[BlueOnyx:16956] Re: Mailman and DMARC

[Jim Matysek]

Thanks for the explanation, Michael. I fully agree that Yahoo is 
completely screwed up here (and for other reasons), and I wasn't aware 
that none of the upstream configurations have picked up these changes 
either. That doesn't make it any easier to tell users who have used 
Yahoo for years that their service is the one that is screwed up, even 
if it is. I believe this also bites us in the butt when we forward email 
sent to our box out to an external email via virtusertable, independent 
of mailman.

-jim



> Hi Jim,
>
>> Can we PLEASE get an update to mailman to fix this? The updated version
>> of mailman that fixes this has been available since April of last year,
>> and it is very hard to try to explain to users that it's Yahoo's fault
>> that their email doesn't get through to our mailing lists.
> Yeah, we spoke about this before and while you have my sympathy, please
> understand that my day only has 24 hours like everyone elses. I have to
> pick my fights and put my work into something that's worthwhile. And
> preferably that should not be stuff that isn't broken.
>
> We use the mailman RPM from upstream. Even RHEL7's mailman RPM doesn't
> have the DMARC "fix" patched in and is too old to have it by default. So
> neither RHEL5, RHEL6 nor RHEL7 have it, nor do their "clones" like
> CentOS or SL.
>
> Ideally this matter should be taken up with RedHat so that they fix it
> and it then populates down to CentOS and Scientific Linux. By that time
> we then get it as well. In the most compatible way and fashion, as the
> RedHat RPM of mailman has some other fixes and modifications in it that
> make it "blend" in with the rest of the email system.
>
> I'm not really inclined to "patch" something that RedHat clearly thinks
> is *not* broken. And they are right on that assessment. It's not broken.
>
> It *only* is a problem because Yahoo is illiterate and ignorant on RFC's
> and made up their own "standard" called DMARC. Which are so piss poor
> that the IETF outright rejected it and suggested a complete rewrite from
> scratch.
>
> With that in mind my sympathy for Yahoo email users has hit an all time
> low and it wasn't particularly high before that. They can't get
> legitimate and RFC conforming non-SPAM mail from standard mailing lists?
> Because of Yahoo being a dick? Sorry, but why do people still stick with
> Yahoo? And why should I spend days on fixing that? That doesn't
> "un-dick" Yahoo. It only makes matters worse. Just wait for their next
> "standard" to be rolled out.
>
> Sorry, Jim. But that's just how I see it.
>
> Lastly: Even if we had a DMARC compatible Mailman RPM on BlueOnyx: This
> would require changes to the GUI to administer the DMARC options, or it
> wouldn't be of *any* use at all. So we're not just looking at an update
> of the mailman RPM, but spending days on extending and tweaking the GUI
> to handle this. And spending money on the translation of the locales for
> the new GUI texts. Either way around: This change will *not* happen for
> the *old* GUI. Not now nor ever. This would be a feature update and the
> old GUI just receives security updates and critical fixes now that 520XR
> is out.
>
> Once DMARC is available in the upstream mailman RPM it might get added
> to the new GUI. But at this time it's not really worth my time or effort.
>
> If someone does it and submits the patches I'll build and release it.
> But at this time I'm not willing to invest any time in fixing stuff that
> Yahoo broke by not adhering to RFC's or common sense and by rolling
> something out that even the IETF identified as a horrible idea.
>