We really want Discourse (http://www.discourse.org) to get to a place where we have extremely robust 100% open source mailing list support -- we now have reply via email, notify via email, and community contributed submit topics via email. Working on attachments via email this week.
It's interesting -- unlike forums, people really enjoy mailing lists. I don't think I've ever met anyone, ever, who said they liked forums. But mailing lists seem to inspire people.
I want to see a long term hybrid model where you can interact nearly completely via email, or a good, modern web UI that YOUR org owns (not google groups or yahoo groups). This should be supported.
Forget forums. Forget mailing lists. Bring back NNTP, so we can just point people at com.mycompany.engineering.infrastructure and not worry about setting up another lame inbox filter.
When I was younger, I loved hanging out on forums. There was perhaps a more robust community feeling, since forums can have multiple sections, and include off topic and chattier discussion without people complaining about being deluged with mail. Avatars and signatures let people express their personality and made it easy to tell the author of a post.
Then again, to some extent I'm just nostalgic. What then was personalization I might now see as a rather low post text (signal) to metadata (noise) ratio...
I love forums. I am not crazy about forum software or the inconsistencies between different forums, and often wish for a reliable interface I could use to manage my subscriptions, like an NNTP newsreader or used to do - there are a few mobile solutiosn because many forums are so awful on Mobile, but not many desktop based ones.
I always found mailing lists a pain in the rear to be honest, because the content is usually surrounded by all this auto-generated administrative cruft in addition to the administrative interface of the mail reader itself.
I love what you're doing with Discourse but I wonder if there sin't some selection bias going here.
>unlike forums, people really enjoy mailing lists. I don't think I've ever met anyone, ever, who said they liked forums
I bet if you asked people if there were forums they liked, you'd get a different set of responses.
Forums do seem to be generally less popular than they once were, though, probably because a lot of the functionality they used to provide has been folded into social media and blogs with social logins.. just plain forums on their own might seem a bit atavistic to someone who grew up in the age of facebook, youtube and whatever the new thing is i'm too old to even know about.
did you get some age statistics on that? I really hate e-mail, mailing lists etc. I was thinking that it might be a conflict between the generations because I am a bit younger than the people I used to see on the mailing lists.
Another (late) voice that prefers forums over mailing lists.
One argument about what that I haven't seen so far in this discussion is that I can go to check the forum whenever I want (and not go for a couple of days if I decide to) whereas a mailing list is more like a push model where you receive the emails no matter what, even if you can't take care of them for a couple of days.
I have to say that I have very little experience with newsgroup though, so it might be a best of both world, but let's face it, it has becomming almost inexistant.
> unlike forums, people really enjoy mailing lists. I don't think I've ever met anyone, ever, who said they liked forums.
I think it entirely depends on what the purpose of communication channel is serving.
Mailing lists are transient passive participation. I can sign up to a list and never have to do another thing because I use email all the time. Occasionally a back and forth discussion might pop up, but I can easily choose to ignore it by simply glancing at the subject line.
Forums are persistent active participation. I have to specifically access the forum, possibly logging in in the process, to see what activity has happened. Many do enable some kind of email notification with a set frequency. Digest emails lose the benefit of the quick glance decision to attend or not, while all activity would be similar to the mailing list model. As forums can encourage more silo-ed conversations or short disposable responses, getting all activity is generally not ideal, however.
I like mailing lists quite a bit, but consider them a barely adequate substitute for an NNTP group. The biggest advantage is that brain-dead email clients can't break the threading, a close runner-up is that you don't have per group policies WRT reply-to munging, all groups work the same in your client of choice.
I really like discourse's vision , but I wish that the plugin ecosystem will get some more activity. I recently tried to create a simple plugin but stopped it due to my limited knowledge of ember.js .
I'm the opposite - I love forums, hate mailing lists. Mailing lists clutter my inbox, while I can browse forums to my heart's content without it intruding on my personal mail.
The joelonsoftware forum seemed to be well liked. It had the feature of unthreaded comments which made it harder to sustain pedantic bickering and off-topic tangents.
Having managed a number of largish email systems over the past few years, I've got to say that dealing with Yahoo -- DKIM and other anti-spam related issues -- is one of my larger ongoing headaches. The lack of response and transparency of Yahoo in general is a huge problem -- I managed to get resolution in one case via an executive email carpet bomb (this after repeated contacts with their support team and direct emails to the CTO/Postmaster's address).
Sadly, as much of a fading giant as Yahoo are, their email presence remains huge.
Postmaster address? According to http://rfcignorant.org/lookup/yahoo.com (and from personal experience), Yahoo do not have a postmaster address. If you want to report a problem, you need to find a deeply-buried form somewhere on their web site. Oh, and if you don't have a Yahoo account, you're out of luck, because you need to log in to use that form.
I played with DMARC about a year ago. I put it in monitoring mode so that I'd get email reports from systems to tell me when they received emails from my domain which failed DMARC. I started getting them from all over the place. Pretty much all related to mailing lists breaking the DKIM signature by rewriting headers or the body. My conclusion was: If any email address on your domain subscribes to one or more mailing lists, DMARC will break your email. I disabled it. I don't see myself enabling it again any time soon.
We noticed noticed last month that one of our Yahoo! Groups mailing lists would randomly drop emails[1]. We couldn't find any consistent behavior to it. Wonder if this is the culprit.
Q: I operate a mailing list and I want to interoperate with DMARC, what should I do?
A: DMARC introduces the concept of aligned identifiers. It means the domain in the from header must match the d= in the DKIM signature and the domain in the mail from envelope.
You have a few solutions:
- operate as a strict forwarder, where the message is not changed and the validity of the DKIM signature is preserved
- introduce an "Original Authentication Results" header to indicate you have performed the authentication and you are validating it
- take ownership of the email, by removing the DKIM signature and putting your own as well as changing the from header in the email to contain an email address within your mailing list domain.
Spoofing is a huge issue for all email customers. DMARC was started, in part, to deal with the coming problems that were foreseen here. Mailing Lists don't have to forge or spoof to work. They can adjust and everyone is better off.
Interesting point for the discussion on whether MLMs are allowed to modify the from header is in the section 3.6.2 of rfc 2822: http://tools.ietf.org/html/rfc2822#section-3.6.2. The intended meaning of the from field is to indicate the author of a message which is explicitly allowed to be different than the sender. Thus list-originated communication like digest messages should be sent with the from header of the list, but messages forwarded by the MLM should be sent with the from header indicating the original author. In the absence of the sender header it can be assumed to be the same as the from header. Thus, DMARC could use the sender header instead of the from header and fall back to the from header only when sender is absent. This way MLMs would have a way of avoiding the issue by supplying the sender header. Unfortunately, DMARC chose not to use the sender header citing abuse and bugs in some MUAs which don't display the sender header to the user correctly: http://www.ietf.org/mail-archive/web/dmarc/current/msg00064.....
> Mailing Lists don't have to forge or spoof to work.
Using email correctly per RFCs isn't "forging" or "spoofing".
That this doesn't work with DMARC because DMARC chose instead to break the world because it preferred to support the existing broken behavior over (rather than only as far as was consistent with also supporting) standardized, documented semantics of email headers is if not a fatal flaw in DMARC, at least something that greatly limits its utility.
For this to fail, wouldn't the mailing list have to send the message on to its subscribers listing it as "From" the Yahoo email address? In that case, it's the mailing list doing it 'wrong' (in the eyes of SPF, DKIM, et al, anyway), as they should be sending it 'from' their mailing list email address, not the original person who sent the message. This isn't a new problem as SPF has required mailing lists to do this for years now.
*UPDATE: Clarified 'wrong' wrt the various protocols.
Breaking the entire world and then complaining that "they are doing it wrong" goes over like a lead balloon.
Its a messy state of affairs to have to workaround issues that dont match your particular models, but its often necessary to have things work at all.
Do note that mailing lists and the way they send mail predate DMARC, DKIM and SPF by far, why don't they better account for this extremely prevalent model of email usage. Why is it that mailing lists that are "broken".
The mailing lists I am subscribed to -- openbsd-misc, roundcube-dev, and backuppc-users -- all do this. So does the mailing list I admin, for a local hackers group.
As well as every other mailing list in recent memory. (Including the LKML. I just checked.)
Whether it's "right" or "wrong" might be an argument that someone will find worth having, but I don't think it can be argued that this isn't common practice.
They often do that (resend with the receiver being the person). Mailing lists have intense debates over the correctness of replying to the sender by default or to the list by default (and whether or not you want to add cc or not). Many also munge the subject line with things like [The AWESOMEList] because forever and ever people's mail clients could only filter on subject lines or body text and rarely additional headers.
I appreciate where Yahoo's heart is, but this wasn't really well thought out on their part.
That's bizarre. Correct behavior used to be to send "from" the original sender, with the list address in the "reply-to" field. That way everyone knows who posted it, but discussion is still directed to the list.
What? Every mailing list I've ever subscribed to has the original sender in the "From" field and the mailing list address in the "To" field. Otherwise how would you know who sent the message to the list?
Please forgive my naivety—why are mailing lists forging from addresses in the first place? Have they just been fragilely dependent for years on the exploitation of an authentication vulnerability?
Fair question. The basic internet email spec has virtually no security features whatsoever, and is completely unauthenticated. Mailing list management software doesn't forge sender information, but rather often retains it and generally trusts incoming headers. Back in the old days, some folks even referred to discussion lists as "reflectors."
The proper usage of SMTP mail headers is outlined in RFC2822 (originally RFC822), and the definition of the headers From, Sender, Resent-From, etc. The rules for specifying sender information are spelled out in 3.6.2. [0]
That said, system behavior also depends on if the MLM software is running behind a mail transport agent that enforces authentication protocols for incoming emails, scans for viruses, etc.
When discussion list owners are concerned about receiving forged posts, they usually use list moderation features so they can ensure emails do not get distributed that haven't been reviewed first. But the biggest problem for MLMs isn't usually dealing with impostors, but rather blocking email-borne viruses and misconfigured auto-responders that could cause bogus emails to get reflected out to subscribers.
The behavior of the outgoing From header from MLM software typically depends on the configuration of the list. Some lists (especially digests) are configured so outgoing messages are "From" the list itself. But most discussion lists are configured to retain the original From line, while clarifying their role as an email proxy through other headers.
[+] [-] codinghorror|12 years ago|reply
It's interesting -- unlike forums, people really enjoy mailing lists. I don't think I've ever met anyone, ever, who said they liked forums. But mailing lists seem to inspire people.
I want to see a long term hybrid model where you can interact nearly completely via email, or a good, modern web UI that YOUR org owns (not google groups or yahoo groups). This should be supported.
[+] [-] fennecfoxen|12 years ago|reply
[+] [-] comex|12 years ago|reply
Then again, to some extent I'm just nostalgic. What then was personalization I might now see as a rather low post text (signal) to metadata (noise) ratio...
[+] [-] anigbrowl|12 years ago|reply
I always found mailing lists a pain in the rear to be honest, because the content is usually surrounded by all this auto-generated administrative cruft in addition to the administrative interface of the mail reader itself.
I love what you're doing with Discourse but I wonder if there sin't some selection bias going here.
[+] [-] krapp|12 years ago|reply
I bet if you asked people if there were forums they liked, you'd get a different set of responses.
Forums do seem to be generally less popular than they once were, though, probably because a lot of the functionality they used to provide has been folded into social media and blogs with social logins.. just plain forums on their own might seem a bit atavistic to someone who grew up in the age of facebook, youtube and whatever the new thing is i'm too old to even know about.
[+] [-] polshaw|12 years ago|reply
Also, FWIW, I hate mailing lists (although recognise they often hold high value information).
[+] [-] legohead|12 years ago|reply
Also, Reddit and HN are basically forums.
[+] [-] samstave|12 years ago|reply
Quora is a forum, and I hate it.
[+] [-] contingencies|12 years ago|reply
Hacker News is a forum.
[+] [-] nraynaud|12 years ago|reply
[+] [-] aw3c2|12 years ago|reply
I see no reason to use JS for a simple forum like webpage just like I would see no reason to use HTML in mail.
[+] [-] Gmo|12 years ago|reply
One argument about what that I haven't seen so far in this discussion is that I can go to check the forum whenever I want (and not go for a couple of days if I decide to) whereas a mailing list is more like a push model where you receive the emails no matter what, even if you can't take care of them for a couple of days.
I have to say that I have very little experience with newsgroup though, so it might be a best of both world, but let's face it, it has becomming almost inexistant.
[+] [-] Andrex|12 years ago|reply
I think I'm a weirdo, though. Or a web-head.
[+] [-] bgalbraith|12 years ago|reply
I think it entirely depends on what the purpose of communication channel is serving.
Mailing lists are transient passive participation. I can sign up to a list and never have to do another thing because I use email all the time. Occasionally a back and forth discussion might pop up, but I can easily choose to ignore it by simply glancing at the subject line.
Forums are persistent active participation. I have to specifically access the forum, possibly logging in in the process, to see what activity has happened. Many do enable some kind of email notification with a set frequency. Digest emails lose the benefit of the quick glance decision to attend or not, while all activity would be similar to the mailing list model. As forums can encourage more silo-ed conversations or short disposable responses, getting all activity is generally not ideal, however.
[+] [-] jimmaswell|12 years ago|reply
[+] [-] webmaven|12 years ago|reply
[+] [-] ing33k|12 years ago|reply
[+] [-] Bahamut|12 years ago|reply
[+] [-] ams6110|12 years ago|reply
[+] [-] thefreeman|12 years ago|reply
[+] [-] Ntrails|12 years ago|reply
[+] [-] unknown|12 years ago|reply
[deleted]
[+] [-] dredmorbius|12 years ago|reply
Sadly, as much of a fading giant as Yahoo are, their email presence remains huge.
[+] [-] mnw21cam|12 years ago|reply
[+] [-] codinghorror|12 years ago|reply
http://serverfault.com/questions/434703/why-does-hotmail-sti...
[+] [-] meepmeep|12 years ago|reply
[+] [-] mike-cardwell|12 years ago|reply
[+] [-] jmathai|12 years ago|reply
[1] https://twitter.com/jmathai/status/440529845198790656
[+] [-] billpg|12 years ago|reply
(Honest question.)
[+] [-] mike-cardwell|12 years ago|reply
[+] [-] meepmeep|12 years ago|reply
Q: I operate a mailing list and I want to interoperate with DMARC, what should I do?
A: DMARC introduces the concept of aligned identifiers. It means the domain in the from header must match the d= in the DKIM signature and the domain in the mail from envelope. You have a few solutions:
- operate as a strict forwarder, where the message is not changed and the validity of the DKIM signature is preserved - introduce an "Original Authentication Results" header to indicate you have performed the authentication and you are validating it - take ownership of the email, by removing the DKIM signature and putting your own as well as changing the from header in the email to contain an email address within your mailing list domain.
Spoofing is a huge issue for all email customers. DMARC was started, in part, to deal with the coming problems that were foreseen here. Mailing Lists don't have to forge or spoof to work. They can adjust and everyone is better off.
[+] [-] avz|12 years ago|reply
Interesting point for the discussion on whether MLMs are allowed to modify the from header is in the section 3.6.2 of rfc 2822: http://tools.ietf.org/html/rfc2822#section-3.6.2. The intended meaning of the from field is to indicate the author of a message which is explicitly allowed to be different than the sender. Thus list-originated communication like digest messages should be sent with the from header of the list, but messages forwarded by the MLM should be sent with the from header indicating the original author. In the absence of the sender header it can be assumed to be the same as the from header. Thus, DMARC could use the sender header instead of the from header and fall back to the from header only when sender is absent. This way MLMs would have a way of avoiding the issue by supplying the sender header. Unfortunately, DMARC chose not to use the sender header citing abuse and bugs in some MUAs which don't display the sender header to the user correctly: http://www.ietf.org/mail-archive/web/dmarc/current/msg00064.....
As for the "Original Authentication Results" it doesn't solve the problem for most lists since it requires the destination domain to explicitly trust the list, see http://www.dmarc.org/pipermail/dmarc-discuss/2012-February/0... and http://tools.ietf.org/id/draft-kucherawy-original-authres-00.... Few list admins could afford getting a trust explicitly established with every domain where the members happen to have mailboxes.
[+] [-] dragonwriter|12 years ago|reply
Using email correctly per RFCs isn't "forging" or "spoofing".
That this doesn't work with DMARC because DMARC chose instead to break the world because it preferred to support the existing broken behavior over (rather than only as far as was consistent with also supporting) standardized, documented semantics of email headers is if not a fatal flaw in DMARC, at least something that greatly limits its utility.
[+] [-] JohnTHaller|12 years ago|reply
*UPDATE: Clarified 'wrong' wrt the various protocols.
[+] [-] throwaway2048|12 years ago|reply
Its a messy state of affairs to have to workaround issues that dont match your particular models, but its often necessary to have things work at all.
Do note that mailing lists and the way they send mail predate DMARC, DKIM and SPF by far, why don't they better account for this extremely prevalent model of email usage. Why is it that mailing lists that are "broken".
[+] [-] thaumaturgy|12 years ago|reply
As well as every other mailing list in recent memory. (Including the LKML. I just checked.)
Whether it's "right" or "wrong" might be an argument that someone will find worth having, but I don't think it can be argued that this isn't common practice.
[+] [-] ChuckMcM|12 years ago|reply
I appreciate where Yahoo's heart is, but this wasn't really well thought out on their part.
[+] [-] dragonwriter|12 years ago|reply
Yes, which many mailing lists do.
> In that case, it's the mailing list doing it wrong
Is it? Not having the actual originator as the "From:" seems to be "doing it wrong".
[+] [-] PhasmaFelis|12 years ago|reply
[+] [-] zhemao|12 years ago|reply
[+] [-] gkoz|12 years ago|reply
[+] [-] syntheticnature|12 years ago|reply
Looking at the headers of a recent message from a Yahoo user over Yahoo groups it seems like it would be the case:
Of course, anyone who is using Yahoo Groups regularly has probably noticed that even with last year's redesign it's not getting much attention.[+] [-] aendruk|12 years ago|reply
[+] [-] bashcoder|12 years ago|reply
The proper usage of SMTP mail headers is outlined in RFC2822 (originally RFC822), and the definition of the headers From, Sender, Resent-From, etc. The rules for specifying sender information are spelled out in 3.6.2. [0]
That said, system behavior also depends on if the MLM software is running behind a mail transport agent that enforces authentication protocols for incoming emails, scans for viruses, etc.
When discussion list owners are concerned about receiving forged posts, they usually use list moderation features so they can ensure emails do not get distributed that haven't been reviewed first. But the biggest problem for MLMs isn't usually dealing with impostors, but rather blocking email-borne viruses and misconfigured auto-responders that could cause bogus emails to get reflected out to subscribers.
The behavior of the outgoing From header from MLM software typically depends on the configuration of the list. Some lists (especially digests) are configured so outgoing messages are "From" the list itself. But most discussion lists are configured to retain the original From line, while clarifying their role as an email proxy through other headers.
[0] http://tools.ietf.org/html/rfc2822#section-3.6.2
[+] [-] joemaller1|12 years ago|reply
[+] [-] kimonos|12 years ago|reply
[+] [-] throwwit|12 years ago|reply