[Mailman-Users] Umbrella List Spam Protection

Richard Barrett R.Barrett at ftel.co.uk
Wed Feb 12 17:39:57 CET 2003 

At 12:11 12/02/2003, Links at Momsview wrote:
>I currently have a VERY large ( >100k)  announce only list (always
>moderated) running mailman  2.1 under Postfix.
>
>For performance reasons I'm considering splitting this list into 26 sublists
>based on the first letter of each subscriber email.
>I would then use an umbrella list to send to all of the sublists at once.
>
>As I understand it, unless I want to separately approve the message for the
>26 sublists I need to allow at least one email address to post unmoderated
>on ALL of the sublists.  This is very scary since spammers currently try to
>post on my current large list almost daily.
>
>
>
>(1) How do I protect the sublists from spammers who spoof the "from" address
>in their emails?
>
>(2) Can I protect these sublists from ALL emails other than those from
>localhost and my umbrella list?
>
>(3) Are there any other methods that people use for Umbrella announce only
>lists?
>
>
>One other method I've been thinking about is using a grep expression to
>define a sender address that is only valid for one day each month.
>Any idea how I could do this?

I would have thought the following arrangement would suit your needs:

1. Set up the umbrella list the same as you have your current all-in-one 
list in terms of privacy, moderation etc

2. The trick I think will work is to only allow postings to the sublists 
that have first gone to the umbrella list so that in most all respects the 
sublists do not have to protect themselves.

3. On the Privacy->Recipients page of the admin web GUI for the sublists 
set the acceptable_aliases field to contain a regex that only matches your 
umbrella list.

4. On the Privacy->Spam filters page of the admin web GUI for the sublists 
set the bounce_matching_headers fields to contain the following:

to: <listname>@your.mailman.sever.com
cc: <listname>@your.mailman.sever.com

In essence sublists are going to allow through and distribute messages that 
have been sent to the umbrella list but hold messages sent direct to 
themselves.

Because the rules are being applied to posts by the umbrella lists we do 
not have to worry about having tight rules for the sublists as what reaches 
them has been proved "acceptable" mail via the umbrella list.

You probably want to tidy up a bunch of loose ends so that only the 
umbrella list adds footers and prefixs to the subject line and such, but I 
think this will work as you want.

I suspect you may want to:

1. add to the list of non-members who are allowed to post to each sublist 
the addresses of those you are allowing to post to the umbrella list.

2. set the following on the Privacy->Senders page of the admin web GUI for 
the sublists:

    a. set the generic_nonmember_action to Discard or Reject

    b. forward_auto_discards to No


This will mean that most attempts to post to the sublists will be 
discarded/rejected automatically. If that is not acceptable because the 
list of allowed posters is too long or whatever, then you will get 
notifications of held mail when posts are made directly to the sublists. 
Haven't figured out how to stop that (yet).

Be interested to hear what your final solution is.

More information about the Mailman-Users mailing list