Mailman suddenly passing through spam from the -bounces addresses
Hi!
New to the list! I'm the community support manager at the Asterisk project.
We've used mailman for ages and we are on 2.1.14 at the moment. I rarely get too deep with mailman other than the administration interface. It mostly works and we don't touch much underneath.
Recently I started receiving a lot of spam on the mailman-bounces@ addresses where the From address no longer contains the mailman-bounces@ address and instead contains the spammer's address.
In this case the spam doesn't look like bounce traffic. I'm wondering if someone can help me identify why mailman might let it through? From reading documentation and the mailman mail archives I get the impression that it should be discarding this traffic. However I can't identify why it isn't discarding this non-bounce traffic.
Here is one example of the spam that comes to the owners addresses via mailman-bounces:
The list in question has all three bounce notification options set to *no*.
That is:
bounce_unrecognized_goes_to_list_owner bounce_notify_owner_on_disable bounce_notify_owner_on_removal
With these three options disabled - should I expect mailman to relay spam like this to the list owners through mailman-bounces@ ?
Is there a way to tell mailman to not send anything from mailman-bounces?
Preferably I'd like to have mailman only pass through legitimate bounce messages. If that isn't possible then I'd like to find out how to disable the traffic from mailman-bounces completely.
If I haven't provided enough information, let me know and I'll do my best to get it for you. Thanks in advance.
-- Rusty Newton
On 05/23/2016 01:57 PM, Rusty Newton wrote:
Recently I started receiving a lot of spam on the mailman-bounces@ addresses where the From address no longer contains the mailman-bounces@ address and instead contains the spammer's address.
In this case the spam doesn't look like bounce traffic. I'm wondering if someone can help me identify why mailman might let it through? From reading documentation and the mailman mail archives I get the impression that it should be discarding this traffic. However I can't identify why it isn't discarding this non-bounce traffic.
Here is one example of the spam that comes to the owners addresses via mailman-bounces:
The list in question has all three bounce notification options set to *no*.
That is:
bounce_unrecognized_goes_to_list_owner bounce_notify_owner_on_disable bounce_notify_owner_on_removal
With these three options disabled - should I expect mailman to relay spam like this to the list owners through mailman-bounces@ ?
Not unless the mailman-bounces address is set to deliver two 'owner' instead of 'bounces. Is it?
Is there a way to tell mailman to not send anything from mailman-bounces?
If you mean not to send anything with envelope from a listname-bounces address, No.
If you mean not to forward or relay any mail sent to a listname-bounces address, the settings you have should do it.
Preferably I'd like to have mailman only pass through legitimate bounce messages. If that isn't possible then I'd like to find out how to disable the traffic from mailman-bounces completely.
If I haven't provided enough information, let me know and I'll do my best to get it for you. Thanks in advance.
I would like to see what's in Mailman's 'bounce' log from around Tue, 19 Apr 2016 11:57:42 -0700 (PDT). I would also like to see what's in the MTA log from the arrival of the original to the delivery if the message to you.
That may not be necessary. Upon closer inspection of the message in the pastebin, it looks most like a message which was sent to the list-owner address. You could check your MTA logs and find the incoming message. I expect you'll find the envelope was to the list-owner address.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
participants (2)
-
Mark Sapiro -
Rusty Newton