Re: How to implement something close to, but not quite an "announcement-only" mailing list?
On 4/15/17 3:53 PM, Phil Stracchino wrote: On 04/15/17 15:40, James B. Byrne wrote: On Sat, April 15, 2017 08:01, Kevin A. McGrail wrote: The current version of Majordomo is 1.94.5, released 19 January 2000.[4] [...] Mailman is still under active development. It was updated to accommodate the 2015 DMARC fiasco. It also has a web based management interface and built-in archiving tool. These features make Mailman somewhat more convenient for list managers who may not themselves be sysadmins. Off topic though it is, I'd concur with this. If you're starting out from scratch, Mailman is the obvious choice. Majordomo still works as well as it ever did, but honestly that is almost damning it with faint praise. It's a 25-year-old piece of software that hasn't been updated in 17 years, and during those 17 years the world it has to exist in has changed enormously. Majordomo doesn't support current standards and, realistically, it is never likely to. Save yourself the pain. Also, Mailman comes with specific instructions for integrating it with Postfix, out of the box. If you're looking for a majordomo replacement, don't forget to look at Sympa - the other major open source list manager floating around. It's supported by a consortium of French universities, and is aimed at larger organizations (universities) with lots of users and lots of lists. It's had a DMARC patch since about 3 weeks after DMARC hit. It's a bit trickier to configure & administer than Mailman, but also has more features - so it's a tradeoff. Miles Fidelman -- In theory, there is no difference between theory and practice. In practice, there is. Yogi Berra
Re: More Email Sent than "status=sent" in MailLog
Greg Sims: > Hi There, > > We recently moved from RHEL 6/Postfix to CentOS 7/Postfix. I see a change > in the maillog that I need help understanding. > > We are using mailman to manage three lists totaling 21K subscribers. Each > email is sent using VERP so that the Sender and Errors-to headers are > unique -- containing an encoded version of the email address that the > email is being sent to. This helps with bounce process and the like. The > >From header is the same for all of the emails sent and the To header is > unique. > > On the RHEL 6 system, when I count the number of "status=sent" strings in > the maillog, the number is the same as the number of emails sent. On the > CentOS 7 system the number of "status=sent" is about 25% of the number of > emails sent. > > Can anyone help me understand this change in behavior? > > Here is the command I am using to view the 4/15 emails in the maillog: > > cat /var/log/maillog.processed /var/log/maillog | grep status=sent | grep > 'Apr 15' | wc >4783 85852 1221343 > > You can see 4,783 "status=sent" entries on Apr 15 with over 21K emails sent > (and verified with DMARC aggregation). Perhaps system-effing-d is throttling the logs? Reportedly, it does throttles logs before handing things off to things like rsyslogd. Wietse
More Email Sent than "status=sent" in MailLog
Hi There, We recently moved from RHEL 6/Postfix to CentOS 7/Postfix. I see a change in the maillog that I need help understanding. We are using mailman to manage three lists totaling 21K subscribers. Each email is sent using VERP so that the Sender and Errors-to headers are unique -- containing an encoded version of the email address that the email is being sent to. This helps with bounce process and the like. The >From header is the same for all of the emails sent and the To header is unique. On the RHEL 6 system, when I count the number of "status=sent" strings in the maillog, the number is the same as the number of emails sent. On the CentOS 7 system the number of "status=sent" is about 25% of the number of emails sent. Can anyone help me understand this change in behavior? Here is the command I am using to view the 4/15 emails in the maillog: cat /var/log/maillog.processed /var/log/maillog | grep status=sent | grep 'Apr 15' | wc 4783 85852 1221343 You can see 4,783 "status=sent" entries on Apr 15 with over 21K emails sent (and verified with DMARC aggregation). Thanks, Greg
Re: How to implement something close to, but not quite an "announcement-only" mailing list?
On 04/15/17 15:40, James B. Byrne wrote: > On Sat, April 15, 2017 08:01, Kevin A. McGrail wrote: > The current version of Majordomo is 1.94.5, released 19 January 2000.[4] [...] > Mailman is still under active development. It was updated to > accommodate the 2015 DMARC fiasco. It also has a web based management > interface and built-in archiving tool. These features make Mailman > somewhat more convenient for list managers who may not themselves be > sysadmins. Off topic though it is, I'd concur with this. If you're starting out from scratch, Mailman is the obvious choice. Majordomo still works as well as it ever did, but honestly that is almost damning it with faint praise. It's a 25-year-old piece of software that hasn't been updated in 17 years, and during those 17 years the world it has to exist in has changed enormously. Majordomo doesn't support current standards and, realistically, it is never likely to. Save yourself the pain. Also, Mailman comes with specific instructions for integrating it with Postfix, out of the box. -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485
Re: How to implement something close to, but not quite an "announcement-only" mailing list?
On Sat, April 15, 2017 08:01, Kevin A. McGrail wrote: > On 4/14/2017 10:19 PM, Ramon F Herrera wrote: >> On 4/14/2017 8:41 PM, Kevin A. McGrail wrote: >>> On 4/14/2017 9:35 PM, Ramon F Herrera wrote: I guess this would be more descriptive and succinct: A "members-only PLUS disguising of all e-mail addresses contained in the headers" mailing list. >>> I didn't follow all your logic in the previous email but overall >>> you'll likely need something like *mailman or majordomo* plus >>> something like MIMEDefang in front of it to achieve your needs. >> >> This begs the question, to all the readers: Given those 2 >> requirements, and my lack of time to learn/compare Majordomo vs. >> mailman, which one would you use? . . . > I use Mailman and it works. Of course, I'm an advisor to Virtru along > with John Viega, Mailman's original author. So in solidarity with him, > I'm going to completely malign majordomo and say that it's horrible! > :-) More seriously, both are great, both work well and I use lists > every day using both. Lot comparing a Honda Civic to a Toyota Camry. > They both just work and get you from point A to B with little grief or > comfort. > > Regards, > KAM > >From wikipedia: The current version of Majordomo is 1.94.5, released 19 January 2000.[4] The official website warns that it will not work with Perl versions 5.001 and 5.005_01 specifically. It recommends to use Perl 4.036 or the latest version available. Support for Perl 4.036 may not be kept for the future.[5] >From me: We ran many mailing lists from the mid 1990's to the mid 2000's with Majordomo. It worked well then and I infer from its continued employment here that it still does. However, it has not been worked on in a considerable time and the world for which it was constructed no longer exists. Shortly before we switched to Mailman a Majordomo 2 project started up and this is still active. You can find the source for MJ2 at http://ftp.mj2.org/pub/mj2/snapshots/ For the few mailing lists that we still host we switched to Mailman around 2005. This was mainly due to the fact that at the time it shipped with RHEL and RHEL was what we were using. RHEL still includes Mailman as far as I know. Mailman is still under active development. It was updated to accommodate the 2015 DMARC fiasco. It also has a web based management interface and built-in archiving tool. These features make Mailman somewhat more convenient for list managers who may not themselves be sysadmins. Regards, -- *** e-Mail is NOT a SECURE channel *** Do NOT transmit sensitive data via e-Mail Do NOT open attachments nor follow links sent by e-Mail James B. Byrnemailto:byrn...@harte-lyne.ca Harte & Lyne Limited http://www.harte-lyne.ca 9 Brockley Drive vox: +1 905 561 1241 Hamilton, Ontario fax: +1 905 561 0757 Canada L8E 3C3
Do you know an FOSS email system for kids?
Hello, in the last months, I have been searching for an email system with some features to make it better for kids, even for younger ages, and also their parents. We need a few features to guarantee some security to free messaging among known friends, but some supervision for unknown addresses. Last January, I started a thread in Linux Questions about this. No clear solution was given until now. Now I am thinking about making something, since there seems to be no ready to use FOSS system. Maybe I can somehow setup Postfix to do this? Maybe I can use Postfix with some simple extra programs? You tell me, please! I never set up Postfix. Articles, books or any other material to read, if they can be useful, are very welcome. I already have the official Postfix book. Setting up this system with no root access in a Debian server (many more people use it) is welcome, although a few root actions just to set something up may not be a problem. My first post in the thread I mentioned is: == I am trying to find an email system (that preferably work with any email account) for kids. The features I am looking for are (possibly): - messages can be sent to any email account - answers must only be read after the contact is added and the supervisor confirmed its safety - or each message from strange accounts can be marked as safe without adding the sender to the contact; process repeated for each message - messages from contacts are received faster, do not need to be previously read by supervisor account - a copy of all messages can be read by the supervisor account at anytime, even after they are erased within the safe account I found a few paid services with similar features (tocomail, zilladog, kidsafemail, zoobuh, emailforkids.org). But none have interfaces in other languages but English. Such a system (or program) is not that hard to develop. Do you know any FOSS (free and open-source software) such system? Or some practical alternative method to achieve this safety? == A few comments and thoughts were made in that thread. You may want to read that, but I won't copy everything here, it may not be necessary or may be offtopic to this list. The thread "Do you know an FOSS email system for kids?" in Linux Questions is: https://www.linuxquestions.org/questions/linux-server-73/do-you-know-an-foss-email-system-for-kids-4175597944/ I am waiting for your comments. Thank you (:
Re: exclude a host(s) and allow it without authentication
On 2017-04-15 13:29:37 (+0100), lejeczekwrote: I'm fiddling with settings but thought, someone already must know - how to achieve above, if possible at all? Simply add it to $mynetworks and add ``permit_mynetworks`` to the relevant ``smtpd_{foo}_restrictions``? Philip -- Philip Paeps Senior Reality Engineer Ministry of Information
exclude a host(s) and allow it without authentication
hi everyone I'm fiddling with settings but thought, someone already must know - how to achieve above, if possible at all? many thanks, L.
Re: How to implement something close to, but not quite an "announcement-only" mailing list?
On 4/14/2017 10:19 PM, Ramon F Herrera wrote: On 4/14/2017 8:41 PM, Kevin A. McGrail wrote: On 4/14/2017 9:35 PM, Ramon F Herrera wrote: I guess this would be more descriptive and succinct: A "members-only PLUS disguising of all e-mail addresses contained in the headers" mailing list. I didn't follow all your logic in the previous email but overall you'll likely need something like *mailman or majordomo* plus something like MIMEDefang in front of it to achieve your needs. This begs the question, to all the readers: Given those 2 requirements, and my lack of time to learn/compare Majordomo vs. mailman, which one would you use? Attached is the discussed scrap we use in MIMEDefang that we mangle emails before they get to our mailing list. It maintains the same GPL the original MIMEDefang-filter is produced under. I didn't include every sub, etc. as I expect it's not all relevant except to kick off your thinking. I use MIMEDefang with Postfix and it's a very good solution. I monitor the MD list as well if you have questions and use it. I use Mailman and it works. Of course, I'm an advisor to Virtru along with John Viega, Mailman's original author. So in solidarity with him, I'm going to completely malign majordomo and say that it's horrible! :-) More seriously, both are great, both work well and I use lists every day using both. Lot comparing a Honda Civic to a Toyota Camry. They both just work and get you from point A to B with little grief or comfort. Regards, KAM # This program may be distributed under the terms of the GNU General # Public License, Version 2, or (at your option) any later version. #*** # # Copyright (C) 2017 PCCC #*** #get domain name from an email address sub get_domain_from_email { my ($domain) = @_; #REMOVE ANY LEADING/TRAILING <>'s $domain =~ s/(^<|>$)//g; #REMOVE ANY LEADING/TRAILING SPACE'S $domain =~ s/^ *//g; $domain =~ s/ *$//g; #REMOVE EVERYTHING UP TO THE @ SYMBOL $domain =~ s/.*\@//g; return $domain; } foreach $recip (@Recipients) { # BLOCK IF FROM YAHOO (AND OTHERS) BECAUSE THEY SET DMARC TOO STRICTLY # http://www.pcworld.com/article/2141120/yahoo-email-antispoofing-policy-breaks-mailing-lists.html # REWRITE THE FROM HEADER AND OTHER FIELDS PER RECOMMENDATION HERE: http://dmarc.org/faq.html#s_3 # If Sender is set to DMARC reject and recipient is a mailing list - NOTE Yahoo.com and AOL.com reject as of 4/23 if (($recip =~ m/\@mailman\./i or $recip =~ m/\@lists\./i) and # exclude the admnistrivia addresses like admin confirm, join, leave, etc. ($recip !~ /\-(admin|bounces|confirm|join|leave|owner|request|subscribe|unsubscribe)(\+.*)?\@/i) ) { my ($container, $parser, $original, $report2, $dmarc_reject_notice, $daemon_sender, $dmarc_result, $sender_domain, $modification_subject, $pretty_sender); # Automatically check DMARC DNS entry $sender_domain = _domain_from_email($Sender); # DNS test for DMARC entry with timeout of 5 seconds $dmarc_result = _dmarc(domain=>$sender_domain, timeout=>5); if ($dmarc_result =~ /p=(reject|quarantine)/i) { # NOTIFY SENDER AND REWRITE THE SENDER TO A DO-NOT-REPLY ADDRESS md_syslog('warning', "Modifying message to mailing list due to DMARC - $recip - $Sender - $Subject"); $dmarc_reject_notice = "Your email to $recip was modified to prevent your email address on mailing lists from being incorrectly flagged as a forgery. In order to permit your email through to the mailing list, we have rewritten the From address to a do-not-reply address. Depending on the list configuration, you may not receive replies and will need to monitor the list. Additionally, this may delay your email as it will require manual intervention by the list moderator to approve. We apologize for the inconvenience but the cause of the issue rests squarely with spammers who have forced email providers to implement anti-forgery technologies that impact mailing lists heavily. Sincerely, Kevin A. McGrail President, PCCC"; #CUSTOMIZE NOTIFICATION PARAMS $daemon_sender = 'do-not-re...@daemon.pccc.com'; $modification_subject = _to_mime("Important Mailing List Notification re:[". _to_utf8($Subject) ."]"); #SEND NOTIFICATION action_notify_sender_immediately(Sender=>$Sender, DaemonName=>'PCCC Raptor Notice', DaemonAddress=>$daemon_sender, NotifySenderSubject=>$modification_subject, body=>$dmarc_reject_notice); #TEMPORARILY REMOVE MAILING LIST #delete_recipient($recip); - NO LONGER NEEDED WITH REWRITE OF FROM #CHANGE SENDER ON ENVELOPE change_sender($daemon_sender); #CHANGE SENDER ON FROM