[vlc-devel] Deprecating the VLM

John Sullivan jsvlcd at kanargh.org.uk
Tue Sep 22 03:25:03 CEST 2020 

On Tuesday, September 22, 2020, 12:06:14 AM, Alexandre Janniaux wrote:
> On Tue, Sep 22, 2020 at 12:05:25AM +0200, Pierre Ynard via vlc-devel wrote:
>> From: Pierre Ynard <linkfanel at yahoo.fr>
>> > The issue seems to be that you send your emails as message/rfc822.
>> Thanks for the tip. They do leave my system as text/plain.
> I don't know message/rfc822, but according to neomutt the text/plain
> is wrapped into the message/rfc822.

Just to interject (since I've been seeing this a bit and wondered
where it was coming from), the problem appears to be that:

Pierre's original sending address is linkfanel at yahoo.fr. The domain of
which, yahoo.fr, exports a full set of DMARC/DKIM/SPF data:

$ host -t txt _dmarc.yahoo.fr
_dmarc.yahoo.fr descriptive text "v=DMARC1; p=reject; pct=100; rua=mailto:dmarc_y_rua at yahoo.com;"
$ host -t txt yahoo.fr
yahoo.fr descriptive text "v=spf1 redirect=_spf.mail.yahoo.com"

Compared with Alexandre's (ajanni at videolabs.io) which does not do
DMARC (and appears to allow videolan.org in the SPF though I don't
understand enough about it to know whether that is significant):

$ host -t txt _dmarc.videolabs.io
Host _dmarc.videolabs.io not found: 3(NXDOMAIN)
$ host -t txt videolabs.io
videolabs.io descriptive text "v=spf1 a:smtp.free.fr mx:videolan.org include:_spf.google.com include:messagingengine.com include:_mailcust.gandi.net ~all"

As a result mailman cannot simply relay Pierre's mail
straightforwardly, as many recipients would bounce it. Instead it
presumably strips any signature data from the original email and wraps
it as a message/rfc822 MIME part. It then creates a new set of message
headers, some of which come from the original message, but the From
header in particular is re-written to be the address of the list with
a description: "Pierre Ynard via vlc-devel <vlc-devel at videolan.org>".
A new DKIM signature belonging to videolan.org is then generated and
applied.

Alexandre's message on the other hand passes through, I presume,
mostly untouched. (Because it still has the original sender's From
address, it doesn't even get a new DKIM signature, because the list
wouldn't, in general, be able to generate one.)

Since this list appears to be using mailman 2.1.23, it looks like the
following strategies are available. It looks like the list is
currently set to "Wrap Message". "Munge From" might be a better
choice.

    There are new settings in Privacy options - Sender filters:
        dmarc_moderation_action is a five valued setting with values

            Accept - accept the post without rewriting From: or
            wrapping the message

            Munge From - rewrite the From: and Reply-To: as in
            from_is_list

            Wrap Message - wrap the message as in from_is_list

            Reject - reject the post

            Discard - Discard the post

        dmarc_moderation_notice is a custom reject message to replace
        the default Reject message.

    The above options other than Accept override the from_is_list
    setting for messages whose original From: domain publishes a DMARC
    policy of p=reject or p=quarantine. A per-list option is available
    to limit this to just p=reject or to apply it to either p=reject
    or p=quarantine. If the option is Accept, the from_is_list setting
    applies.

https://wiki.list.org/DEV/DMARC







John
-- 
Dead stars still burn

More information about the vlc-devel mailing list