[CentOS] Passwords in plain text

Mon Jun 18 05:23:34 UTC 2018
Fabian Arrotin <arrfab at centos.org>

On 17/06/18 18:11, Michael Hennebry via CentOS wrote:
> Methinks the rewriting was done badly.
> I'm guessing that this will go to the entire list,
> but I am not sure.  I should be sure.
> This is what alpine shows me:
>> From: Leon Fauster via CentOS <centos at centos.org>
>> Reply-To: Leon Fauster <leonfauster at googlemail.com>,
>>     CentOS mailing list <centos at centos.org>
>> To: Johnny Hughes <johnny at centos.org>,
>>     CentOS mailing list <centos at centos.org>

Yes, that's because initially (in emergency when the issue was
discovered last friday), the mailman "from_is_list" was changed from
"no" to "munge_from", which solved the initial issue when all people
were subscribed again.

Now I've put it back to "no", as there are other settings that were
backported to the .el7 mailman version (so from upstream 2.1.18 to
mailman-2.1.15-26.el7_4.1.x86_64) and from today, here are the settings
that were adapted :

dmarc_moderation_action  "munge from"
dmarc_quarantine_moderation_action : "yes"

So that means that for people without any DMARC policy set to either
p=quarantine or  p=reject , nothing will be changed in the headers, so
as before
And for for impacted originator domains with such DMARC policy, the
"from" will be adapted, so still let the mail being processed and
delivered, but without a risk of being rejected/bounced by mail servers
implementing such DMARC checks

Let's see how that goes during the day

Fabian Arrotin
The CentOS Project | https://www.centos.org
gpg key: 56BEC54E | twitter: @arrfab

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: OpenPGP digital signature
URL: <http://lists.centos.org/pipermail/centos/attachments/20180618/521ba7a9/attachment-0004.sig>