Rejecting spam at the SMTP level?
Hello,
I've been running several Mailman lists for the past ten years or so. Unfortunately, in recent months some list addresses have fallen into the hands of spammers, which is a real headache. Even worse, one particular -owner address is receiving nothing but spam, and I don't assume there's anything I can do about that without disabling that address for legitimate use, as well as for use by Mailman itself.
A few months ago I did some Googling and found a project called Mailman-Milter which claims to reject unwanted list mail i.e., nonmember postings at the SMTP level. I would love to use this, but there's virtually no documentation and I've never been able to get it working. Has anyone else had any better luck, or do you know of any other solutions? I'm using Sendmail, by the way.
I would set all my lists to just discard nonmember traffic, but I want to allow for legitimate users who perhaps don't understand that they need to subscribe to lists before posting, legitimate members sending from wrong accounts, etc. My current compromise solution is to set my lists to hold such messages for moderation, but not send the posters messages telling them such, so as to avoid backscatter caused by trying to send "You're not a member, your message is being held" messages to bogus spammer Email addresses. When I get a held message notice, if it's a spammer I discard it and add the address to the discard list, for what good that does, and if it's legitimate I reject it, perhaps explaining in my own words why the message was rejected, especially if I know the person and know they tend to post from the wrong account, etc.
Thanks for any help!
Jayson
On 08/05/2015 12:15 AM, Jayson Smith wrote:
So, if you don't want to set the lists to discard non-member posts for the reasons you explain, is it that much better to reject them at SMTP time. Granted this avoids the issue of backscatter to bogus addresses, but it isn't very helpful to the non-member senders of 'legitimate' posts.
A better solution is to use various sendmail tools to identify and reject spam in general rather than just non-member list posts.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
Jayson Smith wrote:
I've been running several Mailman lists for the past ten years or so. Unfortunately, in recent months some list addresses have fallen into the hands of spammers, which is a real headache. Even worse, one particular -owner address is receiving nothing but spam, and I don't assume there's >anything I can do about that without disabling that address for legitimate use, as well as for use by Mailman itself.
A few months ago I did some Googling and found a project called Mailman-Milter which claims to reject unwanted list mail i.e., nonmember postings at the SMTP level. I would love to use this, but there's virtually no >documentation and I've never been able to get it working. Has anyone else had any better luck, or do you know of any other solutions? I'm using Sendmail, by the way.
We had the same issue with our lists and I decided to install SpamAssassin on the server that rejects at SMTP level. After a small bit of tuning we have this working really well, it doesn't interfere with list traffic, but rejects a lot of rubbish to the owner and other addresses.
HTH. Andrew.
On Wed, Aug 5, 2015 at 3:15 AM, Jayson Smith <jaybird@bluegrasspals.com> wrote:
I'm not exactly sure how to do it in Sendmail (been a long time since I've used that) but in Postfix it can be done by setting up a custom master.cf service(s) and restriction class(es).
/etc/postfix/master.cf: # Mailman list member checks 127.0.0.1:27015 inet n n n - 1 spawn user=mailman argv=/usr/local/lib/mailman/scripts/check_subscriber mylist 127.0.0.1:27016 inet n n n - 1 spawn user=mailman argv=/usr/local/lib/mailman/scripts/check_subscriber mylist2
You can get a copy of the check_subscriber script here: http://paste.debian.net/plainh/95fd6c08
You then need to setup a restriction class that matches a mailinglist posting address and then hooks into the master.cf service on 127.0.0.1:27015 listed above. The restriction class matches just the mailinglist posting address (not the -bounce, -owner, -subscribe, etc).
/etc/postfix/check_recipients: mylist@mydomain.tld mailman_subscribers_mylist mylist2@mydomain.tld mailman_subscribers_mylist2
/etc/postfix/main.cf smtpd_client_restrictions= permit_mynetworks, ...... check_recipient_access hash:/etc/postfix/check_recipients, permit,
# declare our custom restriction classes
smtpd_restriction_classes =
mailman_subscribers_mylist
mailman_subscribers_mylist2# define our custom restriction class for mylist mailman_subscribers_mylist = check_sender_access tcp:127.0.0.1:27015, permit
# define our custom restriction class for mylist2 mailman_subscribers_mylist2 = check_sender_access tcp:127.0.0.1:27016, permit
I would be interested in hearing/learning about how to make that work in sendmail if you get the oppty to shoehorn something like this it into your setup.
-Jim P.
On Sat, Aug 8, 2015 at 11:43 AM, Jim Popovitch <jimpop@gmail.com> wrote:
BTW, here's what happens as you get older: you forget that this has already been documented :-)
http://bazaar.launchpad.net/~jimpop/mailman/check_subscriber/view/head:/READ...
-Jim P.
On 08/05/2015 12:15 AM, Jayson Smith wrote:
So, if you don't want to set the lists to discard non-member posts for the reasons you explain, is it that much better to reject them at SMTP time. Granted this avoids the issue of backscatter to bogus addresses, but it isn't very helpful to the non-member senders of 'legitimate' posts.
A better solution is to use various sendmail tools to identify and reject spam in general rather than just non-member list posts.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
Jayson Smith wrote:
I've been running several Mailman lists for the past ten years or so. Unfortunately, in recent months some list addresses have fallen into the hands of spammers, which is a real headache. Even worse, one particular -owner address is receiving nothing but spam, and I don't assume there's >anything I can do about that without disabling that address for legitimate use, as well as for use by Mailman itself.
A few months ago I did some Googling and found a project called Mailman-Milter which claims to reject unwanted list mail i.e., nonmember postings at the SMTP level. I would love to use this, but there's virtually no >documentation and I've never been able to get it working. Has anyone else had any better luck, or do you know of any other solutions? I'm using Sendmail, by the way.
We had the same issue with our lists and I decided to install SpamAssassin on the server that rejects at SMTP level. After a small bit of tuning we have this working really well, it doesn't interfere with list traffic, but rejects a lot of rubbish to the owner and other addresses.
HTH. Andrew.
On Wed, Aug 5, 2015 at 3:15 AM, Jayson Smith <jaybird@bluegrasspals.com> wrote:
I'm not exactly sure how to do it in Sendmail (been a long time since I've used that) but in Postfix it can be done by setting up a custom master.cf service(s) and restriction class(es).
/etc/postfix/master.cf: # Mailman list member checks 127.0.0.1:27015 inet n n n - 1 spawn user=mailman argv=/usr/local/lib/mailman/scripts/check_subscriber mylist 127.0.0.1:27016 inet n n n - 1 spawn user=mailman argv=/usr/local/lib/mailman/scripts/check_subscriber mylist2
You can get a copy of the check_subscriber script here: http://paste.debian.net/plainh/95fd6c08
You then need to setup a restriction class that matches a mailinglist posting address and then hooks into the master.cf service on 127.0.0.1:27015 listed above. The restriction class matches just the mailinglist posting address (not the -bounce, -owner, -subscribe, etc).
/etc/postfix/check_recipients: mylist@mydomain.tld mailman_subscribers_mylist mylist2@mydomain.tld mailman_subscribers_mylist2
/etc/postfix/main.cf smtpd_client_restrictions= permit_mynetworks, ...... check_recipient_access hash:/etc/postfix/check_recipients, permit,
# declare our custom restriction classes
smtpd_restriction_classes =
mailman_subscribers_mylist
mailman_subscribers_mylist2# define our custom restriction class for mylist mailman_subscribers_mylist = check_sender_access tcp:127.0.0.1:27015, permit
# define our custom restriction class for mylist2 mailman_subscribers_mylist2 = check_sender_access tcp:127.0.0.1:27016, permit
I would be interested in hearing/learning about how to make that work in sendmail if you get the oppty to shoehorn something like this it into your setup.
-Jim P.
On Sat, Aug 8, 2015 at 11:43 AM, Jim Popovitch <jimpop@gmail.com> wrote:
BTW, here's what happens as you get older: you forget that this has already been documented :-)
http://bazaar.launchpad.net/~jimpop/mailman/check_subscriber/view/head:/READ...
-Jim P.
participants (4)
-
Andrew Hodgson -
Jayson Smith -
Jim Popovitch -
Mark Sapiro