[Mailman-Developers] Extracting some Mailman code

Stephen J. Turnbull turnbull.stephen.fw at u.tsukuba.ac.jp
Mon Oct 16 23:38:26 EDT 2017 

I gather you have completed your program already, but I had this in
the works and it might be useful for people doing similar things.

Lindsay Haisley writes:

 > Is there any reason to pull in a more recent MM 2 and use the DMARC
 > detection code therein? Speed is important here since this is simply a
 > turnaround on a single email, not dependent on any list variables. I'm
 > reluctant to burden every redirection turnaround with an HTTP
 > look-up.

You may want to consider improving performance by caching DNS results
by domain.  This should be reasonable space as long as you do this
check after spam elimination.  If expiries are fixed you will need to
have a reasonably short expiry on negative (p=none) results (fails
nasty -- bounces from receivers), but could have a pretty long one on
positive results.  You could also get the actual TTL out of the DNS
reply for more accurate expiry.

Of course the effectiveness of caching depends heavily on the actual
pattern of mail received at the domains in question.

You don't need to burden each redirection with an HTTP lookup.
There's only one publicsuffix list, which you can download
occasionally.  I would guess once a day would be more than enough and
no burden at all; you could even do it asynchronously in a cron job.

 > if from_domain publishes bad DMARC:
 >     if Reply-To does not exist:
 >         copy From header to Reply-To
 >     Replace From with "On behalf of old_From" <postmaster at fmp.com>
 > Feed headers and body to Courier's sendmail clone
 > 
 > My take on it is that this should work OK.

I think you should consider adding an else to the inner if:

    else:
        append From to Reply-To

as Mailman does.  Otherwise the user has to copy/paste the address if
they really want to reply to the author rather than the Reply-To for
some reason, and it may not be present at all if you follow Mark's
advice to not copy it to the display name in From.

I'm with Mark on everything else.  I don't think the probability you
need to deal with organizational domains is that high, but the costs
are potentially high (collateral damage = disabled or unsubscribed
users).

More information about the Mailman-Developers mailing list