[Mailman-Users] Non-member posting to the list
Stephen J. Turnbull
stephen at xemacs.org
Wed Nov 14 04:58:28 CET 2012
> On 2012-11-13 1:52 AM, Mark Sapiro <mark at msapiro.net> wrote:
> > If I knew how to tell if a header was spoofed, I could do that, but I
> > don't know how to tell; do you?
> Maybe an alternative would be an option that for every message posted to
> the list, a confirmation email is sent to the members email
We already have various challenge-response mechanisms (eg TMDA).
They're widely hated even more than spam (eg, I simply drop those
correspondents on the floor and add their CR addresses to my killfile
in case of inadvertant CCs).
I think the best practical algorithm would look something like the
1. In the double opt-in process require an email confirmation (not by
web). This could also be delayed to first post, but they'll be
dealing with the confirmation process in their MUA. This could
still be done with a link but it would be a mailto: rather than an
2. Get originator information (From, Sender, envelope sender, and
earliest Received, and SPF and DKIM information where available).
3. Record the configuration.
4. For every post from a member with new originator information,
update the member information with a new originator record.
5. If spam is received corresponding to an originator record, disable
it. This might be automated through the moderation process, or
through milters (which one would hope catch most of the spam).
6. Analyze originator information and issue a challenge whenever a
post claiming to be from a member matches disabled originator
information on file. (Definition of "match" is non-trivial and
probably necessarily heuristic.) Otherwise approve the post.
7. In case of challenge, if an approval response is received, warn
the member that their address has been used to spam.
You could try reversing the polarity of step 5, and require
confirmation for every new originator record. But that would probably
be too annoying. Too many people have multiple locations they post
from, even if they use only one address.
> that they then have to click a link to 'approve' sending the message,
> just like how subscribes/unsubscribes have to confirmed.
> Maybe this could even be extended with some kind of way of cahing the
> source IP of approved messages,
I don't think this is an extension, I think it's absolutely necessary.
> I also just noticed the option under the Privacy > Spam controls in
> the GUI under 'Legacy anti-spam filters' where I can enter the
> listname itself, to prevent anyone sending spoofed messages from
> the list to the list.
Maybe this should be on by default.
More information about the Mailman-Users