[Mailman-Users] spam discard expressions

Jim Dory james at dorydesign.com
Fri Sep 29 03:13:49 EDT 2017

Thanks for the reply Stephen,

I opened a trouble ticket to see if the host support had a solution to all
the spam. They suggested setting the spam reject score in SpamAssassin for
our VPS server at 3.5.  When I had it set earlier at 5, it started marking
member's posts as spam and rejected them. Didn't seem to fix when I moved
that score number to 1, though that might not be a proper number to use, I
don't know.

Anyway, the spam didn't really stop with that measure. No idea why.. the
list's domain is the only one on that vps server. So I have resorted to
using mailman settings. I have set the Sender Filters and the header
filters to filter out certain subject phrases and words and to
auto-discard. I get auto-discard notices of about 150 to 200 per day, but
since they are stacked in just a couple notices it isn't difficult to
delete. So I'm considering the problem solved unless the host complains
about our traffic. Whatever I did, I haven't had a single spam get through
my filters yet and no complaints from members about false positives. The
spammers attacking us must not be very smart, though they are persistent.


On Thu, Sep 28, 2017 at 10:46 PM, Stephen J. Turnbull <
turnbull.stephen.fw at u.tsukuba.ac.jp> wrote:

> Sorry, I've been ignoring Mailman for a few days, and I guess you've
> got a solution that works already.  This is a pair of alternatives
> that each have some advantages and disadvantages compared to your
> regexp-based solution.  FWIW, YMMV
> Jim Dory writes:
>  > Apparently our host provider performs spam tests only on outgoing,
>  > rather than incoming - since my spamassassin blacklists don't have
>  > any effect.
> Your spamassassin blacklists will have no effect on Mailman, since
> Mailman is not you.  Ask your provider how to configure this.  I
> strongly recommend this in preference to any measures in Mailman as it
> reduces the burden on the host.
>  > So I've discovered the filters offered in Mailman after being
>  > completely buried by spammers trying to post to our subscriber only
>  > list.
> I suppose you have cPanel, and I don't know much about their web
> management interface.  If it's similar to vanilla Mailman, in Privacy
> Filters -> Sender Filters near the bottom, there is an option
> "generic_nonmember_action".  You can set that to Discard if you're
> sufficiently sure that members always use their subscribed address, or
> are willing to have members using unsubscribed addresses to post have
> their posts silently discarded.
> I recommend STRONGLY against using Reject, as that often results in
> "backscatter", which is spam to "borrowed" addresses in "From".
> This measure will be effective against all of the spammers in the list
> below.  It will not work against spammers who spoof your subscribers'
> addresses.
> Steve

More information about the Mailman-Users mailing list