-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
>>>>> "jam" == John A Martin
>>>>> "Re: [Mailman-Users] SPAM getting through on moderated lists"
>>>>> Thu, 14 Aug 2003 12:34:21 -0400
jam> 2. Cause something like the following to be run as root
jam> either whenever the Mailman aliases are modified or, less
jam> well, periodically by cron. This converts the Mailman
jam> aliases file, excluding the loop detection alias, into a
jam> Postfix access table.
jam> egrep -v
jam> '^$|^#|^mailman-loop'</var/lib/mailman/data/aliases|
jam> sed 's/^\([^:]*\):.*$/\1 550 Bogus Mail
jam> From/'> /etc/postfix/check-list-bmf
jam> postmap /etc/postfix/check-list-bmf
jam> The above bash script assumes Mailman and Postfix
jam> installed from recent Debian packages.
That is pure rubbish. I should never post untested anything that even
looks like a script or suchlike. I'm too prone to big oversights as
above.
The above produces 'email-address-pattern action' pairs from the
aliases using only the 'name' part of the alias which does not (in
general) give an appropriate 'email-address-pattern' for the Postfix
access table. The script above could be modified to produce an
'email-address-pattern' of the form '[EMAIL PROTECTED]' which would
work. However, if the Postfix/Mailman host is dedicated to the
mailing lists with a hostname like lists.example.com and
it also serves Postfix style virtual domain for mailing lists
something like lists.foo.tld then the Postfix access table could look
something like
,----[ /etc/postfix/check-list-bmf ]
lists.example.com 550 Bogus Mail From
lists.foo.tld 550 Bogus Mail From
lists.bar.tld 550 Bogus Mail From
`----
with a line for the Mailman host and each Postfix style virtual domain
used for Mailman lists. This access table needs maintenance (postmap)
only when virtual domains are added or removed. When employed in the
context
jam> 3. In /etc/postfix/main.cf
jam> smtpd_recipient_restrictions =
jam> ...
jam> permit_mynetworks
jam> ... check_sender_access
jam> hash:/etc/postfix/check-list-bmf
jam> ...
jam> permit
this will reject incoming mail using SMTP 'mail from:' our host or any
of the FQDN hostnames used for (Postfix style) mail virtual domains.
This should AFICT do no harm.
The Sendmail equivalent should also be even easier without using the
aliases, no?
HTH
jam
-----BEGIN PGP SIGNATURE-----
iD8DBQE/PM+WUEvv1b/iXy8RAohvAJ4tkWlcYUrNnloI1AlbTQkLRuXDDwCdGlGq
l7w+o7uamuHHA+BhYuR87sY=
=9Bp4
-----END PGP SIGNATURE-----
------------------------------------------------------
Mailman-Users mailing list
[EMAIL PROTECTED]
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
This message was sent to: [EMAIL PROTECTED]
Unsubscribe or change your options at
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org
