Apparently, the central mail server does not filter spam by examining headers. It uses Fortiguard to look for identified spam and then flag IPs that send an inordinate amount of "spam". Our system handles over 600 lists and 250,000 subscribers, so there is a lot of opportunities for spam to get through. The lists don't send spam, but the owner addresses are open for sending (weakness of Mailman) and for whatever reason, legitimate mail is being flagged with a hash by Fortiguard.
All the Fortiguard problems aside, are there any suggested ways to harden Postfix for use withe Mailman at the volume we are using it. Maybe this is a question for the Postfix list. I have already implemented many of the configuration ideas to cut down on spam, though have not implemented an actual spam application like SpamAssassin.
Many thanks,
On Wed, Apr 24, 2013 at 3:42 PM, Christopher Adams adamsca@gmail.comwrote:
Thank you, Mark. It has been awhile, as I submitted a ticket to the provider of mail, but they have not been responding. I do thank you for the suggestion and am following up a second time with them and will post when I have a resolution.
On Mon, Apr 1, 2013 at 2:40 PM, Mark Sapiro mark@msapiro.net wrote:
Christopher Adams wrote:
I can send mail outside of Mailman to the listname-owner address and it delivers correcty regardless of whether the list owners are inside the local subnet. The problem only seems to occur when sending through the Mailman server and Postfix.
When you send mail originating outside Mailman to the listname-owner address it is ultimately delivered to Postfix from Mailman for the owner/moderator recipients in exactly the same way as a Mailman generated notice.
There are a few differences in the headers of the message ultimately sent to the owner/moderator recipients and of course, the bodies are different (but you could test manually sending a copy of an actual notice).
The major difference is the From: header which in the cast of the message you send has hour address and in the case of the notice has the listname-owner address. The notice also has headers like
Precedence: bulk X-BeenThere: listname@example.com X-Mailman-Version: ... List-Id: ... X-List-Administrivia: yes
that probably aren't in the manually generated message.
Perhaps the issue is that there is spam filtering in the local network that discards Precedence: bulk messages destined for local recipients.
It is also possible that the central server that mail is routed through is not looking kindly on the admin notifications, so I will look in to that as well as problems with Postfix.
Yes, particularly the Precedence: header.
-- Mark Sapiro mark@msapiro.net The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
-- Christopher Adams adamsca@gmail.com
-- Christopher Adams adamsca@gmail.com