[Mailman-Users] Mailman and recipient spam filtering
Andrew Daviel
advax at triumf.ca
Wed Apr 6 22:01:59 EDT 2016
On Mon, 4 Apr 2016, Rich Kulawiec wrote:
> On Mon, Apr 04, 2016 at 05:30:13PM -0700, Andrew Daviel wrote:
>> I have an incident where a rejection message was forwarded to a
>> list, and on to other members. I don't know if that was even
>> mailman, but it got me thinking.
>
> First, that's because the system which originated the rejection is broken.
On further investigation, that incident was not mailman or real mailing
list software, just a simple address expansion in sendmail to 4 people.
The sender had spoofed the sending address to the recipient, i.e. "list"
address.
> All mail systems doing anti-spam/anti-virus/anti-whatever
> should *always* reject (if they're going to reject) during the
> SMTP conversation (a) because that's most effective and efficient
> and (b) because that avoids generating a bounce message, which in
> turn avoids backscatter such as you've described.
Yes; the antivirus system works like that. It was sendmail generating a
DSN back to the "sender" that caused the problem, and I think I can just
reject mail "from" that address, i.e. make it a receive-only address,
e.g. Joe and Jane both get mail to "webmaster" but reply as themselves.
> Second, anything coming back should go to the Sender:, which I
> believe defaults to:
>
> LISTNAME-bounces at LISTHOST
> This doesn't necessarily yield the desired outcome, e.g., it may
> result in incrementing the bounce count for a subscriber when that
> shouldn't really happen, but at least it avoids forwarding backscatter
> to an entire mailing list.
Apologies, I confused the issue by talking about two different things,
backscatter and bounces.
My real question is, there are two types of "permanent" (500 series)
rejection - recipient problems and message problems. I want mailman to
auto-unsubscribe stale addresses after 5 (bounce_score_threshold)
bounces, but I don't want active addresses to be unsubscribed because 5
successive viruses or spams got through a relatively quiet list but were
rejected by the recipient's filters.
I wondered if that was already handled inside mailman bounce processing,
or is something that needs work.
--
Andrew Daviel, TRIUMF, Canada
More information about the Mailman-Users
mailing list