From 1721746 at bugs.launchpad.net Fri Oct 6 06:38:25 2017 From: 1721746 at bugs.launchpad.net (=?utf-8?q?Ren=C3=A9_Freund?=) Date: Fri, 06 Oct 2017 10:38:25 -0000 Subject: [Bug 1721746] [NEW] [If member-email known] Malformed "From:" header accepted -> anyone can post to list. Message-ID: <150728630514.15315.4208024679531261020.malonedeb@soybean.canonical.com> *** This bug is a security vulnerability *** Private security bug reported: Hello, because we got some spam from outside, but with email-adress of a list- member lately, we found after an investigation that the E-Mail Header From: "memberuseremail@" will be accepted by mailman and posted to the list. So if the spammer knows a valid member-emailadress it is possible to send emails to the list. I don't know if this is fixed already and i have to poke the ubuntu team instead. Versions: Ubuntu 16.04 LTS Mailman Version: 1:2.1.20-1ubuntu0.1 Postfix Version: 3.1.0-3 ** Affects: mailman Importance: Undecided Status: New ** Tags: email sender -- You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman. https://bugs.launchpad.net/bugs/1721746 Title: [If member-email known] Malformed "From:" header accepted -> anyone can post to list. To manage notifications about this bug go to: https://bugs.launchpad.net/mailman/+bug/1721746/+subscriptions From mark at msapiro.net Fri Oct 6 12:23:52 2017 From: mark at msapiro.net (Mark Sapiro) Date: Fri, 06 Oct 2017 16:23:52 -0000 Subject: [Bug 1721746] Re: [If member-email known] Malformed "From:" header accepted -> anyone can post to list. References: <150728630514.15315.4208024679531261020.malonedeb@soybean.canonical.com> Message-ID: <150730703341.15354.17051439562126451061.launchpad@soybean.canonical.com> ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman. https://bugs.launchpad.net/bugs/1721746 Title: [If member-email known] Malformed "From:" header accepted -> anyone can post to list. To manage notifications about this bug go to: https://bugs.launchpad.net/mailman/+bug/1721746/+subscriptions From mark at msapiro.net Fri Oct 6 12:48:03 2017 From: mark at msapiro.net (Mark Sapiro) Date: Fri, 06 Oct 2017 16:48:03 -0000 Subject: [Bug 1721746] Re: [If member-email known] Malformed "From:" header accepted -> anyone can post to list. References: <150728630514.15315.4208024679531261020.malonedeb@soybean.canonical.com> Message-ID: <150730848375.7956.16186283672598286799.malone@wampee.canonical.com> This is not a security issue in Mailman. Yes it is possible to spoof a list member's address in various headers to cause a post to be accepted by a list, but there's nothing Mailman or any list management software can do about that short of moderating all members. Also, see , and the "How to post to the announcement list:" section at . ** Changed in: mailman Status: New => Invalid -- You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman. https://bugs.launchpad.net/bugs/1721746 Title: [If member-email known] Malformed "From:" header accepted -> anyone can post to list. To manage notifications about this bug go to: https://bugs.launchpad.net/mailman/+bug/1721746/+subscriptions From mark at msapiro.net Sat Oct 7 18:23:58 2017 From: mark at msapiro.net (Mark Sapiro) Date: Sat, 07 Oct 2017 22:23:58 -0000 Subject: [Bug 1722013] [NEW] In rare cases, needed DMARC mitigations may not be applied. Message-ID: <150741503889.1322.7498664641489028454.malonedeb@chaenomeles.canonical.com> Public bug reported: If the Mailman server implements DNSSEC, it is possible that a DMARC policy record may not be retrieved because of a DNSSEC issue that may not affect a receiver of the message. Thus, to be safe, lookup failures like these should result in DMARC mitigation being applied. Thanks to Jim Popovitch for the merge request to fix this . ** Affects: mailman Importance: Undecided Status: New -- You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman. https://bugs.launchpad.net/bugs/1722013 Title: In rare cases, needed DMARC mitigations may not be applied. To manage notifications about this bug go to: https://bugs.launchpad.net/mailman/+bug/1722013/+subscriptions From 1722013 at bugs.launchpad.net Sat Oct 7 18:39:59 2017 From: 1722013 at bugs.launchpad.net (Launchpad Bug Tracker) Date: Sat, 07 Oct 2017 22:39:59 -0000 Subject: [Bug 1722013] Re: In rare cases, needed DMARC mitigations may not be applied. References: <150741503889.1322.7498664641489028454.malonedeb@chaenomeles.canonical.com> Message-ID: <150741600110.19439.8433305452362250081.launchpad@ackee.canonical.com> ** Branch linked: lp:mailman/2.1 -- You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman. https://bugs.launchpad.net/bugs/1722013 Title: In rare cases, needed DMARC mitigations may not be applied. To manage notifications about this bug go to: https://bugs.launchpad.net/mailman/+bug/1722013/+subscriptions From mark at msapiro.net Sat Oct 7 18:41:09 2017 From: mark at msapiro.net (Mark Sapiro) Date: Sat, 07 Oct 2017 22:41:09 -0000 Subject: [Bug 1722013] Re: In rare cases, needed DMARC mitigations may not be applied. References: <150741503889.1322.7498664641489028454.malonedeb@chaenomeles.canonical.com> Message-ID: <150741607046.21899.3953068264045181742.launchpad@gac.canonical.com> ** Changed in: mailman Importance: Undecided => Low ** Changed in: mailman Status: New => Fix Committed ** Changed in: mailman Milestone: None => 2.1.25 ** Changed in: mailman Assignee: (unassigned) => Mark Sapiro (msapiro) -- You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman. https://bugs.launchpad.net/bugs/1722013 Title: In rare cases, needed DMARC mitigations may not be applied. To manage notifications about this bug go to: https://bugs.launchpad.net/mailman/+bug/1722013/+subscriptions From 1724561 at bugs.launchpad.net Wed Oct 18 08:39:41 2017 From: 1724561 at bugs.launchpad.net (Peter Mueller) Date: Wed, 18 Oct 2017 12:39:41 -0000 Subject: [Bug 1724561] [NEW] Unable to remove certain lists Message-ID: <150833038165.13612.2809320540446778358.malonedeb@chaenomeles.canonical.com> Public bug reported: Hello, when I try to remove a mailing list by command line or API I get the following error: Removed list: mylist at example.org Traceback (most recent call last): File "/usr/local/mailman/bin/mailman", line 11, in load_entry_point('mailman==3.2.0a1', 'console_scripts', 'mailman')() File "/usr/local/mailman/lib/python3.5/site-packages/mailman/bin/mailman.py", line 97, in main args.func(args) File "/usr/local/mailman/lib/python3.5/site-packages/mailman/database/transaction.py", line 50, in wrapper rtn = function(*args, **kws) File "/usr/local/mailman/lib/python3.5/site-packages/mailman/commands/cli_lists.py", line 278, in process remove_list(mlist) File "/usr/local/mailman/lib/python3.5/site-packages/mailman/app/lifecycle.py", line 120, in remove_list getUtility(IListManager).delete(mlist) File "/usr/local/mailman/lib/python3.5/site-packages/mailman/database/transaction.py", line 85, in wrapper return function(args[0], config.db.store, *args[1:], **kws) File "/usr/local/mailman/lib/python3.5/site-packages/mailman/model/listmanager.py", line 84, in delete notify(ListDeletingEvent(mlist)) File "/usr/local/mailman/lib/python3.5/site-packages/zope/event/__init__.py", line 31, in notify subscriber(event) File "/usr/local/mailman/lib/python3.5/site-packages/mailman/app/moderator.py", line 283, in handle_ListDeletingEvent requestsdb.delete_request(request.id) File "/usr/local/mailman/lib/python3.5/site-packages/mailman/database/transaction.py", line 85, in wrapper return function(args[0], config.db.store, *args[1:], **kws) File "/usr/local/mailman/lib/python3.5/site-packages/mailman/model/requests.py", line 140, in delete_request getUtility(IPendings).confirm(request.data_hash) File "/usr/local/mailman/lib/python3.5/site-packages/mailman/database/transaction.py", line 85, in wrapper return function(args[0], config.db.store, *args[1:], **kws) File "/usr/local/mailman/lib/python3.5/site-packages/mailman/model/pending.py", line 138, in confirm value = json.loads(keyvalue.value) File "/usr/lib64/python3.5/json/__init__.py", line 319, in loads return _default_decoder.decode(s) File "/usr/lib64/python3.5/json/decoder.py", line 339, in decode obj, end = self.raw_decode(s, idx=_w(s, 0).end()) File "/usr/lib64/python3.5/json/decoder.py", line 355, in raw_decode obj, end = self.scan_once(s, idx) json.decoder.JSONDecodeError: Invalid \uXXXX escape: line 1 column 506 (char 505) ** Affects: mailman Importance: Undecided Status: New -- You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman. https://bugs.launchpad.net/bugs/1724561 Title: Unable to remove certain lists To manage notifications about this bug go to: https://bugs.launchpad.net/mailman/+bug/1724561/+subscriptions From 1724561 at bugs.launchpad.net Wed Oct 18 08:46:37 2017 From: 1724561 at bugs.launchpad.net (Peter Mueller) Date: Wed, 18 Oct 2017 12:46:37 -0000 Subject: [Bug 1724561] Re: Unable to remove certain lists References: <150833038165.13612.2809320540446778358.malonedeb@chaenomeles.canonical.com> Message-ID: <150833079741.17171.10637602267477888837.malone@gac.canonical.com> We are using Mailman 3.1 -- You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman. https://bugs.launchpad.net/bugs/1724561 Title: Unable to remove certain lists To manage notifications about this bug go to: https://bugs.launchpad.net/mailman/+bug/1724561/+subscriptions From mark at msapiro.net Wed Oct 18 10:28:56 2017 From: mark at msapiro.net (Mark Sapiro) Date: Wed, 18 Oct 2017 14:28:56 -0000 Subject: [Bug 1724561] Re: Unable to remove certain lists References: <150833038165.13612.2809320540446778358.malonedeb@chaenomeles.canonical.com> Message-ID: <150833693727.738.15228247053294160649.malone@soybean.canonical.com> This tracker is for Mailman 2.1 issues. As it says at https://launchpad.net/mailman Please continue to use Launchpad for all bugs, code, and merge proposals for Mailman 2.1. Please head over to Gitlab at https://gitlab.com/mailman/mailman for all bugs, code, and merge requests for Mailman 3. ** Changed in: mailman Status: New => Invalid -- You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman. https://bugs.launchpad.net/bugs/1724561 Title: Unable to remove certain lists To manage notifications about this bug go to: https://bugs.launchpad.net/mailman/+bug/1724561/+subscriptions From mark at msapiro.net Wed Oct 18 10:48:49 2017 From: mark at msapiro.net (Mark Sapiro) Date: Wed, 18 Oct 2017 14:48:49 -0000 Subject: [Bug 1724561] Re: Unable to remove certain lists References: <150833038165.13612.2809320540446778358.malonedeb@chaenomeles.canonical.com> Message-ID: <150833812954.17136.1705627134438885384.malone@gac.canonical.com> I suspect the issue is that you are using MySQL as the database manager and because of https://gitlab.com/mailman/mailman/issues/385 you have a truncated entry in the 'pending' data. Deleting the list is trying to remove the pending requests for the list and the truncated data is broken in the middle of a '\u' sequence. This throws the exception. You will probably have to manually remove the offending entry from the pendedkeyvalue table. -- You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman. https://bugs.launchpad.net/bugs/1724561 Title: Unable to remove certain lists To manage notifications about this bug go to: https://bugs.launchpad.net/mailman/+bug/1724561/+subscriptions From 1251495 at bugs.launchpad.net Wed Oct 25 10:58:30 2017 From: 1251495 at bugs.launchpad.net (ChristianEhrhardt) Date: Wed, 25 Oct 2017 14:58:30 -0000 Subject: [Bug 1251495] Re: Lists with topics enabled can throw unexpected keyword argument 'Delete' exception. References: <20131115020913.18410.66201.malonedeb@wampee.canonical.com> Message-ID: <150894351076.18032.1006803348561958841.malone@chaenomeles.canonical.com> It feels I'm the only one coming by to clean every now and then - feels bad :-/ The change was revno: 1433 For the sake of any progress I made a ppa with the fix available at [1]. I thought lacking the experience to set it up correctly I can't drive a SRU [2] But actually, this is easy enough just by looking at the code: That should be enough I'd think: $ grep -A 2 'change_header(' Mailman/Handlers/Tagger.py; grep -A 2 def Mailman/Handlers/CookHeaders.py | grep 'change_header(' change_header('X-Topics', NLTAB.join(hits.keys()), mlist, msg, msgdata, Delete=False) def change_header(name, value, mlist, msg, msgdata, delete=True, repl=True): @Mark - if you have not given up on this bug, if you can provide a "steps to reproduce" please feel free to add. [1]: https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/3011 [2]: https://wiki.ubuntu.com/StableReleaseUpdates ** Description changed: - Code added to Tagger.py in 2.1.16 to support the from_is_list Wrap - Message option contained a misspelling. + [Impact] + + * Using Mailman Lists with topics enabled can fail due to a typo + + * Fix is trivial and a backport active in everything >Trusty for quite a + while now + + [Test Case] + + * I beg your pardon for not knowing a "live" case to set up, but I think + it is obvious. With packages installed check the argument "Delete" vs + "delete": + + # grep -A 2 'change_header(' /usr/lib/mailman/Mailman/Handlers/Tagger.py + change_header('X-Topics', NLTAB.join(hits.keys()), + mlist, msg, msgdata, Delete=False) + + # grep -A 2 def /usr/lib/mailman/Mailman/Handlers/CookHeaders.py | grep 'change_header(' + def change_header(name, value, mlist, msg, msgdata, delete=True, repl=True): + + [Regression Potential] + + * It fixes an obvious broken variable access, but nothing else - so I'd + consider it safe. I don't think any code reaching this line ever worked + but if one had a setup awkwardly working while accepting this breakage + he might now get a different behavior. + + [Other Info] + + * embarrassingly old + + --- + + + Code added to Tagger.py in 2.1.16 to support the from_is_list Wrap Message option contained a misspelling. -- You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman. https://bugs.launchpad.net/bugs/1251495 Title: Lists with topics enabled can throw unexpected keyword argument 'Delete' exception. To manage notifications about this bug go to: https://bugs.launchpad.net/mailman/+bug/1251495/+subscriptions From 1251495 at bugs.launchpad.net Wed Oct 25 11:35:40 2017 From: 1251495 at bugs.launchpad.net (Launchpad Bug Tracker) Date: Wed, 25 Oct 2017 15:35:40 -0000 Subject: [Bug 1251495] Re: Lists with topics enabled can throw unexpected keyword argument 'Delete' exception. References: <20131115020913.18410.66201.malonedeb@wampee.canonical.com> Message-ID: <150894574308.13411.7307224789336771789.launchpad@ackee.canonical.com> ** Merge proposal linked: https://code.launchpad.net/~paelzer/ubuntu/+source/mailman/+git/mailman/+merge/332798 -- You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman. https://bugs.launchpad.net/bugs/1251495 Title: Lists with topics enabled can throw unexpected keyword argument 'Delete' exception. To manage notifications about this bug go to: https://bugs.launchpad.net/mailman/+bug/1251495/+subscriptions From 1251495 at bugs.launchpad.net Wed Oct 25 11:36:59 2017 From: 1251495 at bugs.launchpad.net (ChristianEhrhardt) Date: Wed, 25 Oct 2017 15:36:59 -0000 Subject: [Bug 1251495] Re: Lists with topics enabled can throw unexpected keyword argument 'Delete' exception. References: <20131115020913.18410.66201.malonedeb@wampee.canonical.com> Message-ID: <150894582005.17288.293862281532459894.malone@wampee.canonical.com> I think the fix is obvious, but the case a bit special without (me) knowing how to reproduce. So an MP for review comments is up at [1] to gain more confidence before uploading for an SRU. [1]: https://code.launchpad.net/~paelzer/ubuntu/+source/mailman/+git/mailman/+merge/332798 -- You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman. https://bugs.launchpad.net/bugs/1251495 Title: Lists with topics enabled can throw unexpected keyword argument 'Delete' exception. To manage notifications about this bug go to: https://bugs.launchpad.net/mailman/+bug/1251495/+subscriptions From mark at msapiro.net Wed Oct 25 13:11:16 2017 From: mark at msapiro.net (Mark Sapiro) Date: Wed, 25 Oct 2017 17:11:16 -0000 Subject: [Bug 1251495] Re: Lists with topics enabled can throw unexpected keyword argument 'Delete' exception. References: <20131115020913.18410.66201.malonedeb@wampee.canonical.com> Message-ID: <150895147662.17349.10857350341367723307.malone@gac.canonical.com> To reproduce the error you need to enable topics for a list, create a topic and send a post that matches that topic. You can do the enable/create by putting these two lines topics_enabled = 1 topics = [('Match_all', '.', 'Topic matches anything for testing', False)] in a file and running Mailman's bin/config_list like bin/config_list -i path/to/file/with/lines list_name Then, a post to that list should be delivered normally and contain a header 'X-Topics: Match_all', but the bug will cause the post to be shunted. -- You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman. https://bugs.launchpad.net/bugs/1251495 Title: Lists with topics enabled can throw unexpected keyword argument 'Delete' exception. To manage notifications about this bug go to: https://bugs.launchpad.net/mailman/+bug/1251495/+subscriptions From 1251495 at bugs.launchpad.net Thu Oct 26 03:06:42 2017 From: 1251495 at bugs.launchpad.net (ChristianEhrhardt) Date: Thu, 26 Oct 2017 07:06:42 -0000 Subject: [Bug 1251495] Re: Lists with topics enabled can throw unexpected keyword argument 'Delete' exception. References: <20131115020913.18410.66201.malonedeb@wampee.canonical.com> Message-ID: <150900160514.17253.2604761488629077660.launchpad@wampee.canonical.com> ** Description changed: [Impact] - * Using Mailman Lists with topics enabled can fail due to a typo + ?* Using Mailman Lists with topics enabled can fail due to a typo - * Fix is trivial and a backport active in everything >Trusty for quite a - while now + ?* Fix is trivial and a backport active in everything >Trusty for quite a + ???while now [Test Case] - * I beg your pardon for not knowing a "live" case to set up, but I think - it is obvious. With packages installed check the argument "Delete" vs - "delete": - + ?* Code approach as it is rather obvious. With packages installed check + the argument "Delete" vs + ???"delete": # grep -A 2 'change_header(' /usr/lib/mailman/Mailman/Handlers/Tagger.py - change_header('X-Topics', NLTAB.join(hits.keys()), - mlist, msg, msgdata, Delete=False) - + ????????change_header('X-Topics', NLTAB.join(hits.keys()), + ??????????????????????mlist, msg, msgdata, Delete=False) # grep -A 2 def /usr/lib/mailman/Mailman/Handlers/CookHeaders.py | grep 'change_header(' def change_header(name, value, mlist, msg, msgdata, delete=True, repl=True): + * Use-Case approach: + 0. do a basic mailman setup + 1. enable by putting these two lines + topics_enabled = 1 + topics = [('Match_all', '.', 'Topic matches anything for testing', False)] + in a file and running Mailman's bin/config_list like: + $ bin/config_list -i path/to/file/with/lines list_name + 2. Then, a post to that list should be delivered normally and contain + a header 'X-Topics: Match_all', but the bug will cause the post to + be shunted. + X. With the fixed package that no more happens + [Regression Potential] - * It fixes an obvious broken variable access, but nothing else - so I'd - consider it safe. I don't think any code reaching this line ever worked - but if one had a setup awkwardly working while accepting this breakage - he might now get a different behavior. + ?* It fixes an obvious broken variable access, but nothing else - so I'd + ???consider it safe. I don't think any code reaching this line ever worked + ???but if one had a setup awkwardly working while accepting this breakage + ???he might now get a different behavior. [Other Info] - - * embarrassingly old + + ?* embarrassingly old --- - - Code added to Tagger.py in 2.1.16 to support the from_is_list Wrap Message option contained a misspelling. + Code added to Tagger.py in 2.1.16 to support the from_is_list Wrap + Message option contained a misspelling. -- You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman. https://bugs.launchpad.net/bugs/1251495 Title: Lists with topics enabled can throw unexpected keyword argument 'Delete' exception. To manage notifications about this bug go to: https://bugs.launchpad.net/mailman/+bug/1251495/+subscriptions From 1609516 at bugs.launchpad.net Thu Oct 26 13:16:32 2017 From: 1609516 at bugs.launchpad.net (Bug Watch Updater) Date: Thu, 26 Oct 2017 17:16:32 -0000 Subject: [Bug 1609516] Re: [needs-packaging] GNU Mailman v3 References: <20160803182324.17278.47145.malonedeb@chaenomeles.canonical.com> Message-ID: <150903819377.9180.8737012117866302373.launchpad@loganberry.canonical.com> ** Changed in: fedora Status: Unknown => Confirmed ** Changed in: fedora Importance: Unknown => Medium -- You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman. https://bugs.launchpad.net/bugs/1609516 Title: [needs-packaging] GNU Mailman v3 To manage notifications about this bug go to: https://bugs.launchpad.net/mailman/+bug/1609516/+subscriptions From mark at msapiro.net Thu Oct 26 17:23:04 2017 From: mark at msapiro.net (Mark Sapiro) Date: Thu, 26 Oct 2017 21:23:04 -0000 Subject: [Bug 1722013] Re: In rare cases, needed DMARC mitigations may not be applied. References: <150741503889.1322.7498664641489028454.malonedeb@chaenomeles.canonical.com> Message-ID: <150905298628.4619.9349786022351277387.launchpad@chaenomeles.canonical.com> ** Changed in: mailman Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman. https://bugs.launchpad.net/bugs/1722013 Title: In rare cases, needed DMARC mitigations may not be applied. To manage notifications about this bug go to: https://bugs.launchpad.net/mailman/+bug/1722013/+subscriptions From mark at msapiro.net Thu Oct 26 17:21:22 2017 From: mark at msapiro.net (Mark Sapiro) Date: Thu, 26 Oct 2017 21:21:22 -0000 Subject: [Bug 1718962] Re: The default DMARC reject reason contains '%(listowner)s' instead of the actual address. References: <150609352520.30215.3995463568307347328.malonedeb@wampee.canonical.com> Message-ID: <150905288368.4992.801247740590524330.launchpad@chaenomeles.canonical.com> ** Changed in: mailman Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman. https://bugs.launchpad.net/bugs/1718962 Title: The default DMARC reject reason contains '%(listowner)s' instead of the actual address. To manage notifications about this bug go to: https://bugs.launchpad.net/mailman/+bug/1718962/+subscriptions From mark at msapiro.net Thu Oct 26 17:20:58 2017 From: mark at msapiro.net (Mark Sapiro) Date: Thu, 26 Oct 2017 21:20:58 -0000 Subject: [Bug 1708016] Re: Russian translation grammar fixes References: <150162071131.26550.18170742511811931751.malonedeb@chaenomeles.canonical.com> Message-ID: <150905286056.4653.16130073947962311859.launchpad@chaenomeles.canonical.com> ** Changed in: mailman Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman. https://bugs.launchpad.net/bugs/1708016 Title: Russian translation grammar fixes To manage notifications about this bug go to: https://bugs.launchpad.net/mailman/+bug/1708016/+subscriptions From mark at msapiro.net Thu Oct 26 17:22:50 2017 From: mark at msapiro.net (Mark Sapiro) Date: Thu, 26 Oct 2017 21:22:50 -0000 Subject: [Bug 1707447] Re: Roster should not lowercase addresses References: <150136490935.13176.17602161189216759968.malonedeb@soybean.canonical.com> Message-ID: <150905297150.20725.11167685051107416956.launchpad@soybean.canonical.com> ** Changed in: mailman Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman. https://bugs.launchpad.net/bugs/1707447 Title: Roster should not lowercase addresses To manage notifications about this bug go to: https://bugs.launchpad.net/mailman/+bug/1707447/+subscriptions From mark at msapiro.net Thu Oct 26 17:20:44 2017 From: mark at msapiro.net (Mark Sapiro) Date: Thu, 26 Oct 2017 21:20:44 -0000 Subject: [Bug 1705736] Re: The SETGID wrappers should pass only needed evvironment variables. References: <150065355134.6684.13999818607230157219.malonedeb@gac.canonical.com> Message-ID: <150905284599.8592.6606346783962998382.launchpad@wampee.canonical.com> ** Changed in: mailman Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman. https://bugs.launchpad.net/bugs/1705736 Title: The SETGID wrappers should pass only needed evvironment variables. To manage notifications about this bug go to: https://bugs.launchpad.net/mailman/+bug/1705736/+subscriptions From mark at msapiro.net Thu Oct 26 17:22:33 2017 From: mark at msapiro.net (Mark Sapiro) Date: Thu, 26 Oct 2017 21:22:33 -0000 Subject: [Bug 1697097] Re: The admindb held subscriptions listing should include date and list newest. References: <149704273524.19571.2187879244593908054.malonedeb@soybean.canonical.com> Message-ID: <150905295496.5143.12258660671302201850.launchpad@chaenomeles.canonical.com> ** Changed in: mailman Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman. https://bugs.launchpad.net/bugs/1697097 Title: The admindb held subscriptions listing should include date and list newest. To manage notifications about this bug go to: https://bugs.launchpad.net/mailman/+bug/1697097/+subscriptions From mark at msapiro.net Thu Oct 26 17:20:20 2017 From: mark at msapiro.net (Mark Sapiro) Date: Thu, 26 Oct 2017 21:20:20 -0000 Subject: [Bug 1696066] Re: Postfix module - Mailman wrapper - Couldn't write data/aliases.db and data/virtual-mailman.db files References: <149673486419.28883.14597965095773088289.malonedeb@wampee.canonical.com> Message-ID: <150905282218.4565.17878923559891301067.launchpad@gac.canonical.com> ** Changed in: mailman Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman. https://bugs.launchpad.net/bugs/1696066 Title: Postfix module - Mailman wrapper - Couldn't write data/aliases.db and data/virtual-mailman.db files To manage notifications about this bug go to: https://bugs.launchpad.net/mailman/+bug/1696066/+subscriptions From mark at msapiro.net Thu Oct 26 17:22:13 2017 From: mark at msapiro.net (Mark Sapiro) Date: Thu, 26 Oct 2017 21:22:13 -0000 Subject: [Bug 1695667] Re: Various web attacks cause CGI modules to throw uncaught exceptions References: <149652296577.17490.12287481389540698590.malonedeb@chaenomeles.canonical.com> Message-ID: <150905293630.20406.16681262298040521132.launchpad@soybean.canonical.com> ** Changed in: mailman Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman. https://bugs.launchpad.net/bugs/1695667 Title: Various web attacks cause CGI modules to throw uncaught exceptions To manage notifications about this bug go to: https://bugs.launchpad.net/mailman/+bug/1695667/+subscriptions From mark at msapiro.net Thu Oct 26 17:21:57 2017 From: mark at msapiro.net (Mark Sapiro) Date: Thu, 26 Oct 2017 21:21:57 -0000 Subject: [Bug 1695610] Re: Test missing in lists_lists leading to wrong listing when using -V option References: <149649376267.25429.7404416901217304673.malonedeb@soybean.canonical.com> Message-ID: <150905291817.4565.2975031052929875327.launchpad@gac.canonical.com> ** Changed in: mailman Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman. https://bugs.launchpad.net/bugs/1695610 Title: Test missing in lists_lists leading to wrong listing when using -V option To manage notifications about this bug go to: https://bugs.launchpad.net/mailman/+bug/1695610/+subscriptions From mark at msapiro.net Thu Oct 26 17:21:34 2017 From: mark at msapiro.net (Mark Sapiro) Date: Thu, 26 Oct 2017 21:21:34 -0000 Subject: [Bug 1602608] Re: mailman crash for subscription in webinterface References: <20160713101125.14797.9509.malonedeb@soybean.canonical.com> Message-ID: <150905289647.8971.12812619174783214050.launchpad@wampee.canonical.com> ** Changed in: mailman Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman. https://bugs.launchpad.net/bugs/1602608 Title: mailman crash for subscription in webinterface To manage notifications about this bug go to: https://bugs.launchpad.net/mailman/+bug/1602608/+subscriptions From 1695610 at bugs.launchpad.net Fri Oct 27 03:33:37 2017 From: 1695610 at bugs.launchpad.net (ChristianEhrhardt) Date: Fri, 27 Oct 2017 07:33:37 -0000 Subject: [Bug 1695610] Re: Test missing in lists_lists leading to wrong listing when using -V option References: <149649376267.25429.7404416901217304673.malonedeb@soybean.canonical.com> Message-ID: <150908961773.4525.15615448469973586484.malone@gac.canonical.com> Thanks for the FYI Mark, so this will be picke dup on the merge of 2.1.25 then. Given the low prio IMHO there is no need to plan for SRUs back to older releases, objections? ** Changed in: mailman (Ubuntu) Status: New => Confirmed ** Changed in: mailman (Ubuntu) Importance: Undecided => Low -- You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman. https://bugs.launchpad.net/bugs/1695610 Title: Test missing in lists_lists leading to wrong listing when using -V option To manage notifications about this bug go to: https://bugs.launchpad.net/mailman/+bug/1695610/+subscriptions From 1696066 at bugs.launchpad.net Fri Oct 27 03:49:06 2017 From: 1696066 at bugs.launchpad.net (ChristianEhrhardt) Date: Fri, 27 Oct 2017 07:49:06 -0000 Subject: [Bug 1696066] Re: Postfix module - Mailman wrapper - Couldn't write data/aliases.db and data/virtual-mailman.db files References: <149673486419.28883.14597965095773088289.malonedeb@wampee.canonical.com> Message-ID: <150909054617.4803.2877060199193458854.malone@chaenomeles.canonical.com> Hi, I see you are updating all bugs upcoming with 2.1.25 - thanks for all your work Mark. Since on mailman I'm more a triage than anything else I fail to rate the severity of this. To me it seems that if this would be rather important mailman would never have worked correctly, but it did so I (for now rate it low) and would just pick up the fix on next Merge but not plan for an SRU. Please if you (much better at estimating mailman usage) think this is SRU worthy please point that out and maybe add a link to the exact fix commit. ** Changed in: mailman (Ubuntu) Status: New => Triaged ** Changed in: mailman (Ubuntu) Importance: Undecided => Low -- You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman. https://bugs.launchpad.net/bugs/1696066 Title: Postfix module - Mailman wrapper - Couldn't write data/aliases.db and data/virtual-mailman.db files To manage notifications about this bug go to: https://bugs.launchpad.net/mailman/+bug/1696066/+subscriptions From mark at msapiro.net Fri Oct 27 10:57:43 2017 From: mark at msapiro.net (Mark Sapiro) Date: Fri, 27 Oct 2017 14:57:43 -0000 Subject: [Bug 1696066] Re: Postfix module - Mailman wrapper - Couldn't write data/aliases.db and data/virtual-mailman.db files References: <149673486419.28883.14597965095773088289.malonedeb@wampee.canonical.com> Message-ID: <150911626386.9512.4977723666494318824.malone@wampee.canonical.com> The fix is http://bazaar.launchpad.net/~mailman- coders/mailman/2.1/revision/1714 I don't think it's a priority. I never saw an issue due to this before this report. Also, in the case of Debian/Ubuntu, if the site takes the postfix_to_mailman.py option (something which I don't recommend - see https://wiki.list.org/x/15564817 - but which the Debian/Ubuntu package seems to encourage), this is not relevant at all. -- You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman. https://bugs.launchpad.net/bugs/1696066 Title: Postfix module - Mailman wrapper - Couldn't write data/aliases.db and data/virtual-mailman.db files To manage notifications about this bug go to: https://bugs.launchpad.net/mailman/+bug/1696066/+subscriptions From 1696066 at bugs.launchpad.net Fri Oct 27 11:29:35 2017 From: 1696066 at bugs.launchpad.net (Laurent Declercq) Date: Fri, 27 Oct 2017 15:29:35 -0000 Subject: [Bug 1696066] Re: Postfix module - Mailman wrapper - Couldn't write data/aliases.db and data/virtual-mailman.db files References: <149673486419.28883.14597965095773088289.malonedeb@wampee.canonical.com> <150911626386.9512.4977723666494318824.malone@wampee.canonical.com> Message-ID: <73999eab-6eec-943a-fd03-a3c77bafa80e@nuxwin.com> Le 27/10/2017 ? 16:57, Mark Sapiro a ?crit?: > The fix is http://bazaar.launchpad.net/~mailman- > coders/mailman/2.1/revision/1714 > > I don't think it's a priority. I never saw an issue due to this before > this report. Also, in the case of Debian/Ubuntu, if the site takes the > postfix_to_mailman.py option (something which I don't recommend - see > https://wiki.list.org/x/15564817 - but which the Debian/Ubuntu package > seems to encourage), this is not relevant at all. > We don't make use of that postfix_to_mailman.py script which is really bad ;) BTW: We are using mailman on shared hosting where there are huge of lists. This bug is important to my eyes. -- Laurent Declercq iHMS/i-MSCP CEO & Lead Developer ------------------------------------------------------------------------ This message and any attachment are intended solely for the addressees and are confidential. iHMS/i-MSCP, including any part representing these entities may not be held responsible for their contents whose accuracy and completeness cannot be guaranteed over the Internet. Unauthorized use, disclosure, distribution, copying, or any part thereof is strictly prohibited. If you are not the intended recipient of this message, please notify the sender immediately and delete it. ------------------------------------------------------------------------ -- You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman. https://bugs.launchpad.net/bugs/1696066 Title: Postfix module - Mailman wrapper - Couldn't write data/aliases.db and data/virtual-mailman.db files To manage notifications about this bug go to: https://bugs.launchpad.net/mailman/+bug/1696066/+subscriptions From rob-launchpad.net at tigertech.com Mon Oct 30 19:01:31 2017 From: rob-launchpad.net at tigertech.com (Robert Mathews) Date: Mon, 30 Oct 2017 23:01:31 -0000 Subject: [Bug 558128] Re: remove 552 exception for SMTP perm/temp References: <20100408090629.1687.57975.launchpad@loganberry.canonical.com> Message-ID: <150940449188.5067.17299899174780301810.malone@chaenomeles.canonical.com> I experienced a problem with Mailman 2.1.24 as a result of this. A list received several large messages in one day that made the size of a digest exceed 90 MB. When Mailman sent the digest, it got back this SMTP error: 552 5.3.4 Message size exceeds fixed limit And logged this to logs/smtp-failure: SMTP session failure: 552, 5.3.4 Message size exceeds fixed limit, msgid: <... Unfortunately, the SMTPDirect.py code mentioned in this bug report special-cases "552" errors to treat them like "452" errors, resulting in Mailman trying to redeliver this message in an infinite loop until I removed it from the queue. The special-casing is apparently to work around a documentation error in RFC 821 that was corrected in RFC 2821: The fear was that MTA authors had followed the documentation error and were returning a 552 instead of a 452 for the case of "too many recipients in this session". I would expect that few-to-no mail servers in active use have such a problem anymore; the original bug here requesting the removal of the workaround code is 13 years old. At this point, it's very likely that the workaround code merely makes Mailman wrongly retry legitimate 552 "Message size exceeds fixed limit" deliveries over and over. The obsolete code should probably be removed. A trivial patch against Mailman 2.1.25 is attached. ** Patch added: "mailman-bug-558128.patch" https://bugs.launchpad.net/mailman/+bug/558128/+attachment/5000512/+files/mailman-bug-558128.patch -- You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman. https://bugs.launchpad.net/bugs/558128 Title: remove 552 exception for SMTP perm/temp To manage notifications about this bug go to: https://bugs.launchpad.net/mailman/+bug/558128/+subscriptions From mark at msapiro.net Mon Oct 30 23:21:49 2017 From: mark at msapiro.net (Mark Sapiro) Date: Tue, 31 Oct 2017 03:21:49 -0000 Subject: [Bug 558128] Re: remove 552 exception for SMTP perm/temp References: <20100408090629.1687.57975.launchpad@loganberry.canonical.com> Message-ID: <150942010945.4768.10160212327466228396.malone@chaenomeles.canonical.com> I will consider "fixing" this for Mailman 2.1.26, but I note that the retry loop is not "infinite". It is one retry every DELIVERY_RETRY_WAIT (default one hour) for DELIVERY_RETRY_PERIOD (default 5 days) before giving up and returning failure. Granted, this is perhaps 719 unnecessary retries, but is far from "infinite". Also note the problem of an oversize digest can be entirely avoided by setting digest_size_threshhold to a reasonable maximum. Finally. consider what happens if this is considered a "hard bounce". It means every innocent digest member whose ISP rejects the oversize digest with a 552 will record a bounce for that digest. In extreme cases, it could result in users delivery being disabled and ultimately unsubscribed through no fault of their own. A similar problem could exist with overly large individual messages, and this can also be easily avoided by setting max_message_size to a reasonable value and not approving excessively large posts. ** Changed in: mailman Importance: Undecided => Low ** Changed in: mailman Status: New => Triaged ** Changed in: mailman Assignee: (unassigned) => Mark Sapiro (msapiro) -- You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman. https://bugs.launchpad.net/bugs/558128 Title: remove 552 exception for SMTP perm/temp To manage notifications about this bug go to: https://bugs.launchpad.net/mailman/+bug/558128/+subscriptions