[Mailman-Users] Umbrella List Spam Protection
R.Barrett at ftel.co.uk
Wed Feb 12 17:39:57 CET 2003
At 12:11 12/02/2003, Links at Momsview wrote:
>I currently have a VERY large ( >100k) announce only list (always
>moderated) running mailman 2.1 under Postfix.
>For performance reasons I'm considering splitting this list into 26 sublists
>based on the first letter of each subscriber email.
>I would then use an umbrella list to send to all of the sublists at once.
>As I understand it, unless I want to separately approve the message for the
>26 sublists I need to allow at least one email address to post unmoderated
>on ALL of the sublists. This is very scary since spammers currently try to
>post on my current large list almost daily.
>(1) How do I protect the sublists from spammers who spoof the "from" address
>in their emails?
>(2) Can I protect these sublists from ALL emails other than those from
>localhost and my umbrella list?
>(3) Are there any other methods that people use for Umbrella announce only
>One other method I've been thinking about is using a grep expression to
>define a sender address that is only valid for one day each month.
>Any idea how I could do this?
I would have thought the following arrangement would suit your needs:
1. Set up the umbrella list the same as you have your current all-in-one
list in terms of privacy, moderation etc
2. The trick I think will work is to only allow postings to the sublists
that have first gone to the umbrella list so that in most all respects the
sublists do not have to protect themselves.
3. On the Privacy->Recipients page of the admin web GUI for the sublists
set the acceptable_aliases field to contain a regex that only matches your
4. On the Privacy->Spam filters page of the admin web GUI for the sublists
set the bounce_matching_headers fields to contain the following:
In essence sublists are going to allow through and distribute messages that
have been sent to the umbrella list but hold messages sent direct to
Because the rules are being applied to posts by the umbrella lists we do
not have to worry about having tight rules for the sublists as what reaches
them has been proved "acceptable" mail via the umbrella list.
You probably want to tidy up a bunch of loose ends so that only the
umbrella list adds footers and prefixs to the subject line and such, but I
think this will work as you want.
I suspect you may want to:
1. add to the list of non-members who are allowed to post to each sublist
the addresses of those you are allowing to post to the umbrella list.
2. set the following on the Privacy->Senders page of the admin web GUI for
a. set the generic_nonmember_action to Discard or Reject
b. forward_auto_discards to No
This will mean that most attempts to post to the sublists will be
discarded/rejected automatically. If that is not acceptable because the
list of allowed posters is too long or whatever, then you will get
notifications of held mail when posts are made directly to the sublists.
Haven't figured out how to stop that (yet).
Be interested to hear what your final solution is.
More information about the Mailman-Users