Re: Passwords in plain text

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



> Date: Saturday, June 16, 2018 05:25:05 -0500
> From: Johnny Hughes via CentOS <centos@xxxxxxxxxx>
>
> On 06/15/2018 05:18 PM, Richard wrote:
>> 
>> 
>> I believe this is a DMARC issue. Yahoo, among other places, has set
>> their dmarc records to p=reject:
>> 
>>   dig +short txt _dmarc.yahoo.com
>>   "v=DMARC1; p=reject; pct=100; rua=mailto:dmarc_y_rua@xxxxxxxxx;";
>> 
>> So, if your mail hosting provider enforces dmarc,(gmail does) and
>> you get mail from a list that doesn't rewrite the headers, and
>> people from places like yahoo post to the list, you'll likely get
>> some form of warning about being being kicked off the mailing list
>> every now and then. The frequency depends on how often people from
>> p=reject places post, and what the settings are for bounce
>> handling of the mailing list in question.
>> 
>> I believe that the current version of mailman can be configured to
>> do the necessary header rewrites. Some lists I'm on only do the
>> rewrites for headers of posts coming from p=reject sites (much
>> less annoying than having them all rewritten).
> 
> This is indeed what happened.  An email from yahoo.com.uk caused
> gmail to reject all the mails sent by that user because of the
> yahoo DMARC settings.
> 
> We have now set the mailing list to rewrite headers.  That also has
> set the From: of the email to the Mailing list and not the Original
> Author. The author is moved to the CC: block and you can still
> easily see who sent it and my email client (thunderbird) still does
> things the same way (reply to list sends to the list, reply sends
> to the  original author).
> 
>  This should prevent the yahoo/gmail (or other dmarc) issues from
> happening again.
> 
> For others running mailings lists on CentOS with this issue, Red
> Hat has back ported the 'dmarc_moderation_action' into the current
> version of mailman that is used in RHEL and CentOS.  You can follow
> the instructions here for Mailman 2 (for version 2.1.18) even
> though the version in CentOS is mailman-2.1.15-26.el7_4.1
> 
> we will be watching the list for the next few days to see if this
> change is working as expected.  If it id not working for other
> email clients please let us know.
> 
> Great job by Brian Stinson to figure all this out :)
> 
> Thanks,
> Johnny Hughes
> 

Thank you - one less list I'll get kicked off of regularly. 

One note, I am seeing the author in the Reply-To: in the message
headers, not in the visible Cc: as you indicate:

   From: Johnny Hughes via CentOS <centos@xxxxxxxxxx>
   Reply-To: Johnny Hughes <johnny@xxxxxxxxxx>,
    CentOS mailing list <centos@xxxxxxxxxx>

so to see the address of the sender I have to either poke through the
headers or initiate a reply. I don't think that this is email client
specific.


_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos



[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]


  Powered by Linux