[Mailman-Users] Monthly Reminder Bounce Mail Bomb

John A. Martin jam at jamux.com
Sun Jan 2 06:06:40 CET 2000


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

It seems that absent Y2K excitement several of the list
owners/administrators at a Mailman 1.1 site conspired instead to mail
bomb the mailman-owner by leaving all the bouncing subscription
addresses in their lists "no mail" rather than removing them.

Though having just completed their conversion from listproc the list
administrators were already astute enough to see that mailman-owner
would be the only target bombed because Mailman sends the reminders as
mailman-owner even when there be only a single list mentioned in the
reminder.  The bomb would in this instance have been far less
effective were reminders mentioning but a single list sent as the
owner of the pertinent list.  In fact one wonders if the individual
list owners were subject to receiving the bounces even just for the
reminders mentioning but a single list they might be deterred from the
prank.  As it is there seems to be little motivation for the list
owners to remove bouncing subscriptions as long as they can shield
themselves from normal bounces by using "no mail" and be totally
immune from the bounces they bomb the mailman-owner with at reminder
time.

At first this new mailman-owner thought he could deflect the bounces
to the list owner(s) by looking at the body of the bounce.  But a
substantial proportion of bounces did not include the body of the
original message and a fair number did not even include the original
header.  Because the lists had been converted to mailman within the
last couple of weeks grepping the current mailman subscribe log told
where to deflect the bounces.  A few that had been munged by relays
and what not took some extra work but it also allowed deflecting one
bounce to more than one list when the same bad address was subscribed
to several lists that didn't do reminders.

Doing this manually took about 14 hours to dispose of about 800
bounces.  620 were from one list with 1618 subscribers and 100 from a
list of 438 the remaining 60 bounces were from a handful of lists
totaling about 150 subscribers.  (The site has about 22,000
subscribers in 50 lists with the largest having 7200 subscribers.)
With something over 36 percent of the reminders bouncing one wonders
what large mailman sites do?

In this case all the reminders went out with a "List-Id" header field
referring to the first list (a test list) created by mailman which had
nothing whatever to do with any of the reminders sent.  What would it
hurt to construct a header field showing each list mentioned in the
reminder?  That might make it easier to do something sensible with the
bouncing reminders that include at least the header intact, no?

How do folks get list owners to delete bad addresses rather than just
mark them "no mail"?

How do experienced mailman-owners handle bouncing reminders?

Do experienced mailman-owners encourage reminders?

Is the subscriber account mechanism mentioned on this list likely to
show up any time soon and will it make the bouncing reminders more
manageable?

	jam

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.0 (GNU/Linux)
Comment: By Mailcrypt 3.5.4 and Gnu Privacy Guard <http://www.gnupg.org/>

iD8DBQE4btyeUEvv1b/iXy8RAlRCAJ9kXk0a7gclvJcts2yGPkOh4jJZ6gCeOhmR
T5EYkJisk1WKf8x9eXGb/0U=
=FWVn
-----END PGP SIGNATURE-----




More information about the Mailman-Users mailing list