<html><head><meta http-equiv="Content-Type" content="text/html charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div class="">Hi,</div><div class=""><br class=""></div><div class="">What about making link <a href="https://www.erlang.org/mailman/listinfo/erlang-questions" class="">https://www.erlang.org/mailman/listinfo/erlang-questions</a> work?</div><div class=""><br class=""></div><div class="">For now, link <a href="https://www2.erlang.org/mailman/listinfo/erlang-questions" class="">https://www2.erlang.org/mailman/listinfo/erlang-questions</a> works.</div><div class=""><br class=""></div><div class="">When a new Erlang user try to subscribe to this mailing list, he/she will input some information through http if link <a href="http://erlang.org/mailman/listinfo/erlang-questions" class="">http://erlang.org/mailman/listinfo/erlang-questions</a> is the final target.</div><div class=""><br class=""></div><div class="">Yao</div><br class=""><div><blockquote type="cite" class=""><div class="">在 2019年11月5日,23:46,Raimo Niskanen <<a href="mailto:raimo+erlang-questions@erlang.org" class="">raimo+erlang-questions@erlang.org</a>> 写道:</div><br class="Apple-interchange-newline"><div class=""><div class="">Certificates are now in place, and redirects are "working", so if you go to<br class=""><a href="http://erlang.org" class="">http://erlang.org</a> you end up at <a href="https://www.erlang.org/" class="">https://www.erlang.org/</a>.<br class=""><br class="">Remains that many links back from <a href="https://www.erlang.org" class="">https://www.erlang.org</a> to <a href="http://erlang.org" class="">erlang.org</a><br class="">downgrade to http:.<br class=""><br class="">We have not (yet) implemented HTTP Strict Transport Security (HSTS)<br class="">on <a href="http://erlang.org" class="">erlang.org</a> or any of its subdomains.<br class=""><br class="">Will that be frowned upon?<br class=""><br class="">If not I think we ore done for now (apart from hunting down all bad links<br class="">mentioned above).<br class=""><br class="">Thank you for your feedback!<br class="">/ Raimo Niskanen<br class=""><br class=""><br class="">On Mon, Nov 04, 2019 at 11:53:16AM +0100, Loïc Hoguin wrote:<br class=""><blockquote type="cite" class="">For <a href="http://erlang.org" class="">erlang.org</a> itself there's two problems currently: no automatic <br class="">redirection from http to https;<br class=""><br class="">And this:<br class=""><br class="">Your connection is not private<br class="">This server could not prove that it is <a href="http://erlang.org" class="">erlang.org</a>; its security <br class="">certificate is from <a href="http://www2.erlang.org" class="">www2.erlang.org</a>. This may be caused by a <br class="">misconfiguration or an attacker intercepting your connection.<br class=""><br class="">NET::ERR_CERT_COMMON_NAME_INVALID<br class="">Subject: <a href="http://www2.erlang.org" class="">www2.erlang.org</a><br class=""><br class="">Issuer: DigiCert SHA2 Secure Server CA<br class=""><br class="">Expires on: Oct 22, 2021<br class=""><br class="">Current date: Nov 4, 2019<br class=""><br class="">Keep up the good work.<br class=""><br class="">On 04/11/2019 11:34, Raimo Niskanen wrote:<br class=""><blockquote type="cite" class="">On Mon, Nov 04, 2019 at 10:47:03AM +0100, Adam Lindberg wrote:<br class=""><blockquote type="cite" class="">Speaking of servers and domains, when is HTTPS coming to <a href="http://erlang.org" class="">erlang.org</a> and it’s sub-domains?<br class=""></blockquote><br class="">HTTPS has been active for <a href="http://www.erlang.org" class="">www.erlang.org</a> and <a href="http://bugs.erlang.org" class="">bugs.erlang.org</a> for years.<br class="">The recent web server upgrade enabled it for <a href="http://erlang.org" class="">erlang.org</a> as well;<br class="">we are working on it...<br class=""><br class="">Best regards<br class="">/ Raimo<br class=""><br class=""><br class=""><blockquote type="cite" class=""><br class="">Cheers,<br class="">Adam<br class=""><br class=""><blockquote type="cite" class="">On 2. Nov 2019, at 09:14, Raimo Niskanen <<a href="mailto:ratmapper@gmail.com" class="">ratmapper@gmail.com</a>> wrote:<br class=""><br class="">Yes it does. It applies to all mailing lists.<br class=""><br class="">Ericsson has got its eyes on mailing lists at <a href="http://erlang.org" class="">erlang.org</a> since it owns the domain.<br class=""><br class="">Best regards<br class="">/ Raimo Niskanen<br class=""><br class="">Den lör 2 nov. 2019 02:47Richard O'Keefe <<a href="mailto:raoknz@gmail.com" class="">raoknz@gmail.com</a>> skrev:<br class="">Does this apply to the EEPS list as well?<br class=""><br class="">On Sat, 2 Nov 2019 at 04:25, Joe Harrison <<a href="mailto:joe@sigwinch.uk" class="">joe@sigwinch.uk</a>> wrote:<br class=""><blockquote type="cite" class=""><br class="">Thanks for doing all of this, regardless.<br class=""><br class="">There's no perfect way to do mailing lists in a DMARC/DKIM/SPF compliant<br class="">way that doesn't break some client's "From:" field, subject line, or<br class="">"Reply:" button in some way, but this seems like the least bad option.<br class=""><br class="">I hope my emails make it through to the list now ^_^<br class=""><br class="">OT: Be careful of organisations' web contact forms which ask for your<br class="">email address. Sometimes their web servers generate an email from the<br class="">form using your email address as the "From:" address, which will break a<br class="">lot of DKIM/DMARC/SPF stuff.<br class="">I know of at least one local authority (council) website in the UK which<br class="">is guilty of this.<br class=""><br class="">- Joe<br class=""><br class="">On 26/10/2019 07:57, Raimo Niskanen wrote:<br class=""><blockquote type="cite" class="">It is mainly "the big ones" that have been affected by stricter DMARC<br class="">policies.<br class=""><br class="">When a subscriber sending from e.g Yahoo gets received by Gmail then<br class="">Gmail rejects that message since Yahoo's DMARC policy says so (also vice<br class="">versa). So the list gets a bounce and eventually blocks the Gmail<br class="">subscriber, if enough in a row happens to send with strict DMARC policies.<br class=""><br class="">So for some it has worked, some gets an annoying list probe every now<br class="">and then, some do not get many posts, but the final nail in the coffin<br class="">was Ericsson (Erlang/OTP's home corporation) that tightened its DMARC<br class="">policy and at the same time told us to get our act together and stop<br class="">sending "unhygienic e-mail".<br class=""><br class="">All the best<br class="">/ Raimo<br class=""><br class=""><br class="">Den fre 25 okt. 2019 16:58Chris Rempel <<a href="mailto:csrl@gmx.com" class="">csrl@gmx.com</a><br class=""><<a href="mailto:csrl@gmx.com" class="">mailto:csrl@gmx.com</a>>> skrev:<br class=""><br class=""> Not having the subject contain [erlang-questions] or some other<br class=""> obvious indicator is quite unfortunate. I guess many people were<br class=""> affected by not being DMARC compliant? It seems to have been<br class=""> working just fine for quite some time... ie it "works for me" as it was.<br class=""><br class=""> That said, thanks for maintaining the list, and keeping it going.<br class=""> It is a most useful resource.<br class=""><br class=""> Chris<br class=""><br class=""> *Sent:* Friday, October 25, 2019 at 7:38 AM<br class=""> *From:* "Raimo Niskanen" <<a href="mailto:ratmapper@gmail.com" class="">ratmapper@gmail.com</a><br class=""> <<a href="mailto:ratmapper@gmail.com" class="">mailto:ratmapper@gmail.com</a>>><br class=""> *To:* <a href="mailto:erlang-questions@erlang.org" class="">erlang-questions@erlang.org</a> <<a href="mailto:erlang-questions@erlang.org" class="">mailto:erlang-questions@erlang.org</a>><br class=""> *Subject:* Re: Nobody is unsubscribed<br class=""> To achieve DMARC compliance we have stopped changing the Subject:<br class=""> field and no longer add the mailing list footer to the messages.<br class=""><br class=""> This is because From: Subject: and mail body among other fields are<br class=""> often DKIM signed, so if we should change them we would not pass DKIM<br class=""> signature check and thereby not be DMARC compliant.<br class=""><br class=""> Sorry for the inconvenience, we do not make the rules...<br class=""> / Raimo Niskanen<br class=""><br class=""> On Fri, Oct 25, 2019 at 3:23 PM Raimo Niskanen <<a href="mailto:ratmapper@gmail.com" class="">ratmapper@gmail.com</a><br class=""> <<a href="mailto:ratmapper@gmail.com" class="">mailto:ratmapper@gmail.com</a>>> wrote:<br class=""><blockquote type="cite" class=""><br class="">The reason we changed mailing list servers was to get better DMARC and<br class="">DKIM compliance. This is a test post for us to inspect its headers...<br class="">--<br class="">Raimo Niskanen<br class=""></blockquote><br class=""></blockquote><br class=""></blockquote></blockquote><br class=""></blockquote><br class=""></blockquote><br class="">-- <br class="">Loïc Hoguin<br class=""><a href="https://ninenines.eu" class="">https://ninenines.eu</a><br class=""></blockquote><br class="">-- <br class=""><br class="">/ Raimo Niskanen, Erlang/OTP, Ericsson AB<br class=""></div></div></blockquote></div><br class=""></body></html>