[Mailman-Users] virus (worm) protection?

J C Lawrence claw at kanga.nu
Sun Oct 13 21:26:12 CEST 2002

On Mon, 14 Oct 2002 00:48:14 +1000 
Michael James <michael at james.st> wrote:

>> What is a good virus (worm) protection tool for mailman?

> I'm working on a Mailman, Postfix, Sophos-Mailmonitor-Sweep setup.
> Looks good but just got it working so I'll let you know.

I take a multi-fold approach:

  1) Front Mailman with TMDA 

  2) MIME strip all posts

  3) Discard (silently) all messages which end up too short (20 bytes)
  after MIME stripping.

  4) Authenticate against both From: and envelope (TMDA and Mailman)

Since I added the TMDA setup my rate of SPAM and virus messages hitting
the moderation interface (all my lists are hand moderated) has fallen
from 20 - 30 a day to a grand total of two messages in the last three
months.  Quite an improvement.

MIME stripping, which I implemented before TMDA, castrates all virus and
the majority of SPAM, often whacking them down so hard that they fail
the 20 byte rule and are discarded silently.  The fat that it also makes
posts that I want on my lists (no HTML etc), is also pleasant.

Authentication against both From: and Envelope was useful in Mailman,
but was a real gainer when it came along with TMDA.  That, more so than
the TMDA whitelist filtering, is what cleaned up my message stream.

J C Lawrence                
---------(*)                Satan, oscillate my metallic sonatas. 
claw at kanga.nu               He lived as a devil, eh?		  
http://www.kanga.nu/~claw/  Evil is a name of a foeman, as I live.

More information about the Mailman-Users mailing list