[Mailman-Users] excessive bounce notifications..
brad at shub-internet.org
Mon May 19 17:49:13 CEST 2008
Mark Sapiro wrote and quoted Bill Christensen:
> Those are good suggestions, but in the case of the OP, the issue is
> much simpler than that. Spam is sent directly to the list-bounces
>> Spam filtering before it gets to Mailman is still probably the best choice.
It seems to me that the OP's problem is spam that is masquerading as a
bounce. This has been going on for some time (see
<http://www.crn.com/security/191900278> for an article written in 2006 about
what one company was working on to combat the problem), but has become much
more populare recently.
The method known as Bounce Address Tag Validation (a.k.a., BATV, see
<http://mipassoc.org/batv/>) is one way to try to mitigate fake bounces, but
it is limited in scope and fragile. I think it may also break mailing lists.
I have an alternative technique that I call Bounce Address Tag
Fingerprinting (BATF) that I believe will be much more robust, won't require
modifying the envelope sender address, and won't require any crypto. I have
yet to get it officially written up anywhere, however.
However, above everything else, BATV and BATV are not mutually exclusive.
You could start with BATV now (if your systems are capable of handling it),
and add BATF later, once it's been written down on paper and software has
been developed which implements the technique.
However, as you point out, all spam possible filtering should be done at the
MTA, before the message ever gets to Mailman.
Brad Knowles <brad at shub-internet.org>
LinkedIn Profile: <http://tinyurl.com/y8kpxu>
More information about the Mailman-Users