From f at florianfuchs.com Tue Feb 2 17:50:11 2016 From: f at florianfuchs.com (f at florianfuchs.com) Date: Tue, 02 Feb 2016 23:50:11 +0100 Subject: [Mailman-Announce] RELEASED: Postorius 1.0.3 Message-ID: <1659f9af984ce823b2b0c5cbaf9261cc@florianfuchs.com> I'm announcing the release of Postorius 1.0.3. It contains an important security fix[1], so we strongly recommend that all sites running Mailman 3.0 in combination with Postorius update their instances to this version. The easiest way to upgrade is via pip: pip install --upgrade postorius The latest tarball is also available on https://pypi.python.org/pypi/postorius. Florian [1] http://wiki.list.org/SEC/Unauthorized-Domain-Deletion/ From mark at msapiro.net Tue Feb 2 22:29:42 2016 From: mark at msapiro.net (Mark Sapiro) Date: Tue, 2 Feb 2016 19:29:42 -0800 Subject: [Mailman-Announce] Mailman 2.1.21 release Message-ID: <56B17426.6020207@msapiro.net> I am pleased to announce the first release candidate for Mailman 2.1.21. Python 2.4 is the minimum supported, but Python 2.7 is strongly recommended. This release includes a few new features and several bug fixes. See the attached README for details. Associated with these changes are six new and two modified strings in the i18n message catalogs. I strongly encourage anyone with an interest in translations of Mailman to get this release and help with updating the translations for the final 2.1.21 release which is planned for the end of February. This candidate is expected to be quite stable. All the changes since 2.1.20 have been installed in the python.org Mailman as they were developed and are running without known issues. The only reason why this is a candidate and not a final release is to allow time for i18n updates to be in the final. Mailman is free software for managing email mailing lists and e-newsletters. Mailman is used for all the python.org and SourceForge.net mailing lists, as well as at hundreds of other sites. For more information, please see our web site at one of: http://www.list.org http://www.gnu.org/software/mailman http://mailman.sourceforge.net/ http://mirror.list.org/ Mailman 2.1.21rc1 can be downloaded from https://launchpad.net/mailman/2.1/ http://ftp.gnu.org/gnu/mailman/ https://sourceforge.net/projects/mailman/ -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan -------------- next part -------------- 2.1.21rc1 (03-Feb-2016) New Features - There is a new dmarc_none_moderation_action list setting and a DEFAULT_DMARC_NONE_MODERATION_ACTION mm_cfg.py setting to optionally apply Munge From or Wrap Message actions to posts From: domains that publish DMARC p=none. The intent is to eliminate failure reports to the domain owner for messages that would be munged or wrapped if the domain published a stronger DMARC policy. See the descriptions in Defaults.py, the web UI and the bug report for more. (LP: #1539384) - Thanks to Jim Popovitch there is now a feature to automatically turn on moderation for a malicious list member who attempts to flood a list with spam. See the details for the Privacy options ... -> Sender filters -> member_verbosity_threshold and member_verbosity_interval settings in the web admin UI and the documentation in Defaults.py for the DEFAULT_MEMBER_VERBOSITY_* and VERBOSE_CLEAN_LIMIT settings for information. - bin/list_members now has options to display all moderated or all non-moderated members. - There is now a mm_cfg.py setting GLOBAL_BAN_LIST which is like the individual list's ban_list but applies globally to all subscribe requests. See the description in Defaults.py for more details. i18n - Several Galician templates that were improperly encoded as iso-8859-1 have been fixed. (LP: #1532504) - The German translation has been updated by Mirian Margiani. - The Brazilian Portugese translation has been updated by Emerson Ribeiro de Mello. Bug fixes and other patches - Modified contrib/mmdsr to report held and banned subscriptions and DMARC lookups in their own categories. - Fixed a bug that could create a garbled From: header with certain DMARC mitigation actions. (LP: #1536816) - Treat a poster's address which matches an equivalent_domains address as a list member for the regular_exclude_ignore check. (LP: #1526550) - Fixed an issue that sometimes left no white space following subject_prefix. (LP: #1525954) - Vette log entries for banned subscriptions now include the source of the request if available. (LP: #1525733) - Submitting the user options form for a user who was asynchronously unsubscribed would throw an uncaught NotAMemberError. (LP: #1523273) - It was possible under some circumstances for a message to be shunted after a handler rejected or discarded it, and the handler would be skipped upon unshunting and the message accepted. (LP: #1519062) - Posts gated to usenet will no longer have other than the target group in the Newsgroups: header. (LP: #1512866) - Invalid regexps in *_these_nonmembers, subscribe_auto_approval and ban_list are now logged. (LP: #1507241) - Refactored the GetPattern list method to simplify extending @listname syntax to new attributes in the future. Changed Moderate.py to use the GetPattern method to process the *_these_nonmembers lists. - Changed CookHeaders to default to using space rather than tab as continuation_ws when folding headers. (LP: #1505878) - Fixed the 'pidfile' path in the sample init.d script. (LP: # 1503422) - Subject prefixing could fail to collapse multiple 'Re:' in an incomming message if they all came after the list's subject_prefix. This is now fixed. (LP: #1496620) - Defended against a user submitting URLs with query fragments or POST data containing multiple occurrences of the same variable. (LP: #1496632) - Fixed bin/mailmanctl to check its effective rather than real uid. (LP: #1491187) - Fixed cron/gate_news to catch EOFError on opening the newsgroup. (LP: #1486263) - Fixed a bug where a delayed probe bounce can throw an AttributeError. (LP: #1482940) - If a list is not digestable an the user is not currently set to receive digests, the digest options will not be shown on the user's options page. (LP: #1476298) - Improved identification of remote clients for logging and subscribe form checking in cases where access is via a proxy server. Thanks to Jim Popovitch. Also updated contrib/mmdsr for log change. - Fixed an issue with shunted messages on a list where the charset for the list's preferred_language had been changed from iso-8859-1 to utf-8 without recoding the list's description. (LP: #1462755) - Mailman-Postfix integration will now add mailman at domain entries in data/virtual-mailman for each domain in POSTFIX_STYLE_VIRTUAL_DOMAINS which is a host_name of a list. This is so the addresses which are exposed on admin and listinfo overview pages of virtual domains will be deliverable. (LP: #1459236) - The vette log entry for DMARC policy hits now contains the list name. (LP: #1450826) - If SUBSCRIBE_FORM_SECRET is enabled and a user's network has a load balancer or similar in use the POSTing IP might not exactly match the GETting IP. This is now accounted for by not requiring the last octet (16 bits for ipV6) to match. (LP: #1447445) - DKIM-Signature:, DomainKey-Signature: and Authentication-Results: headers are now removed by default from posts to anonymous lists. (LP: #1444673) - The list admin web UI Mambership List search function often doesn't return correct results for search strings (regexps) that contain non-ascii characters. This is partially fixed. (LP: #1442298) -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 181 bytes Desc: OpenPGP digital signature URL: From mark at msapiro.net Fri Feb 5 01:45:28 2016 From: mark at msapiro.net (Mark Sapiro) Date: Thu, 4 Feb 2016 22:45:28 -0800 Subject: [Mailman-Announce] Mailman 2.1.21 release - IMPORTANT update Message-ID: <56B44508.4020808@msapiro.net> I am pleased to announce the second release candidate for Mailman 2.1.21. This fixes a serious bug in the first release candidate in that the few new list attributes weren't initialized for new lists. 2.1.21rc1 would work with lists migrated from older releases but lists created under that release were unusable. If you installed 2.1.21rc1, you should upgrade to 2.1.21rc2, and if you created new lists under 2.1.21rc1, see the attached fix_list procedure. Python 2.4 is the minimum supported, but Python 2.7 is strongly recommended. This release includes a few new features and several bug fixes. See the attached README for details. Associated with these changes are six new and two modified strings in the i18n message catalogs. I strongly encourage anyone with an interest in translations of Mailman to get this release and help with updating the translations for the final 2.1.21 release which is planned for the end of February. This candidate is expected to be quite stable. All the changes since 2.1.20 have been installed in the python.org Mailman as they were developed and are running without known issues. The only reason why this is a candidate and not a final release is to allow time for i18n updates to be in the final. Mailman is free software for managing email mailing lists and e-newsletters. Mailman is used for all the python.org and SourceForge.net mailing lists, as well as at hundreds of other sites. For more information, please see our web site at one of: http://www.list.org http://www.gnu.org/software/mailman http://mailman.sourceforge.net/ http://mirror.list.org/ Mailman 2.1.21rc2 can be downloaded from https://launchpad.net/mailman/2.1/ http://ftp.gnu.org/gnu/mailman/ https://sourceforge.net/projects/mailman/ -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan -------------- next part -------------- 2.1.21rc2 (05-Feb-2016) New Features - There is a new dmarc_none_moderation_action list setting and a DEFAULT_DMARC_NONE_MODERATION_ACTION mm_cfg.py setting to optionally apply Munge From or Wrap Message actions to posts From: domains that publish DMARC p=none. The intent is to eliminate failure reports to the domain owner for messages that would be munged or wrapped if the domain published a stronger DMARC policy. See the descriptions in Defaults.py, the web UI and the bug report for more. (LP: #1539384) - Thanks to Jim Popovitch there is now a feature to automatically turn on moderation for a malicious list member who attempts to flood a list with spam. See the details for the Privacy options ... -> Sender filters -> member_verbosity_threshold and member_verbosity_interval settings in the web admin UI and the documentation in Defaults.py for the DEFAULT_MEMBER_VERBOSITY_* and VERBOSE_CLEAN_LIMIT settings for information. - bin/list_members now has options to display all moderated or all non-moderated members. - There is now a mm_cfg.py setting GLOBAL_BAN_LIST which is like the individual list's ban_list but applies globally to all subscribe requests. See the description in Defaults.py for more details. i18n - Several Galician templates that were improperly encoded as iso-8859-1 have been fixed. (LP: #1532504) - The German translation has been updated by Mirian Margiani. - The Brazilian Portugese translation has been updated by Emerson Ribeiro de Mello. Bug fixes and other patches - Modified contrib/mmdsr to report held and banned subscriptions and DMARC lookups in their own categories. - Fixed a bug that could create a garbled From: header with certain DMARC mitigation actions. (LP: #1536816) - Treat a poster's address which matches an equivalent_domains address as a list member for the regular_exclude_ignore check. (LP: #1526550) - Fixed an issue that sometimes left no white space following subject_prefix. (LP: #1525954) - Vette log entries for banned subscriptions now include the source of the request if available. (LP: #1525733) - Submitting the user options form for a user who was asynchronously unsubscribed would throw an uncaught NotAMemberError. (LP: #1523273) - It was possible under some circumstances for a message to be shunted after a handler rejected or discarded it, and the handler would be skipped upon unshunting and the message accepted. (LP: #1519062) - Posts gated to usenet will no longer have other than the target group in the Newsgroups: header. (LP: #1512866) - Invalid regexps in *_these_nonmembers, subscribe_auto_approval and ban_list are now logged. (LP: #1507241) - Refactored the GetPattern list method to simplify extending @listname syntax to new attributes in the future. Changed Moderate.py to use the GetPattern method to process the *_these_nonmembers lists. - Changed CookHeaders to default to using space rather than tab as continuation_ws when folding headers. (LP: #1505878) - Fixed the 'pidfile' path in the sample init.d script. (LP: # 1503422) - Subject prefixing could fail to collapse multiple 'Re:' in an incomming message if they all came after the list's subject_prefix. This is now fixed. (LP: #1496620) - Defended against a user submitting URLs with query fragments or POST data containing multiple occurrences of the same variable. (LP: #1496632) - Fixed bin/mailmanctl to check its effective rather than real uid. (LP: #1491187) - Fixed cron/gate_news to catch EOFError on opening the newsgroup. (LP: #1486263) - Fixed a bug where a delayed probe bounce can throw an AttributeError. (LP: #1482940) - If a list is not digestable an the user is not currently set to receive digests, the digest options will not be shown on the user's options page. (LP: #1476298) - Improved identification of remote clients for logging and subscribe form checking in cases where access is via a proxy server. Thanks to Jim Popovitch. Also updated contrib/mmdsr for log change. - Fixed an issue with shunted messages on a list where the charset for the list's preferred_language had been changed from iso-8859-1 to utf-8 without recoding the list's description. (LP: #1462755) - Mailman-Postfix integration will now add mailman at domain entries in data/virtual-mailman for each domain in POSTFIX_STYLE_VIRTUAL_DOMAINS which is a host_name of a list. This is so the addresses which are exposed on admin and listinfo overview pages of virtual domains will be deliverable. (LP: #1459236) - The vette log entry for DMARC policy hits now contains the list name. (LP: #1450826) - If SUBSCRIBE_FORM_SECRET is enabled and a user's network has a load balancer or similar in use the POSTing IP might not exactly match the GETting IP. This is now accounted for by not requiring the last octet (16 bits for ipV6) to match. (LP: #1447445) - DKIM-Signature:, DomainKey-Signature: and Authentication-Results: headers are now removed by default from posts to anonymous lists. (LP: #1444673) - The list admin web UI Mambership List search function often doesn't return correct results for search strings (regexps) that contain non-ascii characters. This is partially fixed. (LP: #1442298) -------------- next part -------------- The following is a transcript of a withlist session that fixes a list without new attributes. It invokes withlist on 'listname' looks at the lists dmarc_none_moderation_action which throws an AttributeError looks at the lists data_version which is 110. sets it to 109. saves and reloads the list. verifies the data_version is now 110 again and dmarc_none_moderation_action exists. Wnlocks the list and exits. msapiro at mail:~/mm$ bin/withlist -l listname Loading list listname (locked) The variable `m' is the listname MailList instance >>> m.dmarc_none_moderation_action Traceback (most recent call last): File "", line 1, in File "/srv/mailman/Mailman/MailList.py", line 147, in __getattr__ raise AttributeError, name AttributeError: dmarc_none_moderation_action >>> m.data_version 110 >>> m.data_version = 109 >>> m.Save() >>> m.data_version 109 >>> m.Load() >>> m.data_version 110 >>> m.dmarc_none_moderation_action False >>> m.Unlock() >>> Finalizing Another way is to run bin/config_list on the list with an input file containing the single line mlist.data_version = 109 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 181 bytes Desc: OpenPGP digital signature URL: From barry at list.org Fri Feb 12 10:11:36 2016 From: barry at list.org (Barry Warsaw) Date: Fri, 12 Feb 2016 10:11:36 -0500 Subject: [Mailman-Announce] ANNOUNCE: Mailman Core 3.0.2 Message-ID: <20160212101136.7a101020@subdivisions.wooz.org> Hello Mailmanatees! I'm happy to announce Mailman Core 3.0.2 which fixes a number of bugs, including most importantly #190, which can affect membership searches. https://gitlab.com/mailman/mailman/milestones/3 More information on version compatibility is available here: http://wiki.list.org/Mailman3 As usual, you can download it from PyPI: https://pypi.python.org/pypi/mailman/3.0.2 view the documentation: http://mailman.readthedocs.org/en/release-3.0/ Enjoy, -Barry (on behalf of the Mailman development team) -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 819 bytes Desc: OpenPGP digital signature URL: From mark at msapiro.net Sun Feb 28 18:20:57 2016 From: mark at msapiro.net (Mark Sapiro) Date: Sun, 28 Feb 2016 15:20:57 -0800 Subject: [Mailman-Announce] Mailman 2.1.21 release - IMPORTANT update Message-ID: <56D380D9.1070808@msapiro.net> This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --j6S4w6u3IBpq2Lhw4NRnht7WOGMvBbU6R Content-Type: multipart/mixed; boundary="------------060207060504090803080503" This is a multi-part message in MIME format. --------------060207060504090803080503 Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable I am pleased to announce the second release candidate for Mailman 2.1.21. This fixes a serious bug in the first release candidate in that the few new list attributes weren't initialized for new lists. 2.1.21rc1 would work with lists migrated from older releases but lists created under that release were unusable. If you installed 2.1.21rc1, you should upgrade to 2.1.21rc2, and if you created new lists under 2.1.21rc1, see the attached fix_list procedure. Python 2.4 is the minimum supported, but Python 2.7 is strongly recommend= ed. This release includes a few new features and several bug fixes. See the attached README for details. Associated with these changes are six new and two modified strings in the i18n message catalogs. I strongly encourage anyone with an interest in translations of Mailman to get this release and help with updating the translations for the final 2.1.21 release which is planned for the end of February. This candidate is expected to be quite stable. All the changes since 2.1.20 have been installed in the python.org Mailman as they were developed and are running without known issues. The only reason why this is a candidate and not a final release is to allow time for i18n updates to be in the final. Mailman is free software for managing email mailing lists and e-newsletters. Mailman is used for all the python.org and SourceForge.net mailing lists, as well as at hundreds of other sites. For more information, please see our web site at one of: http://www.list.org http://www.gnu.org/software/mailman http://mailman.sourceforge.net/ http://mirror.list.org/ Mailman 2.1.21rc2 can be downloaded from https://launchpad.net/mailman/2.1/ http://ftp.gnu.org/gnu/mailman/ https://sourceforge.net/projects/mailman/ --=20 Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan --------------060207060504090803080503 Content-Type: text/plain; charset=UTF-8; name="README" Content-Transfer-Encoding: quoted-printable Content-Disposition: attachment; filename="README" 2.1.21rc2 (05-Feb-2016) New Features - There is a new dmarc_none_moderation_action list setting and a DEFAULT_DMARC_NONE_MODERATION_ACTION mm_cfg.py setting to optionall= y apply Munge From or Wrap Message actions to posts From: domains tha= t publish DMARC p=3Dnone. The intent is to eliminate failure reports= to the domain owner for messages that would be munged or wrapped if th= e domain published a stronger DMARC policy. See the descriptions in Defaults.py, the web UI and the bug report for more. (LP: #1539384= ) - Thanks to Jim Popovitch there is now a feature to automatically tur= n on moderation for a malicious list member who attempts to flood a l= ist with spam. See the details for the Privacy options ... -> Sender filters -> member_verbosity_threshold and member_verbosity_interval= settings in the web admin UI and the documentation in Defaults.py f= or the DEFAULT_MEMBER_VERBOSITY_* and VERBOSE_CLEAN_LIMIT settings for= information. - bin/list_members now has options to display all moderated or all non-moderated members. - There is now a mm_cfg.py setting GLOBAL_BAN_LIST which is like the individual list's ban_list but applies globally to all subscribe requests. See the description in Defaults.py for more details. i18n - Several Galician templates that were improperly encoded as iso-8859= -1 have been fixed. (LP: #1532504) - The German translation has been updated by Mirian Margiani. - The Brazilian Portugese translation has been updated by Emerson Rib= eiro de Mello. Bug fixes and other patches - Modified contrib/mmdsr to report held and banned subscriptions and = DMARC lookups in their own categories. - Fixed a bug that could create a garbled From: header with certain D= MARC mitigation actions. (LP: #1536816) - Treat a poster's address which matches an equivalent_domains addres= s as a list member for the regular_exclude_ignore check. (LP: #1526550)= - Fixed an issue that sometimes left no white space following subject_prefix. (LP: #1525954) - Vette log entries for banned subscriptions now include the source o= f the request if available. (LP: #1525733) - Submitting the user options form for a user who was asynchronously unsubscribed would throw an uncaught NotAMemberError. (LP: #152327= 3) - It was possible under some circumstances for a message to be shunte= d after a handler rejected or discarded it, and the handler would be skipped upon unshunting and the message accepted. (LP: #1519062) - Posts gated to usenet will no longer have other than the target gro= up in the Newsgroups: header. (LP: #1512866) - Invalid regexps in *_these_nonmembers, subscribe_auto_approval and ban_list are now logged. (LP: #1507241) - Refactored the GetPattern list method to simplify extending @listna= me syntax to new attributes in the future. Changed Moderate.py to use= the GetPattern method to process the *_these_nonmembers lists. - Changed CookHeaders to default to using space rather than tab as continuation_ws when folding headers. (LP: #1505878) - Fixed the 'pidfile' path in the sample init.d script. (LP: # 15034= 22) - Subject prefixing could fail to collapse multiple 'Re:' in an incom= ming message if they all came after the list's subject_prefix. This is = now fixed. (LP: #1496620) - Defended against a user submitting URLs with query fragments or POS= T data containing multiple occurrences of the same variable. (LP: #1496632) - Fixed bin/mailmanctl to check its effective rather than real uid. (LP: #1491187) - Fixed cron/gate_news to catch EOFError on opening the newsgroup. (LP: #1486263) - Fixed a bug where a delayed probe bounce can throw an AttributeErro= r. (LP: #1482940) - If a list is not digestable an the user is not currently set to receive digests, the digest options will not be shown on the user's= options page. (LP: #1476298) - Improved identification of remote clients for logging and subscribe= form checking in cases where access is via a proxy server. Thanks = to Jim Popovitch. Also updated contrib/mmdsr for log change. - Fixed an issue with shunted messages on a list where the charset fo= r the list's preferred_language had been changed from iso-8859-1 to utf-8 without recoding the list's description. (LP: #1462755) - Mailman-Postfix integration will now add mailman at domain entries in data/virtual-mailman for each domain in POSTFIX_STYLE_VIRTUAL_DOMAI= NS which is a host_name of a list. This is so the addresses which are= exposed on admin and listinfo overview pages of virtual domains wil= l be deliverable. (LP: #1459236) - The vette log entry for DMARC policy hits now contains the list nam= e. (LP: #1450826) - If SUBSCRIBE_FORM_SECRET is enabled and a user's network has a load= balancer or similar in use the POSTing IP might not exactly match t= he GETting IP. This is now accounted for by not requiring the last octet (16 bits for ipV6) to match. (LP: #1447445) - DKIM-Signature:, DomainKey-Signature: and Authentication-Results: headers are now removed by default from posts to anonymous lists. (LP: #1444673) - The list admin web UI Mambership List search function often doesn't= return correct results for search strings (regexps) that contain non-ascii characters. This is partially fixed. (LP: #1442298) --------------060207060504090803080503 Content-Type: text/plain; charset=UTF-8; name="fix_list" Content-Transfer-Encoding: quoted-printable Content-Disposition: attachment; filename="fix_list" The following is a transcript of a withlist session that fixes a list without new attributes. It invokes withlist on 'listname' looks at the lists dmarc_none_moderation_action which throws an Attribute= Error looks at the lists data_version which is 110. sets it to 109. saves and reloads the list. verifies the data_version is now 110 again and dmarc_none_moderation_acti= on exists. Wnlocks the list and exits. msapiro at mail:~/mm$ bin/withlist -l listname Loading list listname (locked) The variable `m' is the listname MailList instance >>> m.dmarc_none_moderation_action Traceback (most recent call last): File "", line 1, in File "/srv/mailman/Mailman/MailList.py", line 147, in __getattr__ raise AttributeError, name AttributeError: dmarc_none_moderation_action >>> m.data_version 110 >>> m.data_version =3D 109 >>> m.Save() >>> m.data_version 109 >>> m.Load() >>> m.data_version 110 >>> m.dmarc_none_moderation_action False >>> m.Unlock() >>>=20 Finalizing Another way is to run bin/config_list on the list with an input file cont= aining the single line mlist.data_version =3D 109 --------------060207060504090803080503-- --j6S4w6u3IBpq2Lhw4NRnht7WOGMvBbU6R Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iEYEARECAAYFAla0RQgACgkQVVuXXpU7hpOFaQCeMErj6sUikNgEPuMQ/ArRfxGG fi4AoKbzrE+yTSA9NTtS6DVjRFtsGf80 =ovSj -----END PGP SIGNATURE----- --j6S4w6u3IBpq2Lhw4NRnht7WOGMvBbU6R-- -------------- next part -------------- _______________________________________________ Mailman-announce mailing list Mailman-announce at python.org https://mail.python.org/mailman/listinfo/mailman-announce Member address: mark at msapiro.net Unsubscribe: https://mail.python.org/mailman/options/mailman-announce/mark%40msapiro.net From mark at msapiro.net Sun Feb 28 18:32:00 2016 From: mark at msapiro.net (Mark Sapiro) Date: Sun, 28 Feb 2016 15:32:00 -0800 Subject: [Mailman-Announce] Mailman 2.1.21 Final Release Message-ID: <56D38370.6060602@msapiro.net> Please ignore the spurious, fumble fingered post of a few minutes ago. I am pleased to announce the release of Mailman 2.1.21. Python 2.4 is the minimum supported, but Python 2.7 is strongly recommended. This release includes a few new features and several bug fixes. Most of the changes since the second release candidate are i18n updates, but there are a few more bug fixes. See the attached README for details. Mailman is free software for managing email mailing lists and e-newsletters. Mailman is used for all the python.org and SourceForge.net mailing lists, as well as at hundreds of other sites. For more information, please see our web site at one of: http://www.list.org http://www.gnu.org/software/mailman http://mailman.sourceforge.net/ http://mirror.list.org/ Mailman 2.1.21 can be downloaded from https://launchpad.net/mailman/2.1/ http://ftp.gnu.org/gnu/mailman/ https://sourceforge.net/projects/mailman/ -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan -------------- next part -------------- 2.1.21 (28-Feb-2016) New Features - There is a new dmarc_none_moderation_action list setting and a DEFAULT_DMARC_NONE_MODERATION_ACTION mm_cfg.py setting to optionally apply Munge From or Wrap Message actions to posts From: domains that publish DMARC p=none. The intent is to eliminate failure reports to the domain owner for messages that would be munged or wrapped if the domain published a stronger DMARC policy. See the descriptions in Defaults.py, the web UI and the bug report for more. (LP: #1539384) - Thanks to Jim Popovitch there is now a feature to automatically turn on moderation for a malicious list member who attempts to flood a list with spam. See the details for the Privacy options ... -> Sender filters -> member_verbosity_threshold and member_verbosity_interval settings in the web admin UI and the documentation in Defaults.py for the DEFAULT_MEMBER_VERBOSITY_* and VERBOSE_CLEAN_LIMIT settings for information. - bin/list_members now has options to display all moderated or all non-moderated members. - There is now a mm_cfg.py setting GLOBAL_BAN_LIST which is like the individual list's ban_list but applies globally to all subscribe requests. See the description in Defaults.py for more details. i18n - The Japanese translation has been updated by Yasuhito FUTATSUKI. - Also thanks to Miloslav Trmac and Yasuhito FUTATSUKI, the l10n for Mailman's bin/ commands has been fixed to display using the character set of the user's work station even when Mailman's character set for the language is different. Because this has not been tested over a wide set of locales, there is an mm_cfg.py switch DISABLE_COMMAND_LOCALE_CSET to disable it if it causes problems. (LP: #558167) - The Polish translation has been updated by Stefan Plewako. - The German translation has been updated by Mirian Margiani and Bernhard Schmidt. - The Russian translation has been updated by Danil Smirnov. - Several Galician templates that were improperly encoded as iso-8859-1 have been fixed. (LP: #1532504) - The Brazilian Portugese translation has been updated by Emerson Ribeiro de Mello. Bug fixes and other patches - If DMARC lookup fails to find a policy, also try the Organizational Domain. Associated with this is a new mm_cfg.py setting DMARC_ORGANIZATIONAL_DOMAIN_DATA_URL which sets the URL used to retrieve the data for the algorithm that computes the Organizational Domain. See https://publicsuffix.org/list/ for info. (LP: #1549420) - Modified contrib/mmdsr to correctly report No such list names that contain ". - User's "Acknowledge" option will now be honored for posts to anonymous lists. (LP: #1546679) - Fixed a typo in the Non-digest options regular_exclude_ignore description thanks to Yasuhito FUTATSUKI. - DEFAULT_PASS_MIME_TYPES has been changed to accept text/plain sub-parts from message/rfc822 parts and multipart parts other than mixed and alternative and also accept pgp signatures. This only applies to newly created lists and other than pgp signatures, still only accepts text/plain. (LP: #1517446) - Modified contrib/mmdsr to report held and banned subscriptions and DMARC lookups in their own categories. - Fixed a bug that could create a garbled From: header with certain DMARC mitigation actions. (LP: #1536816) - Treat a poster's address which matches an equivalent_domains address as a list member for the regular_exclude_ignore check. (LP: #1526550) - Fixed an issue that sometimes left no white space following subject_prefix. (LP: #1525954) - Vette log entries for banned subscriptions now include the source of the request if available. (LP: #1525733) - Submitting the user options form for a user who was asynchronously unsubscribed would throw an uncaught NotAMemberError. (LP: #1523273) - It was possible under some circumstances for a message to be shunted after a handler rejected or discarded it, and the handler would be skipped upon unshunting and the message accepted. (LP: #1519062) - Posts gated to usenet will no longer have other than the target group in the Newsgroups: header. (LP: #1512866) - Invalid regexps in *_these_nonmembers, subscribe_auto_approval and ban_list are now logged. (LP: #1507241) - Refactored the GetPattern list method to simplify extending @listname syntax to new attributes in the future. Changed Moderate.py to use the GetPattern method to process the *_these_nonmembers lists. - Changed CookHeaders to default to using space rather than tab as continuation_ws when folding headers. (LP: #1505878) - Fixed the 'pidfile' path in the sample init.d script. (LP: # 1503422) - Subject prefixing could fail to collapse multiple 'Re:' in an incomming message if they all came after the list's subject_prefix. This is now fixed. (LP: #1496620) - Defended against a user submitting URLs with query fragments or POST data containing multiple occurrences of the same variable. (LP: #1496632) - Fixed bin/mailmanctl to check its effective rather than real uid. (LP: #1491187) - Fixed cron/gate_news to catch EOFError on opening the newsgroup. (LP: #1486263) - Fixed a bug where a delayed probe bounce can throw an AttributeError. (LP: #1482940) - If a list is not digestable an the user is not currently set to receive digests, the digest options will not be shown on the user's options page. (LP: #1476298) - Improved identification of remote clients for logging and subscribe form checking in cases where access is via a proxy server. Thanks to Jim Popovitch. Also updated contrib/mmdsr for log change. - Fixed an issue with shunted messages on a list where the charset for the list's preferred_language had been changed from iso-8859-1 to utf-8 without recoding the list's description. (LP: #1462755) - Mailman-Postfix integration will now add mailman at domain entries in data/virtual-mailman for each domain in POSTFIX_STYLE_VIRTUAL_DOMAINS which is a host_name of a list. This is so the addresses which are exposed on admin and listinfo overview pages of virtual domains will be deliverable. (LP: #1459236) - The vette log entry for DMARC policy hits now contains the list name. (LP: #1450826) - If SUBSCRIBE_FORM_SECRET is enabled and a user's network has a load balancer or similar in use the POSTing IP might not exactly match the GETting IP. This is now accounted for by not requiring the last octet (16 bits for ipV6) to match. (LP: #1447445) - DKIM-Signature:, DomainKey-Signature: and Authentication-Results: headers are now removed by default from posts to anonymous lists. (LP: #1444673) - The list admin web UI Mambership List search function often doesn't return correct results for search strings (regexps) that contain non-ascii characters. This is partially fixed. (LP: #1442298) -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 181 bytes Desc: OpenPGP digital signature URL: