts.

You may also wish to set MAILTO= in Mailman's crontab to send that mail
to an admin.

That said, cron writes a log. I'm not sure where the log might be in
cPanel, but maybe /var/log/cron or the 'CRON' entries in /var/log/syslog.

-- 
Mark Sapiro The highway is for gamblers,
San Francisco Bay Area, Californiabetter use your sense - B. Dylan
--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

[Mailman-Users] mail cron jobs not running

[Jason Fayre]

Hello,
I administer a server that is running cPanel. The version of Mailman on 
the server is 2.1.20. We're having an issue where the mailman cron jobs 
don't seem to be running. Everything was working until cPanel did a 
reinstall of mailman. Specifically, the daily digests aren't going out. 
Everything in the crontab looks right. We do have one cron job that is 
throwing an error, but that is for root, not the mailman user.

If I run the senddigest script manually, everything works.
Any ideas

--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Re: [Mailman-Users] Having searchable archives

[Mark Sapiro]

On 06/17/2016 04:50 PM, Fabian Santiago wrote:
> I run 2.1.22; that ok to install on top of?


If you installed 2.1.22 from source, you can just bzr branch that branch
and configure it with exactly the same configure command you used for
2.1.22 and make install it to upgrade.

There should be no problems, but you will have to have a working
ht://Dig before you enable searching by setting

USE_HTDIG = 1 (or Yes or True)

and other things in mm_cfg.py. Be sure to read the docs in
INSTALL.htdig-mm or INSTALL.htdig-mm.html.

-- 
Mark Sapiro The highway is for gamblers,
San Francisco Bay Area, Californiabetter use your sense - B. Dylan




signature.asc
Description: OpenPGP digital signature
--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Re: [Mailman-Users] Having searchable archives

[Fabian Santiago]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

I run 2.1.22; that ok to install on top of?

On June 17, 2016 5:25:34 PM EDT, Mark Sapiro  wrote:
>On 06/17/2016 11:39 AM, Fabian Santiago wrote:
>>
>> I've come across:
>>
>https://wiki.list.org/DOC/How%20do%20I%20make%20the%20archives%20searchable
>>
>> but the info there seems outdated. Ht://dig won't even ./configure on
>my
>> centos 7.2.x box.
>
>
>I use ht://Dig and essentially the Mailman branch at
> which is kept up to
>date with the head of the 2.1 branch. It differs from what I run in
>production only because I have a few local mods on top of it.
>
>I don't know what your ht://Dig issue is, but I last configured and
>made
>ht://Dig 3.2.0b6 about a year ago on Ubuntu 14.04 without problems.
>
>If you post the failure from your config.log, I'll look at it (no
>guarantees of course).
>
>--
>Mark Sapiro The highway is for gamblers,
>San Francisco Bay Area, Californiabetter use your sense - B. Dylan
>
>
>
>
>
>--
>Mailman-Users mailing list Mailman-Users@python.org
>https://mail.python.org/mailman/listinfo/mailman-users
>Mailman FAQ: http://wiki.list.org/x/AgA3
>Security Policy: http://wiki.list.org/x/QIA9
>Searchable Archives:
>http://www.mail-archive.com/mailman-users%40python.org/
>Unsubscribe:
>https://mail.python.org/mailman/options/mailman-users/fsantiago%40garbage-juice.com

- --
Sent from my Android device with K-9 Mail. Please excuse my brevity.
-BEGIN PGP SIGNATURE-
Version: APG v1.1.1

iQFLBAEBCgA1BQJXZIzSLhxGYWJpYW4gU2FudGlhZ28gPGZzYW50aWFnb0BnYXJi
YWdlLWp1aWNlLmNvbT4ACgkQW0YwXn4gDNVGNgf/XYBtXxvc6c0z+hkVtqlaVxGm
QXcldPDtreEDWGU9DpK6M7c+vMvEfETtBykwk+V8A898UILtb7px+ASvBN1smF+C
0JRPZCdDjuiQcKcz+khVw34m69qEJXDHCF8l3AghnRSerJuI77GtaGr1ammCzjJv
qA4IFFAoCJj5lEg1XUqEjh1S+XJkHmo2EbZklrwhi3T/P5ileOEFMKgJMpoWWNjn
Hw7+u44FHpgWt+VGjDUehaV5n3/fGLAwLD/wQmh3Fvnhl67XNC+8RfJHDq3nFJ7H
8gUD/M25aykxzBv8rvJRynbiJyc5ULOfZ6SQ/zOtWQP2ibguwfcB/jz+MZMZGA==
=R6Dn
-END PGP SIGNATURE-

--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Re: [Mailman-Users] Having searchable archives

[Mark Sapiro]

On 06/17/2016 11:39 AM, Fabian Santiago wrote:
> 
> I've come across:
> https://wiki.list.org/DOC/How%20do%20I%20make%20the%20archives%20searchable
> 
> but the info there seems outdated. Ht://dig won't even ./configure on my
> centos 7.2.x box.


I use ht://Dig and essentially the Mailman branch at
 which is kept up to
date with the head of the 2.1 branch. It differs from what I run in
production only because I have a few local mods on top of it.

I don't know what your ht://Dig issue is, but I last configured and made
ht://Dig 3.2.0b6 about a year ago on Ubuntu 14.04 without problems.

If you post the failure from your config.log, I'll look at it (no
guarantees of course).

-- 
Mark Sapiro The highway is for gamblers,
San Francisco Bay Area, Californiabetter use your sense - B. Dylan



signature.asc
Description: OpenPGP digital signature
--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Re: [Mailman-Users] Mailman is not Listserv - was: Our list serv host is threatening to shut us down for spam abuse

[Jim Dory]

No need for everyone to jump on this. Mark and I have already discussed it,
and you can read that I won't use it again.   cheers, JD

On Fri, Jun 17, 2016 at 1:04 PM, am  wrote:

> I agree with Mark on the abuse of the term (as well as the quality of
> product :-)) I correct this EVERYTIME I meet this abuse. earned me a
> reputation of a pedant, but the abuse has fallen off to nil.
>
> A.
>
> On Fri, Jun 17, 2016 at 1:34 PM, Mark Sapiro  wrote:
>
>> On 06/17/2016 10:40 AM, Jim Dory wrote:
>> > I was using the term List-serv as a generic term meaning a mailing list
>> > people subscribe to in order to receive messages sent by members via
>> > email.
>>
>>
>> I understand that and that is exactly the usage I object to. I
>> understand I'm tilting at windmills and that I've long since lost this
>> battle, and I'm in no way trying to protect Eric Thomas' trademark, but
>> it annoys me to see Mailman conflated with Listserv because Listserv is
>> a proprietary competing product and I think Mailman and its community
>> are a better alternative.
>>
>> --
>> Mark Sapiro The highway is for gamblers,
>> San Francisco Bay Area, Californiabetter use your sense - B. Dylan
>> --
>> Mailman-Users mailing list Mailman-Users@python.org
>> https://mail.python.org/mailman/listinfo/mailman-users
>> Mailman FAQ: http://wiki.list.org/x/AgA3
>> Security Policy: http://wiki.list.org/x/QIA9
>> Searchable Archives:
>> http://www.mail-archive.com/mailman-users%40python.org/
>> Unsubscribe:
>> https://mail.python.org/mailman/options/mailman-users/doar%40yahoo.com
>>
>
>
--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Re: [Mailman-Users] Mailman is not Listserv - was: Our list serv host is threatening to shut us down for spam abuse

[am via Mailman-Users]

I agree with Mark on the abuse of the term (as well as the quality of
product :-)) I correct this EVERYTIME I meet this abuse. earned me a
reputation of a pedant, but the abuse has fallen off to nil.

A.

On Fri, Jun 17, 2016 at 1:34 PM, Mark Sapiro  wrote:

> On 06/17/2016 10:40 AM, Jim Dory wrote:
> > I was using the term List-serv as a generic term meaning a mailing list
> > people subscribe to in order to receive messages sent by members via
> > email.
>
>
> I understand that and that is exactly the usage I object to. I
> understand I'm tilting at windmills and that I've long since lost this
> battle, and I'm in no way trying to protect Eric Thomas' trademark, but
> it annoys me to see Mailman conflated with Listserv because Listserv is
> a proprietary competing product and I think Mailman and its community
> are a better alternative.
>
> --
> Mark Sapiro The highway is for gamblers,
> San Francisco Bay Area, Californiabetter use your sense - B. Dylan
> --
> Mailman-Users mailing list Mailman-Users@python.org
> https://mail.python.org/mailman/listinfo/mailman-users
> Mailman FAQ: http://wiki.list.org/x/AgA3
> Security Policy: http://wiki.list.org/x/QIA9
> Searchable Archives:
> http://www.mail-archive.com/mailman-users%40python.org/
> Unsubscribe:
> https://mail.python.org/mailman/options/mailman-users/doar%40yahoo.com
>
--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

[Mailman-Users] Having searchable archives

[Fabian Santiago]

Hello,

What is the current best way of implementing searchable archives hosted
directly by my own server? Thanks.

I've come across:
https://wiki.list.org/DOC/How%20do%20I%20make%20the%20archives%20searchable

but the info there seems outdated. Ht://dig won't even ./configure on my
centos 7.2.x box.


- Fabian S.




signature.asc
Description: OpenPGP digital signature
--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Re: [Mailman-Users] Mailman is not Listserv - was: Our list serv host is threatening to shut us down for spam abuse

[Mark Sapiro]

On 06/17/2016 10:40 AM, Jim Dory wrote:
> I was using the term List-serv as a generic term meaning a mailing list
> people subscribe to in order to receive messages sent by members via
> email.


I understand that and that is exactly the usage I object to. I
understand I'm tilting at windmills and that I've long since lost this
battle, and I'm in no way trying to protect Eric Thomas' trademark, but
it annoys me to see Mailman conflated with Listserv because Listserv is
a proprietary competing product and I think Mailman and its community
are a better alternative.

-- 
Mark Sapiro The highway is for gamblers,
San Francisco Bay Area, Californiabetter use your sense - B. Dylan
--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Re: [Mailman-Users] Our list serv host is threatening to shut us down for spam abuse

[Jim Dory]

Thank you Rich,

I do not subscribe anyone without making them first go through the
subscribe process. The problem we're having lately is the ISP's are not
passing on the confirmation email, so in a couple cases lately, after
confirming the user tried the process (by their word is all I got) I do
subscribe them.

Unfortunately I don't have access to the logs nor VERP settings.

thx, Jim

On Fri, Jun 17, 2016 at 9:02 AM, Rich Kulawiec  wrote:

>
> I'll second the suggestion that you split the list.  I'll also suggest
> that you do *not* subscribe anyone to the split-off instance: you should
> make them go through a COI (confirmed opt-in) process AND you should
> make certain that you retain all records of that as long as the list
> exists. ("records" being the Mailman logs and copies of any
> correspondence.)
>
>
> But let me make a general comment about this problem -- which stems
> from companies like AOL and Yahoo delegating control of part of the
> anti-spam process to their users.
>
> That's incredibly stupid.  It's off-the-scale idiotic.  It flies in
> the face of everything we've learned about spam in the past several
> decades.
>
> Consider: if users, en masse, could reliably distinguish spam from
> non-spam, would the spam problem be as bad as it is?
>
> No.  It would not.  It would only be a tiny fraction of its current scale.
>
> But users have spent the past several decade proving, beyond any
> possible argument, that they are absolutely horrible at this task.
> So delegating it to them is not only lazy, it's insane.
>
> To be clear: yes, users should be able to *report* suspected spam.
> That's why everyone should have an abuse@ address per RFC 2142
> and decades of best practices.   A user who's capable of remembering
> that, and who's capable of forwarding spam to it with full headers,
> is a user at least worth paying attention to.  (And of course the
> local admin/postmaster/abuse/whatever team should read and analyze
> every such message: that's mail system admin 101.)  But a user who
> blindly hits the spam button for any message they don't like or
> don't find useful or don't agree with or anything else is worse
> than useless: they're actively degrading the process.
>
> Dave Crocker put it quite well when he said:
>
> The best model to invoke, with respect to the idea of recruiting
> end users to be active participants in abuse detection or
> prevention is mostly:
>
> Don't.
>
> Unfortunately, the AOLs and Yahoos of the world are deaf to this.
>
> And as a result of that, I have no doubt whatsoever that many of your
> non-spam messages are being flagged as spam by users at those operations
> (and elsewhere) despite the fact that they're on-topic for a mailing list
> that they signed up for.
>
> I've found it necessary to use VERP and similar techniques to identify
> the specific individuals responsible for this abuse and to either
> (a) unsubscribe them and/or (b) ban them.  This isn't a panacea, but
> it does help cut down on the complaint rate and thus the spurious
> blacklisting.
>
> ---rsk
> --
> Mailman-Users mailing list Mailman-Users@python.org
> https://mail.python.org/mailman/listinfo/mailman-users
> Mailman FAQ: http://wiki.list.org/x/AgA3
> Security Policy: http://wiki.list.org/x/QIA9
> Searchable Archives:
> http://www.mail-archive.com/mailman-users%40python.org/
> Unsubscribe:
> https://mail.python.org/mailman/options/mailman-users/james%40dorydesign.com
>
--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Re: [Mailman-Users] Our list serv host is threatening to shut us down for spam abuse

[Jim Dory]

I was using the term List-serv as a generic term meaning a mailing list
people subscribe to in order to receive messages sent by members via email.
I am not aware, nor care to be aware, of technical definitions between
Mailman and Listserv. I am a volunteer so those concerns are above my pay
grade. BUT - I won't use the term "listserv" here again.

Thanks for your suggestions. I am taking all those steps - though I haven't
added the header yet. I have sent several messages to users trying to
educate them (and copied to the host's trouble ticket). The host gave me an
example of a complaint received, so I tried contacting the subscriber to
see if he was satisfied or not with the service and whether or not he
wanted unsubscribed. I also asked if he would tell me how he was using his
email client in regards our messages. No response. I did unsubscribe him,
telling him he was welcome to resubscribe if it were in error.

I've started the feedback loops with AOL and Yahoo. Microsoft is
problematic.

The footer of each message/digest gives clear instructions for
unsubscribing.

thanks again, Jim

On Fri, Jun 17, 2016 at 9:27 AM, Mark Sapiro  wrote:

> On 06/16/2016 04:04 PM, Jim Dory wrote:
> > So, anyone recommend more list-serv friendly hosts?
>
>
> If you're looking for listserv(r), you're in the wrong place. See
> .
>
> To address your actual issue, the problem is your list members are
> reporting list mail to their ISPs as spam. You MAY be able to address
> this by education. You need to ensure that no one is added to the list
> without opt-in and you need to remind members that if they don't want
> list mail, their recourse should be to unsubscribe, and that reporting
> some mail as spam will not result in selective filtering of some mail or
> action against the posters of mail they don't like, it will onlt result
> in all list mail being blocked for everyone.
>
> You may be able to negotiate with your host over measures you can take,
> but the main thing is to train users not to click the 'spam' button and
> to give them easy ways to unsubscribe and to complain to you.
>
> If you convince your host you are trying, they may understand, but they
> are stuck - your user's spam reports are giving your server's IP a bad
> reputation and causing all your mail and, if it's a shared host, other
> customer's mail too to be blocked by various ISPs. The host has to
> convince those ISPs that they are doing something about this.
>
> In the long run, just switching hosts will not solve this problem if you
> can't convince your users not to report mail from a list they signed up
> for as spam.
>
> You might try adding a msg_header and digest_header[1] with a "you are
> receiving this mail because you subscribed to ... To unsubscribe, ...
> Please don't report this as spam ..." type of message.
>
> [1] Depending on your list's content filtering, and your user's MUAs,
> *_header may be problematic and editing *_footer may be better. See
> .
>
> --
> Mark Sapiro The highway is for gamblers,
> San Francisco Bay Area, Californiabetter use your sense - B. Dylan
> --
> Mailman-Users mailing list Mailman-Users@python.org
> https://mail.python.org/mailman/listinfo/mailman-users
> Mailman FAQ: http://wiki.list.org/x/AgA3
> Security Policy: http://wiki.list.org/x/QIA9
> Searchable Archives:
> http://www.mail-archive.com/mailman-users%40python.org/
> Unsubscribe:
> https://mail.python.org/mailman/options/mailman-users/james%40dorydesign.com
>
--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Re: [Mailman-Users] Our list serv host is threatening to shut us down for spam abuse

[Richard Damon]

On 6/16/16 7:04 PM, Jim Dory wrote:

So, anyone recommend more list-serv friendly hosts?

/jim

On Thu, Jun 16, 2016 at 1:39 PM, Jim Dory  wrote:


We have a community list-serv for local trade and community announcements
with a subscriber base of nearly 2200 people. Our police and city use it
for public service announcements, people use it for selling/trading
virtually anything (seal oil, outboards, guns, blue berries, you name it)
and is by subscription only.

If someone is not a member, they cannot post. When a member posts, it goes
to all others subscribers.

Any suggestions on how to answer this:


I run a community mailing list of 6400 subscribers on Pair, and do not 
have this issue. I do have a number of filters setup to catch most of 
the spam that tries to get to the list. I have also used ezoshosting for 
some smaller lists.


Is your current hosting provider directly supporting mailman, or is it 
just that they let your run it? A hosting service that doesn't 
specifically understand mailing list is much more likely to get you in 
trouble.


Also, how responsive are you to subscribers asking for help 
unsubscribing? If your list is anything like mine, a number of 
subscribers get help from a friend to get on the list, and then when 
they want off, they don't know what to do. If they don't know you will 
be helpful in getting them off the list, some will "unsubscribe" by 
marking the list as spam and thus they don't see the messages, and you 
will get into this sort of trouble.



--
Richard Damon

--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Re: [Mailman-Users] Our list serv host is threatening to shut us down for spam abuse

[Rich Kulawiec]

I'll second the suggestion that you split the list.  I'll also suggest
that you do *not* subscribe anyone to the split-off instance: you should
make them go through a COI (confirmed opt-in) process AND you should
make certain that you retain all records of that as long as the list
exists. ("records" being the Mailman logs and copies of any correspondence.)


But let me make a general comment about this problem -- which stems
from companies like AOL and Yahoo delegating control of part of the
anti-spam process to their users.

That's incredibly stupid.  It's off-the-scale idiotic.  It flies in
the face of everything we've learned about spam in the past several decades.

Consider: if users, en masse, could reliably distinguish spam from
non-spam, would the spam problem be as bad as it is?

No.  It would not.  It would only be a tiny fraction of its current scale.

But users have spent the past several decade proving, beyond any
possible argument, that they are absolutely horrible at this task.
So delegating it to them is not only lazy, it's insane.

To be clear: yes, users should be able to *report* suspected spam.
That's why everyone should have an abuse@ address per RFC 2142
and decades of best practices.   A user who's capable of remembering
that, and who's capable of forwarding spam to it with full headers,
is a user at least worth paying attention to.  (And of course the
local admin/postmaster/abuse/whatever team should read and analyze
every such message: that's mail system admin 101.)  But a user who
blindly hits the spam button for any message they don't like or
don't find useful or don't agree with or anything else is worse
than useless: they're actively degrading the process.

Dave Crocker put it quite well when he said:

The best model to invoke, with respect to the idea of recruiting
end users to be active participants in abuse detection or
prevention is mostly:

Don't.

Unfortunately, the AOLs and Yahoos of the world are deaf to this.

And as a result of that, I have no doubt whatsoever that many of your
non-spam messages are being flagged as spam by users at those operations
(and elsewhere) despite the fact that they're on-topic for a mailing list
that they signed up for.

I've found it necessary to use VERP and similar techniques to identify
the specific individuals responsible for this abuse and to either
(a) unsubscribe them and/or (b) ban them.  This isn't a panacea, but
it does help cut down on the complaint rate and thus the spurious
blacklisting.

---rsk
--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Re: [Mailman-Users] Our list serv host is threatening to shut us down for spam abuse

[Mark Sapiro]

On 06/16/2016 04:04 PM, Jim Dory wrote:
> So, anyone recommend more list-serv friendly hosts?


If you're looking for listserv(r), you're in the wrong place. See
.

To address your actual issue, the problem is your list members are
reporting list mail to their ISPs as spam. You MAY be able to address
this by education. You need to ensure that no one is added to the list
without opt-in and you need to remind members that if they don't want
list mail, their recourse should be to unsubscribe, and that reporting
some mail as spam will not result in selective filtering of some mail or
action against the posters of mail they don't like, it will onlt result
in all list mail being blocked for everyone.

You may be able to negotiate with your host over measures you can take,
but the main thing is to train users not to click the 'spam' button and
to give them easy ways to unsubscribe and to complain to you.

If you convince your host you are trying, they may understand, but they
are stuck - your user's spam reports are giving your server's IP a bad
reputation and causing all your mail and, if it's a shared host, other
customer's mail too to be blocked by various ISPs. The host has to
convince those ISPs that they are doing something about this.

In the long run, just switching hosts will not solve this problem if you
can't convince your users not to report mail from a list they signed up
for as spam.

You might try adding a msg_header and digest_header[1] with a "you are
receiving this mail because you subscribed to ... To unsubscribe, ...
Please don't report this as spam ..." type of message.

[1] Depending on your list's content filtering, and your user's MUAs,
*_header may be problematic and editing *_footer may be better. See
.

-- 
Mark Sapiro The highway is for gamblers,
San Francisco Bay Area, Californiabetter use your sense - B. Dylan
--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Re: [Mailman-Users] Our list serv host is threatening to shut us down for spam, abuse

[Jim Dory]

Thanks for replies!

I've discovered the Mailman document dealing with this issue:
https://wiki.list.org/DOC/All%20messages%20from%20my%20list%20are%20being%20rejected%20by%20AOL%20%28or%20hotmail%2C%20or%20Yahoo%21%20or%20Google%20Gmail-googlemail%2C%20etc...%29%20as%20spam%2C
and apologies for not finding it before posting.

So I've tried creating feedback loops as per the instructions there with
Yahoo, AOL (who uses them anymore?) and Microsoft. Microsoft requires
confirmation from the host so I haven't been able to get them onboard yet.
But I've taken these steps and outlined them to the host, but I haven't
heard back. I also tried whitelisting with Yahoo but they too want the
owner of the IP address (the host) to apply - and I don't think I can get
Hawkhost to do that. At least they haven't responded yet about it. If I
were them I would probably be reluctant as well, not knowing about our
list-serv.

With the feedback loops I hope I can identify the offenders (those on our
list that are marking messages as spam) and work with them to either get
them to unsubscribe or educate them on how to manage the messages. (there
can be 20-30 messages a day on a busy day.)

thanks, Jim

On Fri, Jun 17, 2016 at 9:06 AM, John  wrote:

> On 6/17/16 9:21 AM, Jim Dory wrote:
> > We have mounting complaints from AOL,
> >> Yahoo and Hotmail
>
> I think that says it all...  I have regular issues with the free email
> services,
> requiring email exchanges with their IT groups. Every time they tighten the
> SPAM/UCE rules, all hell breaks loose.  :-/   At one time I was even
> considering
> just dropping all free email service subscribers.
>
> I've run my mailman lists for over 6 years now on my own VMs hosted by
> LINODE.
> Makes me responsible for my own IPs & their reputation...  I used to use Go
> Daddy VMs, but they used a common out going email server pool, more like a
> cesspool. Had lots of problems because Go Daddy IP blocks were always on
> somebodies block list. :-(
>
> John
> --
> Mailman-Users mailing list Mailman-Users@python.org
> https://mail.python.org/mailman/listinfo/mailman-users
> Mailman FAQ: http://wiki.list.org/x/AgA3
> Security Policy: http://wiki.list.org/x/QIA9
> Searchable Archives:
> http://www.mail-archive.com/mailman-users%40python.org/
> Unsubscribe:
> https://mail.python.org/mailman/options/mailman-users/james%40dorydesign.com
>
--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

[Mailman-Users] Defending against DDOS style scanning

[Gretchen R Beck]

Hi Folks,


We had a group of machines hit our mailman server hard last night -- trying all 
the advertised lists and their corresponding URLS.  After shutting down and 
restarting the webserver, the attempts stopped.


What (if anything) are folks doing to protect against such events?


Thanks!


Gretchen Beck

Carnegie Mellon
--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Re: [Mailman-Users] Our list serv host is threatening to shut us down for spam, abuse

[John]

On 6/17/16 9:21 AM, Jim Dory wrote:
> We have mounting complaints from AOL,
>> Yahoo and Hotmail

I think that says it all...  I have regular issues with the free email services,
requiring email exchanges with their IT groups. Every time they tighten the
SPAM/UCE rules, all hell breaks loose.  :-/   At one time I was even considering
just dropping all free email service subscribers.

I've run my mailman lists for over 6 years now on my own VMs hosted by LINODE.
Makes me responsible for my own IPs & their reputation...  I used to use Go
Daddy VMs, but they used a common out going email server pool, more like a
cesspool. Had lots of problems because Go Daddy IP blocks were always on
somebodies block list. :-(

John
--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Re: [Mailman-Users] Our list serv host is threatening to shut us down for spam abuse

[Jim Ohlstein]

Hello Jim,

I'm not sure what they mean by cross promotion, but you may want to separate 
your list into a public service announcement list and one for sales/trades/etc. 

I can help you find alternate hosting if you like. Feel free to contact me off 
list. 

Jim Ohlstein

> On Jun 16, 2016, at 5:39 PM, Jim Dory  wrote:
> 
> We have a community list-serv for local trade and community announcements
> with a subscriber base of nearly 2200 people. Our police and city use it
> for public service announcements, people use it for selling/trading
> virtually anything (seal oil, outboards, guns, blue berries, you name it)
> and is by subscription only.
> 
> If someone is not a member, they cannot post. When a member posts, it goes
> to all others subscribers.
> 
> Any suggestions on how to answer this:
> 
> Here is the threat (hopefully I've removed personal emails from it):
> 
> Hello,
> 
> These cross promotion posts from your mailing list will need to cease or we
> will not host you any further. We have mounting complaints from AOL, Yahoo
> and Hotmail with some of which are now blocking the server you're on
> specifically because of your mailings. This is not isolated to a single set
> of users complaining it's a large amount that is enough for these providers
> to take action. Here's an example of Hotmail complaining today:
> 
> X-HmXmrOriginalRecipient: < snip>
> X-Reporter-IP: 72.169.153.180
> X-Message-Guid: e33ffe03-30cf-11e6-80b9-00215ad73ee2
> x-store-info:qAUQJzZ73IJCLUJ+0n7ZQ5Y+hDtA5T0pTzngeWExSOA+js5BQ3esJZEb/
> hCqmGYMGDPlv0qhfifSNEBY0EeR7jdY3RHpNqJWr7fgFVdKgCT42ZLOh4B1Z
> k6HwMHyTEbaui0SFrS8NYUVpqQ8zI3RRBiLXYw949+B
> Authentication-Results: hotmail.com; spf=pass (sender IP is 198.252.106.58)
> smtp.mailfrom=nome-announce-boun...@nomekennelclub.com; dkim=pass header.d=
> nomekennelclub.com; x-hmca=pass header.id=
> nome-announce-boun...@nomekennelclub.com
> X-SID-PRA: nome-announce-boun...@nomekennelclub.com
> X-AUTH-Result: PASS
> X-SID-Result: PASS
> X-Message-Status: n:n
> X-Message-Delivery: Vj0xLjE7dXM9MDtsPTA7YT0wO0Q9MztHRD0zO1NDTD00
> X-Message-Info: JfKzZGNUCEyn6uZ8X2pDbY1Het57KTCuLVm3gAtPdrrl2td44M/
> wLebIq7P6BcKz/Tq4wTZhsfxggLRurC3yAI0ChdmMAEfJOhmwoMRSeeGJKozFC4gVqbNvnZC/
> JhgCd5qsAtqr0OEAYRu3koPQ9+cHL4uRNZS9J27uZshkoH4/
> X3ayvdoeyUE3YWcyuTkswynceRDw4BygQavICoswKj/9XZAZvRBbI8WuiznTMQZuGiccxghTGg==
> Received: from lax022.relay.arandomserver.com ([198.252.106.58]) by
> COL004-MC1F11.hotmail.com  over TLS
> secured channel with Microsoft SMTPSVC(7.5.7601.23143);
> Sun, 12 Jun 2016 12:00:15 -0700
> Received: from lax203.hawkhost.com ([198.252.106.68])
> by se003.arandomserver.com with esmtpsa (TLSv1.2:DHE-RSA-AES256-SHA:256)
> (Exim 4.85)
> (envelope-from )
> id 1bCAcC-0005mK-IL; Sun, 12 Jun 2016 14:00:11 -0500
> DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
> d=nomekennelclub.com; s=default; h=Sender:List-Subscribe:List-
> Help:List-Post:
> List-Archive:List-Unsubscribe:List-Id:Content-Transfer-
> Encoding:Content-Type:
> MIME-Version:Message-ID:Date:Reply-To:To:Subject:From:Cc:Content-ID:
> Content-Description:Resent-Date:Resent-From:Resent-
> Sender:Resent-To:Resent-Cc
> :Resent-Message-ID:In-Reply-To:References:List-Owner;
> bh=jDxrwQr0jmM9xViPdGyM4bH+/6rwqwLFUVYvxTlafm8=;
> b=u8TyeCVecKwnVNP0kCePP0Pnct
> XmAtx/ijufED+WEE6l444ssMce/LGKCBwpEcIN/3vBoK6dkCkh3JmivH0aA9HrZyrcelF
> o27GFKbV
> 1sZYQQDokwaGP4YHL4iEx0Si5AY8JCBkFgFh1BKIXUvlYq2M0CYpEO4nYcc5hUNIpArs=;
> Received: from [::1] (port=42021 helo=lax203.hawkhost.com)
> by lax203.hawkhost.com with esmtp (Exim 4.87)
> (envelope-from )
> id 1bCAc7-000pSR-SI; Sun, 12 Jun 2016 12:00:03 -0700
> From: nome-announce-requ...@nomekennelclub.com
> Subject: Nome-announce Digest, Vol 50, Issue 29
> To: nome-annou...@nomekennelclub.com
> Reply-To: nome-annou...@nomekennelclub.com
> Date: Sun, 12 Jun 2016 12:00:01 -0700
> Message-ID: <
> mailman.1.1465758001.197313.nome-announce_nomekennelclub@nomekennelclub.com
> MIME-Version: 1.0
> Content-Type: text/plain; charset="us-ascii"
> Content-Transfer-Encoding: 7bit
> X-BeenThere: nome-annou...@nomekennelclub.com
> X-Mailman-Version: 2.1.20
> Precedence: list
> List-Id: 
> List-Unsubscribe: <
> http://nomekennelclub.com/mailman/options/nome-announce_nomekennelclub.com>,
> 
> List-Archive: <
> http://nomekennelclub.com/mailman/private/nome-announce_nomekennelclub.com/>
> List-Post: 
> List-Help: 
> List-Subscribe: <
> http://nomekennelclub.com/mailman/listinfo/nome-announce_nomekennelclub.com
>> ,
> 
> Errors-To: nome-announce-boun...@nomekennelclub.com
> Sender: "Nome-announce" 

Re: [Mailman-Users] Our list serv host is threatening to shut us down for spam abuse

[Jim Dory]

So, anyone recommend more list-serv friendly hosts?

/jim

On Thu, Jun 16, 2016 at 1:39 PM, Jim Dory  wrote:

> We have a community list-serv for local trade and community announcements
> with a subscriber base of nearly 2200 people. Our police and city use it
> for public service announcements, people use it for selling/trading
> virtually anything (seal oil, outboards, guns, blue berries, you name it)
> and is by subscription only.
>
> If someone is not a member, they cannot post. When a member posts, it goes
> to all others subscribers.
>
> Any suggestions on how to answer this:
>
> Here is the threat (hopefully I've removed personal emails from it):
>
> Hello,
>
> These cross promotion posts from your mailing list will need to cease or
> we will not host you any further. We have mounting complaints from AOL,
> Yahoo and Hotmail with some of which are now blocking the server you're on
> specifically because of your mailings. This is not isolated to a single set
> of users complaining it's a large amount that is enough for these providers
> to take action. Here's an example of Hotmail complaining today:
>
> X-HmXmrOriginalRecipient: < snip>
> X-Reporter-IP: 72.169.153.180
> X-Message-Guid: e33ffe03-30cf-11e6-80b9-00215ad73ee2
> x-store-info:qAUQJzZ73IJCLUJ+0n7ZQ5Y+hDtA5T0pTzngeWExSOA+js5BQ3esJZEb/
> hCqmGYMGDPlv0qhfifSNEBY0EeR7jdY3RHpNqJWr7fgFVdKgCT42ZLOh4B1Z
> k6HwMHyTEbaui0SFrS8NYUVpqQ8zI3RRBiLXYw949+B
> Authentication-Results: hotmail.com; spf=pass (sender IP is
> 198.252.106.58) smtp.mailfrom=nome-announce-boun...@nomekennelclub.com;
> dkim=pass header.d=nomekennelclub.com; x-hmca=pass header.id=
> nome-announce-boun...@nomekennelclub.com
> X-SID-PRA: nome-announce-boun...@nomekennelclub.com
> X-AUTH-Result: PASS
> X-SID-Result: PASS
> X-Message-Status: n:n
> X-Message-Delivery: Vj0xLjE7dXM9MDtsPTA7YT0wO0Q9MztHRD0zO1NDTD00
> X-Message-Info: JfKzZGNUCEyn6uZ8X2pDbY1Het57KTCuLVm3gAtPdrrl2td44M/
> wLebIq7P6BcKz/Tq4wTZhsfxggLRurC3yAI0ChdmMAEfJOhmwoMRSeeGJKozFC4gVqbNvnZC/
> JhgCd5qsAtqr0OEAYRu3koPQ9+cHL4uRNZS9J27uZshkoH4/
> X3ayvdoeyUE3YWcyuTkswynceRDw4BygQavICoswKj/9XZAZvRBbI8WuiznTMQZuGiccxghTG
> g==
> Received: from lax022.relay.arandomserver.com ([198.252.106.58]) by
> COL004-MC1F11.hotmail.com  over TLS
> secured channel with Microsoft SMTPSVC(7.5.7601.23143);
> Sun, 12 Jun 2016 12:00:15 -0700
> Received: from lax203.hawkhost.com ([198.252.106.68])
> by se003.arandomserver.com with esmtpsa (TLSv1.2:DHE-RSA-AES256-SHA:256)
> (Exim 4.85)
> (envelope-from )
> id 1bCAcC-0005mK-IL; Sun, 12 Jun 2016 14:00:11 -0500
> DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
> d=nomekennelclub.com; s=default; h=Sender:List-Subscribe:List-
> Help:List-Post:
> List-Archive:List-Unsubscribe:List-Id:Content-Transfer-
> Encoding:Content-Type:
> MIME-Version:Message-ID:Date:Reply-To:To:Subject:From:Cc:Content-ID:
> Content-Description:Resent-Date:Resent-From:Resent-
> Sender:Resent-To:Resent-Cc
> :Resent-Message-ID:In-Reply-To:References:List-Owner;
> bh=jDxrwQr0jmM9xViPdGyM4bH+/6rwqwLFUVYvxTlafm8=;
> b=u8TyeCVecKwnVNP0kCePP0Pnct
> XmAtx/ijufED+WEE6l444ssMce/LGKCBwpEcIN/3vBoK6dkCkh3JmivH0aA9HrZyrcelF
> o27GFKbV
> 1sZYQQDokwaGP4YHL4iEx0Si5AY8JCBkFgFh1BKIXUvlYq2M0CYpEO4nYcc5hUNIpArs=;
> Received: from [::1] (port=42021 helo=lax203.hawkhost.com)
> by lax203.hawkhost.com with esmtp (Exim 4.87)
> (envelope-from )
> id 1bCAc7-000pSR-SI; Sun, 12 Jun 2016 12:00:03 -0700
> From: nome-announce-requ...@nomekennelclub.com
> Subject: Nome-announce Digest, Vol 50, Issue 29
> To: nome-annou...@nomekennelclub.com
> Reply-To: nome-annou...@nomekennelclub.com
> Date: Sun, 12 Jun 2016 12:00:01 -0700
> Message-ID: <
> mailman.1.1465758001.197313.nome-announce_nomekennelclub@nomekennelclub.com
> >
> MIME-Version: 1.0
> Content-Type: text/plain; charset="us-ascii"
> Content-Transfer-Encoding: 7bit
> X-BeenThere: nome-annou...@nomekennelclub.com
> X-Mailman-Version: 2.1.20
> Precedence: list
> List-Id: 
> List-Unsubscribe: <
> http://nomekennelclub.com/mailman/options/nome-announce_nomekennelclub.com
> >,
> 
> List-Archive: <
> http://nomekennelclub.com/mailman/private/nome-announce_nomekennelclub.com/
> >
> List-Post: 
> List-Help: 
> List-Subscribe: <
> http://nomekennelclub.com/mailman/listinfo/nome-announce_nomekennelclub.com
> >,
> 
> Errors-To: nome-announce-boun...@nomekennelclub.com
> Sender: "Nome-announce" 
> 
> X-Report-Abuse-To: s...@se001.arandomserver.com
> X-Originating-IP: 198.252.106.68
> X-SpamExperts-Domain: lax203.hawkhost.com
> X-SpamExperts-Username: relay
> 

[Mailman-Users] Our list serv host is threatening to shut us down for spam abuse

[Jim Dory]

We have a community list-serv for local trade and community announcements
with a subscriber base of nearly 2200 people. Our police and city use it
for public service announcements, people use it for selling/trading
virtually anything (seal oil, outboards, guns, blue berries, you name it)
and is by subscription only.

If someone is not a member, they cannot post. When a member posts, it goes
to all others subscribers.

Any suggestions on how to answer this:

Here is the threat (hopefully I've removed personal emails from it):

Hello,

These cross promotion posts from your mailing list will need to cease or we
will not host you any further. We have mounting complaints from AOL, Yahoo
and Hotmail with some of which are now blocking the server you're on
specifically because of your mailings. This is not isolated to a single set
of users complaining it's a large amount that is enough for these providers
to take action. Here's an example of Hotmail complaining today:

X-HmXmrOriginalRecipient: < snip>
X-Reporter-IP: 72.169.153.180
X-Message-Guid: e33ffe03-30cf-11e6-80b9-00215ad73ee2
x-store-info:qAUQJzZ73IJCLUJ+0n7ZQ5Y+hDtA5T0pTzngeWExSOA+js5BQ3esJZEb/
hCqmGYMGDPlv0qhfifSNEBY0EeR7jdY3RHpNqJWr7fgFVdKgCT42ZLOh4B1Z
k6HwMHyTEbaui0SFrS8NYUVpqQ8zI3RRBiLXYw949+B
Authentication-Results: hotmail.com; spf=pass (sender IP is 198.252.106.58)
smtp.mailfrom=nome-announce-boun...@nomekennelclub.com; dkim=pass header.d=
nomekennelclub.com; x-hmca=pass header.id=
nome-announce-boun...@nomekennelclub.com
X-SID-PRA: nome-announce-boun...@nomekennelclub.com
X-AUTH-Result: PASS
X-SID-Result: PASS
X-Message-Status: n:n
X-Message-Delivery: Vj0xLjE7dXM9MDtsPTA7YT0wO0Q9MztHRD0zO1NDTD00
X-Message-Info: JfKzZGNUCEyn6uZ8X2pDbY1Het57KTCuLVm3gAtPdrrl2td44M/
wLebIq7P6BcKz/Tq4wTZhsfxggLRurC3yAI0ChdmMAEfJOhmwoMRSeeGJKozFC4gVqbNvnZC/
JhgCd5qsAtqr0OEAYRu3koPQ9+cHL4uRNZS9J27uZshkoH4/
X3ayvdoeyUE3YWcyuTkswynceRDw4BygQavICoswKj/9XZAZvRBbI8WuiznTMQZuGiccxghTGg==
Received: from lax022.relay.arandomserver.com ([198.252.106.58]) by
COL004-MC1F11.hotmail.com  over TLS
secured channel with Microsoft SMTPSVC(7.5.7601.23143);
Sun, 12 Jun 2016 12:00:15 -0700
Received: from lax203.hawkhost.com ([198.252.106.68])
by se003.arandomserver.com with esmtpsa (TLSv1.2:DHE-RSA-AES256-SHA:256)
(Exim 4.85)
(envelope-from )
id 1bCAcC-0005mK-IL; Sun, 12 Jun 2016 14:00:11 -0500
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
d=nomekennelclub.com; s=default; h=Sender:List-Subscribe:List-
Help:List-Post:
List-Archive:List-Unsubscribe:List-Id:Content-Transfer-
Encoding:Content-Type:
MIME-Version:Message-ID:Date:Reply-To:To:Subject:From:Cc:Content-ID:
Content-Description:Resent-Date:Resent-From:Resent-
Sender:Resent-To:Resent-Cc
:Resent-Message-ID:In-Reply-To:References:List-Owner;
bh=jDxrwQr0jmM9xViPdGyM4bH+/6rwqwLFUVYvxTlafm8=;
b=u8TyeCVecKwnVNP0kCePP0Pnct
XmAtx/ijufED+WEE6l444ssMce/LGKCBwpEcIN/3vBoK6dkCkh3JmivH0aA9HrZyrcelF
o27GFKbV
1sZYQQDokwaGP4YHL4iEx0Si5AY8JCBkFgFh1BKIXUvlYq2M0CYpEO4nYcc5hUNIpArs=;
Received: from [::1] (port=42021 helo=lax203.hawkhost.com)
by lax203.hawkhost.com with esmtp (Exim 4.87)
(envelope-from )
id 1bCAc7-000pSR-SI; Sun, 12 Jun 2016 12:00:03 -0700
From: nome-announce-requ...@nomekennelclub.com
Subject: Nome-announce Digest, Vol 50, Issue 29
To: nome-annou...@nomekennelclub.com
Reply-To: nome-annou...@nomekennelclub.com
Date: Sun, 12 Jun 2016 12:00:01 -0700
Message-ID: <
mailman.1.1465758001.197313.nome-announce_nomekennelclub@nomekennelclub.com
>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-BeenThere: nome-annou...@nomekennelclub.com
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: 
List-Unsubscribe: <
http://nomekennelclub.com/mailman/options/nome-announce_nomekennelclub.com>,

List-Archive: <
http://nomekennelclub.com/mailman/private/nome-announce_nomekennelclub.com/>
List-Post: 
List-Help: 
List-Subscribe: <
http://nomekennelclub.com/mailman/listinfo/nome-announce_nomekennelclub.com
>,

Errors-To: nome-announce-boun...@nomekennelclub.com
Sender: "Nome-announce" 

X-Report-Abuse-To: s...@se001.arandomserver.com
X-Originating-IP: 198.252.106.68
X-SpamExperts-Domain: lax203.hawkhost.com
X-SpamExperts-Username: relay
Authentication-Results: arandomserver.com; auth=pass (login) smtp.auth=
re...@lax203.hawkhost.com
X-SpamExperts-Outgoing-Class: ham
X-SpamExperts-Outgoing-Evidence: SB/global_tokens (0.000514464687739)
X-Recommended-Action: accept
Return-Path: nome-announce-boun...@nomekennelclub.com
X-OriginalArrivalTime: 12 Jun 2016 19:00:15.0312 (UTC)

Re: [Mailman-Users] moderator page behind nginx with SSL

[Christopher A Puchalski]

I think it has to do the 'DEFAULT_URL_PATTERN' setting as discussed here:

https://wiki.list.org/DOC/4.27%20Securing%20Mailman%27s%20web%20GUI%20by%20using%20Secure%20HTTP-SSL

Not sure you are having the same problem that I did at one point but this
was causing the moderation page to not work in my case until I adjusted to
DEFAULT_URL_PATTERN = 'https://%s/mailman/', Prior to that setting I
remember a similar error and the bigger issue was anything I did in
moderation just didn't have a real effect. I would  select to delete or
allow and either way nothing would change. After that fix the moderation
page just worked.

Good luck.


Christopher Puchalski



From:   John Griessen 
To: mailman-users@python.org
Date:   06/17/2016 08:04 AM
Subject:[Mailman-Users] moderator page behind nginx with SSL
Sent by:"Mailman-Users" 



The rest of mailman version 2.1.22
is working fine with SSL and some rewriting by nginx and yet
https://cibolo.us/mailman/admindb/open_electroporator  gives a message
"will be sent over an insecure connection" when I seta button to discard
and then do
the submit all data button.

Is there a way to use SSL here?

Or... will I need to disable SSL for this page to get that submit to work?
--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives:
http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe:
https://mail.python.org/mailman/options/mailman-users/chris.puchalski%40raytheon.com

--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

[Mailman-Users] moderator page behind nginx with SSL

[John Griessen]

The rest of mailman version 2.1.22
is working fine with SSL and some rewriting by nginx and yet
https://cibolo.us/mailman/admindb/open_electroporator  gives a message
"will be sent over an insecure connection" when I seta button to discard and 
then do
the submit all data button.

Is there a way to use SSL here?

Or... will I need to disable SSL for this page to get that submit to work?
--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org