subject:"\[Mailman\-Users\] getting lots of approval requests for spammers"

Re: [Mailman-Users] getting lots of approval requests for spammers

2016-10-27 Thread Mark Sapiro

On 10/27/2016 08:24 AM, Jim Dory wrote:
> I'm getting a ton of spam posting attempts to our subscriber only email
> list - in the order of about 100 to 150 per day and growing. As I need to
> keep a look out for actual member requests (sometimes a member wants to
> unsubscribe or is having some problem - a non member wants to subscribe) I
> have to look through these approval headers to make sure it isn't a local
> person wanting something. So it becomes a pain. Most spammers use obvious
> emails so I can mass delete them (harder on my phone when managing the
> mail) but I'm wondering if there is something I can do to stem the flow.
> 
> I'm with Hawkhost on a VPS plan (virtual private server) so I have a bit of
> control - but don't know much about what to do - if there are access/deny
> lists I can somehow use.

At a minimum you should have SpamAssassin and ClamAV scanning your mail
during incoming mail processing before it ever gets to Mailman.
Greylisting can also help. See
 for Spamassassin
and for ClamAV see  and google
clamav-milter.

Also see  for info about 3rd
party ClamAV signatures for detecting spam.

For a more comprensive package, see .

> I did enable some spam controls but it didn't seem
> to do anything. It would have to a server level deny list I assume like
> iptables or something to reject known spammers at least, or whole domains
> like from foreign companies (.it, .br, .ch , etc) and perhaps some spoofing
> going on from the likes of domains such as hilton.k12.ny.us
> .

You can do things in the MTA itself. For example Postfix can do header
checks and body checks and take various actions based on regexp matches.
See .

There are many other tools and techniques beyond the scope of this list.

Within Mailman itself, you can use Privacy options... -> Spam filters ->
header_filter_rules to take various actions based of regexp matcthes on
the message headers, and there's also the possibility to use regexps in
Privacy options... -> Sender filters -> discard_these_nonmembers.

The caveat here is you want to discard and not reject because reject
causes backscatter to the generally innocent spoofed sender. This means
with header_filter_rules in particular you need to avoid false positives
to avoid silently discarding legitimate mail.

Avoiding backscatter is the main reason why the best solutions reject
the mail at incoming SMTP time.

Note that you can't use iptables because a great deal of spam comes from
botnets and the IPs are all over and not consistent.

-- 
Mark Sapiro The highway is for gamblers,
San Francisco Bay Area, Californiabetter use your sense - B. Dylan
--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

[Mailman-Users] getting lots of approval requests for spammers

2016-10-27 Thread Jim Dory

I'm getting a ton of spam posting attempts to our subscriber only email
list - in the order of about 100 to 150 per day and growing. As I need to
keep a look out for actual member requests (sometimes a member wants to
unsubscribe or is having some problem - a non member wants to subscribe) I
have to look through these approval headers to make sure it isn't a local
person wanting something. So it becomes a pain. Most spammers use obvious
emails so I can mass delete them (harder on my phone when managing the
mail) but I'm wondering if there is something I can do to stem the flow.

I'm with Hawkhost on a VPS plan (virtual private server) so I have a bit of
control - but don't know much about what to do - if there are access/deny
lists I can somehow use. I did enable some spam controls but it didn't seem
to do anything. It would have to a server level deny list I assume like
iptables or something to reject known spammers at least, or whole domains
like from foreign companies (.it, .br, .ch , etc) and perhaps some spoofing
going on from the likes of domains such as hilton.k12.ny.us
.

thx, Jim
--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Re: [Mailman-Users] getting lots of approval requests for spammers

[Mailman-Users] getting lots of approval requests for spammers

2 matches

Site Navigation

Mail list logo

Footer information