Re: [nmh-workers] FSF is changing Mailman list settings unless you opt out (fwd)
Philipp wrote: >> %-16(putstrf{List-Id}) >> >> to my scan arguments, and it's close, but not yet what I want. >> Ideally, I just want what's in <> of the List-Id:, and I'd be happy with the >> first 16 characters only. But I can't see a way to get that. So I'd settle >> for the last 16 bytes of the entire header, but I can't get that either. > You could just use: > %(addr{list-id}) > I know list-id isn't realy an address, but it works. Cool. I was figuring that there must be something that deals with addresses like this. It works exactly as I want. -- ] Never tell me the odds! | ipv6 mesh networks [ ] Michael Richardson, Sandelman Software Works|IoT architect [ ] m...@sandelman.ca http://www.sandelman.ca/| ruby on rails[ signature.asc Description: PGP signature -- nmh-workers https://lists.nongnu.org/mailman/listinfo/nmh-workers
Re: [nmh-workers] FSF is changing Mailman list settings unless you opt out (fwd)
>You could just use: > >%(addr{list-id}) Very clever! --Ken -- nmh-workers https://lists.nongnu.org/mailman/listinfo/nmh-workers
Re: [nmh-workers] FSF is changing Mailman list settings unless you opt out (fwd)
[2019-09-29 18:16] Michael Richardson > So I've added: > >%-16(putstrf{List-Id}) > > to my scan arguments, and it's close, but not yet what I want. > Ideally, I just want what's in <> of the List-Id:, and I'd be happy with the > first 16 characters only. But I can't see a way to get that. So I'd settle > for the last 16 bytes of the entire header, but I can't get that either. You could just use: %(addr{list-id}) I know list-id isn't realy an address, but it works. Philipp -- nmh-workers https://lists.nongnu.org/mailman/listinfo/nmh-workers
Re: [nmh-workers] FSF is changing Mailman list settings unless you opt out (fwd)
Ken Hornstein wrote: >> to my scan arguments, and it's close, but not yet what I want. >> Ideally, I just want what's in <> of the List-Id:, and I'd be happy with the >> first 16 characters only. But I can't see a way to get that. So I'd settle >> for the last 16 bytes of the entire header, but I can't get that either. > Hmmm. I just looked at regcomp()/regexec(), and it sure seems pretty easy > to make a format function that could do a regular expression substitution > on the str register. Like ... > %(void{list-id})%(regsub /<\([^.]+\)/[\1]/) > Would do what you want, I'd think. I can't promise that would appear soon > but it at least it doesn't seem hard. yes, I think it would work. if there was something to treat the header as From/To:-like (while not insisting on presence of @) and just pull out whatever was in <>, if there was something, that might actually work better, as if there is no "<", then it would just return the string that was there. -- ] Never tell me the odds! | ipv6 mesh networks [ ] Michael Richardson, Sandelman Software Works|IoT architect [ ] m...@sandelman.ca http://www.sandelman.ca/| ruby on rails[ signature.asc Description: PGP signature -- nmh-workers https://lists.nongnu.org/mailman/listinfo/nmh-workers
Re: [nmh-workers] FSF is changing Mailman list settings unless you opt out (fwd)
>to my scan arguments, and it's close, but not yet what I want. >Ideally, I just want what's in <> of the List-Id:, and I'd be happy with the >first 16 characters only. But I can't see a way to get that. So I'd settle >for the last 16 bytes of the entire header, but I can't get that either. Hmmm. I just looked at regcomp()/regexec(), and it sure seems pretty easy to make a format function that could do a regular expression substitution on the str register. Like ... %(void{list-id})%(regsub /<\([^.]+\)/[\1]/) Would do what you want, I'd think. I can't promise that would appear soon but it at least it doesn't seem hard. --Ken -- nmh-workers https://lists.nongnu.org/mailman/listinfo/nmh-workers
Re: [nmh-workers] FSF is changing Mailman list settings unless you opt out (fwd)
Michael Richardson wrote: >> Sigh. I KNEW you were going to say that, but ... certainly you SOMEHOW >> managed to live without this feature UP UNTIL NOW. I have given you a >> solution that works for the upcoming changes to THIS mailing list. You >> can expand on it as you need. It's not perfect, but what is? > Yes, I've lived with lists that put [foobar] in them up to now. > It's almost more of a mh-e issue. > nmh-workers isn't the only list that will stop molesting the signed content. > (Not sure if :-) or :-( is appropriate here) So I've added: %-16(putstrf{List-Id}) to my scan arguments, and it's close, but not yet what I want. Ideally, I just want what's in <> of the List-Id:, and I'd be happy with the first 16 characters only. But I can't see a way to get that. So I'd settle for the last 16 bytes of the entire header, but I can't get that either. What I have is better than before though :-) -- ] Never tell me the odds! | ipv6 mesh networks [ ] Michael Richardson, Sandelman Software Works|IoT architect [ ] m...@sandelman.ca http://www.sandelman.ca/| ruby on rails[ signature.asc Description: PGP signature -- nmh-workers https://lists.nongnu.org/mailman/listinfo/nmh-workers
Re: [nmh-workers] FSF is changing Mailman list settings unless you opt out (fwd)
Date:Fri, 27 Sep 2019 13:35:25 -0400 From:Ken Hornstein Message-ID: <20190927173529.e363896...@pb-smtp20.pobox.com> | I am assuming that we are fine with | the "don't modify the message" setting for this mailing list It is certainly fine with me, I have never really likes lists that insist on advertising themselves in the Subject header. Whatever you do though, don't do Munge-From, that is truly evil. kre -- nmh-workers https://lists.nongnu.org/mailman/listinfo/nmh-workers
Re: [nmh-workers] FSF is changing Mailman list settings unless you opt out (fwd)
Ken Hornstein wrote: >> yes, but that's too specific. I'd like it generically for all lists :-) > Sigh. I KNEW you were going to say that, but ... certainly you SOMEHOW > managed to live without this feature UP UNTIL NOW. I have given you a > solution that works for the upcoming changes to THIS mailing list. You > can expand on it as you need. It's not perfect, but what is? Yes, I've lived with lists that put [foobar] in them up to now. It's almost more of a mh-e issue. nmh-workers isn't the only list that will stop molesting the signed content. (Not sure if :-) or :-( is appropriate here) -- ] Never tell me the odds! | ipv6 mesh networks [ ] Michael Richardson, Sandelman Software Works|IoT architect [ ] m...@sandelman.ca http://www.sandelman.ca/| ruby on rails[ -- nmh-workers https://lists.nongnu.org/mailman/listinfo/nmh-workers
Re: [nmh-workers] FSF is changing Mailman list settings unless you opt out (fwd)
>yes, but that's too specific. I'd like it generically for all lists :-) Sigh. I KNEW you were going to say that, but ... certainly you SOMEHOW managed to live without this feature UP UNTIL NOW. I have given you a solution that works for the upcoming changes to THIS mailing list. You can expand on it as you need. It's not perfect, but what is? --Ken -- nmh-workers https://lists.nongnu.org/mailman/listinfo/nmh-workers
Re: [nmh-workers] FSF is changing Mailman list settings unless you opt out (fwd)
Ken Hornstein wrote: > The key is this line: > %<{list-id}%<(match nmh-workers)[nmh-workers] %>%>\ > What that means is: > If the list-id header is set, AND it contains the string nmh-workers, > then output the string "[nmh-workers] ". You might find that > objectionable yes, but that's too specific. I'd like it generically for all lists :-) > if the current subject string contains [nmh-workers], but fixing that is > left as an exercise to the reader. Remember that fmttest exists now and > is your friend. Right. Thank you. -- ] Never tell me the odds! | ipv6 mesh networks [ ] Michael Richardson, Sandelman Software Works|IoT architect [ ] m...@sandelman.ca http://www.sandelman.ca/| ruby on rails[ -- nmh-workers https://lists.nongnu.org/mailman/listinfo/nmh-workers
Re: [nmh-workers] FSF is changing Mailman list settings unless you opt out (fwd)
>> I won't mind if the Subject stops being mangled (I use the >> list-post header for filtering). I also won't mind if the body >> stops being mangled > >I do, so let me ask: > >can I get List-Id easily inserted into scan output in a way that will >make mh-e happy? Given the current format language lacks string manipulation, it's a bit hard to do it generically. But ... I use scan.size, which is currently: %4(msg)%<(cur)+%| %>%<{replied}-%?{encrypted}E%| %>\ %02(mon{date})/%02(mday{date})%<{date} %|*%>\ %5(size) \ %<(mymbox{from})%<{to}To:%14(unquote(decode(friendly{to})))%>%>\ %<(zero)%17(unquote(decode(friendly{from})))%> \ %(decode{subject})%<{body}<<%{body}%> This does close to what you want: %4(msg)%<(cur)+%| %>%<{replied}-%?{encrypted}E%| %>\ %02(mon{date})/%02(mday{date})%<{date} %|*%>\ %5(size) \ %<(mymbox{from})%<{to}To:%14(unquote(decode(friendly{to})))%>%>\ %<(zero)%17(unquote(decode(friendly{from})))%> \ %<{list-id}%<(match nmh-workers)[nmh-workers] %>%>\ %(decode{subject})%<{body}<<%{body}%> The key is this line: %<{list-id}%<(match nmh-workers)[nmh-workers] %>%>\ What that means is: If the list-id header is set, AND it contains the string nmh-workers, then output the string "[nmh-workers] ". You might find that objectionable if the current subject string contains [nmh-workers], but fixing that is left as an exercise to the reader. Remember that fmttest exists now and is your friend. --Ken -- nmh-workers https://lists.nongnu.org/mailman/listinfo/nmh-workers
Re: [nmh-workers] FSF is changing Mailman list settings unless you opt out (fwd)
>But that makes me wonder a bit: how much does that cost? Everyone. Can we NOT TALK ON THE GODDAMN NMH MAILING LIST about HOW MUCH YOU HAVE TO PAY TO RUN YOUR OWN MAIL SERVER to WORK AROUND DMARC FILTERING. Please? --Ken -- nmh-workers https://lists.nongnu.org/mailman/listinfo/nmh-workers
Re: [nmh-workers] FSF is changing Mailman list settings unless you opt out (fwd)
>these e-mail filtering techniques ought to be applied to the envelope >and to the Sender: header, not to From:. nothing we can do about that? Sigh. I hate to wade into this, but ... I understand where people are coming from. Current MUAs don't display the Sender: by default (and I suspect other than nmh, most cannot), and essentially MUAs don't have access to the SMTP envelope address in any standardized way. So dumb humans are assuming that the "From" header is actually meaningful. Getting back to the ORIGINAL point ... I am assuming that we are fine with the "don't modify the message" setting for this mailing list (other than Michael Richardson, no one has voiced an objection). --Ken -- nmh-workers https://lists.nongnu.org/mailman/listinfo/nmh-workers
Re: [nmh-workers] FSF is changing Mailman list settings unless you opt out (fwd)
hymie! wrote in <20190927142152.ga21...@alfred.local.net>: |On Fri, Sep 27, 2019 at 02:54:14AM -0700, Paul Vixie wrote: |> Ken Hornstein wrote on 2019-09-26 09:36: |>> I received this email, and I wanted to pass it along. The executive |>> summary is: in the near future subject lines to nmh-workers will no |>> longer be prefixed with "[nmh-workers]" and there won't be a footer |>> at the end of the message anyone saying that this is the nmh-workers |>> mailing list. |> |> yahoo is way off the reservation with this. they aren't growing fast \ |> enough |> for me to care which of their users can't join mailing lists i operate \ |> -- so |> my first mover advantage dominates the outcome. | |Unfortunately, Yahoo isn't the only culrpit. More and more servers are |honoring DMARC. I, for example, keep my email on my own server at home, |but because my ISP blocks port 25, I have to hire a third party to |receive and re-send my email for me, both incoming and outgoing. I'm |(mostly) at their mercy for things like spam filters and DMARC, and |(at least right now) I'm not in a position to find a new company |if I decide I'm not crazy about their policies. | |I appreciate your opinion, but remember to look at it from the other |side -- what is the point of a mailing list if you're the only person |left who can access it? But that makes me wonder a bit: how much does that cost? Isn't it cheaper to rent the smallest possible vserver, and simply mirror the local server, then adjust one line of configuration, or two? --steffen | |Der Kragenbaer,The moon bear, |der holt sich munter he cheerfully and one by one |einen nach dem anderen runter wa.ks himself off |(By Robert Gernhardt) -- nmh-workers https://lists.nongnu.org/mailman/listinfo/nmh-workers
Re: [nmh-workers] FSF is changing Mailman list settings unless you opt out (fwd)
Paul Vixie wrote in <2b52ccf2-a559-9b70-869c-68da37fee...@redbarn.org>: |Ken Hornstein wrote on 2019-09-26 09:36: |> Everyone, |> |> I received this email, and I wanted to pass it along. The executive |> summary is: in the near future subject lines to nmh-workers will no |> longer be prefixed with "[nmh-workers]" and there won't be a footer |> at the end of the message anyone saying that this is the nmh-workers |> mailing list. You can read the details in the message for the complete |> technical reasons why this is happening; the other option is to do |> what is called "Munge From" and I personally think this is 100x worse |> (I am on a Yahoo mailing list where this is done and I hate it). If |> people think we should switch to "Munge From" for this mailing list, |> then please make your case here. |> |> --Ken | |yahoo is way off the reservation with this. they aren't growing fast |enough for me to care which of their users can't join mailing lists i |operate -- so my first mover advantage dominates the outcome. | |anyone who wants me to change a protocol or a norm so that more of the |internet can be centralized by monetizers can go pound sand. (same for |EDNS client subnet.) YEAH. Guess that was what i was trying to say. --steffen | |Der Kragenbaer,The moon bear, |der holt sich munter he cheerfully and one by one |einen nach dem anderen runter wa.ks himself off |(By Robert Gernhardt) -- nmh-workers https://lists.nongnu.org/mailman/listinfo/nmh-workers
Re: [nmh-workers] FSF is changing Mailman list settings unless you opt out (fwd)
Ken Hornstein wrote in <20190926231658.6947788...@pb-smtp20.pobox.com>: |>And it is entirely unrelated to this thread of course. | |I mean, at least we're in agreement there :-/ And I'm not even sure |WHY you care about what version of TLS that eggs.gnu.org supports, since |it is handling messages for public mailing lists. That is a rabbit starter. You know, if it would be me then TLS would not be needed at all. That entire complex bores me to paralysis. But there are bad people, everywhere, so this stacks up from and to governments from and to industry and even from and to science. Maybe that is why people then enlighten their ripped backsides by publishing their (maybe) deep(est) inside on some public maybe social media, including photos. I don't know. |>I personally feel sad because of the direction all this goes to. | |Sigh. Well, if you want to just scream at the void, ok ... I can |understand that (I wish you wouldn't scream on nmh-workers, personally). |But ... DKIM/SPF/DMARC all exist because of spam. While I don't agree Hm. |with Yahoo's solution and if we had to do it all over we'd deal with |things very differently, I understand and can sympathize with the |decisions they have made. Oh. I can go up the wall on occasions, really. That is certainly true. I cannot, absolutely not. Maybe they should have invented or reused the MIME types which exist for signed and encrypted data instead. (I know of two, S/MIME and OpenPGP.) ... --End of <20190926231658.6947788...@pb-smtp20.pobox.com> Valdis Klētnieks wrote in <73912.1569546833@turing-police>: |On Thu, 26 Sep 2019 12:36:41 -0400, Ken Hornstein said: |> I received this email, and I wanted to pass it along. The executive |> summary is: in the near future subject lines to nmh-workers will no |> longer be prefixed with "[nmh-workers]" and there won't be a footer |> at the end of the message anyone saying that this is the nmh-workers | |OK by me., my procmailrc already uses '*^(To:|cc:).*nmh-workers@nongnu.org' |so it won't bother my set-up. I for one archive this list among others in a box called "track". It is nice to see what is what from a glance, like, e.g., Re: [art] Auto-configuring Email Clients via WebFinger Re: [Resolverless-dns] Paper on Resolver-less DNS Since many discussions or topics actually spread several lists, not only on IETF but everywhere, it is nice to see them altogether (at least in date sorted mode). For example in a heritage site something comes up and reminds someone of something else, which then leads to a thread in a different heritage side. I store those in one box, and then you get the brainwaves a bit. And at a glance. I like this. ... --End of <73912.1569546833@turing-police> Andy Bradford wrote in <20190926210904.82686.qmail@angmar.bradfordfamily\ .org>: |Thus said Ken Hornstein on Thu, 26 Sep 2019 12:36:41 -0400: |> You can read the details in the message for the complete technical |> reasons why this is happening; the other option is to do what is |> called "Munge From" and I personally think this is 100x worse (I am on |> a Yahoo mailing list where this is done and I hate it). | |I won't mind if the Subject stops being mangled (I use the list-post |header for filtering). I also won't mind if the body stops being mangled |with additional MIME parts; the same information is already available in |the list-(un)?subscribe headers) and I'm of the opinion that list |control mechanisms belong in headers. Besides, how often does someone |accidentally get subscribed to a mailing list anymore? I agree with the headers, and i do not inject footers in the ML myself. That has much to do with that i am or was subscribed to MLs where, if MIME mails come in, the ML software was not smart enough to inject the footer in the text part, but simply added a MIME part with nothing but the footer, and that was an outcome that i really disliked. (Have not seen that behaviour in a while, consciously at least.) |I don't think however, that "Munge From" sounds like a good idea. Yeah. ... --End of <20190926210904.82686.qm...@angmar.bradfordfamily.org> Ralph Corderoy wrote in <20190927085932.d3b581f...@orac.inputplus.co.uk>: |> the other option is to do what is called "Munge From" | |That's one other option. | |Note, nmh-workers has been configured with |dmarc_moderation_action="Munge From" for ages and no one here has |grumbled. It typically only munges Froms from Yahoo! I expect the |other two nmh lists match this as I went through all their options on |becoming list admin. | |Another option supported by this Mailman is, in the Yahoo! case, to | |Wrap Message |Just wrap the message in an outer message with the From: header |containing the list's posting address and with the original |From: address added to the addresses in the original Reply-To: |header and with Content-Type:
Re: [nmh-workers] FSF is changing Mailman list settings unless you opt out (fwd)
hymie! wrote on 2019-09-27 07:21:> Unfortunately, Yahoo isn't the only culrpit. More and more servers are honoring DMARC. yes, i know. I, for example, keep my email on my own server at home, but because my ISP blocks port 25, I have to hire a third party to receive and re-send my email for me, both incoming and outgoing. I'm (mostly) at their mercy for things like spam filters and DMARC, and (at least right now) I'm not in a position to find a new company if I decide I'm not crazy about their policies. i see what you mean. i think i would rent a VPS before i would put my e-mail server behind an ISP who filters anything at all, but that's privilege speaking. I appreciate your opinion, but remember to look at it from the other side -- what is the point of a mailing list if you're the only person left who can access it? these e-mail filtering techniques ought to be applied to the envelope and to the Sender: header, not to From:. nothing we can do about that? -- P Vixie -- nmh-workers https://lists.nongnu.org/mailman/listinfo/nmh-workers
Re: [nmh-workers] FSF is changing Mailman list settings unless you opt out (fwd)
Ken Hornstein wrote: > I received this email, and I wanted to pass it along. The executive > summary is: in the near future subject lines to nmh-workers will no > longer be prefixed with "[nmh-workers]" and there won't be a footer > at the end of the message anyone saying that this is the nmh-workers > mailing list. This is one of several choice. This choice preserves the DKIM signature on the headers and body. > You can read the details in the message for the complete > technical reasons why this is happening; the other option is to do > what is called "Munge From" and I personally think this is 100x worse > (I am on a Yahoo mailing list where this is done and I hate it). If > people think we should switch to "Munge From" for this mailing list, > then please make your case here. There is also the option to encapsulate. Having tried all three, I relunctantly say that the Munge From is the least annoying. -- ] Never tell me the odds! | ipv6 mesh networks [ ] Michael Richardson, Sandelman Software Works|IoT architect [ ] m...@sandelman.ca http://www.sandelman.ca/| ruby on rails[ signature.asc Description: PGP signature -- nmh-workers https://lists.nongnu.org/mailman/listinfo/nmh-workers
Re: [nmh-workers] FSF is changing Mailman list settings unless you opt out (fwd)
Andy Bradford wrote: > I won't mind if the Subject stops being mangled (I use the list-post > header for filtering). I also won't mind if the body stops being > mangled I do, so let me ask: can I get List-Id easily inserted into scan output in a way that will make mh-e happy? -- ] Never tell me the odds! | ipv6 mesh networks [ ] Michael Richardson, Sandelman Software Works|IoT architect [ ] m...@sandelman.ca http://www.sandelman.ca/| ruby on rails[ -- nmh-workers https://lists.nongnu.org/mailman/listinfo/nmh-workers
Re: [nmh-workers] FSF is changing Mailman list settings unless you opt out (fwd)
On Fri, Sep 27, 2019 at 02:54:14AM -0700, Paul Vixie wrote: > > Ken Hornstein wrote on 2019-09-26 09:36: > > Everyone, > > > > I received this email, and I wanted to pass it along. The executive > > summary is: in the near future subject lines to nmh-workers will no > > longer be prefixed with "[nmh-workers]" and there won't be a footer > > at the end of the message anyone saying that this is the nmh-workers > > mailing list. > > > > --Ken > > yahoo is way off the reservation with this. they aren't growing fast enough > for me to care which of their users can't join mailing lists i operate -- so > my first mover advantage dominates the outcome. > > -- > P Vixie Unfortunately, Yahoo isn't the only culrpit. More and more servers are honoring DMARC. I, for example, keep my email on my own server at home, but because my ISP blocks port 25, I have to hire a third party to receive and re-send my email for me, both incoming and outgoing. I'm (mostly) at their mercy for things like spam filters and DMARC, and (at least right now) I'm not in a position to find a new company if I decide I'm not crazy about their policies. I appreciate your opinion, but remember to look at it from the other side -- what is the point of a mailing list if you're the only person left who can access it? --hymie! http://lactose.homelinux.net/~hymiehy...@lactose.homelinux.net -- nmh-workers https://lists.nongnu.org/mailman/listinfo/nmh-workers
Re: [nmh-workers] FSF is changing Mailman list settings unless you opt out (fwd)
Ken Hornstein wrote on 2019-09-26 09:36: Everyone, I received this email, and I wanted to pass it along. The executive summary is: in the near future subject lines to nmh-workers will no longer be prefixed with "[nmh-workers]" and there won't be a footer at the end of the message anyone saying that this is the nmh-workers mailing list. You can read the details in the message for the complete technical reasons why this is happening; the other option is to do what is called "Munge From" and I personally think this is 100x worse (I am on a Yahoo mailing list where this is done and I hate it). If people think we should switch to "Munge From" for this mailing list, then please make your case here. --Ken yahoo is way off the reservation with this. they aren't growing fast enough for me to care which of their users can't join mailing lists i operate -- so my first mover advantage dominates the outcome. anyone who wants me to change a protocol or a norm so that more of the internet can be centralized by monetizers can go pound sand. (same for EDNS client subnet.) -- P Vixie -- nmh-workers https://lists.nongnu.org/mailman/listinfo/nmh-workers
Re: [nmh-workers] FSF is changing Mailman list settings unless you opt out (fwd)
Hi Ken, > the other option is to do what is called "Munge From" That's one other option. Note, nmh-workers has been configured with dmarc_moderation_action="Munge From" for ages and no one here has grumbled. It typically only munges Froms from Yahoo! I expect the other two nmh lists match this as I went through all their options on becoming list admin. Another option supported by this Mailman is, in the Yahoo! case, to Wrap Message Just wrap the message in an outer message with the From: header containing the list's posting address and with the original From: address added to the addresses in the original Reply-To: header and with Content-Type: message/rfc822. This is effectively a one message MIME format digest. but that installs a Reply-To that doesn't include the list. -- Cheers, Ralph. -- nmh-workers https://lists.nongnu.org/mailman/listinfo/nmh-workers
Re: [nmh-workers] FSF is changing Mailman list settings unless you opt out (fwd)
Thus said Ken Hornstein on Thu, 26 Sep 2019 12:36:41 -0400: > You can read the details in the message for the complete technical > reasons why this is happening; the other option is to do what is > called "Munge From" and I personally think this is 100x worse (I am on > a Yahoo mailing list where this is done and I hate it). I won't mind if the Subject stops being mangled (I use the list-post header for filtering). I also won't mind if the body stops being mangled with additional MIME parts; the same information is already available in the list-(un)?subscribe headers) and I'm of the opinion that list control mechanisms belong in headers. Besides, how often does someone accidentally get subscribed to a mailing list anymore? I don't think however, that "Munge From" sounds like a good idea. Thanks, Andy -- TAI64 timestamp: 40005d8d7d75 -- nmh-workers https://lists.nongnu.org/mailman/listinfo/nmh-workers
Re: [nmh-workers] FSF is changing Mailman list settings unless you opt out (fwd)
On Thu, 26 Sep 2019 12:36:41 -0400, Ken Hornstein said: > I received this email, and I wanted to pass it along. The executive > summary is: in the near future subject lines to nmh-workers will no > longer be prefixed with "[nmh-workers]" and there won't be a footer > at the end of the message anyone saying that this is the nmh-workers OK by me., my procmailrc already uses '*^(To:|cc:).*nmh-workers@nongnu.org' so it won't bother my set-up. > mailing list. You can read the details in the message for the complete > technical reasons why this is happening; the other option is to do > what is called "Munge From" and I personally think this is 100x worse Amen to that. Listserv also adopted a Munge-from solution, and the users rioted. In particular, the users whose From: got munged were incensed, because it makes 'reply from' very ugly and sometimes non-functional. (For the backstory of why this matters - if a Yahoo user (as opposed to a random non-Yahoo-using yahoo) sends a mail to a list, and the list modifies the Subject: line, then when it gets to the final recipient, their MTA looks at it, sees that Yahoo specifies very strict DMARC, which got borked by the change of the Subject: line. If the recipient MTA does DMARC checking on receipt, it potentially generates either a 5xx error inline or a bounce message that eventually get back to Mailman/Listserv/ whatever list management software. The end result is that if enough Yahoo users post to a list in a short time period, then you have a flurry of *NON*-Yahoo users being mysteriously unsubscribed from the list for no really immediately obvious reason. pgpKnrl8BOnkQ.pgp Description: PGP signature -- nmh-workers https://lists.nongnu.org/mailman/listinfo/nmh-workers
Re: [nmh-workers] FSF is changing Mailman list settings unless you opt out (fwd)
>And it is entirely unrelated to this thread of course. I mean, at least we're in agreement there :-/ And I'm not even sure WHY you care about what version of TLS that eggs.gnu.org supports, since it is handling messages for public mailing lists. >I personally feel sad because of the direction all this goes to. Sigh. Well, if you want to just scream at the void, ok ... I can understand that (I wish you wouldn't scream on nmh-workers, personally). But ... DKIM/SPF/DMARC all exist because of spam. While I don't agree with Yahoo's solution and if we had to do it all over we'd deal with things very differently, I understand and can sympathize with the decisions they have made. --Ken -- nmh-workers https://lists.nongnu.org/mailman/listinfo/nmh-workers
Re: [nmh-workers] FSF is changing Mailman list settings unless you opt out (fwd)
Ken Hornstein wrote in <20190926174635.3b44384...@pb-smtp20.pobox.com>: |>Yuck. As a purely rhetorical note, do they have a plan to upgrade |>from the TLS 1.0 they use. (And i hope this does not qualify as |>sexual harassment. It is not! I eat at home, like the Beatles.) | |I ... do not know about the TLS 1.0 issues, nor do I see how it's relevant |to this discussion. I am sorry, i was in galop and you had to suffer the consequences. It was also not meant to address you as "you", it is just that i always hit "r" and if there is no reply-to: or mail-followup-to: then the list is not the sole receiver. I am not a cryptographer therefore i also do not know about TLS 1.0 issues, except .. that diediedie IETF draft, that the money changers deprecated it to June 2018 at latest, and that the big companies deprecate it (and the different/newer 1.1) in .. spring (?) next year. And that i really would like to slim my vserver ssl/tls conf. (eggs.gnu.org is the _only_ mail service that i know that uses TLS1.0:DHE_RSA_AES_256_CBC_SHA1; i accidentally stumbled over this a few months ago, when looking into my archives.) And it is entirely unrelated to this thread of course. I personally feel sad because of the direction all this goes to. That From: rewriting is just sick, it makes me sick. Thank you. RFC 4871 on DKIM says at least A common practice among systems that are primarily redistributors of mail is to add a Sender header field to the message, to identify the address being used to sign the message. This practice will remove any preexisting Sender header field as required by [RFC2822]. The forwarder applies a new DKIM-Signature header field with the signature, public key, and related information of the forwarder. whereas the Yahoo! only RFC 7489 says It has been suggested in several message authentication efforts that the Sender header field be checked for an identifier of interest, as the standards indicate this as the proper way to indicate a re-mailing of content such as through a mailing list. 1. The main user protection approach is to be concerned with what the user sees when a message is rendered. There is no consistent behavior among MUAs regarding what to do with the content of the Sender field, if present. Accordingly, supporting checking of the end user might never actually see, which can create a vector for attack against end users by simply forging a Sender field containing some identifier that DMARC will like. For the MUA i maintain they at least can when they want. What the is that? People are too stupid to get this additional field right (look who they are voting!), so lets just not even consider this. This goes in line with the web browser community, they also do not get it right and do not show TLS status, content blocking, Unicode related lookalike thingies, or any such stuff. No, not me, Yahoo!, this is too exhausting, and i do not have any control over it!! 2. Although it is certainly true that this is what the Sender field is for, its use in this way is also unreliable, making it a poor candidate for inclusion in the DMARC evaluation algorithm. They break a field already present in RFC 822 from 1982. That is certainly true. They should just have followed the RFCs and maybe adjusted From: to also include the list address, then resign it (maybe), moving the original author to Sender:. Maybe. But hey the job is done, maybe they got a bonus. Sounds bitter. Baeh. Good night from Germany. --steffen | |Der Kragenbaer,The moon bear, |der holt sich munter he cheerfully and one by one |einen nach dem anderen runter wa.ks himself off |(By Robert Gernhardt) -- nmh-workers https://lists.nongnu.org/mailman/listinfo/nmh-workers
Re: [nmh-workers] FSF is changing Mailman list settings unless you opt out (fwd)
>Yuck. As a purely rhetorical note, do they have a plan to upgrade >from the TLS 1.0 they use. (And i hope this does not qualify as >sexual harassment. It is not! I eat at home, like the Beatles.) I ... do not know about the TLS 1.0 issues, nor do I see how it's relevant to this discussion. --Ken -- nmh-workers https://lists.nongnu.org/mailman/listinfo/nmh-workers
Re: [nmh-workers] FSF is changing Mailman list settings unless you opt out (fwd)
Ken Hornstein wrote in <20190926163645.c801a82...@pb-smtp20.pobox.com>: |Everyone, | |I received this email, and I wanted to pass it along. The executive |summary is: in the near future subject lines to nmh-workers will no |longer be prefixed with "[nmh-workers]" and there won't be a footer |at the end of the message anyone saying that this is the nmh-workers |mailing list. You can read the details in the message for the complete |technical reasons why this is happening; the other option is to do |what is called "Munge From" and I personally think this is 100x worse |(I am on a Yahoo mailing list where this is done and I hate it). If |people think we should switch to "Munge From" for this mailing list, |then please make your case here. Yuck. As a purely rhetorical note, do they have a plan to upgrade from the TLS 1.0 they use. (And i hope this does not qualify as sexual harassment. It is not! I eat at home, like the Beatles.) --steffen | |Der Kragenbaer,The moon bear, |der holt sich munter he cheerfully and one by one |einen nach dem anderen runter wa.ks himself off |(By Robert Gernhardt) -- nmh-workers https://lists.nongnu.org/mailman/listinfo/nmh-workers