Comment 3 for bug 1845751

Mark Sapiro (msapiro) wrote :

I've been thinking about this report and patch, but hadn't formed a clear idea of a response. Now comments #2 has arrived which is really a separate issue.

With respect to comment #2, it asserts "when the list suppresses sending to a given user, it rewrites mail headers to drop that user from cc". This is backwards. A member's address is removed from Cc only if the member's "avoid duplicates" setting is off, not on. This only affects the scenarios in that the premise becomes "User A is a user with the feature disabled".

With respect to the original proposal/patch, I'm concerned that the patch only bypasses the Cc alteration when the From: domain publishes a relevant DMARC policy and won't be otherwise changed. It fails to consider whether other DKIM signature breaking transformations such as subject prefixing, addition of headers/footers and content filtering are being done. I'd be more inclined to accept a new "don't break DKIM" setting which if enabled would trump all settings that alter the message in a DKIM signature breaking way.

However, that all said, There are a few other considerations. I will soon release Mailman 2.1.30 which will be the last Mailman 2.1 release from the GNU Mailman project. I think the way to deal with DMARC in the future is with ARC, https://www.rfc-editor.org/info/rfc8617. There is ARC support in Mailman 3, although I think it can also be implemented in the MTA without involving Mailman.

Also, I have never fully understood why Cc dropping is dependent on the member's "avoid duplicates" setting at all (this predates my involvement with Mailman). It is intended to prevent Cc lists from growing without bound in long threads where everyone is doing reply-all, but why only Cc: and not To:, and why only addresses that don't "avoid duplicates". In short, I'm reluctant to make a change without a clear direction which I don't have.