subject:"\[Mailman\-Users\] SPAM getting through on moderated lists"

Re: [Mailman-Users] SPAM getting through on moderated lists

2003-08-15 Thread John A. Martin

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

 jam == John A Martin
 Re: [Mailman-Users] SPAM getting through on moderated lists
  Thu, 14 Aug 2003 12:34:21 -0400

jam 2. Cause something like the following to be run as root
jameither whenever the Mailman aliases are modified or, less
jamwell, periodically by cron.  This converts the Mailman
jamaliases file, excluding the loop detection alias, into a
jamPostfix access table.

jam egrep -v
jam '^$|^#|^mailman-loop'/var/lib/mailman/data/aliases|
jam sed 's/^\([^:]*\):.*$/\1 550 Bogus Mail
jam From/' /etc/postfix/check-list-bmf
jam postmap /etc/postfix/check-list-bmf

jamThe above bash script assumes Mailman and Postfix
jaminstalled from recent Debian packages.

That is pure rubbish.  I should never post untested anything that even
looks like a script or suchlike.  I'm too prone to big oversights as
above.

The above produces 'email-address-pattern action' pairs from the
aliases using only the 'name' part of the alias which does not (in
general) give an appropriate 'email-address-pattern' for the Postfix
access table.  The script above could be modified to produce an
'email-address-pattern' of the form '[EMAIL PROTECTED]' which would
work.  However, if the Postfix/Mailman host is dedicated to the
mailing lists with a hostname like lists.example.com and
it also serves Postfix style virtual domain for mailing lists
something like lists.foo.tld then the Postfix access table could look
something like

,[ /etc/postfix/check-list-bmf ]
lists.example.com   550 Bogus Mail From
lists.foo.tld   550 Bogus Mail From
lists.bar.tld   550 Bogus Mail From
`

with a line for the Mailman host and each Postfix style virtual domain
used for Mailman lists.  This access table needs maintenance (postmap)
only when virtual domains are added or removed.  When employed in the
context

jam 3. In /etc/postfix/main.cf

jam smtpd_recipient_restrictions =
jam ...
jampermit_mynetworks
jam ...  check_sender_access
jam hash:/etc/postfix/check-list-bmf
jam ...
jam permit

this will reject incoming mail using SMTP 'mail from:' our host or any
of the FQDN hostnames used for (Postfix style) mail virtual domains.
This should AFICT do no harm.

The Sendmail equivalent should also be even easier without using the
aliases, no?

HTH

jam

-BEGIN PGP SIGNATURE-

iD8DBQE/PM+WUEvv1b/iXy8RAohvAJ4tkWlcYUrNnloI1AlbTQkLRuXDDwCdGlGq
l7w+o7uamuHHA+BhYuR87sY=
=9Bp4
-END PGP SIGNATURE-

--
Mailman-Users mailing list
[EMAIL PROTECTED]
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/

This message was sent to: [EMAIL PROTECTED]
Unsubscribe or change your options at
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org

[Mailman-Users] SPAM getting through on moderated lists

2003-08-14 Thread Nuno Serra

Hi,

SPAM email where the from address appears as the list itself is 
bypassing the list rules for posting and is automatically accepted.

Is this a mailman feature? Does it always approve mail coming from 
itself? Should it?

How can I stop it without turning emergency moderation on (not sure if 
this will stop them or not)?

Thanks,

Nuno



--
Mailman-Users mailing list
[EMAIL PROTECTED]
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
This message was sent to: [EMAIL PROTECTED]
Unsubscribe or change your options at
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Re: [Mailman-Users] SPAM getting through on moderated lists

2003-08-14 Thread John A. Martin

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

 Nuno == Nuno Serra
 [Mailman-Users] SPAM getting through on moderated lists
  Wed, 13 Aug 2003 22:16:20 +0200

Nuno Hi, SPAM email where the from address appears as the list
Nuno itself is bypassing the list rules for posting and is
Nuno automatically accepted.

Hmm That makes for IMHO an interesting question.  Since many, if
not most MTAs can be configured to reject mail from specific envelope
senders, usually specified as regular expressions, the question is

what if any envelope senders related to mailman lists (and not
from our local {host,net}) can be rejected by an MTA that is
dedicated to handling incoming mail for only the lists.

It is advantageous to reject unwanted mail during the SMTP
conversation rather than later.

It should be pretty easy to cause a MTA reject all incoming mail from
non-local relays with any envelope sender address appearing among the
Mailman aliases.

Will this do no harm?

Nuno How can I stop it without turning emergency moderation on
Nuno (not sure if this will stop them or not)?

If the list shows up as a header sender, have you looked at Hold
posts with header value matching a specified regexp among the Privacy
Options?

jam

-BEGIN PGP SIGNATURE-

iD8DBQE/O5THUEvv1b/iXy8RAovtAJsE5lIDD2JUzv0B74+wcIHB+ycvzgCfSFGQ
NyUrZBRPx9VaBvKBHK2o3gg=
=QSMB
-END PGP SIGNATURE-

--
Mailman-Users mailing list
[EMAIL PROTECTED]
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/

This message was sent to: [EMAIL PROTECTED]
Unsubscribe or change your options at
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Re: [Mailman-Users] SPAM getting through on moderated lists

2003-08-14 Thread John A. Martin

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

 Ed == Ed Wilts
 Re: [Mailman-Users] SPAM getting through on moderated lists
  Thu, 14 Aug 2003 10:09:46 -0500

Ed What would one look like to allow, for example, a mail message
Ed to [EMAIL PROTECTED] to only come from an MTA in the foo.com
Ed domain?

I don't do Sendmail anymore.  One way to do this with a recent Postfix
would be something like the following which is untested but should
work for a dedicated MTA on the same host as Mailman.

1. Check that 'postconf mynetworks' gives 127.0.0.0/8 plus whatever
   IPs from which you do _not_ want to block SMTP 'mail from:
   [EMAIL PROTECTED]'.  NB. If 'mynetworks' includes MX backup hosts mail
   arriving therefrom will not be blocked by what follows.

2. Cause something like the following to be run as root either
   whenever the Mailman aliases are modified or, less well,
   periodically by cron.  This converts the Mailman aliases file,
   excluding the loop detection alias, into a Postfix access table.

egrep -v '^$|^#|^mailman-loop'/var/lib/mailman/data/aliases|
sed 's/^\([^:]*\):.*$/\1  550 Bogus Mail From/'
/etc/postfix/check-list-bmf
postmap /etc/postfix/check-list-bmf

   The above bash script assumes Mailman and Postfix installed from
   recent Debian packages.

3. In /etc/postfix/main.cf

smtpd_recipient_restrictions =
...
permit_mynetworks
...
check_sender_access hash:/etc/postfix/check-list-bmf
...
permit

Something similar should be easy with Sendmail, right?  :)

It still needs to be determined whether the above will do no harm.

HTH

jam

-BEGIN PGP SIGNATURE-

iD8DBQE/O7oJUEvv1b/iXy8RAsAxAJ9hjo902Pqpq2d58gmmQuBswKMVfQCfWDG4
/xVkiW9Iifs1jaSjzE2nC7Y=
=Z3mN
-END PGP SIGNATURE-

--
Mailman-Users mailing list
[EMAIL PROTECTED]
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/

This message was sent to: [EMAIL PROTECTED]
Unsubscribe or change your options at
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Re: [Mailman-Users] SPAM getting through on moderated lists

2003-08-14 Thread Ed Wilts

On Thu, Aug 14, 2003 at 09:56:49AM -0400, John A. Martin wrote:
 Hmm That makes for IMHO an interesting question.  Since many, if
 not most MTAs can be configured to reject mail from specific envelope
 senders, usually specified as regular expressions, the question is
 
 what if any envelope senders related to mailman lists (and not
 from our local {host,net}) can be rejected by an MTA that is
 dedicated to handling incoming mail for only the lists.
 
 It is advantageous to reject unwanted mail during the SMTP
 conversation rather than later.
 
 It should be pretty easy to cause a MTA reject all incoming mail from
 non-local relays with any envelope sender address appearing among the
 Mailman aliases.

This sounds like a good and safe thing to configure, but I'm not enough
of a sendmail expert to write those rules.  What would one look like to
allow, for example, a mail message to [EMAIL PROTECTED] to only come from an
MTA in the foo.com domain?

Thanks,
   .../Ed

-- 
Ed Wilts, Mounds View, MN, USA
mailto:[EMAIL PROTECTED]

--
Mailman-Users mailing list
[EMAIL PROTECTED]
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/

This message was sent to: [EMAIL PROTECTED]
Unsubscribe or change your options at
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Re: [Mailman-Users] SPAM getting through on moderated lists

[Mailman-Users] SPAM getting through on moderated lists

Re: [Mailman-Users] SPAM getting through on moderated lists

Re: [Mailman-Users] SPAM getting through on moderated lists

Re: [Mailman-Users] SPAM getting through on moderated lists

5 matches

Site Navigation

Mail list logo

Footer information