Greetings, we used to have a situation where a spammer would do the following with qmail:
(1) spammer send a message FROM someone (forging their address) TO an invalid address on our server CONTAINING spam (2) our server sees the address is invalid (3) our server BOUNCES error message CONTAINING original message (including spam) FROM us TO the forged address (which was the apparent from address) thus making us a spam source. (Ingenious.) Since we have moved to postfix/mailman, we are now encountering a different situation, also probably arising from spam (1) spammer sends a message FROM someone (forged) TO a range of addresses which include the -subscribe and/or -unsubscribe address (2) mailman BOUNCES confirmation message TO forged address FOR -subscribe/unsubscribe, this may include the spam (as part of the notification) (3) sometimes, if the address is invalid (dead address), we get a bounce back saying the address is no good, which gets caught in the "uncaught bounce" cycle. (4) sometimes, if the address is valid and its to the -subscribe address, the person gets spammed. Is there a way in mailman to do the following - and if not, I'd like to submit these ideas for implementation or adjustment (1) bounces from subscribe requests should not include the original message (2) unsubscribe requests should be dropped if they come from an address which is not a member You can't really tell if a subscribe request is valid or not, but at least the attachments could be stripped out... Cordially, Justin Long -- Never retreat. Never surrender. Never cut a deal with a dragon. ------- Justin Long / [EMAIL PROTECTED] http://www.strategicnetwork.org - 120,000 subscribers, 16,000 articles http://www.momentum-mag.org - bi-monthly magazine on unreached peoples http://www.momentum-mag.org/wiki - Missiopedia of Christian missions MSNIM [EMAIL PROTECTED] / Skype nsmjustinlong ------- We help people build 6 things: Drive, Energy, Effort, Inspiration, Power, Strength ------- No armor? Unclean life? Then do not mess in the affairs of dragons, for you are crunchy and taste good with ketchup. _______________________________________________ Mailman-Developers mailing list Mailman-Developers@python.org http://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp
