Skip to Content.

sympa-users - Re: [sympa-users] DMARC update?

Subject: the mailing list for listmasters using sympa

List archive


Re: [sympa-users] DMARC update?


Chronological Thread 
  • From: Miles Fidelman <>
  • To:
  • Subject: Re: [sympa-users] DMARC update?
  • Date: Fri, 11 Apr 2014 00:42:11 -0400

Thanks Erik - I think I may end up spending this weekend updating my current sympa installation, then applying your patch. (After doing taxes, sigh...)

Erik Olson wrote:
This is effectively what I ended up doing for our list: I patched anonymous mode to rewrite the sender as "Original Sender via Mailinglist <>". I also stashed the original From: in the completely-made-up header "X-OriginallyFrom: Original Sender <>". I also took Steve's suggestion of removing the DKIM and DomainKeys signature headers (and I now have my domain DKIM'ing all outgoing e-mail just for good measure).

The only thing tricky is that I configure the anonymous_sender for each list like this [" via Mailinglist" <>] (stuff between square brackets is what I input into the form.

It's actually had a perverse silver lining, because for years people have been having trouble e-mailing folks off-list. The procedure has been so wildly different for each mail client... one product required "reply to all" + cutting out the non-relevant ones, one was "reply to sender", and some just wouldn't allow it at all. So now, I can safely say that to reply to someone off-list, the ONLY way that works, for all e-mail clients, is to forward the e-mail and paste in the off-list address.

Talking with security guys at work, the idea of "X-Original-Authentication-Results" being used to allow the From: to continue to impersonate makes no sense whatsoever, because any spammer could use that trick just as easily.

I'd love to hear if there's any plans by the sympa devs to put something more formal in a later release, but I'm happy with my patch for now.

I posted a patch for anonymous_mode earlier this week, but here's the updated version I'm running now. The original didn't parse e-mails without personal names properly. Also, this requires the package Email::AddressParser

-----------------------------------begin patch----------------------------------------------
diff -u /home/erik/Drivers/Linux/sympa-6.1.19/src/lib/List.pm .
--- /home/erik/Drivers/Linux/sympa-6.1.19/src/lib/List.pm 2014-02-04 02:40:40.000000000 -0800
+++ ./List.pm 2014-04-08 13:47:02.397269540 -0700
@@ -43,6 +43,8 @@
use Sympa::Constants;
use tools;

+use Email::AddressParser; ## Added by Erik
+
our @ISA = qw(Exporter);
our @EXPORT = qw(%list_of_lists);

@@ -2753,11 +2755,34 @@
## Hide the sender if the list is anonymoused
if ( $self->{'admin'}{'anonymous_sender'} ) {

+ ## New code hacked in by Erik
+ my $originalFrom = $hdr->get('From');
+ my @addresses = Email::AddressParser->parse($originalFrom);
+
foreach my $field (@{$Conf::Conf{'anonymous_header_fields'}}) {
$hdr->delete($field);
}
-
- $hdr->add('From',"$self->{'admin'}{'anonymous_sender'}");
+
+ my @anonFrom = Email::AddressParser->parse($self->{'admin'}{'anonymous_sender'});
+ if (0+@anonFrom) {
+ my $newPhrase = 'Anonymous';
+ if (0+@addresses) {
+ ## Grab the personal name from the original from and tack it on to the beginning of the 'anon' from
+ if ($addresses[0]->phrase) {
+ $newPhrase = $addresses[0]->phrase . $anonFrom[0]->phrase;
+ } else {
+ my $atidx = index($addresses[0]->address, '@');
+ $newPhrase = substr($addresses[0]->address, 0, $atidx) . $anonFrom[0]->phrase;
+ }
+ }
+ my $oldAddr = $anonFrom[0]->address;
+ my $newFrom = Email::AddressParser->new($newPhrase, $oldAddr);
+ $hdr->add('From', $newFrom->format);
+ } else {
+ $hdr->add('From',"$self->{'admin'}{'anonymous_sender'}");
+ }
+
+ $hdr->add('X-OriginallyFrom',"$originalFrom"); ## Erik hack to make not-really anonymous
my $new_id = "$self->{'name'}.$sequence\@anonymous";
$hdr->add('Message-id',"<$new_id>");

@@ -6220,7 +6245,7 @@
$sql_regexp = $data->{'sql_regexp'};
my $fh;

- &do_log('debug2', 'List::get_first_admin_user(%s,%s,%s,%d,%d)', $self->{'name'},$role, $sortby, $offset, $rows);
+ ## &do_log('debug2', 'List::get_first_admin_user(%s,%s,%s,%d,%d)', $self->{'name'},$role, $sortby, $offset, $rows);

my $lock = new Lock ($self->{'dir'}.'/include_admin_user');
unless (defined $lock) {
--------------------------------------------------------end patch-----------------------------------------


On 2014-04-11 03:55, Steve Shipway wrote:
I'm not sure what possible workarounds there really are.

You cannot just strip the DKIM signature (as Yahoo.com's DMARC record states
the DKIM must be present and correct).

Leaving the Subject, From and Reply-To unmodified does not work, since Yahoo
make their DKIM signature also apply to the Receive headers. Passing
through your system will always add some of these rendering the signature
invalid.

Stripping the signature AND anonymising the From header works (at least,
where I've tried it here), but this of course removes the identity of the
sender. This functionality is already present in Sympa (add the
remove-headers and anonymous options to your list) but is not really
desirable.

I cannot see any way to allow the From header to remain unchanged as an
@yahoo.com address, but for the message to still pass DMARC.

One possibility might be to add a new anonymising mode, where the From
address is replaced, but the original is preserved as the Full Name. EG:

From: Steve
Shipway<>

...can be rewritten as...

From: "Steve
Shipway<>"<>

This might be a vaguely acceptable solution. It would require a little work
in Sympa though to add the new option to the system, possibly as a suboption
to anonymous_sender, so only modifying List.pm. I'll take a look and see if
I can make a suggested patch.

Steve


Steve Shipway





--
*Erik Olson*
/Proudly joining 21st Century e-mail in 2013/


--
In theory, there is no difference between theory and practice.
In practice, there is. .... Yogi Berra




Archive powered by MHonArc 2.6.18.

Top of Page