Counter-intuitive header filter processing
Hello,
it seems like the way mailman3 processes header filters is a bit counter-intuitive.
With a header filter (HeaderMatch) like the following:
header => from pattern => .*@freesources.org chain => accept
I expect mails from *@freesources.org to be accepted regardless of the default message acceptance settings.
Apparently, that's not the case. If the default message acceptance setting for members is set to "reject", then mails from *@freesources.org get rejected even though the header filter says "accept". In other words, the default message acceptance action seems to overrule any header filters.
Is this expected behaviour?
Kind regards jonas
On 09/18/2018 10:26 AM, Jonas Meurer wrote:
Apparently, that's not the case. If the default message acceptance setting for members is set to "reject", then mails from *@freesources.org get rejected even though the header filter says "accept". In other words, the default message acceptance action seems to overrule any header filters.
Is this expected behaviour?
Yes. Rules are normally checked in a sequence defined in mailman/chains/builtin.py and that sequence checks several things including member moderation before checking header matches, so if "Default action to take when a member posts to the list" is anything other than "Default processing", that action will take precedence over header matches.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
Hi Mark,
Am 18.09.2018 um 20:48 schrieb Mark Sapiro:
On 09/18/2018 10:26 AM, Jonas Meurer wrote:
Apparently, that's not the case. If the default message acceptance setting for members is set to "reject", then mails from *@freesources.org get rejected even though the header filter says "accept". In other words, the default message acceptance action seems to overrule any header filters.
Is this expected behaviour?
Yes. Rules are normally checked in a sequence defined in mailman/chains/builtin.py and that sequence checks several things including member moderation before checking header matches, so if "Default action to take when a member posts to the list" is anything other than "Default processing", that action will take precedence over header matches.
Thanks for the clarification.
Maybe then the description for chain "accept" in postorius needs to be adjusted. Currently it says "Accept immediately (bypass other rules)". This gives the impression, that it will overrule the default action.
A related followup question: what configuration is recommended for an announcement list where only specific senders (e.g. sender@example.org) should be allowed to post and mail from all (other) subscribers should be rejected?
The only way I see to achieve this currently is:
- Set default action for member posts to "Default processing"
- Add a header filter to accept "sender@example.org"
- Add a header filter to reject ".*"
In my eyes, that's very counter-intuitive and cumbersome to configure. But maybe I just missed a more obvious and elegant solution to achieve the same?
And one more comment: if I make the list an "anonymous list" (i.e. "hide the sender of a message, replacing it with the list address"), then header filters for the "from" header don't work any longer. That's kind of unexpected as well. I would have expected mailman to process the header filters at reading the incoming mail, not after rewriting headers of the outgoing mail?
Cheers jonas
On 09/18/2018 01:04 PM, Jonas Meurer wrote:
Maybe then the description for chain "accept" in postorius needs to be adjusted. Currently it says "Accept immediately (bypass other rules)". This gives the impression, that it will overrule the default action.
Yes, I agree it's confusing.
A related followup question: what configuration is recommended for an announcement list where only specific senders (e.g. sender@example.org) should be allowed to post and mail from all (other) subscribers should be rejected?
The only way I see to achieve this currently is:
- Set default action for member posts to "Default processing"
- Add a header filter to accept "sender@example.org"
- Add a header filter to reject ".*"
In my eyes, that's very counter-intuitive and cumbersome to configure. But maybe I just missed a more obvious and elegant solution to achieve the same?
The way to do that is to set the default action for member posts to Reject and set Member Options -> Administration options -> Moderation for the authorized posters to Accept or Default processing as desired. However, this allows anyone to post by spoofing an authorized address. To avoid that, leave everyone's Moderation setting at List default and post using "pre-approval" (see <https://mailman.readthedocs.io/en/latest/src/mailman/rules/docs/approved.html>.
The downside of this is it requires the poster to send a cleartext password in a header or body line of the post. It will be removed from the post delivered to list members, but sending it in cleartext in an email may be an issue. We will eventually do something with PGP signatures instead, but that isn't here yet.
And one more comment: if I make the list an "anonymous list" (i.e. "hide the sender of a message, replacing it with the list address"), then header filters for the "from" header don't work any longer. That's kind of unexpected as well. I would have expected mailman to process the header filters at reading the incoming mail, not after rewriting headers of the outgoing mail?
Your expectation is correct. All the applicable rules are applied to the incoming message before any message alterations such as anonymizing are applied. Possibly you were confused because some other rule's action took precedence over your header rule.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
participants (2)
-
Jonas Meurer -
Mark Sapiro