[Mailman-Users] Help stopping Virus sent to lists "from" my domain

Jerold Stratton jerry at sandiego.edu
Thu Mar 11 19:32:21 CET 2004 

On Thursday, March 11, 2004, at 09:50  AM, ted wrote:
> I just posted a bug ticket for this problem.  You are the 3rd or 4th
> person, including me, to have reported this to mailman-users
> recently.  The bug ticket is here:
> http://sourceforge.net/tracker/?group_id=103&atid=100103
>
> Please add your comments to the item so the developers take this
> seriously.  If you don't have a SourceForge account, you can create one
> here:  http://sourceforge.net/account/register.php
>

I've been having this problem also, but while I'm sure the developers 
are taking it seriously, I'm not sure what they can do. E-mail has only 
one means of determining who something is from: the envelope from.

They could match the envelope to the from: line, but that's hardly a 
fix. The from: line is just as easy to forge as the envelope.

The only way I can see of them "fixing" it is to disallow any 
non-moderated users or administrators. They could force all messages, 
even from list admins, to be moderated. I don't see that going over 
very well.

The best place to fix this particular instantiation of the problem is 
at the mail server anyway. The mail server itself should never have 
delivered the virus-laden message to the mailing list. But this does 
not solve the problem of forged from addresses, it only keeps forgeries 
from bearing known viruses.

Personally, I use this as an excuse to turn off attachments to mailing 
lists. But that isn't a solution that goes over very well either.

My personal preference for "fixing" it is for mail client writers to 
start supporting a signed mail standard. Then, mailman could accept 
administrator mail only if it is signed and the administrator has 
already given mailman their public key. But doing that today would be 
practically the same thing as requiring all administrator mail to be 
moderated.

Jerry
jerry at sandiego.edu
http://www.sandiego.edu/~jerry/
Serra 188B/x8773
--
"The major difference between a thing that might go wrong and a thing 
that cannot possibly go wrong is that when a thing that cannot possibly 
go wrong goes wrong it usually turns out to be impossible to get at and 
repair."--Douglas Adams (Mostly Harmless)

More information about the Mailman-Users mailing list