Allan Hansen writes:

What is the best, easiest, guaranteed-to-work way to get this Mailman 3 up and running (OS, add-ons, options, etc.). When I tried myself, I saw a lot of options that I really did not really care to have because I did not know the consequences of each. I’m an application programmer, not a systems programmer.

It's email, there are no guarantees. I hate to say that, but that's the way it is.

In particular, I'm concerned about the "iRedMail" integration, which may be a complete wildcard from my point of view. With respect to the relevant iRedMail components, I can say that Mailman 3 is perfectly happy with Postfix as MTA (it's the recommended configuration, although I use Exim4 for historical reasons), and I've been satisfied with a small-scale set of lists (about 10 active ones, with at most 20 subscribers total) using Apache+mod_swgi to host Postorius and HyperKitty. The problem would be if your friend (is that the Frank in the CC? hi, Frank!) really really wants to manage Mailman 3 through iRedAdmin -- that will get messy I suspect, and pragmatically speaking, we can't support it, we don't have the cycles. So he'd be on his own, especially since the iRedMail folks have their own bespoke mailing list manager. I would recommend avoiding iRedAdmin integration, and just using Postorius since the subscribers and non-site-admin moderators (if any) will need to use Postorius anyway.

Ignoring the iRedAdmin issue, the absolute simplest is

1. Install any Linux distribution with a Docker package.
2. Install the distribution's Docker package.
3. Download and install Mailman Project's Mailman 3 container.
4. Upgrade the container manually (ie, download and reinstall) as appropriate.

For reference, what I would recommend to my friends, who would give me hands-on access in emergencies:

1. Install the Debian distribution. (What I use.)
2. Pin the Mailman 3 packages to "experimental". The idea would be to get Mailman 3 upgrades as fast as possible, even at the risk of packaging issues. (My experience with default-to-experimental system for several years was that this happened at most once a year, and the three or four cases all got fixed within days.)
3. Install the Mailman 3 packages.
4. Adjust any dependencies that need non-"stable" versions.
5. Upgrade via apt or whatever occasionally.
6. When Mailman 3 is working well, downgrade the pins to a more stable level.

Since you do have such a friend, there's probably a similar process that works for his distribution-of-choice.

The problem is that my MacOS users are getting tripped up by the mangling, as it is hidden by the mail clients. I have instructed them to remove previous recipients regularly from the list of such, if they contain the ‘via list’ string. But they don’t read my emails, and we see many embarrassing email ssent to the lists that are meant for one-on-one communication.

I guess we could provide a setting where reply-to goes *only* to author, instead of to author *and* list as we currently recommend. But that is going to make you (or list owners) the focus of user ire because their intended replies to list go only to author. What do you think?

tl;dr The rest is me blowing off steam. :-)

The fact that the mangling will continue is a disappointment.

It's a disappointment to the sane people at the IETF, too, including the rep from Yahoo!, who's a very smart lady (I may be biased, she gave me a kitten once. ;-) Yahoo! is violating the original concept (DMARC "p=reject" was supposed to be used *only* for "transactional" mail, i.e., direct private communication between a business and its clients), but I see her point: when you've had a hundred million or so address books hacked and sold to spammers, and the spammers are sending literally millions of "recommendation from a friend" spams per hour for days on end, you use the tools to hand.

I’m inclined to tell all my AOL and Yahoo users and others in the same boat to find another email service.

I know the feeling. I'm lucky in that respect: the Ministry of Education prohibits use of yahoo mailboxes at Japanese universities. (Which is a WTF of a different kind: yahoo.co.jp is a franchise, not controlled by yahoo.com, and doesn't use p=reject at least at the time MoE issued that policy.)

Mail is just hard. It was designed for a "friendly network of users", not for today's rather hostile open Internet, and even if they had envisioned this in the 70s when the message format and SMTP mail transmission protocol were designed, the fundamental problem is that pretty much everyone has a genuine need, even if only occasional, to receive messages from untrusted and even unknown senders.