The mailing list for listmasters using Sympa

[Aumont - Comite Reseaux des Universites <address@concealed>]

Patrick von der Hagen wrote:

> We still run listserv, but I'm evaluating alternatives. If sympa had 
> better bounce-processing (e.g. VERP) it would probably place first, 
> but since a large percentage of my users heavily use forwards, the 
> bounces usually won't contain the adress subscribed to sympa and 
> therefore sympa-bounce-processing currently is quite insufficient...
VERP is a important issue for Sympa project. We will introduce verp 
asap. Some users allready  play with some  MTA option parameters to do 
it but for sure, some development are needed. Check sympa-dev  archive, 
thre is a thread about VERP  : 
http://listes.cru.fr/sympa/arc/sympa-dev/2005-11/msg00003.html

VERP on Sympa work is starting now.

> However, I try to imagine the best way possible to handle the problem.
> I hope to reduce this problem by moving the step of "send a bounce 
> after processing by mailinglist-software" forward in the 
> processing-chain, so that before accepting a message, the MTA verifies 
> if the mailinglist-software would cause a bounce to be sent and in 
> that case reject the mail.

I agree that rejecting a message during the incomming SMTP session is 
much more better then accept the message and create a bounce later. The 
way Sympa accept or reject message is not simple and do not depend on 
sender identity but also on any part of the message. This is done with 
Sympa authorization scenario. Rules can be quite complex and use any 
message property. So the best way to reject message during the incomming 
SMTP session is to developt a MILTER interface to scenario so sendmail 
could ask Sympa is the message is to be accepted or rejected during the 
smtp session. Good idea : we will support thoses who start such 
contribution :-)

> Integration with sendmail, postfix or exim should be quite easy, 
> considering the interfaces provided by those MTAs. 

Interface with sendmail is easy with Milter buit postfix does not 
provide milter.

> What do others expect in the short or in the middle term? Do you 
> experience spamcop-problems due to autoresponders now or do you expect 
> to face them? Do you expect problems due to SPF, SRS, Domainkeys etc.? 
> Personally, I deeply distrust SPF and SRS, but feat that they might 
> gain further support.

SPF is nice idea with a major problem : not compatible with forwarder 
(forwarders transmit message without rewritting headers). SRS or a 
alternative solution named "Responsible Submitter" tries to solve this 
problem but they is a very strong issue the choosen solution must be 
deployed everywhere before SPF can be really in use. Anyhow SPF is not a 
probleme for mailing list because mailing list are not forwarders but 
remailers (remailers rewrite headers). SPF can also be a opportunity for 
mailing list : Sympa can use SPS status  in order to decide what to do 
with a message. This can be done just now if your MX add some headers to 
incomming message  based on SPF (this can be done with some MILTER for 
example). ; Sympa can use thoses headers in the authorization scenario.

DKIM (DK is dead) is much more interesting because it is not a 
verification of the message origine but a message signature. DKIM 
require a lot of work for any "remailer", mainly mailing list software 
(MLM).
-1- MLM must not alter existing DKIM signature : currently Sympa is not 
ready for it because it can remove or modify some headers that are part 
of the signature. It can also add a message header or footer that will 
alter the signature but Sympa already include some internal feature in 
order to preserve S/MIME signature and then, we need to extend it for DKIM.
-2- In some cases MLM should add thre own DKIM signature to message to 
prove the origin of the message.
-3- MLM must use DKIM signature as sender authentication to prevent 
unusefull confirmation request. Sympa allready do it for S/MIME signed 
message. We need to extend it in order to use DKIM signature as well.

Personally, i think DKIM is the biggest evolution in message service 
since MIME was introduced.

Serge Aumont

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature