[Mailman-Developers] spammers harvesting email'ids [was] UI for Mailman 3.0 update
Adam McGreggor
adam-mailman at amyl.org.uk
Tue Jun 8 14:55:13 CEST 2010
On Mon, Jun 07, 2010 at 02:28:22PM -0400, Barry Warsaw wrote:
> At the very least, we want to make it has hard as possible for spammers to
> spam people *through* a mailing list.
With that in mind, I've been reminded about posting a mail I've been
meaning to write ;)
It's quite common, in my set-ups, at least, for me to allow a
^[^@]+@(.*\.)?example\.org$
wildcard for allowing posting by non-members -- from "our" domain(s).
Recently, I changed the regexp over to
^[^@]+ at example\.org$
as I've noticed the horrible trend for spammers to post from various
addresses purporting to be from the lists.example.org subdomain.
The current "problem", is the order in which MM2 handles its
non-members filters; and I guess what I'd welcome is an ability to
finely control the order in which given rules are processed; I think
that would help immensely.
So, perhaps, something like:
-->>- ex 1 ->>--
Posting Settings for List X on lists.example.org:
.-----------------------------+---------+--------+----------+-------------+---------.
| email-address | allow | hold | reject | blackhole | order |
+-----------------------------+---------+--------+----------+-------------+---------+
| list-x at list.example.org | | | | X | 1 |
| foo at list.example.org | | | | X | 2 |
| ^[^@]+@(.*\.)?example\.org$ | X | | | | last |
'-----------------------------+---------+--------+----------+-------------+---------'
--<<- ex 1 -<<--
where the order setting ('n', 'first', 'last') has effect on how the
rules are processed.
(so in this example, the 'global' wildcard for the entire DNS-space
example.org is processed as the last rule -- after all others have
run -- i.e., postings from <list-x at list.example.org> end up being
blackholed, but those posts from <bob at office.example.org> get through
to the list.)
I suppose the modern way of setting processing order (at least for the
person using the web-interface) is not to define "numbers" in
the interface, but to allow the user/admin/moderator to move things up
and down with arrows (so replace '2' with '↑' and '↓', and something
"appropriate" for 'top' and 'bottom' of the list), and perhaps enabling
mouse click-and-drag?
Was that in the pipeline?
--
``Another sport which wastes unlimited time is Comma-hunting.''
(Francis Cornford, Microcosmographia Academica)
More information about the Mailman-Developers
mailing list