public inbox for pgsql-www@postgresql.orghelp / color / mirror / Atom feed
Issue: pglister: emails to list owners break SPF/DMARC 2+ messages / 1 participants [nested] [flat]
* Issue: pglister: emails to list owners break SPF/DMARC @ 2025-09-15 16:00 Célestin Matte <celestin.matte@cmatte.me> 2026-04-24 10:14 ` Re: Issue: pglister: emails to list owners break SPF/DMARC Célestin Matte <celestin.matte@cmatte.me> 0 siblings, 1 reply; 2+ messages in thread From: Célestin Matte @ 2025-09-15 16:00 UTC (permalink / raw) To: PostgreSQL WWW <pgsql-www@lists.postgresql.org> Unlike regular mailing list emails, emails to <listname>-owner@ are forwarded as-is to mailing list owners, which means they will probably be blocked later on as the mailing list email server is not the legitimate sender. This breaks SPF/DMARC. In my case, smtp-relay.gmail.com (which I use to emit mailing list emails) refuses to forward any such email. I did not dig too much into ways to fix this because most (if not all) emails to these address are spam anyway, some of them passing spamassassin filters. But it may be better to do things properly at some point. -- Célestin Matte ^ permalink raw reply [nested|flat] 2+ messages in thread
* Re: Issue: pglister: emails to list owners break SPF/DMARC 2025-09-15 16:00 Issue: pglister: emails to list owners break SPF/DMARC Célestin Matte <celestin.matte@cmatte.me> @ 2026-04-24 10:14 ` Célestin Matte <celestin.matte@cmatte.me> 0 siblings, 0 replies; 2+ messages in thread From: Célestin Matte @ 2026-04-24 10:14 UTC (permalink / raw) To: pgsql-www@lists.postgresql.org On 15/09/2025 18:00, Célestin Matte wrote: > Unlike regular mailing list emails, emails to <listname>-owner@ are forwarded as-is to mailing list owners, which means they will probably be blocked later on as the mailing list email server is not the legitimate sender. This breaks SPF/DMARC. In my case, smtp-relay.gmail.com (which I use to emit mailing list emails) refuses to forward any such email. > > I did not dig too much into ways to fix this because most (if not all) emails to these address are spam anyway, some of them passing spamassassin filters. But it may be better to do things properly at some point. Here's a patch to fix this issue. To do so, I embed the email in a moderation email sent from the moderation address. -- Célestin Matte Attachments: [text/x-patch] 0001-Use-template-to-forward-emails-to-mailing-list-owner.patch (3.0K, 2-0001-Use-template-to-forward-emails-to-mailing-list-owner.patch) download | inline diff: From 8837dca5d3a03429ae51b0c1b4890cc23ca3666a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?C=C3=A9lestin=20Matte?= <dev@cmatte.me> Date: Fri, 24 Apr 2026 10:31:38 +0200 Subject: [PATCH] Use template to forward emails to mailing list owners via a system address Relaying the email directly breaks SPF/DMARC. To avoid this issue, embbed the email in a moderation email sent from the moderation address. --- lib/handlers/mailhandler.py | 26 ++++++++++++++++++++------ mailtemplates/owner_forward.txt | 7 +++++++ 2 files changed, 27 insertions(+), 6 deletions(-) create mode 100644 mailtemplates/owner_forward.txt diff --git a/lib/handlers/mailhandler.py b/lib/handlers/mailhandler.py index 71a7d4e..beb2cb0 100644 --- a/lib/handlers/mailhandler.py +++ b/lib/handlers/mailhandler.py @@ -15,7 +15,7 @@ from baselib.lists import CcPolicies, BccPolicies from mailutil.header import decode_mime_header from mailutil.body import get_truncated_body from mailutil.attachment import get_attachment_info -from baselib.misc import generate_random_token, log, format_size +from baselib.misc import generate_random_token, log, format_size, obfuscate_email_address from baselib.config import config from baselib.template import send_mailtemplate @@ -911,12 +911,26 @@ ORDER BY 1""", # pass the mail on to there. with self.conn.cursor() as curs: mods = self.mlist.get_moderators() + context = { + 'sender': obfuscate_email_address(self.sender), + 'from': obfuscate_email_address(self.fromaddr), + 'subject': self.subject, + 'body': self._get_truncated_body(), + 'list_name': self.mlist.name, + 'moderator_address': self.mlist.moderator_notice_address() + } + for email, name in mods: - curs.execute("INSERT INTO raw_out (sender, recipient, contents) VALUES (%(sender)s, %(recipient)s, %(contents)s)", { - 'sender': self.sender, - 'recipient': email, - 'contents': self.bio.getvalue(), - }) + send_mailtemplate( + curs, + self.mlist.moderator_notice_address(), + self.mlist.moderator_notice_name(), + email, + name, + f"Email received on {self.mlist.name} list moderators address", + 'owner_forward.txt', + context + ) log(curs, 0, 'mail', 'Mail to list owner of {0} delivered to {1} moderators.'.format(self.mlist.name, len(mods)), self.messageid) diff --git a/mailtemplates/owner_forward.txt b/mailtemplates/owner_forward.txt new file mode 100644 index 0000000..d122038 --- /dev/null +++ b/mailtemplates/owner_forward.txt @@ -0,0 +1,7 @@ +The following email was received on the list moderators address ($moderator_address): + +Sender: $from ($sender) +Subject: $subject +List: $list_name + +$body -- 2.53.0 ^ permalink raw reply [nested|flat] 2+ messages in thread
end of thread, other threads:[~2026-04-24 10:14 UTC | newest] Thread overview: 2+ messages (download: mbox.gz follow: Atom feed) -- links below jump to the message on this page -- 2025-09-15 16:00 Issue: pglister: emails to list owners break SPF/DMARC Célestin Matte <celestin.matte@cmatte.me> 2026-04-24 10:14 ` Célestin Matte <celestin.matte@cmatte.me>
This inbox is served by agora; see mirroring instructions for how to clone and mirror all data and code used for this inbox