[Mailman-Users] Recommended reading before upgrading to 3.x ?
I’m running mailman 2.x and I am getting ready to build a new server and migrate my lists to 3.x. For those of you who have done this already, do you have any recommended reading suggestions other than the official web page at https://docs.mailman3.org/en/latest/migration.html -- Mailman-Users mailing list -- mailman-users@python.org To unsubscribe send an email to mailman-users-le...@python.org https://mail.python.org/mailman3/lists/mailman-users.python.org/ Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/ https://mail.python.org/archives/list/mailman-users@python.org/
[Mailman-Users] Gmail and DKIM problems
A subscriber to one of my lists who posts from gmail has been made aware that some list subscribers do not get his postings because of DKIM setup at gmail. See attached error message. I understand that he can't do anything about the DKIM setup at gmail. Can I as list admin do something in the list setup (Mailman 2.29)? Also, how many subscribers are likely affected by his (or any gmail user's) DKIM setup? That is, are most list subscribers receiving his messages anyway, or is this problem preventing e-mail from him going to most list subscribers? Thomas Gramstad Message was blocked due to DKIM (). From:Anders Ericson *friland...@gmail.com* To: Biblioteknorge *bibliotekno...@kunnskapsallmenning.no* Subject: Biblioteket som statussymbol. Lat ungdomen lese, for _born._Vegar,_vatn,_straum_–_og_bibliotek Date:2021-06-24 09:47PM Message ID:1624564030-205058-5323-17319-1 IP:158.36.191.155 (hotell.nuug.no) Envelope From:biblioteknorge-boun...@mailman.kunnskapsallmenning.no Recipients: Recipients Action Reason Delivery Status *kristin.johanne.havs...@arendal.kommune.no* Blocked DKIM Not Delivered Dette kan muligens skyldes at SPF record ikke er helt riktig: v=spf1 redirect=_spf.google.com SPF Alignment Domain not found in SPF Med vennlig hilsen *Odd Arvid Knudsen* *Teknologiarkitekt* M: +47 488 92 398 *ıkt**.**agder* *Enklere hverdag* -- Mailman-Users mailing list -- mailman-users@python.org To unsubscribe send an email to mailman-users-le...@python.org https://mail.python.org/mailman3/lists/mailman-users.python.org/ Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/ https://mail.python.org/archives/list/mailman-users@python.org/
[Mailman-Users] Re: Gmail and DKIM problems
One thing to try: Add the following line to /etc/mailman/mm_cfg.py REMOVE_DKIM_HEADERS = Yes I did it. It clearly does no harm. Whether it helps, I don't know. And "probably don't get" may sometimes mean "probably don't check my spam". I'm thinking about removing all the headers with formail, but I really have no idea why the list mail is so often classified as spam. Nobody tells you how they define spam; it is a secret because they don't want spammers to know about it. Jon On 07/01/21 00:37, Thomas Gramstad wrote: > > A subscriber to one of my lists who posts from gmail has been > made aware that some list subscribers do not get his postings > because of DKIM setup at gmail. See attached error message. > > I understand that he can't do anything about the DKIM setup at > gmail. > > Can I as list admin do something in the list setup (Mailman > 2.29)? > > Also, how many subscribers are likely affected by his (or any > gmail user's) DKIM setup? That is, are most list subscribers > receiving his messages anyway, or is this problem preventing > e-mail from him going to most list subscribers? > > Thomas Gramstad > > > > > Message was blocked due to DKIM (). > From:Anders Ericson *friland...@gmail.com* > To: Biblioteknorge *bibliotekno...@kunnskapsallmenning.no* > > Subject: Biblioteket som statussymbol. Lat ungdomen lese, for > _born._Vegar,_vatn,_straum_–_og_bibliotek > Date:2021-06-24 09:47PM > Message ID:1624564030-205058-5323-17319-1 > IP:158.36.191.155 (hotell.nuug.no) > Envelope From:biblioteknorge-boun...@mailman.kunnskapsallmenning.no > Recipients: > Recipients Action Reason Delivery Status > *kristin.johanne.havs...@arendal.kommune.no* > Blocked DKIM Not Delivered > > > Dette kan muligens skyldes at SPF record ikke er helt riktig: > > v=spf1 redirect=_spf.google.com > > SPF Alignment Domain not found in SPF > > > Med vennlig hilsen > > *Odd Arvid Knudsen* > *Teknologiarkitekt* > M: +47 488 92 398 > > *ıkt**.**agder* > > *Enklere hverdag* > -- > Mailman-Users mailing list -- mailman-users@python.org > To unsubscribe send an email to mailman-users-le...@python.org > https://mail.python.org/mailman3/lists/mailman-users.python.org/ > Mailman FAQ: http://wiki.list.org/x/AgA3 > Security Policy: http://wiki.list.org/x/QIA9 > Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/ >https://mail.python.org/archives/list/mailman-users@python.org/ -- Jonathan Baron, Professor of Psychology, University of Pennsylvania Home page: https://www.sas.upenn.edu/~baron Editor: Judgment and Decision Making (http://journal.sjdm.org) -- Mailman-Users mailing list -- mailman-users@python.org To unsubscribe send an email to mailman-users-le...@python.org https://mail.python.org/mailman3/lists/mailman-users.python.org/ Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/ https://mail.python.org/archives/list/mailman-users@python.org/
[Mailman-Users] Re: Gmail and DKIM problems
On 6/30/21 3:37 PM, Thomas Gramstad wrote: A subscriber to one of my lists who posts from gmail has been made aware that some list subscribers do not get his postings because of DKIM setup at gmail. See attached error message. I understand that he can't do anything about the DKIM setup at gmail. Can I as list admin do something in the list setup (Mailman 2.29)? Also, how many subscribers are likely affected by his (or any gmail user's) DKIM setup? That is, are most list subscribers receiving his messages anyway, or is this problem preventing e-mail from him going to most list subscribers? It isn't gmail, it is the recipient MTAs However, removing the incoming DKIM signatures which Mailman's transformations break as Jon Baron suggest may help. Also, the message Dette kan muligens skyldes at SPF record ikke er helt riktig: v=spf1 redirect=_spf.google.com SPF Alignment Domain not found in SPF says the problem is SPF. SPF will always fail on mail forwarded through a list or other forwarding mechanism. You can only avoid this by setting General Options -> from_is_list other than No. Also you should DKIM sign your outgoing mail and publish your own SPF. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, Californiabetter use your sense - B. Dylan -- Mailman-Users mailing list -- mailman-users@python.org To unsubscribe send an email to mailman-users-le...@python.org https://mail.python.org/mailman3/lists/mailman-users.python.org/ Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/ https://mail.python.org/archives/list/mailman-users@python.org/
[Mailman-Users] Re: Gmail and DKIM problems
On 6/30/21 4:37 PM, Thomas Gramstad wrote: I understand that he can't do anything about the DKIM setup at gmail. Nor should he, or anyone else, need to. Can I as list admin do something in the list setup (Mailman 2.29)? As others have said, remove incoming DKIM headers from incoming messages, and add your own DKIM headers (signature) to outgoing messages. This is particularly important if you make /any/ changes to the message as it passes through the mailing list. Also, how many subscribers are likely affected by his (or any gmail user's) DKIM setup? It depends on how the sender's domain has configured things; SPF, DKIM, DMARC. Chances are quite good that any sender from a domain using contemporary stringent settings will have problems with any recipient who has a mail server that honors what the sending domain publishes. You have zero control over what the sender's domain does. You have zero control over what the recipient's mail server does. You only have control of what you do with the mailing list. That is, are most list subscribers receiving his messages anyway, or is this problem preventing e-mail from him going to most list subscribers? I'd say the best that you can hope for is for messages from the mailing list to be filed as spam. The worst, which may be more likely, is that the mailing list server develops a bad reputation and ends up blocked by one or more recipient domains. More sending domains are adopting stringent settings. More receiving servers are honoring stringent settings. It's a multiplicative effect as time goes on. You can either push back or you can update your config. With the multiplicative effect, you will probably need to push back more often. Stop and think for a moment what's actually happening: 1) The sender's mail server is specifying which server(s) are allowed to send email as them and / or apply a cryptographic signature to (part of) the message. They also publish this information so that receiving systems can easily consume it. 2) Receiving systems are using the information that senders publish to be able to tell if message are legitimate based on the source and / or cryptographic signature. So, when you (re)send messages from the mailing list as sending domain (in the SMTP envelope) you are likely running afoul of SPF. When you modify any (signed) part of the message, you are breaking signatures. Thus, recipients see that messages aren't coming from where the sender says they should be and that the cryptographic signature is broken. Hence the receiving server is naturally treating the message from the mailing list as highly suspicious. To avoid this suspicion: 1) Send with your own SMTP envelope address (VERP). 2) Use full personalization. 3) Remove incoming DKIM signatures. 4) Add your own outgoing DKIM signature. I'd suggest updating your config sooner than later. -- Grant. . . . unix || die smime.p7s Description: S/MIME Cryptographic Signature -- Mailman-Users mailing list -- mailman-users@python.org To unsubscribe send an email to mailman-users-le...@python.org https://mail.python.org/mailman3/lists/mailman-users.python.org/ Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/ https://mail.python.org/archives/list/mailman-users@python.org/
