On 3/2/25 5:17 PM, Florian Weimer wrote:
* William Herrin:
On Sun, Mar 2, 2025 at 10:55 AM Niels Bakker <niels=nanog@bakker.net> wrote:
| Subject: [NANOG]Re:
Congrats on completing the move to Mailman 3 but is this Subject line mangling truly necessary?
It has been standard for mailing lists for a quarter of a century now. Isn't it time NANOG caught up with mailing list best practices?
By default mailman 3 adds the list name as a subject prefix when you create a list. The procedure used was to create a list and then import the mailman2 config to the new list. From the migration MOP: - create the new list you want to migrate as the mailman user: mailman create nanog@lists.nanog.org mailman import21 nanog@lists.nanog.org ./nanog-config.pck Looks like this is where it came from. Doing some research it looks like we had the same prefixing of subjects in april 2008 after the move from merit to nanog.org.
https://lists.nanog.org/archives/list/nanog@lists.nanog.org/message/HOTH2SVU... https://mailman.nanog.org/pipermail/nanog/2008-May/000782.html
I never noticed it before as I filter on List-ID into a "NANOG" folder. It could be removed or modified.
Many mailing lists have moved away from Subject:/body rewriting because it breaks DKIM signatures and may prevent successful message delivery to recipients whose servers enforce the sender's DMARC policy. The alternative is to rewrite the From: line, at least for senders with restrictive DMARC policies,
Right now, and historically in the mm2 list config, if a sender had a DMARC policy of reject or quarantine, mailman replaced the From: with the list address. Example: "Bryan Fields via No-adv <no-adv@lists.nanog.org>" Looking back at the mm2 list, DKIM was always a hit or miss, as the list would filter/strip attachments and other email fluf. Unless you sent a plain text message (as you should), it would cause the DKIM signature to fail. btw I use https://github.com/lieser/dkim_verifier/wiki/ as a plugin in my MUA. It's really good for DKIM debugging. There are two other options: 1. Rewrite the from for all messages 2. Implement ARC https://arc-spec.org/ Option one is a bit like a shotgun approach, but it works across all providers, and is well understood. A number of other lists in our industry do it with little issue; the -nsp lists and outages to name a few. A receiver can view the headers and see if it's signed/valid along the way. Option two is outside the scope of migration, but arguably could be the best as it directly solves the issue. Google does implement it. The footer is a bit redundant, as mailman3 has the direct link in the "Archived-At:" header now. I'd propose removing the footer and subject prefix, and investigate implementing ARC now that we can support it on mailman3. Keep in mind there's over 12k people on this list, so performance is a bit of concern. What do others think of this?
but this breaks other things.
What other things does it beak? If someone needs to have their message received and validated there is a tool for that in gpg/pgp. These mime types are accepted on this list and several people use them. -- Bryan Fields 727-409-1194 - Voice http://bryanfields.net