[Mailman-Users] Silently discarding non-member posts

J C Lawrence claw at kanga.nu
Tue Oct 15 10:33:06 CEST 2002 

On Tue, 15 Oct 2002 08:47:39 +0100 
Mark Goodge <mark at good-stuff.co.uk> wrote:

> A pre-list spam filter will deal with some of it, but not all of it.

That's very close to untrue.

Note:

  TMDA can read mailman list configurations, and membership rosters in
  particular, and can filter on that basis.

I've been fronting my lists with TMDA (see my HOWTO) for a few months
now.  Due to other accidents of history all of my lists are hand
moderated.  I can't state that a TMDA setup will catch all SPAM, but you
might like the below:

Stats:

  Prior to TMDA there was an average of 20 - 30 SPAM and virus messages
  per list in the moderation queue.

  Within the last three months I've had a grand total of __two__ virus
  messages reach the moderation interface for *ANY* list.  No SPAM
  messages have reached any list's moderation interface.

Caveats: 

  I also do heavy MIME filtering via `mimefilter` along with TMDA
  filtering.  Basically this means I remove all MIME parts which aren't
  text/plain or message/rfc822, and if the resulting message is less
  than 20 bytes long I silently discard it.  (See the HOWTO for details)

  I deployed the MIME filter prior to deploying the TMDA filters.  It
  was responsible for a considerable reduction in SPAM and virus mail
  reaching the moderation interfaces -- down from ~50 a day to 20 - 30.
  Definitely enough to notice, but no more.  TMDA took it down so close
  to 0 as to be near indistinguishable.

Observations:

  In three months of TMDA fronted list operation:

    Just over 30 addresses have been confirmed thru TMDA (ie posters
    posting from non-subscribed addresses).

    2 valid posts from 2 different addresses were not confirmed.  In the
    one case I was able to research fully it was due to misconfiguration
    of the mail systems at his ISP as his messages were sent with an
    invalid (ie bouncing) Return-Path.  As TMDA sends the confirmation
    to the Return-Path, that didn't work.  Given this (rather gross)
    screwup on his ISP's part, I don't consider this a problem.  The
    other case's domain fell off the net before I was able to get around
    to tracking the details down.  I'd be unsurprised it was a similarly
    screwed mail system.

    5 members (who hit the TMDA confirmation) exclaimed something
    equivalent to: "If that's all that's required to work with this new
    filter then there's no problem at all!"  One went on at some length.

    Asides from the five admiring comments, there have been no other
    comments from users on the TMDA aspects.  Then again, TMDA is
    transparent to the majority of posting users as they post from
    subscribed addresses.

Do you have any idea how pleasant it is to moderate lists which have
zero SPAM and zero virus messages?  And its been that way for months...

-- 
J C Lawrence                
---------(*)                Satan, oscillate my metallic sonatas. 
claw at kanga.nu               He lived as a devil, eh?		  
http://www.kanga.nu/~claw/  Evil is a name of a foeman, as I live.

More information about the Mailman-Users mailing list