On Wed, 01 Sep 2004 15:55:47 +0100 Nigel Metheringham <[EMAIL PROTECTED]> wrote: > On Wed, 2004-09-01 at 10:41 -0400, J C Lawrence wrote: >> On Wed, 01 Sep 2004 11:16:05 +0100 Nigel Metheringham >> <[EMAIL PROTECTED]> wrote:
>> I use TMDA as a C/R system in front of all my lists and then remove >> all posting controls on the lists at the Mailman level. Given that >> the majority of list members never even try to post, this has been >> proven a particularly effective control. > I am wondering about switching to the Mailman members initially > moderated policy, although I don't really want to increase the load on > the moderators. Quite. I implemented the TMDA system for my lists initially just to get the SPAM load off me as moderator. There's quite a relief in running a fully moderated list and getting single digit SPAM at the moderation interface per year. > Since in this case (which may be isolated or co-incidental) the > address forged as the sender address is a frequent list poster, using > TMDA would not seem to add much. TMDA uses the envelope sender rather than the From: address, which successfully traps most forged spam/virus mail. > What might add something would be an option where posters get a > response back on postings similar to the current message held for > moderation where they have a choice of actions - post or cancel at a > minimum. Yup, and in fact TMDA can be setup to do precisely this: just configure it to not add confirmants to the whitelist and reword the confirm request message to read as a posting check. >> I also put mimefilter (a MIME stripper) in front of the lists to >> remove dangerous payloads, and then auto-junk messages which end up >> too short (this doesn't catch much, but just enough to glad of). In >> 3 years of using this system or earlier variants of it I've had only >> 12 spam make it through the system. Not ideal, but certainly a >> tolerable rate. > Its recently been requested that we start allowing some MIME parts > through - especially PGP signature types and patch files. This is precisely why I use mimefilter instead of demine: it can be configured to leave specific MIME types untouched. I also wrapped mimefilter in a procmail recipe that skips the mimefilter step if a special X-header is present. In this way some MIME types can always get through, and individual members can special case specific messages to get a particular MIME construct onto the list. So far it has worked perfectly. > Loosening the current paranoid content posting policy (which is > actually there because historically pipermail didn't MIME and I want > the archives to be sane) is going to open the cracks wider and allow > some slime to lever things open further... Yeah, that's always the problem. As I keep telling a few people at work: Security (and accounting for that matter) is all about making sure that people don't do things. Doing our jobs done is all about actually doing things... -- J C Lawrence ---------(*) Satan, oscillate my metallic sonatas. [EMAIL PROTECTED] He lived as a devil, eh? http://www.kanga.nu/~claw/ Evil is a name of a foeman, as I live. _______________________________________________ Mailman-Developers mailing list [EMAIL PROTECTED] http://mail.python.org/mailman/listinfo/mailman-developers Unsubscribe: http://mail.python.org/mailman/options/mailman-developers/archive%40jab.org
