From: Chris Webb <chris@arachsys.com>
To: mlmmj@mlmmj.org
Subject: Re: Changing mailing list subscription process
Date: Mon, 02 Jun 2008 21:33:34 +0000 [thread overview]
Message-ID: <20080602213334.GA4730@arachsys.com> (raw)
In-Reply-To: <20080529230903.GJ16364@curie-int.orbis-terrarum.net>
"Robin H. Johnson" <robbat2@gentoo.org> writes:
> I've played with a variety of addresses for routing to /dev/null, when
> we started putting Reply-To on emails that the Gentoo Bugzilla sends
> out. Amongst the bits tried: '/dev/null@localhost',
> 'noreply@localhost'. Having the '.invalid' on the end turned out to be
> important because there are some MTAs that simply reject the mail for
> not having at least one dot in the host side of the email string.
Sure, I can believe that. In fact, I am certain there are also MTAs out
there that will reject if the Reply-To: domain isn't valid with either an MX
record or an A record---I've encountered them.
Our own MTA is configured to do this with From: although it ignores
Reply-To: at present. Users at these sites will be completely unable to
subscribe to or unsubscribe from your lists if you go ahead and start
emitting confirmation emails with invalid Reply-To addresses.
I think the only correct configuration here that won't break things for some
of your users is to use the (genuinely routeable)
blackhole@gentoo.org
and bin to /dev/null when they're delivered to you.
> The point of using an invalid domain, is to have any response NOT
> traverse the entire internet and cause backscatter.
There's no backscatter in the configuration I described. The autoreplies
would be directed to an (auto-processed) address in your own domain not to
random third parties, unlike what happens with spam backscatter from MTAs
that bounce after accepting a message.
> Using an unsub address in the Reply-To part would also be bad I think,
> as that may allow some attacks to unsubscribe people.
Yes, an unsub address as Reply-To: isn't a good idea but a 'cancel
outstanding confirmation request' address is fine. This just answers 'no' to
the 'do you want to subscribe?' question without changing the membership
list at all.
> In either case, mlmmj doesn't let you set a Reply-To header at the
> moment for the sub/unsub mails.
True.
Cheers,
Chris.
next prev parent reply other threads:[~2008-06-02 21:33 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-05-29 23:09 Changing mailing list subscription process Robin H. Johnson
2008-05-30 12:23 ` Chris Webb
2008-05-30 14:51 ` Benny Pedersen
2008-05-30 15:08 ` Christian Laursen
2008-05-30 16:02 ` Robin H. Johnson
2008-05-30 16:04 ` Robin H. Johnson
2008-05-30 18:29 ` Thomas Goirand
2008-05-30 19:47 ` Robin H. Johnson
2008-06-02 21:33 ` Chris Webb [this message]
2008-06-02 21:55 ` Mads Martin Joergensen
2008-06-04 5:08 ` Robin H. Johnson
2008-06-04 6:58 ` Morten K. Poulsen
2008-06-04 21:48 ` Robin H. Johnson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20080602213334.GA4730@arachsys.com \
--to=chris@arachsys.com \
--cc=mlmmj@mlmmj.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.