mailing list changes

Christof Arnosti charno at charno.ch
Sat Mar 7 04:50:40 PST 2020


Hi,

On 07.03.20 10:54, Robert Helling via subsurface wrote:
> Dirk,
>
>> On 6. Mar 2020, at 23:52, Dirk Hohndel via subsurface
>> <subsurface at subsurface-divelog.org
>> <mailto:subsurface at subsurface-divelog.org>> wrote:
>>
>> The biggest difference is, of course, that a simple 'reply' is no
>> longer going
>> to the author of the email that you are responding to, but to the whole
>> list...
>
> hmm, I am not sure this is the only difference: In the apple mail
> reader for example, this thread now looks like 
>
>
> That is, you cannot tell anymore who wrote that message (the xxx via
> subsurface <subsurface at subsurface-divelog.org
> <mailto:subsurface at subsurface-divelog.org>> appears above quotes,
> though), in particular since many people don’t sign their messages
> with their name. I think, this is worse than people with misconfigured
> DMARK and DKIM cannot post to the mailing list (note that the problem
> is on the sender side since those people have too strict rules when
> posting to mailing lists, not on the receivers’ end).

Can you explain this a bit more?

I think that DKIM / DMARC does exactly what it should: preventing
modification of mails with "MailFrom" from my domain on-the-fly.

I also have SPF configured, which should in theory also lead to a reject
when my domain is used as MailFrom.

With DMARC, if I understand correctly, the mail should only be threated
as boguous when both of these mechanisms fail at once. This is the case
when the subsurface-divelog.org list server modifies my mail (breaks
DKIM) and sends it from it own server (breaks SPF) with MailFrom ~=
*@charno.ch.

I understand that this leads to problems with mailing lists, but on the
other hand I would think that replacing the sender address by the
mailing list software (like done now on subsurface-divelog.org) should
be the right way to deal with this problem. Honestly, I'm more curious
about why your mail client only displays the sender mail-address (but
not always? The mail you directly received from Benjamin seems fine?)
instead of the name in the MailFrom-Header.

I think that DMARC / DKIM / SPF are a quite important tool in the fight
against mail spoofing, so I would hate to weaken or disable it.

Can you give me some recommendation on how I should configure DMARC /
DKIM / SPF without breaking spoof-save mailing, but still working with
mailinglists configured like subsurface was before?

>
> If you really want to rewrite from addresses, rather rewrite
> joe.dorfnuts at mysetupisbroken.com
> <mailto:joe.dorfnuts at mysetupisbroken.com> to
> joe at mysetupisbroken.com.invalid
> <mailto:joe at mysetupisbroken.com.invalid>-removeme
>
> Best
> Robert
Best regards
Christof
>
> _______________________________________________
> subsurface mailing list
> subsurface at subsurface-divelog.org
> http://lists.subsurface-divelog.org/cgi-bin/mailman/listinfo/subsurface
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.subsurface-divelog.org/pipermail/subsurface/attachments/20200307/ec50982d/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Screenshot 2020-03-07 at 10.47.14.png
Type: image/png
Size: 184492 bytes
Desc: not available
URL: <http://lists.subsurface-divelog.org/pipermail/subsurface/attachments/20200307/ec50982d/attachment-0001.png>


More information about the subsurface mailing list