Re: Proof of concept: Mailing list "software" without MTA
- Date: Thu, 25 Oct 2018 23:45:03 +0300
- From: Reco <recoverym4n@xxxxxxxxxxxx>
- Subject: Re: Proof of concept: Mailing list "software" without MTA
On Thu, Oct 25, 2018 at 03:57:32PM -0400, rhkramer@xxxxxxxxx wrote:
> Sometimes things just stick in my head until I do something to get them out -- sorry. ;-)
That's OK. Listening all those voices in the head - that's really
> I am 100% sure I can create mailing list software that does not need an MTA. If this post gets to the list, that is proof -- read on if you wish. (Of course, someone might argue that I've created an MTA, and, maybe, in some sense, I have, but I have avoided the need to set up a "real" MTA which has always proved a very frustrating task for me.)
Received: from mail-oi1-x22b.google.com (mail-oi1-x22b.google.com [IPv6:2607:f8b0:4864:20::22b])
(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
(Client CN "smtp.gmail.com", Issuer "Google Internet Authority G3" (not verified))
by bendel.debian.org (Postfix) with ESMTPS id 647D0264 for <debian-user@xxxxxxxxxxxxxxxx>; Thu, 25 Oct 2018 20:26:40 +0000 (UTC)
It says here what you've used Google's MTA.
It even has correct DKIM signature, and that's something that means you
haven't forged the headers.
> Also, as this is a proof of concept rather than a polished finished thing, I've done a lot of steps by hand and have not included all the safety checks (e.g., avoiding mail loops, which I'd have to learn how to do) that I would expect in a polished product.
So, to rephrase - you can create a maillist that does not need your MTA.
As long as you accept the risks - like, for instance, instant
termination of your maillist at Google's leasure - it will probably
> Basically, instead of setting up an MTA, I've used my "windows style" email client (kamil -- an MUA, aiui) to do what is, to me, the heavy lifting.
> A "real" mail list program (or "suite" of programs) using this approach would work something like this:
> * a filter in kmail would watch for emails / posts directed to the mailing list, and would put those in a special folder (probably named with the name of the mailing list and maybe some prefix or postfix (not the program ;-)
> * a program (possibly a bash script) would watch that folder (check it periodically), and when a file is found:
They invented inotify(7) for that 10 years ago. Install incron.
> * move it to a work location (removing it from the original folder)
> * process it in various ways using tools like awk, sed, or similar to do things like:
> * optionally check the list of subscribers to make sure it came from a subscriber (unless I want to treat it as an open mail list) -- if from a non-subscriber (or a banned user / spammer), optionally send a rejection message (I found in my "administration" of some yahoo groups, that it often worked better not to send a rejection message to a known spammer -- if you send a message, they often try to subscribe (or resubscribe) and then resend the spam -- if you don't send a message, they often seem to assume that there is no problem, never realizing that their messages weren't getting to the list)
> * optionally call it to the attention of the owner of the list (or of the computer it is running on) if the list (or this user) is to be moderated
> * change some of the message headers as appropriate (including generating a new unique messageID (maybe using `date +%s.%N' and some text string reflecting the name of the mailing list
formail from procmail or reformail from maildrop.
And changing existing Message-ID header is a really bad idea.
> * perhaps add things like a new header and footer to the text of the message (like the name of the maillist or group, a MOTD, how to unsubscribe, ...)
Good luck reassembling all those base64/uuencoded e-mails.
Even single Unicode smiley like this ☺ will lead to funny results.