Web lists-archives.com

Re: Proof of concept: Mailing list "software" without MTA




Thanks for the response -- some comments interspersed below:

On Thursday, October 25, 2018 04:45:03 PM Reco wrote:
> On Thu, Oct 25, 2018 at 03:57:32PM -0400, rhkramer@xxxxxxxxx wrote:
> > Sometimes things just stick in my head until I do something to get them
> > out -- sorry. ;-)
> 
> That's OK. Listening all those voices in the head - that's really
> disturbing ;)
> 
> > I am 100% sure I can create mailing list software that does not need an
> > MTA.  If this post gets to the list, that is proof -- read on if you
> > wish.  (Of course, someone might argue that I've created an MTA, and,
> > maybe, in some sense, I have, but I have avoided the need to set up a
> > "real" MTA which has always proved a very frustrating task for me.)

I guess I should have said: "does not need a local MTA, i.e., one on my 
machine".

> 
> Received: from mail-oi1-x22b.google.com (mail-oi1-x22b.google.com
> [IPv6:2607:f8b0:4864:20::22b]) (using TLSv1.2 with cipher
> ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com",
> Issuer "Google Internet Authority G3" (not verified)) by bendel.debian.org
> (Postfix) with ESMTPS id 647D0264 for <debian-user@xxxxxxxxxxxxxxxx>; Thu,
> 25 Oct 2018 20:26:40 +0000 (UTC)
> 
> It says here what you've used Google's MTA.
> It even has correct DKIM signature, and that's something that means you
> haven't forged the headers.

That's interesting, because I have at least somewhat modified the headers.

But, that may explain why the first attempt didn't make it to the list, maybe I 
changed the headers too much.

> > Also, as this is a proof of concept rather than a polished finished
> > thing, I've done a lot of steps by hand and have not included all the
> > safety checks (e.g., avoiding mail loops, which I'd have to learn how to
> > do) that I would expect in a polished product.
> 
> So, to rephrase - you can create a maillist that does not need your MTA.

Yes, that is what I was after.

> As long as you accept the risks - like, for instance, instant
> termination of your maillist at Google's leasure - it will probably
> work.

Yes, but I'm sure I could do it as well with any other MTA, like my ISP's MTA 
-- in fact, I'm sort of surprised why it doesn't appear that I used my ISP's 
MTA, but I must have.  I may have to think about that, someday.

> > Basically, instead of setting up an MTA, I've used my "windows style"
> > email client (kamil -- an MUA, aiui) to do what is, to me, the heavy
> > lifting.
> > 
> > A "real" mail list program (or "suite" of programs) using this approach 
would work something like this:
> >    * a filter in kmail would watch for emails / posts directed to the
> >    mailing list, and would put those in a special folder (probably named
> >    with the name of the mailing list and maybe some prefix or postfix
> >    (not the program ;-)
> 
> >    * a program (possibly a bash script) would watch that folder (check it 
periodically), and when a file is found:
> They invented inotify(7) for that 10 years ago. Install incron.

Yeah, thanks, I forget about things like that too often anymore. ;-(
> 
> >       * move it to a work location (removing it from the original folder)
> >       
> >       * process it in various ways using tools like awk, sed, or similar 
to do things like:
> >          * optionally check the list of subscribers to make sure it came
> >          from a subscriber (unless I want to treat it as an open mail
> >          list) -- if from a non-subscriber (or a banned user / spammer),
> >          optionally send a rejection message (I found in my
> >          "administration" of some yahoo groups, that it often worked
> >          better not to send a rejection message to a known spammer -- if
> >          you send a message, they often try to subscribe (or
> >          resubscribe) and then resend the spam -- if you don't send a
> >          message, they often seem to assume that there is no problem,
> >          never realizing that their messages weren't getting to the
> >          list)
> 
> SpamAssassin, anyone?

I don't know if I could invoke SpamAssassin on yahoo's mail lists (but, of 
course, I could invoke it on any thing I run or build locally).
> 
> >          * optionally call it to the attention of the owner of the list
> >          (or of the computer it is running on) if the list (or this
> >          user) is to be moderated * change some of the message headers
> >          as appropriate (including generating a new unique messageID
> >          (maybe using `date +%s.%N' and some text string reflecting the
> >          name of the mailing list
> 
> formail from procmail or reformail from maildrop.
> And changing existing Message-ID header is a really bad idea.

Well, I wasn't sure how mail lists normally handle that -- clearly the message 
has a MessageId when sent from the subscriber -- I would have guessed the mail 
list would use a different MessageID when forwarding it (sending it) to other 
subscribers, especially recognizing that the text and such do get some 
changes.

> 
> >          * perhaps add things like a new header and footer to the text of
> >          the message (like the name of the maillist or group, a MOTD,
> >          how to unsubscribe, ...)
> 
> Good luck reassembling all those base64/uuencoded e-mails.
> Even single Unicode smiley like this ☺ will lead to funny results.

Hmm, I'll have to think about that, also (or try it out), but, for now, I'm 
done.