[Mailman-Developers] Fixing DMARC problems with .invalid munge
Stephen J. Turnbull
stephen at xemacs.org
Tue May 6 08:23:09 CEST 2014
John R Levine writes:
> > > One advantage of this hack is that you can just turn it off when
> > > you don't need it, much easier than the stuff that puts the list
> > > address in the From: line which affects everyone.
> >
> > You're wrong on both counts. In Mailman 2.1.18, "From" munging is
> > equally easy to turn off -- two clicks on an admin page.
>
> You're missing the point.
No, I just know that "From" munging in Mailman[1] is designed to avoid
the problem you're talking about. See below.
> If you configure a list to put the list's address in the From:
> line, users have to change they way they work for all mail from the
> list,
It won't be "all mail" in the great majority of cases, I believe, as
the preferred (perhaps eventually default) configuration will be
dmarc_moderation_action = wrap_message (or mung_from).
> and if you change it back, the users have to change again.
I suspect you misunderstand both the results of your experiment and
how "wrap_message" and "mung_from" actually work. That is, the reason
you've had no complaints from your users about ".invalid" is that they
very rarely reply to author anyway. From your description of the
lists you serve I would expect that users rarely feel a need for a
personal reply (as opposed to a public reply directed to a person). I
could be wrong, but how do you get data to show I'm wrong?
In any case, here are the reply-to-author algorithms for each form of
>From munging:
.invalid in From, non-Reply-To munging list:
1a. Hit "r" (or click button labeled "Reply"), as usual.
2a. Mark and delete ".invalid", different from pre-DMARC.
3a. Compose and send message, as usual.
.invalid in From, Reply-To munging list:
1b. Hit "r" (or click button labeled "Reply"), bs usual.
2b1. Mark author address except ".invalid", different.
2b2. Copy it.
2b3. Delete or mark list-post.
2b4. Paste author address.
3b. Compose and send message, as usual.
list-post in From, author in Reply-To (non-Reply-To-munging):
1c. Hit "r" (or click button labeled "Reply"), as usual.
2c. No-op, as usual.
3c. Compose and send message, as usual.
list-post in From, author and list-post in Reply-To:
1d. Hit "r" (or click button labeled "Reply"), as usual.
2d. Mark and delete <list-post>, as usual for Reply-To-munging
lists which add author to Reply-To. In GMail this is
actually easier than marking, as you can click on a
delete-address button.
3d. Compose and send message, as usual.
There is one case that may be different, which is a "replace Reply-To
with list-post" Reply-To-munging list, where IIUC the user's identity
will be in the display name as "A. User via list-post" but her address
may not be. If so, I think the answer is "Don't do that" if the list-
owner cares about reply-to-author, or perhaps Mailman's treatment can
be improved. Note that the ugly display name in "From" should never
be automatically used by a "reply" function, because "Reply-To" will
always be present, and that overrides "From". I believe that all
major MUAs conform.
A similar analysis can be done for reply-to-list, with I believe
similar results (the dog wants to be walked, gotta go).
I see no real difference between 2a and 2d, and I doubt users will be
particularly unhappy with switching from 2b to 2d. It's true that
users will have to learn to trust that author is indeed in reply-to
(most MUAs don't display it), but I think they will, quite quickly.
For wrap_message, there is *no change at all* once you're actually
reading the message, but you probably have to take some action to read
the encapsulated message.
Footnotes:
[1] At least, is intended to work. Mailman 2.1.16 and 2.1.17 had
some problems but I believe 2.1.18 now works as intended.
More information about the Mailman-Developers
mailing list