[Mailman-Users] Spoofed Addresses
relson at osagesoftware.com
Sun Oct 31 14:29:07 CET 2004
On Sat, 30 Oct 2004 22:16:19 -0700
Mark Sapiro wrote:
> David Relson wrote:
> >I've learned that /var/lib/mailman/data/aliases (generated by
> >Mailman) has entries like:
> >bogofilter: "|/usr/lib/mailman/mail/mailman post bogofilter"
> >bogofilter-admin: "|/usr/lib/mailman/mail/mailman admin bogofilter"
> One thing you may or may not be aware of:
> It looks like the above are aliases for a list named bogofilter. They
> will not cause any incoming mail to postfix to be processed by
> bogofilter in any way. They will cause incoming mail to addresses
> bogofilter at dom.ain, bogofilter-admin at dom.ain and likewise for others
> to be piped directly to mailman.
Multiple attempts to spam the mailing lists have been caught by mailman
because the sender addresses have not been subscriber addresses.
Multiple virus laden messages have also been caught (for the same
reason). Unfortunately one virus message spoofed a subscriber's address
and was accepted and transmitted. Under any circumstances, that is
unacceptable. That the spoofed address was mine, makes it personal!
When I set up mailman I included the appropriate postfix info in
MTA = 'Postfix'
POSTFIX_STYLE_VIRTUAL_DOMAINS = [ DEFAULT_EMAIL_HOST ]
Since mailman then used direct piping in the aliases file, I naively
assumed that's the proper setup. Now I've some reading to do as there's
a need to set up some filtering.
More information about the Mailman-Users