[Mailman-Users] Mailman and recipient spam filtering

Andrew Daviel advax at triumf.ca
Wed Apr 6 22:01:59 EDT 2016

On Mon, 4 Apr 2016, Rich Kulawiec wrote:

> On Mon, Apr 04, 2016 at 05:30:13PM -0700, Andrew Daviel wrote:
>> I have an incident where a rejection message was forwarded to a
>> list, and on to other members. I don't know if that was even
>> mailman, but it got me thinking.
> First, that's because the system which originated the rejection is broken.

On further investigation, that incident was not mailman or real mailing 
list software, just a simple address expansion in sendmail to 4 people. 
The sender had spoofed the sending address to the recipient, i.e. "list" 

> All mail systems doing anti-spam/anti-virus/anti-whatever
> should *always* reject (if they're going to reject) during the
> SMTP conversation (a) because that's most effective and efficient
> and (b) because that avoids generating a bounce message, which in
> turn avoids backscatter such as you've described.

Yes; the antivirus system works like that. It was sendmail generating a 
DSN back to the "sender" that caused the problem, and I think I can just 
reject mail "from" that address, i.e. make it a receive-only address, 
e.g. Joe and Jane both get mail to "webmaster" but reply as themselves.

> Second, anything coming back should go to the Sender:, which I
> believe defaults to:

> This doesn't necessarily yield the desired outcome, e.g., it may
> result in incrementing the bounce count for a subscriber when that
> shouldn't really happen, but at least it avoids forwarding backscatter
> to an entire mailing list.

Apologies, I confused the issue by talking about two different things, 
backscatter and bounces.

My real question is, there are two types of "permanent" (500 series) 
rejection - recipient problems and message problems. I want mailman to 
auto-unsubscribe stale addresses after 5 (bounce_score_threshold) 
bounces, but I don't want active addresses to be unsubscribed because 5 
successive viruses or spams got through a relatively quiet list but were 
rejected by the recipient's filters.

I wondered if that was already handled inside mailman bounce processing, 
or is something that needs work.

Andrew Daviel, TRIUMF, Canada

More information about the Mailman-Users mailing list