[Mailman-Developers] dkim and email list software - potential solution

2009-10-07 Thread Daniel Black
Folks, Please excuse the massive cross post and reply to the dkim-dev list if possible and it is of collective interest to many email list software implementers. I've put together a paper on DKIM that I've just put out for review. It is available here[1] if anyone would like to review it. Feed

[Mailman-Developers] dkim and email list software - potential solution

2009-10-07 Thread Daniel Black
I proposed some ideas around DKIM compatibility with mail lists and tried to send here too. Obviously the anti-cross-post feature on mailman- develop...@python.org is working well (which on some levels I appreciate). As leading maillist product I'm keep to know your opinion. This has obviously

Re: [Mailman-Developers] [dkim-dev] dkim and email list software - potential solution

2009-10-07 Thread Dave CROCKER
wow. more than 16 hours and no one has posted anything. Daniel Black wrote: 2. The author's email infrastructure DKIM signs the email message and publishes a ADSP dkim record saying 'I sign all messages for this domain' 3. The message is received by the email list I'm going to respond witho

[Mailman-Developers] Script to change a member's password

2009-10-07 Thread Marc Juul
Hello. I'm running mailman 2.1.11 and i wrote a script to change a user's password, but it doesn't change anything and i can't seem to find the problem. My other "withlist" scripts work fine. I'm using: mlist.setMemberPassword(member, password) and then mlist.Save() called using "withlist

Re: [Mailman-Developers] [dkim-dev] dkim and email list software - potential solution

2009-10-07 Thread Douglas Otis
On 9/29/09 12:10 PM, Dave CROCKER wrote: wow. more than 16 hours and no one has posted anything. There are no good solutions. This feature was intended to cause messages with their signatures damaged or missing to not end up in someone's mailbox. Any domain making an ADSP discard assertion

Re: [Mailman-Developers] dkim and email list software - potential solution

2009-10-07 Thread Ian Eiloart
As far as I recall, Mailman removes DKIM signatures, and re-signs messages. You're saying that with ADSP, that's not adequate unless Mailman first rewrites the "From:" address. Some lists are configured to do this already, the question is what to do about those that don't. Dave Crocker suggest

Re: [Mailman-Developers] dkim and email list software - potential solution

2009-10-07 Thread Ian Eiloart
--On 8 October 2009 00:21:08 +1100 Daniel Black wrote: You're saying that with ADSP, that's not adequate unless Mailman first rewrites the "From:" address. yes, as its easiest place in the whole signing verification scenario to make a change that benefits the most people without adversely

Re: [Mailman-Developers] dkim and email list software - potential solution

2009-10-07 Thread Ian Eiloart
--On 8 October 2009 00:21:08 +1100 Daniel Black wrote: It seems to me that it's sensible for the list software to test the DKIM signature before and after any changes it makes to the message. You can tell from the mailing list settings if it will break without revalidating it. Same policies

Re: [Mailman-Developers] dkim and email list software - potential solution

2009-10-07 Thread Ian Eiloart
--On 8 October 2009 00:21:08 +1100 Daniel Black wrote: we know the message came from a mailing list, this actually is the hard bit. Options for the recipient verifier are: 1. has a List-ID (or other signature) - must be a mailist. This allows email spoofers just to add List-ID tags or a s

Re: [Mailman-Developers] dkim and email list software - potential solution

2009-10-07 Thread Ian Eiloart
--On 8 October 2009 00:21:08 +1100 Daniel Black wrote: That last paragraph makes the job of reputation assignment harder where mailing lists are concerned - but that's to be expected. The whole point of DKIM, as far as I'm concerned, is to allow more sophisticated assessment and assignment

Re: [Mailman-Developers] Script to change a member's password

2009-10-07 Thread Mark Sapiro
Marc Juul wrote: > >I'm running mailman 2.1.11 and i wrote a script to change a user's >password, but it doesn't change anything and i can't seem to find the >problem. My other "withlist" scripts work fine. > >I'm using: > > mlist.setMemberPassword(member, password) > >and then > > mlist.Save()

[Mailman-Developers] a patch: init script cleanup for LSB compliance

2009-10-07 Thread Daniel Novotny
hello, There's an effort in Fedora to improve all our init scripts for better LSB compliance. Because I'm responsible for mailman package here, I made following changes in the mailman init scripts: * when mailman is unconfigured, `service mailman start' should exit with code 6, not 1. * `try-res

Re: [Mailman-Developers] dkim and email list software - potential solution

2009-10-07 Thread Daniel Black
On Wednesday 07 October 2009 21:00:52 Ian Eiloart wrote: > As far as I recall, Mailman removes DKIM signatures, yes > and re-signs messages. not that I recall though the MTA is free to sign it on the way out and I encourage all list owners to do so. > You're saying that with ADSP, that's not adeq

Re: [Mailman-Developers] a patch: init script cleanup for LSB compliance

2009-10-07 Thread Mark Sapiro
Daniel Novotny wrote: > >There's an effort in Fedora to improve all our init scripts >for better LSB compliance. Because I'm responsible for mailman >package here, I made following changes in the mailman init scripts: The patch you included is against RedHat's already heavily modified mailman-2.1

Re: [Mailman-Developers] dkim and email list software - potential solution

2009-10-07 Thread Stephen J. Turnbull
Daniel Black writes: > > You're saying that with ADSP, that's not adequate unless Mailman > > first rewrites the "From:" address. > yes In that case it is very often a violation of RFC 733 (most familiarly known as RFC 822, also STD 11, whose most recent incarnation is RFC 5322). Surely you