Hello. I'm trying to set up a new procmail recipe to automatically file this mailing list's traffic into its own folder - because my old procmail recipe (filtering by TO: postfix-users@postfix.org) has proven to be not 100% effective (somehow, some posts to the mailing list are addressed to postfix-us...@cloud9.net instead, and are landing directly into my Inbox, where I can miss them or directly delete them as they are not subject-tagged).
Anyway, from studying the headers in several posts to the list, I haven't found the typical "List-Id:" header [1], which would have been my first choice. I see, however, that I can use the "Sender: owner-postfix-us...@postfix.org" header for my procmail recipe. OK, so problem solved. All that piqued my curiosity, and I became aware that this mailing list is not using the customary subject [tags] and body footer-disclaimer, which are common in many other mailing lists, so I thought that posts to this list with a DKIM signature from the original sender surely must be received by the list subscribers with that DKIM signature not having been invalidated - so I checked some posts to the list which had a DKIM signature and sure enough, their DKIM signature validated fine. I then asked to myself: this list not having subject [tags] and a body footer, is perhaps a new development to satisfy the emerging "tyranny" of several big ESP (email service providers) implementing DMARC [2] with a policy of p=reject [3], or is it perhaps an old custom of this list unrelated to DMARC? So I searched the list archives and found that subject [tags] have never been used, but that a body footer was indeed used in the beginning, with this message from 2002-11-06 15:32:04 being the first one to have an unaltered body without any footer: http://marc.info/?l=postfix-users&m=103659674500641&w=2 I dug a little deeper still, and found that the domain in the Return-Path for the list's messages (@postfix.org) has no SPF record in DNS. Also, the mailing list host does not do any DKIM signing of the messages it relays to the subscribers. So I have questions. 1. Why the mailing list software is not configured to add a List-Id header? 2. Why this mailing list has never used subject tags, and very early in its infancy it even stopped injecting a footer into the posts? It's obvious that was not done to accommodate for DMARC, so why was it done this way? 3. Why is this mailing list's host not signing with DKIM the posts which it is distributing to the subscribers? 4. Why there isn't any SPF declared for the domain (postfix.org) used in the MAIL-FROM (a.k.a. Return-Path) of the messages sent to the subscribers? I will not fake ingenuity on my part, for I searched the list archives and found this quote from Victor Duchovni [4]: "SPF cannot solve spam, but it can, if adopted widely, do damage the Internet email infrastructure which as it stands works very well at delivering email despite the attacks being inflicted upon it. Spam will never go away completely (neither will other crime), but we will learn to avoid it and police it, despite the distraction of SPF." So it's obvious key figures in Postfix have (had?) philosophical issues with SPF (which I happen to love, actually). So that could answer my fourth question above, but what about the other three? Also, I'm curious: do you, Victor, still hold that negative view toward SPF, thirteen years after your quoted comment above? Regards, [1] See RFC2919 - https://www.ietf.org/rfc/rfc2919.txt [2] See RFC7489 - https://tools.ietf.org/html/rfc7489 [3] A DMARC policy of p=reject is known to cause trouble with so called "indirect mail flows", of which a mailing list is the primary example - see https://tools.ietf.org/html/rfc7960 [4] http://marc.info/?l=postfix-users&m=107415094130714&w=2 -- Josh Good
