[BlueOnyx:16954] Re: Mailman and DMARC

Michael Stauber mstauber at blueonyx.it
Wed Feb 4 15:41:18 PET 2015

Hi Jim,

> Can we PLEASE get an update to mailman to fix this? The updated version 
> of mailman that fixes this has been available since April of last year, 
> and it is very hard to try to explain to users that it's Yahoo's fault 
> that their email doesn't get through to our mailing lists.

Yeah, we spoke about this before and while you have my sympathy, please
understand that my day only has 24 hours like everyone elses. I have to
pick my fights and put my work into something that's worthwhile. And
preferably that should not be stuff that isn't broken.

We use the mailman RPM from upstream. Even RHEL7's mailman RPM doesn't
have the DMARC "fix" patched in and is too old to have it by default. So
neither RHEL5, RHEL6 nor RHEL7 have it, nor do their "clones" like
CentOS or SL.

Ideally this matter should be taken up with RedHat so that they fix it
and it then populates down to CentOS and Scientific Linux. By that time
we then get it as well. In the most compatible way and fashion, as the
RedHat RPM of mailman has some other fixes and modifications in it that
make it "blend" in with the rest of the email system.

I'm not really inclined to "patch" something that RedHat clearly thinks
is *not* broken. And they are right on that assessment. It's not broken.

It *only* is a problem because Yahoo is illiterate and ignorant on RFC's
and made up their own "standard" called DMARC. Which are so piss poor
that the IETF outright rejected it and suggested a complete rewrite from

With that in mind my sympathy for Yahoo email users has hit an all time
low and it wasn't particularly high before that. They can't get
legitimate and RFC conforming non-SPAM mail from standard mailing lists?
Because of Yahoo being a dick? Sorry, but why do people still stick with
Yahoo? And why should I spend days on fixing that? That doesn't
"un-dick" Yahoo. It only makes matters worse. Just wait for their next
"standard" to be rolled out.

Sorry, Jim. But that's just how I see it.

Lastly: Even if we had a DMARC compatible Mailman RPM on BlueOnyx: This
would require changes to the GUI to administer the DMARC options, or it
wouldn't be of *any* use at all. So we're not just looking at an update
of the mailman RPM, but spending days on extending and tweaking the GUI
to handle this. And spending money on the translation of the locales for
the new GUI texts. Either way around: This change will *not* happen for
the *old* GUI. Not now nor ever. This would be a feature update and the
old GUI just receives security updates and critical fixes now that 520XR
is out.

Once DMARC is available in the upstream mailman RPM it might get added
to the new GUI. But at this time it's not really worth my time or effort.

If someone does it and submits the patches I'll build and release it.
But at this time I'm not willing to invest any time in fixing stuff that
Yahoo broke by not adhering to RFC's or common sense and by rolling
something out that even the IETF identified as a horrible idea.

With best regards

Michael Stauber

More information about the Blueonyx mailing list