The mailing list for listmasters using Sympa

["Mail administrator, Otto Makela" <address@concealed>]

On 22/11/2023 18.40, Mail administrator, Otto Makela wrote:
> I've been working with getting regular DKIM-signed messages to pass
> intact through Sympa, and if you give up Subject tagging
> (custom_subject) it can definitely be achieved for (some) senders.
>
> Unfortunately, this depends in parts on how "wide" the DKIM
> signature is. One prominent sender to our mailing lists uses signing
> that includes everything imaginable, including List-Id. I've taken
> this as a hint they don't want their people on any external mailing
> lists, and they're re-thinking their choices with my threat of 
> unsubscribing all their users.
>
> However, another alternative (supported by eg Mailman, described by
> them as "DMARC Munging") is to change mailing behavior rather
> radically, by editing the outgoing mailing list message headers:
>
>      From: "DISPLAY_NAME via LIST_NAME" <LIST_POSTING_ADDRESS>
>      Reply-To: ORIGINAL_FROM_ADDRESS
>
> And then signing the message with your own DKIM signature,
> since of course the list posting address is signable by your server.
>
> (I can see how messing with the DISPLAY_NAME will at some point
> cause problems with Mac Mail and some other clients, which are greedy
> about squirreling away and trying to merge together seen "From"
> addresses)
>
> Mailman implements this here:
> https://gitlab.com/mailman/mailman/-/blob/master/src/mailman/handlers/dmarc.py
>
> Can (and should) similar functionality be added to Sympa?
I never got any answers at all to this, has nobody else really run
headfirst into this minefield?

Rather strangely, we already have mailing list settings in Sympa
which look like they SHOULD do this job, but not quite: if one were
to set "Anonymous sender (anonymous_sender)" to be the list name,
and set "Reply address (reply_to_header)" to be "sender (sender)"
one would hope to achieve the above result.

(Perhaps also the value "respect of existing header field (apply)"
would need to be set to "preserve existing header field (respect)"
to preserve a user-defined Reply-to address)

Unfortunately it seems these two (seemingly contradictory) parameters
are processed in an order which precludes using them for this purpose
(the message first gets anonymized, and after that point no Reply-to
header value can be set). Could this logic be altered, I doubt lists which
currently have the anonymous_sender set also have reply_to_sender set?

--
address@concealed (Mail Administrator, Otto J. Makela)